Commit Graph

976 Commits

Author SHA1 Message Date
Capa Bot ce63628d3d Sync capa rules submodule 2020-11-19 15:43:59 +00:00
Capa Bot 13df7f90f6 Sync capa rules submodule 2020-11-19 15:09:24 +00:00
Capa Bot f5099b873d Sync capa rules submodule 2020-11-19 11:40:38 +00:00
Capa Bot 70eb38895d Sync capa-testfiles submodule 2020-11-18 16:28:34 +00:00
Capa Bot 7aea9fa1d2 Sync capa rules submodule 2020-11-16 19:38:02 +00:00
Capa Bot 5d30be31e0 Sync capa rules submodule 2020-11-16 09:44:08 +00:00
Capa Bot 7abe66e3de Sync capa rules submodule 2020-11-16 06:40:23 +00:00
mike-hunhoff 49ef5e5e64 Merge pull request #364 from fireeye/viv/fix-353
improve viv extractor unicode string detection
2020-11-10 17:56:47 -07:00
Michael Hunhoff c2266bc105 improve viv extractor unicode string detection with supporting unit test 2020-11-10 12:23:07 -07:00
Moritz a813e219e6 Merge pull request #363 from fireeye/williballenthin-patch-1
ci: disable py3.9 testing
2020-11-09 21:14:36 +01:00
Moritz 1c1fb20546 Merge pull request #355 from danielplohmann/backend-smda
initial commit for backend-smda
2020-11-09 21:13:51 +01:00
Willi Ballenthin 65feb60bb8 ci: disable py3.9 testing 2020-11-09 13:06:37 -07:00
Daniel Plohmann (jupiter) f7492c7dc7 throw UnsupportedRuntimeError if SmdaFeatureExtractor is used with a Python version < 3.0 2020-11-09 16:20:08 +01:00
Moritz Raabe dfc805b89b improvements for PR #355 2020-11-09 13:39:19 +01:00
Moritz Raabe 75defc13a0 disable fail-fast for tests job 2020-11-09 13:22:23 +01:00
Daniel Plohmann (jupiter) 7d4888bb77 addressing the comments in the PR discussion 2020-11-06 10:09:06 +01:00
Daniel Plohmann (jupiter) 1a34029171 Merge branch 'master' of github.com:fireeye/capa into backend-smda 2020-11-06 09:50:09 +01:00
Willi Ballenthin f6ad4652e4 Merge pull request #358 from fireeye/doc/pyinstaller
document PyInstaller build process
2020-11-05 09:19:51 -07:00
pnx@pyrite 1e25604b0b replacement test for nested x64 thunks - still needs to be verified for vivisect 2020-11-05 16:31:47 +01:00
pnx@pyrite 3a43ffa641 adjusted identification of thunks via SMDA. 2020-11-05 12:58:07 +01:00
Capa Bot 8f6bcf3d98 Sync capa rules submodule 2020-11-03 14:23:36 +00:00
Moritz Raabe 0fd9753681 document PyInstaller build process
closes #357
2020-11-03 15:03:32 +01:00
Capa Bot 76a04dfe25 Sync capa rules submodule 2020-11-03 13:20:30 +00:00
Capa Bot 16317182e3 Sync capa-testfiles submodule 2020-11-03 13:14:45 +00:00
Daniel Plohmann (jupiter) 6bcdf64f67 formatting 2020-10-30 15:34:02 +01:00
Daniel Plohmann (jupiter) d276a07a71 comments on a test where disassembly differs among backends 2020-10-30 15:29:38 +01:00
Daniel Plohmann (jupiter) f3b59b342a Merge branch 'backend-smda' of github.com:danielplohmann/capa into backend-smda 2020-10-30 15:25:45 +01:00
Daniel Plohmann (jupiter) 4a0f1f22ba test fixes 2020-10-30 15:25:42 +01:00
Jon Crussell 0c85e7604c use magical derefs
Found derefs in viv/insn.py, does exactly what we need!
2020-10-30 07:23:24 -07:00
Jon Crussell 8f6a46e2d8 add check for pointer to string
Check if memory referenced is a pointer to a string. Fixes mimikatz
string test.
2020-10-30 07:01:07 -07:00
Daniel Plohmann (jupiter) 74b2c18296 down to 14 failed 2020-10-29 20:05:50 +01:00
Jon Crussell b12d0b6424 tests: add smda backend test
40 failed, 73 passed.
2020-10-29 09:56:28 -07:00
Daniel Plohmann (jupiter) 60ddf0400e addressing review 2020-10-29 17:47:10 +01:00
Daniel Plohmann (jupiter) 669d3484c0 Merge remote-tracking branch 'origin/master' into backend-smda 2020-10-29 17:38:21 +01:00
William Ballenthin 5420ad97a3 sync submodules 2020-10-29 09:42:56 -06:00
Daniel Plohmann (jupiter) 36822926af initial commit for backend-smda 2020-10-29 11:28:22 +01:00
Capa Bot eef8f2e781 Sync capa rules submodule 2020-10-29 03:50:40 +00:00
Capa Bot 31ac667623 Sync capa rules submodule 2020-10-27 15:16:07 +00:00
Capa Bot 868ceb25bf Sync capa rules submodule 2020-10-27 15:15:30 +00:00
Capa Bot ee3ab94774 Sync capa rules submodule 2020-10-27 15:15:04 +00:00
Capa Bot 1c47877a8c Sync capa rules submodule 2020-10-27 15:14:22 +00:00
Capa Bot 84698462f3 Sync capa rules submodule 2020-10-27 15:13:25 +00:00
Capa Bot da7dc793e7 Sync capa rules submodule 2020-10-27 15:12:51 +00:00
Capa Bot 044ee83fbc Sync capa-testfiles submodule 2020-10-26 16:48:15 +00:00
Capa Bot aea324c4a8 Sync capa rules submodule 2020-10-26 16:47:44 +00:00
Capa Bot 4d05b20830 Sync capa rules submodule 2020-10-26 16:46:53 +00:00
Willi Ballenthin 276928951c build: event published/edited, not created 2020-10-23 15:17:32 -06:00
Willi Ballenthin 9486654e77 changelog: v1.4.1 v1.4.1 2020-10-23 15:13:22 -06:00
Willi Ballenthin 2a2b4cbb06 Merge pull request #351 from fireeye/ci-build-windows-vcpython27
fix build on windows-latest
2020-10-23 15:10:56 -06:00
Willi Ballenthin 3ba4a8cdd8 Update build.yml 2020-10-23 15:07:13 -06:00