gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2025-12-30 22:50:59 -08:00
Code Issues Packages Projects Releases Wiki Activity
898 Commits 41 Branches 48 Tags
d5186f160dd461eb4fa779d9dc75f0766aedbf4f
Commit Graph

898 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Moritz
d5186f160d Merge pull request #342 from fireeye/viv/extractor/api-thunk-chains 
extract api features for thunk chains
 2020-10-21 11:37:58 +02:00
Capa Bot
5d7dbd15c7 Sync capa-testfiles submodule 2020-10-21 09:35:22 +00:00
Moritz Raabe
12d5fe0afe addressing feedback 2020-10-21 11:25:08 +02:00
Capa Bot
3df1cc9038 Sync capa rules submodule 2020-10-20 21:04:10 +00:00
Willi Ballenthin
d46152b73e Merge pull request #345 from fireeye/fix/build-workflow-set-env-var 
set env var via environment file
 2020-10-20 09:55:26 -06:00
Moritz Raabe
9fc6e0d6a2 Merge branch 'enhance/show-features' into viv/extractor/api-thunk-chains 2020-10-20 15:26:51 +02:00
Moritz Raabe
4994d0597f set env var via environment file 2020-10-20 15:14:36 +02:00
Moritz Raabe
76b46d7957 ensure function is defined in vivisect (or do so) 
and show features in IDA
 2020-10-20 15:09:07 +02:00
Moritz Raabe
9a738ba413 extract api features for thunk chains 
closes #341
 2020-10-20 14:49:09 +02:00
Moritz
a442536246 Merge pull request #340 from fireeye/ida/extractor/improve-api-thunk-detection 
ida/extractor: improve detection of APIs called via two or more chained thunks
 2020-10-19 20:51:16 +02:00
Capa Bot
f85b6fde7b Sync capa rules submodule 2020-10-16 16:05:56 +00:00
Capa Bot
8dc6a5109a Sync capa-testfiles submodule 2020-10-15 21:00:58 +00:00
Michael Hunhoff
235d9d4ab5 improve detection of APIs called via two or more chained thunks 2020-10-15 14:31:23 -06:00
Capa Bot
3572de058b Sync capa rules submodule 2020-10-08 18:16:59 +00:00
Capa Bot
93068aff1b Sync capa-testfiles submodule 2020-10-08 18:16:15 +00:00
Capa Bot
49e7d75ce5 Sync capa rules submodule 2020-10-08 15:53:20 +00:00
Capa Bot
6aa1ecd1a8 Sync capa-testfiles submodule 2020-10-08 15:52:23 +00:00
Capa Bot
b442fbb19c Sync capa rules submodule 2020-10-07 20:58:02 +00:00
Capa Bot
46fc4f0c25 Sync capa-testfiles submodule 2020-10-07 20:57:34 +00:00
Capa Bot
155de6f2b9 Sync capa rules submodule 2020-10-06 16:30:56 +00:00
Capa Bot
459af7ab1b Sync capa rules submodule 2020-10-06 02:36:03 +00:00
Willi Ballenthin
2bd408a274 Merge pull request #338 from fireeye/fix/feature-str 
fix feature display
 2020-10-05 14:19:54 -06:00
Moritz Raabe
bc1c5a59f8 display value including 0 2020-10-05 22:10:04 +02:00
Willi Ballenthin
49cecdc75d Merge pull request #336 from fireeye/fix-335 
modify find_byte_sequence to yield all locations
 2020-10-05 11:02:36 -06:00
Capa Bot
2a6aeae763 Sync capa rules submodule 2020-10-05 17:02:21 +00:00
Michael Hunhoff
f295e1da31 modify find_byte_sequence to yield all locations, instead of only first 2020-10-05 10:27:45 -06:00
Capa Bot
1981859343 Sync capa rules submodule 2020-10-05 16:11:30 +00:00
Capa Bot
9de237e1a3 Sync capa-testfiles submodule 2020-10-05 14:18:32 +00:00
Moritz
a31529bb79 Merge pull request #332 from fireeye/render-mbc 
render mbc table
 2020-10-02 11:09:39 +02:00
Moritz Raabe
00bc1a169e render mbc table 2020-10-01 11:10:03 +02:00
Capa Bot
3e98cac397 Sync capa rules submodule 2020-10-01 09:00:31 +00:00
Capa Bot
8cd0777683 Sync capa rules submodule 2020-10-01 08:32:39 +00:00
Capa Bot
8bac77c2ab Sync capa rules submodule 2020-10-01 07:57:13 +00:00
Capa Bot
3312e1b20b Sync capa rules submodule 2020-09-30 17:27:42 +00:00
Capa Bot
d55e2a2647 Sync capa rules submodule 2020-09-28 15:03:30 +00:00
Willi Ballenthin
e87d9cd1b5 Merge pull request #330 from fireeye/fix-329 
fix 329
 2020-09-28 09:01:34 -06:00
Michael Hunhoff
5dda95385d use rpartition in capa.features.insn.API to handle API name w/ multiple . 2020-09-28 08:33:08 -06:00
Willi Ballenthin
d60bdb561e Merge pull request #327 from fireeye/fix/312-statement-descriptions 
parse descriptions for statements
 2020-09-25 11:50:47 -06:00
Capa Bot
fab89beba0 Sync capa rules submodule 2020-09-25 17:49:24 +00:00
Moritz Raabe
1cb9ed9c01 addressing final comments 2020-09-25 18:38:46 +02:00
Moritz Raabe
00b7f2e02f addressing Willi's feedback 2020-09-24 20:23:15 +02:00
Moritz Raabe
4691302a78 parse descriptions for statements 2020-09-24 15:35:30 +02:00
Willi Ballenthin
d8a32630fb Merge pull request #326 from fireeye/fix-325 
main: fix reported total rule count
 2020-09-23 16:07:22 -06:00
Willi Ballenthin
29b6bd8aad Merge pull request #324 from fireeye/fix-307 
scripts: add script demonstrating bulk processing
 2020-09-23 14:45:56 -06:00
William Ballenthin
c2516e7453 main: fix reported total rule count 
closes #325
 2020-09-23 11:19:01 -06:00
Willi Ballenthin
1fd8c3c068 Merge pull request #323 from fireeye/fix-306 
use PyYAML CLoader to parse rules when available
 2020-09-23 10:01:15 -06:00
William Ballenthin
314757a235 scripts: add script demonstrating bulk processing 
closes #307
 2020-09-23 09:13:49 -06:00
William Ballenthin
5b613903e5 rules: fix ordering of meta under py2 2020-09-23 06:32:22 -06:00
Capa Bot
b2caad9b4b Sync capa rules submodule 2020-09-22 18:49:29 +00:00
William Ballenthin
4b066e908c ci: use sudo to apt 2020-09-22 11:20:15 -06:00