gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2026-01-01 07:26:22 -08:00
Code Issues Packages Projects Releases Wiki Activity
3,105 Commits 41 Branches 48 Tags
dde3abdfa0993b0f4e9d9eca46e4e1d5a9022e69
Commit Graph

456 Commits

Author SHA1 Message Date
Capa Bot
dde3abdfa0 Sync capa-testfiles submodule 2023-02-06 09:07:31 +00:00
Capa Bot
f00e44aba6 Sync capa-testfiles submodule 2023-02-01 15:28:22 +00:00
Willi Ballenthin
70f568b1cc Merge pull request #1291 from mandiant/rules-cache 
cache rule set across invocations of capa
 2023-01-25 17:52:34 +01:00
Capa Bot
c586166006 Sync capa-testfiles submodule 2023-01-25 16:45:08 +00:00
Moritz
0a78187c69 optimize tests to speed them up (#1287) 
* optimize tests to speed them up

Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>
 2023-01-23 11:25:04 +01:00
Willi Ballenthin
6d16cafbc8 cache: handle invalid caches 2023-01-21 18:14:12 +01:00
Willi Ballenthin
a7afdec2e1 cache: accept cache_dir parameter 2023-01-20 16:10:41 +01:00
Willi Ballenthin
f451fe68e1 pep8/mypy 2023-01-20 15:42:22 +01:00
Willi Ballenthin
c423ccec67 add tests for ruleset caching 2023-01-20 15:20:26 +01:00
Willi Ballenthin
6ad471a914 Merge branch 'master' into rules-cache 2023-01-20 14:51:32 +01:00
Willi Ballenthin
4b7a9e149f rules: move to directory structure 2023-01-20 13:27:30 +01:00
Moritz
fa0ddba436 add format to global features and code refactors (#1284) 
* refactor: get format handling

* add format to global features
 2023-01-19 13:31:00 +01:00
Willi Ballenthin
5513d4ca43 viv: insn: string: handle viv bug around substrings (#1273) 
* viv: insn: string: handle viv bug around substrings

closes #1271

* use minimum string length 4

* update overlapping string test and fixup vivisect elf analysis missing function

Co-authored-by: Moritz <mr-tz@users.noreply.github.com>
 2023-01-19 13:02:53 +01:00
Capa Bot
12f8588c03 Sync capa-testfiles submodule 2023-01-12 12:59:01 +00:00
Moritz
5fa2a87747 fix dotnet and pe format handling (#1256) 2023-01-04 17:46:51 +01:00
Willi Ballenthin
94a712b820 Merge pull request #1213 from mandiant/fix-1062 
remove SMDA backend
 2023-01-04 14:48:41 +01:00
Capa Bot
a74b8e6328 Sync capa-testfiles submodule 2023-01-04 09:09:57 +00:00
Willi Ballenthin
ff773695d0 Merge pull request #1260 from jsoref/spelling 
Spelling
 2023-01-04 08:58:21 +01:00
Josh Soref
6932df3564 spelling: import 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2023-01-04 00:32:39 -05:00
mr-tz
eba1989c9f Merge branch 'master' into fix-1062 2023-01-03 18:46:41 +01:00
Capa Bot
2219139605 Sync capa-testfiles submodule 2023-01-03 10:20:18 +00:00
Capa Bot
5f39083df6 Sync capa-testfiles submodule 2023-01-03 10:17:36 +00:00
Mike Hunhoff
b68be0c2ce dotnet: emit namespace/class features for type references (#1242) 
* dotnet: emit namespace/class features for type references

* dotnet: pre-compute .NET token caches
 2022-12-21 15:59:29 -07:00
Mike Hunhoff
50490e6a93 dotnet: emit namespace/class features for ldvirtftn/ldftn instructions (#1241) 
* dotnet: emit namespace/class features for ldvirtftn/ldftn instructions

* dotnet: add unit tests for ldftn/ldvirtftn namespace/class features
 2022-12-20 13:29:29 -07:00
Mike Hunhoff
4ece47c64c dotnet: emit calls to/from MethodDef methods (#1236) 
* dotnet: emit calls to/from MethodDef methods

* dotnet: update function.py copyright header
 2022-12-19 15:06:16 -07:00
Mike Hunhoff
e0491097b0 dotnet: emit API features for generic methods (#1231) 
* dotnet: emit API features for generic methods

* dotnet: improve type checking

* dotnet: emit namespace/class features for generic methods

* dotnet: update for dnfile 0.13.0

* dotnet: refactor property extraction
 2022-12-19 14:45:21 -07:00
Willi Ballenthin
613c185428 tests: fix broken test 2022-12-14 11:51:25 +01:00
Willi Ballenthin
81500a4d1d black 2022-12-14 10:48:00 +01:00
Willi Ballenthin
b819033da0 lots of mypy 2022-12-14 10:37:39 +01:00
Willi Ballenthin
ee72ed4b53 tests: os: fix test 2022-12-12 14:06:17 +01:00
Capa Bot
5cd7f33d00 Sync capa-testfiles submodule 2022-12-12 12:29:44 +00:00
Willi Ballenthin
d6674c7548 Merge pull request #1222 from mandiant/fix/issue-1221 
elf: better detect linux ELF files
 2022-12-12 13:28:59 +01:00
Capa Bot
a46d7b3262 Sync capa-testfiles submodule 2022-12-12 12:18:01 +00:00
Willi Ballenthin
22bef146f8 tests: add OS detection tests 2022-12-12 11:40:43 +01:00
Willi Ballenthin
b26ed47ab8 tests: add OS detection tests 2022-12-12 11:40:32 +01:00
mr-tz
97f633312f skip smda tests until we remove the backend 2022-12-07 16:44:52 +01:00
Willi Ballenthin
1f091a4ccd tests: add tests demonstrating vverbose feature rendering 2022-12-07 12:58:10 +00:00
Willi Ballenthin
ed24db4460 extractors: remove SMDA backend 
closes #1210
closes #1062
 2022-12-06 15:33:17 +00:00
Capa Bot
0f99592903 Sync capa-testfiles submodule 2022-11-08 19:58:11 +00:00
Mike Hunhoff
20c7949be3 dotnet: emit features from newobj instruction (#1186) 2022-10-13 08:35:29 -06:00
Capa Bot
87455ed6dd Sync capa-testfiles submodule 2022-09-20 19:34:29 +00:00
Mike Hunhoff
e1735f0a5e update pydantic models to guarantee type coercion (#1176) 
* add CompoundStatement to fix Pydantic typing bug

* explorer: fix #1151

* explorer: support rendering operand number/offset
 2022-09-20 08:38:19 -06:00
Capa Bot
8521f85742 Sync capa-testfiles submodule 2022-09-19 14:26:32 +00:00
Mike Hunhoff
3c1cd67f60 dotnet: support property feature extraction (#1168) 2022-09-09 12:09:41 -06:00
Moritz
2441c18a85 fix: use int instead of Token to decouple extractor and features (#1158) 2022-09-08 11:09:17 -06:00
Moritz
3976e5858d feat: verify rule metadata format on load (#1160) 2022-09-08 10:56:59 -06:00
Capa Bot
cac041b869 Sync capa-testfiles submodule 2022-08-24 10:47:31 +00:00
Capa Bot
f4171c32cf Sync capa-testfiles submodule 2022-08-15 08:31:20 +00:00
Capa Bot
5823d421fd Sync capa-testfiles submodule 2022-08-01 20:50:09 +00:00
Capa Bot
045a64496e Sync capa-testfiles submodule 2022-08-01 20:36:11 +00:00