gitea-mirror/capa - capa - Gitea: Git with a cup of tea

mirror of https://github.com/mandiant/capa.git synced 2025-12-23 07:28:34 -08:00

Author	SHA1	Message	Date
mr-tz	eba1989c9f	Merge branch 'master' into fix-1062	2023-01-03 18:46:41 +01:00
Mike Hunhoff	b68be0c2ce	dotnet: emit namespace/class features for type references (#1242 ) * dotnet: emit namespace/class features for type references * dotnet: pre-compute .NET token caches	2022-12-21 15:59:29 -07:00
Mike Hunhoff	50490e6a93	dotnet: emit namespace/class features for ldvirtftn/ldftn instructions (#1241 ) * dotnet: emit namespace/class features for ldvirtftn/ldftn instructions * dotnet: add unit tests for ldftn/ldvirtftn namespace/class features	2022-12-20 13:29:29 -07:00
Mike Hunhoff	4ece47c64c	dotnet: emit calls to/from MethodDef methods (#1236 ) * dotnet: emit calls to/from MethodDef methods * dotnet: update function.py copyright header	2022-12-19 15:06:16 -07:00
Mike Hunhoff	e0491097b0	dotnet: emit API features for generic methods (#1231 ) * dotnet: emit API features for generic methods * dotnet: improve type checking * dotnet: emit namespace/class features for generic methods * dotnet: update for dnfile 0.13.0 * dotnet: refactor property extraction	2022-12-19 14:45:21 -07:00
Willi Ballenthin	22bef146f8	tests: add OS detection tests	2022-12-12 11:40:43 +01:00
Willi Ballenthin	ed24db4460	extractors: remove SMDA backend closes #1210 closes #1062	2022-12-06 15:33:17 +00:00
Mike Hunhoff	20c7949be3	dotnet: emit features from newobj instruction (#1186 )	2022-10-13 08:35:29 -06:00
Mike Hunhoff	3c1cd67f60	dotnet: support property feature extraction (#1168 )	2022-09-09 12:09:41 -06:00
Moritz	2441c18a85	fix: use int instead of Token to decouple extractor and features (#1158 )	2022-09-08 11:09:17 -06:00
William Ballenthin	faf414e3d8	tests: add more dotnet tests	2022-06-08 13:28:53 -06:00
Willi Ballenthin	c73db051c1	fixtures: add path to extractors	2022-06-06 15:13:11 -06:00
Willi Ballenthin	1a290a38c4	Merge branch 'master' into feature-981	2022-06-06 14:07:51 -06:00
Mike Hunhoff	3514d5c05c	dotnet: support file/function scope class and namespace features (#1030 )	2022-05-26 11:19:31 -06:00
Moritz Raabe	b2853cc56b	feat: update dnfile tests and extractor	2022-05-12 18:37:02 +02:00
Moritz Raabe	716a73dfb4	feat: add handles and type annotations	2022-05-12 15:42:25 +02:00
Willi Ballenthin	78e9280a93	Merge branch 'master' into feature-981	2022-05-11 13:20:48 -06:00
Willi Ballenthin	07e35780d3	Merge branch 'master' into fix-988	2022-05-11 13:10:45 -06:00
Willi Ballenthin	a6427364e0	tests: add test demonstrating elf OS detection	2022-05-11 13:09:12 -06:00
Mike Hunhoff	0d849142ba	dotnet: emit mixed mode characteristic (#1024 )	2022-05-06 14:32:06 -06:00
Mike Hunhoff	6fb9dd961a	dotnet: emit unmanaged call characteristic (#1023 )	2022-05-06 13:05:48 -06:00
Mike Hunhoff	a9c9b3cea8	dotnet: extract file function names (#1015 )	2022-05-06 08:34:50 -06:00
Mike Hunhoff	24c4215820	dotnet: add file string parsing (#1012 )	2022-05-05 13:39:29 -06:00
Willi Ballenthin	808b7fb4dc	dnfile: fix types	2022-04-08 18:33:12 -06:00
Mike Hunhoff	580a2d7e45	dotnet: basic detection and feature extraction (#987 )	2022-04-08 14:55:00 -06:00
Willi Ballenthin	1c7b6bcf7d	fixtures: use function that IDA doesn't recognize as lib func	2022-04-06 15:07:35 -06:00
Willi Ballenthin	b843cef986	tests: add tests for #320	2022-04-06 14:38:56 -06:00
Willi Ballenthin	0e95691cde	tests: fixtures: enable assertions against instruction scope	2022-04-06 14:38:33 -06:00
Willi Ballenthin	ecabd557a7	*: remove /x32 and /x64 flavors from number and offset features	2022-04-05 10:35:41 -06:00
Willi Ballenthin	9da4ff10da	*: rename OperandImmediate to OperandNumber	2022-03-31 10:37:06 -06:00
Willi Ballenthin	997daf537e	viv: insn: extract OperandOffset and OperandImmediate	2022-03-30 13:14:08 -06:00
Baptistin Boilot	4d915020a8	extractor: add characteristic(call $+5) feature extraction for vivisect and smda	2022-02-27 18:15:25 +01:00
Baptistin Boilot	8474369575	tests: add fixtures for two's complement numbers Add fixtures to validate the following number features: - number(0x0): to check feature extraction for null number - number(0xFFFFFFFF): to check feature extraction for -1 number - number(0xFFFFFFF0): to check feature extraction for negative number (-0x10 in this case)	2021-12-31 20:08:56 +01:00
William Ballenthin	a1075b63ec	tests: add demonstration of bb layout	2021-10-26 15:20:08 -06:00
William Ballenthin	32244b2641	fixtures: fix extraction of global features	2021-09-04 16:12:51 -06:00
William Ballenthin	122fdc69e3	fixtures: name error	2021-09-04 16:00:49 -06:00
William Ballenthin	39e4e47763	pep8	2021-09-04 15:59:38 -06:00
William Ballenthin	2ea4dc9d7e	tests: fixtures: extract global features at each scope	2021-09-04 15:58:32 -06:00
William Ballenthin	2989732637	tests: fix fva of substring test function	2021-08-24 16:32:27 -06:00
William Ballenthin	db45068357	tests: fix tests for substring	2021-08-24 16:13:41 -06:00
William Ballenthin	6989e8b8cf	rules: add substring feature closes #737	2021-08-24 11:35:01 -06:00
William Ballenthin	8e689c39f4	features: add Arch feature at global scope	2021-08-16 17:06:56 -06:00
William Ballenthin	738fa9150e	fixtures: update tests to account for Format scope	2021-08-16 16:39:40 -06:00
William Ballenthin	ab1326f858	features: move OS and Format to their own features, not characteristics	2021-08-16 16:28:26 -06:00
William Ballenthin	f013815b2a	features: rename legacy term `arch` to `bitness` makes space for upcoming feature `arch: ` for things like i386/amd64/aarch64	2021-08-16 12:21:25 -06:00
William Ballenthin	05f8e2445a	fixtures: add tests demonstrating extraction of features from ELF files	2021-08-11 09:29:05 -06:00
William Ballenthin	753b003107	pep8	2021-08-11 09:23:41 -06:00
William Ballenthin	97092c91db	tests: assert absence of the wrong os/format	2021-08-11 09:13:56 -06:00
William Ballenthin	20859d2796	extractors: pefile: extract OS and format	2021-08-11 09:11:29 -06:00
Moritz Raabe	6fc2037f45	update sig file names	2021-06-30 08:54:37 +02:00

1 2 3

108 Commits