Commit Graph

519 Commits

Author SHA1 Message Date
William Ballenthin 89ad582af5 main: flirt: pat: ensure posix-style line endings 2021-04-27 11:05:21 -06:00
William Ballenthin 6ec89baf26 pep8 2021-04-26 12:12:51 -06:00
William Ballenthin 76cd530a0f flirt: py3 2021-04-26 12:11:59 -06:00
William Ballenthin f6a105bcc1 pep8 2021-04-26 12:09:39 -06:00
William Ballenthin 75eed82d33 main: clarify that get_workspace caller is responsible for saving 2021-04-26 12:08:20 -06:00
William Ballenthin c79f461e39 Merge branch 'master' into function-id-flirt 2021-04-26 09:47:42 -06:00
William Ballenthin 3111593ab8 pep8 2021-04-26 08:34:36 -06:00
Willi Ballenthin 5ceb515325 Merge pull request #528 from fireeye/williballenthin-patch-2
explorer: readme: document IDA 7.6 patch
2021-04-13 08:54:59 -06:00
Willi Ballenthin 8938744e3e Merge pull request #497 from fireeye/williballenthin-patch-1
ida: support 7.6
2021-04-13 08:54:51 -06:00
Willi Ballenthin a07bcbff2e explorer: readme: document IDA 7.6 patch
closes #496
2021-04-13 08:33:37 -06:00
Moritz Raabe d1cd4ef259 move auto format check 2021-04-09 11:59:30 +02:00
Moritz 309a9abb8a Merge pull request #521 from fireeye/auto-detect-sc-extension
auto detect shellcode file extensions
2021-04-09 11:13:25 +02:00
Michael Hunhoff 503a723611 updating capa explorer doc 2021-04-08 14:06:23 -06:00
Moritz Raabe 998f4a6bad auto detect shellcode file extensions 2021-04-08 18:49:22 +02:00
Ana Maria Martinez Gomez bbff3016fe doc: Update Python 2 related documentation
Update documentation and code comments which mention Python 2.
2021-04-07 18:20:08 +02:00
Ana Maria Martinez Gomez 0465333aa4 py3: Python 3 knows about cp65001
Python 2 doesn't know about `cp65001`. But Python 3 does. Since Python
3.8 `cp65001` is an alias to `utf_8`. But not before Python 3.8 and it
used to cause some problems:
https://bugs.python.org/issue36778
Keep this code to ensure same behavior for all Python versions.
2021-04-07 18:20:08 +02:00
Ana Maria Martinez Gomez 28406dafa1 py3: codecs.decode doesn't raise TypeError
`codecs.decode` doesn't raise `TypeError` in Python 3. Just obey the
comment!
2021-04-07 18:20:08 +02:00
Ana Maria Martinez Gomez 73a49c6a1f py3: remove rstrip("L") needed in Python 2
In Python 3, long integers are not formatted with a trailing `L`, so
this code is not longer needed.
2021-04-07 18:20:08 +02:00
Ana Maria Martinez Gomez 4028171f59 py3: use python3 in shebang 2021-04-07 18:20:08 +02:00
Ana Maria Martinez Gomez 5d341ba078 py3: remove six
As we are not supporting Python 2 any longer, we can stop using six and
use the equivalent Python 3 method instead.
2021-04-07 18:20:07 +02:00
Ana Maria Martinez Gomez 058b61b10c py3: prevent that capa is run with Python2
Raise an exception from main if capa is run with Python < 3.6 to avoid
any silly issues reported to GitHub.
2021-04-07 18:20:07 +02:00
Ana Maria Martinez Gomez aa4d6305af py3: remove py2/3 branches
Remove `if-else`s with a condition like `sys.version_info >= (3, 0)`.
2021-04-07 18:20:06 +02:00
Ana Maria Martinez Gomez 576211c4ef version: bump to v1.6.1 2021-04-07 11:11:43 +02:00
Michael Hunhoff 5d1c6f54cd updating capa explorer README 2021-03-25 14:30:28 -06:00
Michael Hunhoff 87cdf837e6 merging upstream 2021-03-25 12:42:36 -06:00
Michael Hunhoff c48b46e932 explorer: adding checks to validate matched data when searching 2021-03-24 15:33:20 -06:00
Michael Hunhoff e51c79c241 adding lint for incorrect rule string format, refined rendering for strings 2021-03-23 15:55:48 -06:00
Willi Ballenthin e22113c20d ida: support 7.6
closes #496
2021-03-23 08:43:33 -06:00
Moritz 71b21aec59 Merge pull request #492 from fireeye/ignore-gitfiles
rule loading: ignore files starting with .git
2021-03-23 08:16:29 +01:00
Michael Hunhoff 7f3e8f1fb1 adding support to match subscope rules and auto insert child statements when creating a new basic block subscope 2021-03-22 17:12:13 -06:00
Moritz Raabe 44f517c20d rule loading: ignore files starting with .git 2021-03-22 18:11:29 +01:00
Michael Hunhoff 7bf8c6e3a1 merging upstream 2021-03-22 10:33:36 -06:00
Michael Hunhoff 31ea683335 merge upstream 2021-03-22 09:53:07 -06:00
Moritz c243158d7c Merge pull request #486 from fireeye/fix/eol-improvements
EOL improvements
2021-03-22 09:58:29 +01:00
Moritz Raabe 7e0b5236af better deal with CRLF/LF issues 2021-03-19 09:40:43 +01:00
William Ballenthin 177605aaf8 flirt: enable only on py3, ignore otherwise 2021-03-15 13:38:29 -06:00
Michael Hunhoff 3d2b4dcc26 adding support for multi-line tab and SHIFT + Tab 2021-03-11 17:13:43 -07:00
Michael Hunhoff c7d24ee290 adding support for string features with special characters e.g. '\n' 2021-03-10 13:56:54 -07:00
Michael Hunhoff b8efe585d5 fix 463, improve settings UI 2021-03-09 14:56:44 -07:00
Michael Hunhoff e1a8641399 fixes 462, default to empty string when accessing rule path stored in ida_settings 2021-03-09 12:09:35 -07:00
Ana Maria Martinez Gomez 5596d5f8b2 version: bump to v1.6.0 2021-03-09 10:36:26 +01:00
William Ballenthin ff8a6f1d57 main: use default signature set found in source directory 2021-03-05 15:45:56 -07:00
William Ballenthin 1e8919c6e6 pep8 2021-03-05 15:27:44 -07:00
William Ballenthin 1ee7b7b856 merge master 2021-03-05 15:23:47 -07:00
Willi Ballenthin 9f743f1c59 main: fix reference error 2021-03-05 13:19:54 -07:00
William Ballenthin 063e1229bc pep8 2021-03-05 11:10:12 -07:00
William Ballenthin eacd70329a merge from master, sorry 2021-03-05 11:06:40 -07:00
William Ballenthin f2749d884f main: factor out common cli argument handling
ref #449
2021-03-05 10:57:39 -07:00
William Ballenthin 1a93999cc0 capa: main: factor loading of flirt signatures into its own routine 2021-03-05 08:34:33 -07:00
William Ballenthin d3caecc551 pep8 2021-03-04 18:06:06 -07:00