gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2026-06-12 11:01:31 -07:00
Code Issues Packages Projects Releases Wiki Activity

Commit Graph

  • 430de81711 Sync capa rules submodule master Capa Bot 2026-06-12 13:10:21 +00:00
  • 2c12cbb485 tests: add data-driven test fixtures for rule matcher (#2987) Willi Ballenthin 2026-06-11 13:42:29 +02:00
  • 0fba3e58ee tests: split out ELF OS detection fixtures into their own JSON Willi Ballenthin 2026-06-11 11:51:12 +02:00
  • 028aa533b1 tests: add more ELF OS detection cases (#3099) Willi Ballenthin 2026-06-11 10:42:10 +02:00
  • e69eb70d55 Sync capa-testfiles submodule Capa Bot 2026-06-11 08:19:25 +00:00
  • 8a18bd0e54 tests: add more granular ELF OS detection tests, data-driven (#3098) Willi Ballenthin 2026-06-11 10:18:14 +02:00
  • ccf3a87e83 tests: add snapshot tests for feature extraction (#3069) Willi Ballenthin 2026-06-09 23:28:49 +02:00
  • 58bfa7607e Sync capa-testfiles submodule Capa Bot 2026-06-09 21:27:35 +00:00
  • adffa80e8f ida: show addresses for file level features in rulegen (#3009) lakshit verma 2026-06-05 15:02:46 +05:30
  • c592100495 build(deps-dev): bump vitest from 3.0.9 to 4.1.0 in /web/explorer (#3092) dependabot[bot] 2026-06-05 10:39:38 +02:00
  • 33701d67ae Merge pull request #3090 from corkamig/rva_deprecation Ange Albertini 2026-06-03 08:45:52 +02:00
  • f1e2dfc29a build(deps): bump pyelftools from 0.32 to 0.33 dependabot/pip/pyelftools-0.33 dependabot[bot] 2026-06-02 19:49:10 +00:00
  • 09f5bd5a5c Version number for deprecation Ange Albertini 2026-06-02 09:26:13 +02:00
  • cfff133ae0 Formatting Ange Albertini 2026-06-01 15:38:21 +00:00
  • 687e07320e Issue link Ange Albertini 2026-06-01 17:31:40 +02:00
  • a14b463541 More information for RVA deprecation Ange Albertini 2026-06-01 17:24:39 +02:00
  • 5917948849 Merge branch 'master' into rva_deprecation Ange Albertini 2026-05-28 19:46:15 +02:00
  • a07b597ee1 build(deps): bump protobuf from 7.34.0 to 7.35.0 (#3089) dependabot[bot] 2026-05-28 10:19:46 -06:00
  • 987338d0c9 build(deps): bump ida-settings from 3.2.2 to 3.4.1 (#3088) dependabot[bot] 2026-05-28 08:55:14 -06:00
  • 7962d97b9a Better test Ange Albertini 2026-05-28 14:00:41 +00:00
  • c134af2304 Formatting fix Ange Albertini 2026-05-28 13:34:48 +00:00
  • 7f458f1844 updated Changelog (RVA deprecation) Ange Albertini 2026-05-28 13:23:28 +00:00
  • 61c24ebcbb RelativeVirtualAddress deprecation warning Ange Albertini 2026-05-28 13:09:53 +00:00
  • 3eada453e5 Merge pull request #3065 from mandiant/dependabot/npm_and_yarn/web/explorer/postcss-8.5.12 Moritz 2026-05-26 12:01:16 +02:00
  • 88ba8f77ae Sync capa rules submodule Capa Bot 2026-05-22 14:14:51 +00:00
  • c619ef51f6 Sync capa rules submodule Capa Bot 2026-05-22 11:42:31 +00:00
  • 9ac688b8c3 build(deps-dev): bump js-cookie from 3.0.5 to 3.0.7 in /web/explorer (#3086) Moritz 2026-05-22 09:36:06 +02:00
  • d17bc6e14c build(deps-dev): bump js-cookie from 3.0.5 to 3.0.7 in /web/explorer dependabot[bot] 2026-05-21 21:24:12 +00:00
  • 7e00d2882e Sync capa rules submodule Capa Bot 2026-05-21 07:02:20 +00:00
  • 54da63ef2b Sync capa-testfiles submodule Capa Bot 2026-05-20 18:37:49 +00:00
  • 7fea0cebcb Sync capa-testfiles submodule Capa Bot 2026-05-20 10:08:27 +00:00
  • 0f1e0a28f5 Sync capa-testfiles submodule Capa Bot 2026-05-20 09:13:46 +00:00
  • c4e272ae75 Sync capa rules submodule Capa Bot 2026-05-20 09:08:30 +00:00
  • 49bf8315cd Sync capa-testfiles submodule Capa Bot 2026-05-20 08:23:02 +00:00
  • 8572bd63e9 Sync capa-testfiles submodule Capa Bot 2026-05-20 08:10:43 +00:00
  • d9014d055e Sync capa-testfiles submodule Capa Bot 2026-05-20 07:49:30 +00:00
  • 1fd598e259 Sync capa rules submodule Capa Bot 2026-05-20 07:09:28 +00:00
  • ffa7eccc08 update CHANGELOG fix/optimize-some-statement Mike Hunhoff 2026-05-19 20:04:34 +00:00
  • 2e2e3c7708 Optimize Some Statement Evaluation and Fix Correctness Mismatches Mike Hunhoff 2026-05-19 19:58:58 +00:00
  • 2ed20e42ba build(deps): bump pyghidra from 3.0.0 to 3.1.0 (#3081) dependabot[bot] 2026-05-19 09:53:19 -06:00
  • a98fd8240e fix duplicate rule candidate evaluation in optimized matching engine (#3080) Mike Hunhoff 2026-05-18 17:40:55 -06:00
  • ced180ddbc perf: optimize all_zeros using fast bytes comparison (#3078) Mike Hunhoff 2026-05-18 02:20:10 -06:00
  • db0e1536ce incorrect bytes() constructor usage in buf_filled_with (#3077) Mike Hunhoff 2026-05-16 05:14:24 -06:00
  • bbe050437b remove redundant code related to cli loading (#3076) Mike Hunhoff 2026-05-15 15:20:46 -06:00
  • 7e06ba0ffe Sync capa rules submodule Capa Bot 2026-05-15 19:12:21 +00:00
  • d889085aad Sync capa rules submodule Capa Bot 2026-05-15 18:22:47 +00:00
  • cb5f56a02c Sync capa rules submodule Capa Bot 2026-05-15 14:06:20 +00:00
  • 5e8d8ac994 Sync capa rules submodule Capa Bot 2026-05-15 10:32:59 +00:00
  • 8acb79ab7b build(deps-dev): bump mypy from 1.20.0 to 2.1.0 (#3070) dependabot[bot] 2026-05-13 15:05:51 -06:00
  • 4618822884 Sync capa-testfiles submodule Capa Bot 2026-05-13 17:50:02 +00:00
  • f9973d71be build(deps): bump markdown-it-py from 4.0.0 to 4.2.0 (#3071) dependabot[bot] 2026-05-13 11:28:45 -06:00
  • dba405912d build(deps-dev): bump pytest from 9.0.2 to 9.0.3 (#3064) dependabot[bot] 2026-05-13 11:26:51 -06:00
  • 237a9bd995 build(deps-dev): bump build from 1.4.0 to 1.5.0 (#3067) dependabot[bot] 2026-05-11 14:04:25 -06:00
  • 2f35d9cd2a build(deps-dev): bump mypy-protobuf from 5.0.0 to 5.1.0 (#3068) dependabot[bot] 2026-05-11 14:02:59 -06:00
  • 61adf156ee tests: xfail a few known Ghidra analysis failures Willi Ballenthin 2026-05-11 10:42:38 +02:00
  • a1ff01bc44 fix: Windows path reference in main Willi Ballenthin 2026-05-11 09:38:43 +02:00
  • 2cd07666bf changelog Willi Ballenthin 2026-04-21 15:46:14 +03:00
  • a82f4aea88 bump submodules Willi Ballenthin 2026-05-11 08:59:37 +02:00
  • 9ba497f6f7 idalib: remove custom idalib loading Willi Ballenthin 2026-05-11 08:52:47 +02:00
  • b5f81e30f0 tests: add negative substring feature test fixture Willi Ballenthin 2026-04-28 15:25:47 +02:00
  • eb258c719f tests: cleanup tests and fixtures Willi Ballenthin 2026-04-21 17:04:41 +03:00
  • 2604c91668 fix: lints Willi Ballenthin 2026-04-21 16:45:14 +03:00
  • 3e2c017dfd tests: ida: better handle stale databases and concurrent access Willi Ballenthin 2026-04-21 16:26:53 +03:00
  • 018e5b45e5 tests: cleanup tests and fixtures Willi Ballenthin 2026-04-17 12:31:22 +02:00
  • 745cb037d4 rules: parse operand features Willi Ballenthin 2026-05-11 09:11:40 +02:00
  • 251a4e285f tests: consolidate feature test fixtures and runners Willi Ballenthin 2026-04-15 13:51:56 +02:00
  • 9fd4f8dd74 tests: migrate to data-driven fixtures Willi Ballenthin 2026-04-02 14:10:31 +02:00
  • 65573944d7 rules: introduce helper to parse features from parts Willi Ballenthin 2026-04-13 15:40:08 +02:00
  • 5a60f3a0f8 fix: register all data-ref addresses for imports in Ghidra helpers Willi Ballenthin 2026-05-08 09:52:26 +02:00
  • 99b3cfe096 fix: use singular get_segment_at API in binja file string extractor Willi Ballenthin 2026-05-08 09:52:19 +02:00
  • a28fcce72b fix: linter tests needing placeholder rule sets to function Willi Ballenthin 2026-05-07 15:07:15 +02:00
  • 5ca6c3e35b gitignore: script test temp files Willi Ballenthin 2026-05-07 15:07:15 +02:00
  • b505ba7621 fix: remove unused imports and un-suppress F401 Willi Ballenthin 2026-05-07 12:40:42 +02:00
  • 309231f261 fix: ghidra and binja file strings yield FileOffsetAddress Willi Ballenthin 2026-05-07 12:34:22 +02:00
  • 57e730fad2 fix: binja embedded PE yields FileOffsetAddress via segment data_offset Willi Ballenthin 2026-05-07 12:33:52 +02:00
  • c9cb43a839 fix: elffile imports use AbsoluteVirtualAddress for ELF r_offset Willi Ballenthin 2026-05-07 12:33:26 +02:00
  • 9b93e90e63 fix: wrap binja function name addresses in AbsoluteVirtualAddress Willi Ballenthin 2026-05-07 12:33:01 +02:00
  • 4e80400711 fix: ghidra: don't emit VAs for embedded PEs Willi Ballenthin 2026-05-07 12:28:10 +02:00
  • 330b64137e fix: ida: correctly emit file offsets for embedded PEs Willi Ballenthin 2026-05-07 12:27:49 +02:00
  • 43d65361ce gitignore: CLAUDE.local.md Willi Ballenthin 2026-04-27 10:06:28 +02:00
  • 8fca21f808 linter: validate dynamic example offsets Willi Ballenthin 2026-05-07 12:10:59 +02:00
  • 8e464e6041 fix: formatting Willi Ballenthin 2026-04-27 13:56:16 +02:00
  • 555bbdecda fix: guard getByteDef against None for unmapped addresses in viv insn extractor Willi Ballenthin 2026-04-24 14:14:15 +02:00
  • c8d47085ee fix: remove unused imports from cache-ruleset.py, detect-binexport2-capabilities.py, show-capabilities-by-function.py Willi Ballenthin 2026-04-22 22:27:51 +03:00
  • 7a8a0acaa9 fix: remove dead except ValueError clause in capa2sarif.py so JSONDecodeError is caught correctly Willi Ballenthin 2026-04-22 22:26:13 +03:00
  • 7d8714098c fix: dedent bulk-process.py main() body so explicit argv is used Willi Ballenthin 2026-04-22 22:23:57 +03:00
  • a938c87fa4 fix: guard statistics calls in compare-backends.py against empty duration lists Willi Ballenthin 2026-04-22 22:21:24 +03:00
  • 604fae3519 fix: replace zipfile with pyzipper in minimize_vmray_results.py so output archive is AES-encrypted Willi Ballenthin 2026-04-22 22:19:59 +03:00
  • e474e477f1 fix: assign yara_strings/yara_condition to empty string when Some has cmin=0 to prevent UnboundLocalError Willi Ballenthin 2026-04-22 22:16:41 +03:00
  • ae4c2ec82d fix: parenthesize s_type checks in capa2yara so kid.name guard applies to And/Or/Not uniformly Willi Ballenthin 2026-04-22 22:15:00 +03:00
  • fc7f0533d7 fix: correct operator precedence in FeatureRegexRegistryControlSetMatchIncomplete Willi Ballenthin 2026-04-22 22:10:59 +03:00
  • 861f3b8619 fix: FeatureRegexRegistryControlSetMatchIncomplete checks all Regex features Willi Ballenthin 2026-04-22 22:05:20 +03:00
  • bfa09f817b fix: guard MissingStaticScope and MissingDynamicScope against absent scopes dict Willi Ballenthin 2026-04-22 22:02:35 +03:00
  • c5ae9be3e1 fix: MissingExampleOffset lint reads scopes.static instead of obsolete scope key Willi Ballenthin 2026-04-22 21:58:19 +03:00
  • 4da1addfb3 fix: invert scope filter in import-to-ida.py so function-scope rules are annotated Willi Ballenthin 2026-04-22 21:54:53 +03:00
  • 74010ba03f fix: remove dead string literal in test_detect_duplicate_features Willi Ballenthin 2026-04-22 21:31:24 +03:00
  • f93e342e74 fix: remove duplicate Rule.from_yaml call in test_scope_instruction_description Willi Ballenthin 2026-04-22 20:38:15 +03:00
  • ad538f7ac3 fix: remove unused imports from test_freeze_dynamic.py Willi Ballenthin 2026-04-22 20:37:16 +03:00
  • cb1951dd90 fix: correct test_json_meta loop to iterate list of function dicts and use correct serialized address format for matched_basic_blocks assertion Willi Ballenthin 2026-04-22 20:34:40 +03:00
  • f11c99d0e4 fix: remove unreachable StaticAnalysis assert in assert_meta and cover dynamic proto path Willi Ballenthin 2026-04-22 20:31:53 +03:00