gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2026-06-29 01:38:35 -07:00
Code Issues Packages Projects Releases Wiki Activity
Files
3bce2a9b623ab1ce04bdabf64442f4d9134675bb
capa/web/explorer
T
History
Devyansh Somvanshi d97b61551d webui: show error when JSON does not follow expected result document schema (#2871) 
* webui: show error when JSON does not follow expected schema

Validate result document has required fields (meta, meta.version,
meta.analysis, meta.analysis.layout, rules) after parse. Show
user-friendly error; for URL loads suggest reanalyzing (e.g. VT).

Fixes #2363

* webui: fix array validation bug and deduplicate VT suggestion string

- introduce isInvalidObject() helper (checks !v || typeof !== "object" || Array.isArray)
  so that arrays are correctly rejected in schema validation
- extract VT_REANALYZE_SUGGESTION constant to eliminate the duplicated string
  in loadRdoc()

Addresses review feedback on #2871

* webui: address review - validate feature_counts, hoist VT_REANALYZE_SUGGESTION

- Add validation for meta.analysis.feature_counts in validateRdocSchema()
  so parseFunctionCapabilities and other consumers do not hit missing/invalid
  feature_counts at runtime.
- Require feature_counts to have either 'functions' or 'processes' array
  (static vs dynamic result documents).
- Move VT_REANALYZE_SUGGESTION to module top level to avoid redefining
  on every loadRdoc call.

* webui: allow file-scoped-only result documents in schema validation

- Validation: allow feature_counts without functions/processes arrays; if
  present they must be arrays.
- rdocParser: default feature_counts.functions to [] when missing so
  file-scoped-only docs do not throw.

* webui: remove leading space from VT_REANALYZE_SUGGESTION constant

Per review feedback: the concatenation at call sites handles spacing,
so the constant should not carry a leading space.
2026-02-26 09:35:24 -07:00
..
public
move webui to web/explorer
2024-08-05 15:17:04 +02:00
releases
🤖 explorer web: add release capa-explorer-web-v1.0.0-6a2330c
2024-11-27 13:03:18 +00:00
src
webui: show error when JSON does not follow expected result document schema (#2871)
2026-02-26 09:35:24 -07:00
.eslintrc.cjs
[copyright + license] Add missing headers
2025-01-15 08:52:42 -07:00
.gitignore
ci: add web releases workflow
2024-10-09 18:07:48 +02:00
.prettierrc.json
Update web pages (#2354)
2024-09-11 20:28:04 +02:00
DEVELOPMENT.md
Update web pages (#2354)
2024-09-11 20:28:04 +02:00
index.html
[copyright + license] Add missing headers
2025-01-15 08:52:42 -07:00
jsconfig.json
fix formatting
2024-08-08 08:12:50 +02:00
package-lock.json
build(deps-dev): bump lodash from 4.17.21 to 4.17.23 in /web/explorer (#2833)
2026-01-22 08:56:03 -07:00
package.json
build(deps-dev): bump vite from 6.4.0 to 6.4.1 in /web/explorer
2025-10-21 04:19:00 +00:00
README.md
Update web pages (#2354)
2024-09-11 20:28:04 +02:00
vite.config.js
[copyright + license] Add missing headers
2025-01-15 08:52:42 -07:00
vitest.config.js
[copyright + license] Add missing headers
2025-01-15 08:52:42 -07:00

README.md

capa Explorer Web

capa Explorer Web is a browser-based user interface for exploring program capabilities identified by capa. It provides an intuitive and interactive way to analyze and visualize the results of capa analysis.

Features

  • Import capa Results: Easily upload or import capa JSON result files.
  • Interactive Tree View: Explore and filter rule matches in a hierarchical structure.
  • Function Capabilities: Group and filter capabilities by function for static analysis.
  • Process Capabilities: Group capabilities by process for dynamic analysis.

Getting Started

  1. Access the application: Open capa Explorer Web in your web browser. You can start using capa Explorer Web by accessing https://mandiant.github.io/capa or running it locally by downloading the offline release from the top right-hand corner and opening it in your web browser.

  2. Import capa results:

    • Click on "Upload from local" to select a capa analysis document file from your computer (with a version higher than 7.0.0).
      • You can generate the analysis document by running capa.exe -j results.json sample.exe_
    • Or, paste a URL to a capa JSON file and click the arrow button to load it.
      • Like for the other import mechanisms, loading of both plain (.json) and GZIP compressed JSON (.json.gz) files is supported).
    • Alternatively, use the "Preview Static" or "Preview Dynamic" for sample data.

  3. Explore the results:

    • Use the tree view to navigate through the identified capabilities.
    • Toggle between different views using the checkboxes in the settings panel:
      • "Show capabilities by function/process" for grouped analysis.
      • "Show distinct library rule matches" to include or exclude library rules.
      • "Show columns filters" to show per-column search filters.

  4. Interact with the results:

    • Expand/collapse nodes in the table to see more details by clicking rows or clicking arrow icons.
    • Use the search and filter options to find specific features, functions or capabilities (rules).
    • Right click on rule names (and match nodes) to view their source code or additional information.

Feedback and Contributions

We welcome your feedback and contributions to improve the web-based capa explorer. Please report any issues or suggest enhancements through the capa GitHub repository.

For developers interested in building or contributing to capa Explorer Web, please refer to our Development Guide.

Reference in New Issue View Git Blame Copy Permalink