From 1188103d1ca826a26642993a99e47eae6a6351d0 Mon Sep 17 00:00:00 2001 From: William Ballenthin Date: Thu, 2 Jul 2020 10:52:05 -0600 Subject: [PATCH] pep8: isort --- capa/features/__init__.py | 3 +- capa/features/extractors/ida/__init__.py | 3 +- capa/features/extractors/ida/basicblock.py | 11 +++--- capa/features/extractors/ida/file.py | 15 ++++---- capa/features/extractors/ida/function.py | 2 +- capa/features/extractors/ida/helpers.py | 4 +-- capa/features/extractors/ida/insn.py | 14 +++----- capa/features/extractors/loops.py | 2 +- capa/features/extractors/strings.py | 1 - capa/features/extractors/viv/__init__.py | 15 ++++---- capa/features/extractors/viv/basicblock.py | 2 +- capa/features/extractors/viv/file.py | 7 ++-- .../features/extractors/viv/indirect_calls.py | 3 +- capa/features/extractors/viv/insn.py | 14 +++----- capa/features/freeze.py | 6 ++-- capa/ida/explorer/item.py | 7 ++-- capa/ida/explorer/model.py | 34 +++++++++---------- capa/ida/explorer/view.py | 10 ++---- capa/ida/helpers/__init__.py | 2 +- capa/ida/ida_capa_explorer.py | 6 ++-- capa/ida/ida_rule_generator.py | 10 ++---- capa/ida/plugin_helpers.py | 6 ++-- capa/main.py | 4 +-- capa/render/__init__.py | 1 + capa/rules.py | 5 ++- scripts/capafmt.py | 1 - scripts/lint.py | 1 - scripts/migrate-rules.py | 5 ++- scripts/testbed/freeze_features.py | 1 - scripts/testbed/run_rule_on_testbed.py | 3 -- setup.py | 1 - tests/fixtures.py | 1 - tests/test_freeze.py | 4 +-- tests/test_main.py | 3 +- tests/test_rules.py | 2 +- tests/test_viv_features.py | 5 ++- 36 files changed, 79 insertions(+), 135 deletions(-) diff --git a/capa/features/__init__.py b/capa/features/__init__.py index d4ee5ed5..db04b717 100644 --- a/capa/features/__init__.py +++ b/capa/features/__init__.py @@ -1,10 +1,9 @@ +import sys import codecs import logging -import sys import capa.engine - logger = logging.getLogger(__name__) MAX_BYTES_FEATURE_SIZE = 0x100 diff --git a/capa/features/extractors/ida/__init__.py b/capa/features/extractors/ida/__init__.py index bd69a36f..378a5c90 100644 --- a/capa/features/extractors/ida/__init__.py +++ b/capa/features/extractors/ida/__init__.py @@ -3,13 +3,12 @@ import types import idaapi -from capa.features.extractors import FeatureExtractor - import capa.features.extractors.ida.file import capa.features.extractors.ida.insn import capa.features.extractors.ida.helpers import capa.features.extractors.ida.function import capa.features.extractors.ida.basicblock +from capa.features.extractors import FeatureExtractor def get_va(self): diff --git a/capa/features/extractors/ida/basicblock.py b/capa/features/extractors/ida/basicblock.py index 11c2f626..b935318a 100644 --- a/capa/features/extractors/ida/basicblock.py +++ b/capa/features/extractors/ida/basicblock.py @@ -1,16 +1,15 @@ import sys -import struct -import string import pprint +import string +import struct -import idautils -import idaapi import idc - -from capa.features.extractors.ida import helpers +import idaapi +import idautils from capa.features import Characteristic from capa.features.basicblock import BasicBlock +from capa.features.extractors.ida import helpers from capa.features.extractors.helpers import MIN_STACKSTRING_LEN diff --git a/capa/features/extractors/ida/file.py b/capa/features/extractors/ida/file.py index 2b15d6ed..4824d770 100644 --- a/capa/features/extractors/ida/file.py +++ b/capa/features/extractors/ida/file.py @@ -1,18 +1,15 @@ -import struct import pprint +import struct -import idautils -import idaapi import idc +import idaapi +import idautils -from capa.features import String -from capa.features import Characteristic -from capa.features.file import Section -from capa.features.file import Export -from capa.features.file import Import -import capa.features.extractors.strings import capa.features.extractors.helpers +import capa.features.extractors.strings import capa.features.extractors.ida.helpers +from capa.features import String, Characteristic +from capa.features.file import Export, Import, Section def _ida_check_segment_for_pe(seg): diff --git a/capa/features/extractors/ida/function.py b/capa/features/extractors/ida/function.py index 564a8440..416aa495 100644 --- a/capa/features/extractors/ida/function.py +++ b/capa/features/extractors/ida/function.py @@ -1,5 +1,5 @@ -import idautils import idaapi +import idautils from capa.features import Characteristic from capa.features.extractors import loops diff --git a/capa/features/extractors/ida/helpers.py b/capa/features/extractors/ida/helpers.py index c4d3deac..0ddd450d 100644 --- a/capa/features/extractors/ida/helpers.py +++ b/capa/features/extractors/ida/helpers.py @@ -1,9 +1,9 @@ import sys import string -import idautils -import idaapi import idc +import idaapi +import idautils def find_byte_sequence(start, end, seq): diff --git a/capa/features/extractors/ida/insn.py b/capa/features/extractors/ida/insn.py index f40cbed3..4a784e3c 100644 --- a/capa/features/extractors/ida/insn.py +++ b/capa/features/extractors/ida/insn.py @@ -1,19 +1,13 @@ import pprint -import idautils -import idaapi import idc +import idaapi +import idautils -from capa.features import String -from capa.features import Bytes -from capa.features import Characteristic -from capa.features import MAX_BYTES_FEATURE_SIZE -from capa.features.insn import Number -from capa.features.insn import Offset -from capa.features.insn import Mnemonic import capa.features.extractors.helpers import capa.features.extractors.ida.helpers - +from capa.features import MAX_BYTES_FEATURE_SIZE, Bytes, String, Characteristic +from capa.features.insn import Number, Offset, Mnemonic _file_imports_cache = None diff --git a/capa/features/extractors/loops.py b/capa/features/extractors/loops.py index db156376..5376a55c 100644 --- a/capa/features/extractors/loops.py +++ b/capa/features/extractors/loops.py @@ -1,5 +1,5 @@ -from networkx.algorithms.components import strongly_connected_components from networkx import nx +from networkx.algorithms.components import strongly_connected_components def has_loop(edges, threshold=2): diff --git a/capa/features/extractors/strings.py b/capa/features/extractors/strings.py index 3826ad61..b935ec91 100644 --- a/capa/features/extractors/strings.py +++ b/capa/features/extractors/strings.py @@ -6,7 +6,6 @@ import re from collections import namedtuple - ASCII_BYTE = r" !\"#\$%&\'\(\)\*\+,-\./0123456789:;<=>\?@ABCDEFGHIJKLMNOPQRSTUVWXYZ\[\]\^_`abcdefghijklmnopqrstuvwxyz\{\|\}\\\~\t".encode( "ascii" ) diff --git a/capa/features/extractors/viv/__init__.py b/capa/features/extractors/viv/__init__.py index c5b0366b..1e27083d 100644 --- a/capa/features/extractors/viv/__init__.py +++ b/capa/features/extractors/viv/__init__.py @@ -2,17 +2,16 @@ import types import viv_utils -import capa.features.extractors -import capa.features.extractors.viv.file -import capa.features.extractors.viv.function -import capa.features.extractors.viv.basicblock -import capa.features.extractors.viv.insn -from capa.features.extractors import FeatureExtractor - import file +import insn import function import basicblock -import insn +import capa.features.extractors +import capa.features.extractors.viv.file +import capa.features.extractors.viv.insn +import capa.features.extractors.viv.function +import capa.features.extractors.viv.basicblock +from capa.features.extractors import FeatureExtractor __all__ = ["file", "function", "basicblock", "insn"] diff --git a/capa/features/extractors/viv/basicblock.py b/capa/features/extractors/viv/basicblock.py index 8d9a5232..ea795da5 100644 --- a/capa/features/extractors/viv/basicblock.py +++ b/capa/features/extractors/viv/basicblock.py @@ -1,5 +1,5 @@ -import struct import string +import struct import envi import vivisect.const diff --git a/capa/features/extractors/viv/file.py b/capa/features/extractors/viv/file.py index c88f328b..3e29437b 100644 --- a/capa/features/extractors/viv/file.py +++ b/capa/features/extractors/viv/file.py @@ -1,11 +1,8 @@ import PE.carve as pe_carve # vivisect PE -from capa.features import Characteristic -from capa.features.file import Export -from capa.features.file import Import -from capa.features.file import Section -from capa.features import String import capa.features.extractors.strings +from capa.features import String, Characteristic +from capa.features.file import Export, Import, Section def extract_file_embedded_pe(vw, file_path): diff --git a/capa/features/extractors/viv/indirect_calls.py b/capa/features/extractors/viv/indirect_calls.py index cee1d714..58d79cac 100644 --- a/capa/features/extractors/viv/indirect_calls.py +++ b/capa/features/extractors/viv/indirect_calls.py @@ -1,10 +1,9 @@ import collections import envi +import vivisect.const import envi.archs.i386.disasm import envi.archs.amd64.disasm -import vivisect.const - # pull out consts for lookup performance i386RegOper = envi.archs.i386.disasm.i386RegOper diff --git a/capa/features/extractors/viv/insn.py b/capa/features/extractors/viv/insn.py index fcfbb068..52c0362c 100644 --- a/capa/features/extractors/viv/insn.py +++ b/capa/features/extractors/viv/insn.py @@ -1,17 +1,11 @@ import envi.memory -import envi.archs.i386.disasm import vivisect.const +import envi.archs.i386.disasm -from capa.features import String -from capa.features import Bytes -from capa.features import Characteristic -from capa.features import MAX_BYTES_FEATURE_SIZE -from capa.features.insn import Number -from capa.features.insn import Offset -from capa.features.insn import Mnemonic import capa.features.extractors.helpers -from capa.features.extractors.viv.indirect_calls import NotFoundError -from capa.features.extractors.viv.indirect_calls import resolve_indirect_call +from capa.features import MAX_BYTES_FEATURE_SIZE, Bytes, String, Characteristic +from capa.features.insn import Number, Offset, Mnemonic +from capa.features.extractors.viv.indirect_calls import NotFoundError, resolve_indirect_call def interface_extract_instruction_XXX(f, bb, insn): diff --git a/capa/features/freeze.py b/capa/features/freeze.py index bfc20781..ac5363c0 100644 --- a/capa/features/freeze.py +++ b/capa/features/freeze.py @@ -44,16 +44,14 @@ import json import zlib import logging -import capa.features.extractors import capa.features import capa.features.file +import capa.features.insn import capa.features.function import capa.features.basicblock -import capa.features.insn - +import capa.features.extractors from capa.helpers import hex - logger = logging.getLogger(__name__) diff --git a/capa/ida/explorer/item.py b/capa/ida/explorer/item.py index 56862eee..e9df8ded 100644 --- a/capa/ida/explorer/item.py +++ b/capa/ida/explorer/item.py @@ -1,10 +1,9 @@ -import codecs import sys +import codecs -from PyQt5 import QtCore - -import idaapi import idc +import idaapi +from PyQt5 import QtCore import capa.ida.helpers diff --git a/capa/ida/explorer/model.py b/capa/ida/explorer/model.py index aa838a56..64bd581e 100644 --- a/capa/ida/explorer/model.py +++ b/capa/ida/explorer/model.py @@ -1,26 +1,24 @@ -from PyQt5 import QtCore, QtGui, Qt from collections import deque -import capa.render.utils as rutils - -import idaapi import idc - -from capa.ida.explorer.item import ( - CapaExplorerDataItem, - CapaExplorerDefaultItem, - CapaExplorerFunctionItem, - CapaExplorerRuleItem, - CapaExplorerStringViewItem, - CapaExplorerInstructionViewItem, - CapaExplorerByteViewItem, - CapaExplorerBlockItem, - CapaExplorerRuleMatchItem, - CapaExplorerFeatureItem, - CapaExplorerSubscopeItem, -) +import idaapi +from PyQt5 import Qt, QtGui, QtCore import capa.ida.helpers +import capa.render.utils as rutils +from capa.ida.explorer.item import ( + CapaExplorerDataItem, + CapaExplorerRuleItem, + CapaExplorerBlockItem, + CapaExplorerDefaultItem, + CapaExplorerFeatureItem, + CapaExplorerByteViewItem, + CapaExplorerFunctionItem, + CapaExplorerSubscopeItem, + CapaExplorerRuleMatchItem, + CapaExplorerStringViewItem, + CapaExplorerInstructionViewItem, +) # default highlight color used in IDA window DEFAULT_HIGHLIGHT = 0xD096FF diff --git a/capa/ida/explorer/view.py b/capa/ida/explorer/view.py index b43311da..ce8eba8b 100644 --- a/capa/ida/explorer/view.py +++ b/capa/ida/explorer/view.py @@ -1,13 +1,9 @@ -from PyQt5 import QtWidgets, QtCore, QtGui - -import idaapi import idc +import idaapi +from PyQt5 import QtGui, QtCore, QtWidgets +from capa.ida.explorer.item import CapaExplorerRuleItem, CapaExplorerFunctionItem from capa.ida.explorer.model import CapaExplorerDataModel -from capa.ida.explorer.item import ( - CapaExplorerFunctionItem, - CapaExplorerRuleItem, -) class CapaExplorerQtreeView(QtWidgets.QTreeView): diff --git a/capa/ida/helpers/__init__.py b/capa/ida/helpers/__init__.py index 7d29e2ec..7a230000 100644 --- a/capa/ida/helpers/__init__.py +++ b/capa/ida/helpers/__init__.py @@ -1,7 +1,7 @@ import logging -import idaapi import idc +import idaapi logger = logging.getLogger("capa") diff --git a/capa/ida/ida_capa_explorer.py b/capa/ida/ida_capa_explorer.py index 0735bd00..ec55c34f 100644 --- a/capa/ida/ida_capa_explorer.py +++ b/capa/ida/ida_capa_explorer.py @@ -2,16 +2,14 @@ import os import logging import collections -from PyQt5 import QtWidgets, QtGui, QtCore - import idaapi +from PyQt5 import QtGui, QtCore, QtWidgets import capa.main import capa.rules -import capa.features.extractors.ida import capa.ida.helpers import capa.render.utils as rutils - +import capa.features.extractors.ida from capa.ida.explorer.view import CapaExplorerQtreeView from capa.ida.explorer.model import CapaExplorerDataModel from capa.ida.explorer.proxy import CapaExplorerSortFilterProxyModel diff --git a/capa/ida/ida_rule_generator.py b/capa/ida/ida_rule_generator.py index ffa48376..1f26d325 100644 --- a/capa/ida/ida_rule_generator.py +++ b/capa/ida/ida_rule_generator.py @@ -5,19 +5,15 @@ import binascii import textwrap from collections import Counter, defaultdict -from PyQt5 import QtWidgets, QtCore -from PyQt5.QtWidgets import QTreeWidget, QTreeWidgetItem, QTextEdit, QHeaderView - import idc import idaapi +from PyQt5 import QtCore, QtWidgets +from PyQt5.QtWidgets import QTextEdit, QHeaderView, QTreeWidget, QTreeWidgetItem import capa import capa.main - -from capa.ida import plugin_helpers - import capa.features.extractors.ida.helpers - +from capa.ida import plugin_helpers logger = logging.getLogger("rulegen") diff --git a/capa/ida/plugin_helpers.py b/capa/ida/plugin_helpers.py index 4dd4756b..f8504435 100644 --- a/capa/ida/plugin_helpers.py +++ b/capa/ida/plugin_helpers.py @@ -1,12 +1,10 @@ import os import logging -from PyQt5.QtWidgets import QTreeWidgetItem, QTreeWidgetItemIterator -from PyQt5.QtCore import Qt - import idc import idaapi - +from PyQt5.QtCore import Qt +from PyQt5.QtWidgets import QTreeWidgetItem, QTreeWidgetItemIterator CAPA_EXTENSION = ".capas" diff --git a/capa/main.py b/capa/main.py index 29a85e35..34264ede 100644 --- a/capa/main.py +++ b/capa/main.py @@ -3,9 +3,9 @@ capa - detect capabilities in programs. """ import os -import os.path import sys import logging +import os.path import collections import tqdm @@ -19,10 +19,8 @@ import capa.version import capa.features import capa.features.freeze import capa.features.extractors - from capa.helpers import oint - SUPPORTED_FILE_MAGIC = set(["MZ"]) diff --git a/capa/render/__init__.py b/capa/render/__init__.py index 5132757e..1cdc96e5 100644 --- a/capa/render/__init__.py +++ b/capa/render/__init__.py @@ -1,4 +1,5 @@ import json + import six import capa.rules diff --git a/capa/rules.py b/capa/rules.py index 1dbf6d27..a616172e 100644 --- a/capa/rules.py +++ b/capa/rules.py @@ -7,15 +7,14 @@ import six import ruamel.yaml import capa.engine -from capa.engine import * import capa.features import capa.features.file +import capa.features.insn import capa.features.function import capa.features.basicblock -import capa.features.insn +from capa.engine import * from capa.features import MAX_BYTES_FEATURE_SIZE - logger = logging.getLogger(__name__) diff --git a/scripts/capafmt.py b/scripts/capafmt.py index b808145d..5da7f622 100644 --- a/scripts/capafmt.py +++ b/scripts/capafmt.py @@ -13,7 +13,6 @@ import argparse import capa.rules - logger = logging.getLogger("capafmt") diff --git a/scripts/lint.py b/scripts/lint.py index a42b72c8..69bf3bf4 100644 --- a/scripts/lint.py +++ b/scripts/lint.py @@ -6,7 +6,6 @@ Usage: $ python scripts/lint.py rules/ """ import os -import os.path import sys import string import hashlib diff --git a/scripts/migrate-rules.py b/scripts/migrate-rules.py index 21e3def4..af4d6286 100644 --- a/scripts/migrate-rules.py +++ b/scripts/migrate-rules.py @@ -7,17 +7,16 @@ example: $ python scripts/migrate-rules.py migration.csv ./rules ./new-rules """ import os -import os.path -import sys import csv +import sys import logging +import os.path import collections import argparse import capa.rules - logger = logging.getLogger("migrate-rules") diff --git a/scripts/testbed/freeze_features.py b/scripts/testbed/freeze_features.py index 3d913f03..8d144420 100644 --- a/scripts/testbed/freeze_features.py +++ b/scripts/testbed/freeze_features.py @@ -16,7 +16,6 @@ import argparse from scripts.testbed import FREEZE_EXTENSION from capa.features.freeze import main as freeze_features - # only process files with these extensions TARGET_EXTENSIONS = [".mal_", ".exe_", ".dll_", ".sys_"] diff --git a/scripts/testbed/run_rule_on_testbed.py b/scripts/testbed/run_rule_on_testbed.py index 9f1bac7b..2e6b9ce8 100644 --- a/scripts/testbed/run_rule_on_testbed.py +++ b/scripts/testbed/run_rule_on_testbed.py @@ -11,7 +11,6 @@ import sys import json import time import logging - from collections import defaultdict import argparse @@ -19,11 +18,9 @@ import argparse import capa.main import capa.rules import capa.features.freeze - from scripts.testbed import FNAMES_EXTENSION, FREEZE_EXTENSION from start_ida_export_fimages import export_fimages - logger = logging.getLogger(__name__) # sorry globals... diff --git a/setup.py b/setup.py index dd1d90df..4948a135 100644 --- a/setup.py +++ b/setup.py @@ -3,7 +3,6 @@ import sys import setuptools - requirements = ["six", "tqdm", "pyyaml", "tabulate", "colorama", "termcolor", "ruamel.yaml"] if sys.version_info >= (3, 0): diff --git a/tests/fixtures.py b/tests/fixtures.py index 92c30022..dd6bc7c2 100644 --- a/tests/fixtures.py +++ b/tests/fixtures.py @@ -5,7 +5,6 @@ import collections import pytest import viv_utils - CD = os.path.dirname(__file__) diff --git a/tests/test_freeze.py b/tests/test_freeze.py index cc8f53d9..7b251264 100644 --- a/tests/test_freeze.py +++ b/tests/test_freeze.py @@ -4,12 +4,10 @@ import capa.main import capa.helpers import capa.features import capa.features.insn -import capa.features.extractors import capa.features.freeze - +import capa.features.extractors from fixtures import * - EXTRACTOR = capa.features.extractors.NullFeatureExtractor( { "file features": [(0x402345, capa.features.Characteristic("embedded pe")),], diff --git a/tests/test_main.py b/tests/test_main.py index 11de1356..1c60356b 100644 --- a/tests/test_main.py +++ b/tests/test_main.py @@ -3,11 +3,10 @@ import textwrap import capa.main import capa.rules import capa.engine -from capa.engine import * import capa.features import capa.features.extractors.viv - from fixtures import * +from capa.engine import * def test_main(sample_9324d1a8ae37a36ae560c37448c9705a): diff --git a/tests/test_rules.py b/tests/test_rules.py index 6e5f0421..a593c094 100644 --- a/tests/test_rules.py +++ b/tests/test_rules.py @@ -3,8 +3,8 @@ import textwrap import pytest import capa.rules -from capa.features.insn import Number, Offset from capa.features import String +from capa.features.insn import Number, Offset def test_rule_ctor(): diff --git a/tests/test_viv_features.py b/tests/test_viv_features.py index 749c6a26..de74a0c5 100644 --- a/tests/test_viv_features.py +++ b/tests/test_viv_features.py @@ -2,14 +2,13 @@ import viv_utils import capa.features import capa.features.file +import capa.features.insn import capa.features.function import capa.features.basicblock -import capa.features.insn import capa.features.extractors.viv.file +import capa.features.extractors.viv.insn import capa.features.extractors.viv.function import capa.features.extractors.viv.basicblock -import capa.features.extractors.viv.insn - from fixtures import *