gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2025-12-12 15:49:46 -08:00
Code Issues Packages Projects Releases Wiki Activity

main: refactor handling of rules, signatures cli arguments

Browse Source
This commit is contained in:
William Ballenthin
2021-06-15 11:54:57 -06:00
parent 1b4a087c4b
commit 48858e114d
5 changed files with 65 additions and 125 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
scripts/show-capabilities-by-function.py
View File

@@ -121,20 +121,6 @@ def main(argv=None):
logger.error("%s", str(e))
return -1
if args.rules == capa.main.RULES_PATH_DEFAULT_STRING:
logger.info("-" * 80)
logger.info(" Using default embedded rules.")
logger.info(" To provide your own rules, use the form `capa.exe -r ./path/to/rules/ /path/to/mal.exe`.")
logger.info(" You can see the current default rule set here:")
logger.info(" https://github.com/fireeye/capa-rules")
logger.info("-" * 80)
logger.debug("detected running from source")
args.rules = os.path.realpath(os.path.join(os.path.dirname(__file__), "..", "rules"))
logger.debug("default rule path (source method): %s", args.rules)
else:
logger.info("using rules path: %s", args.rules)
try:
rules = capa.main.get_rules(args.rules)
rules = capa.rules.RuleSet(rules)
@@ -146,20 +132,8 @@ def main(argv=None):
logger.error("%s", str(e))
return -1
if args.signatures == capa.main.SIGNATURES_PATH_DEFAULT_STRING:
logger.debug("-" * 80)
logger.debug(" Using default embedded signatures.")
logger.debug(
" To provide your own signatures, use the form `capa.exe --signature ./path/to/signatures/ /path/to/mal.exe`."
)
logger.debug("-" * 80)
sigs_path = os.path.realpath(os.path.join(os.path.dirname(__file__), "..", "sigs"))
else:
sigs_path = args.signatures
logger.debug("using signatures path: %s", sigs_path)
try:
sig_paths = capa.main.get_signatures(sigs_path)
sig_paths = capa.main.get_signatures(args.signatures)
except (IOError) as e:
logger.error("%s", str(e))
return -1