Merge pull request #29 from fireeye/default-sort-capa-explorer

capa explorer tree view default to sorted asc, trim regex matches
2026-01-17 23:25:50 -08:00 · 2020-06-26 11:51:18 -06:00
parent 7ff69097db 540f68c5c7
commit 68736a07f6
2 changed files with 4 additions and 0 deletions
--- a/capa/ida/explorer/model.py
+++ b/capa/ida/explorer/model.py
@@ -383,6 +383,8 @@ class CapaExplorerDataModel(QtCore.QAbstractItemModel):
        if isinstance(feature, string_view):
            # TODO: move string collection to item constructor
            if isinstance(feature, capa.engine.Regex):
+                # rstrip "matched="<string>")" because data already displayed in interface
+                name = name.split(',')[0] + ')'
                return CapaExplorerStringViewItem(parent, name, ea, feature.match)

        if isinstance(feature, capa.features.Characteristic):
--- a/capa/ida/ida_capa_explorer.py
+++ b/capa/ida/ida_capa_explorer.py
@@ -351,6 +351,8 @@ class CapaExplorerForm(idaapi.PluginForm):
        self._model_data.render_capa_results(rules, capabilities)
        self._render_capa_summary(rules, capabilities)

+        self._view_tree.sortByColumn(CapaExplorerDataModel.COLUMN_INDEX_RULE_INFORMATION, Qt.AscendingOrder)
+
        logger.info('render views completed.')

    def _render_capa_summary(self, ruleset, results):