gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2025-12-12 15:49:46 -08:00
Code Issues Packages Projects Releases Wiki Activity

Update capa2yara.py

Browse Source
This commit is contained in:
Arnim Rupp
2021-05-21 17:04:16 +02:00
parent 73f121cf03
commit 7759d2dd79
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
scripts/capa2yara.py
View File

@@ -295,7 +295,7 @@ def convert_rule(rule, rulename, cround, depth):
# change begining of line to null byte, e.g. /^open => /\x00open (not word boundary because we're not looking for the begining of a word in a text but usually a function name if there's ^ in a capa rule) # change begining of line to null byte, e.g. /^open => /\x00open (not word boundary because we're not looking for the begining of a word in a text but usually a function name if there's ^ in a capa rule)
regex = re.sub(r"^\^", r"\\x00", regex) regex = re.sub(r"^\^", r"\\x00", regex)
#regex = re.sub(r"^\^", r"\\b", regex) # regex = re.sub(r"^\^", r"\\b", regex)
regex = "/" + regex + "/" regex = "/" + regex + "/"
if count: if count: