gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2025-12-12 07:40:38 -08:00
Code Issues Packages Projects Releases Wiki Activity

update release v7.3.0 info and formatting

Browse Source
This commit is contained in:
mr-tz
2024-09-20 09:57:01 +00:00
parent d1d8badc2e
commit e3267df5b1
1 changed files with 30 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
web/public/index.html
View File

@@ -88,7 +88,7 @@
box-shadow: 0 0.5rem 1rem rgba(0,0,0,0.05),inset 0 -1px 0 rgba(0,0,0,0.15);"
>
<a href="/" class="d-flex align-items-center mb-3 mb-md-0 me-md-auto">
<img src="./img/logo.png" height=48 />
<img src="./img/logo.png" alt="capa logo" height=48 />
</a>
<ul class="nav nav-pills">
@@ -118,7 +118,7 @@
references.
</p>
<div class="d-grid gap-2 d-md-flex justify-content-md-start mb-4 mb-lg-3">
<a href="#download" type="button" class="btn btn-primary bs-primary btn-lg px-4 me-md-2 fw-bold">Download</button>
<a href="#download" type="button" class="btn btn-primary bs-primary btn-lg px-4 me-md-2 fw-bold">Download</a>
<a href="./rules/" type="button" class="btn btn-outline-secondary btn-lg px-4">Browse Rules</a>
</div>
</div>
@@ -194,7 +194,7 @@
<div class="row flex-lg-row-reverse align-items-center g-5">
<h1>What's New</h1>
<h3 class="mt-3">Rule Updates</h3>
<h2 class="mt-3">Rule Updates</h2>
<ul class="mt-2 ps-5">
<!-- TODO(williballenthin): add date -->
@@ -213,10 +213,22 @@
</li>
</ul>
<h3 class="mt-3">Tool Updates</h3>
<h2 class="mt-3">Tool Updates</h2>
<h5 class="mt-2">v7.2.0</h5>
<!-- TODO(williballenthin): add date -->
<h3 class="mt-2">v7.3.0 (<em>2024-09-20</em>)</h3>
<div class="mt-0">
The <a href="https://github.com/mandiant/capa/releases/tag/v7.3.0">capa v7.3.0</a> release comes with the following three major enhancements:
<p><strong>1. Support for VMRay sandbox analysis archives</strong>: Unlock powerful malware analysis with capa&#39;s new <a href="https://www.vmray.com/">VMRay sandbox</a> integration!
Simply provide a VMRay analysis archive, and capa will automatically extract and match capabilities to streamline your workflow. This is the second support for the analysis of dynamic
analysis results after <a href="https://www.mandiant.com/resources/blog/dynamic-capa-executable-behavior-cape-sandbox">CAPE</a>.</p>
<p><strong>2. Support for BinExport files generated by Ghidra</strong>: <a href="https://github.com/google/binexport">BinExport</a> files store disassembled data into a Protocol Buffer format.
capa now supports the analysis of BinExport files generated by Ghidra. Using Ghidra and the BinExport file format users can now analyze ARM (AARCH64) ELF files targeting Android.</p>
<p><strong>3. Introducing the capa rules website</strong>: You can now browse capa&#39;s default rule set at <a href="https://mandiant.github.io/capa/rules">https://mandiant.github.io/capa/rules</a>.
In modern terminals the CLI capa tool hyperlinks to resources on the web, including entries on the capa rules website.
Furthermore, <a href="https://mandiant.github.io/capa">https://mandiant.github.io/capa</a> provides a landing page for the capa tool project.</p>
</div>
<h3 class="mt-2">v7.2.0 (<em>2024-08-20</em>)</h3>
<p class="mt-0">
<a href="https://github.com/mandiant/capa/releases/tag/v7.2.0">capa v7.2.0</a>
introduces a first version of capa Explorer Web: a web-based user interface to inspect capa results using your browser.
@@ -254,9 +266,9 @@
<div class="col">
<div class="row row-cols-1 row-cols-sm-2 g-4">
<div class="col d-flex flex-column gap-2">
<h4 class="fw-semibold mb-0 text-body-emphasis">
<h3 class="fw-semibold mb-0 text-body-emphasis">
IDA Pro
</h4>
</h3>
<p class="text-body-secondary">
<!-- TODO(williballenthin): add link to find out more -->
Use the capa Explorer IDA Plugin to guide your reverse engineering, zeroing in on the interesting functions by behavior.
@@ -264,9 +276,9 @@
</div>
<div class="col d-flex flex-column gap-2">
<h4 class="fw-semibold mb-0 text-body-emphasis">
<h3 class="fw-semibold mb-0 text-body-emphasis">
Ghidra
</h4>
</h3>
<p class="text-body-secondary">
<!-- TODO(williballenthin): add link to find out more -->
Invoke Ghidra in headless mode to collect features for capa, or use the capa Explorer Ghidra plugin to understand key functions.
@@ -274,9 +286,9 @@
</div>
<div class="col d-flex flex-column gap-2">
<h4 class="fw-semibold mb-0 text-body-emphasis">
<h3 class="fw-semibold mb-0 text-body-emphasis">
Binary Ninja
</h4>
</h3>
<p class="text-body-secondary">
<!-- TODO(williballenthin): add link to find out more -->
Use Binary Ninja as the disassembler backend, relying on its state-of-the-art code analysis to recover capabilities.
@@ -284,9 +296,9 @@
</div>
<div class="col d-flex flex-column gap-2">
<h4 class="fw-semibold mb-0 text-body-emphasis">
<h3 class="fw-semibold mb-0 text-body-emphasis">
CAPE
</h4>
</h3>
<p class="text-body-secondary">
<!-- TODO(williballenthin): add link to find out more -->
Analyze the API trace captured by CAPE as it detonates malware, summarizing the behaviors seen across thousands of function calls.
@@ -356,10 +368,10 @@
<div class="bg-dark text-secondary px-4 pt-5 text-center">
<div class="py-5">
<img src="./img/icon.png" />
<h3 class="display-5 fw-bold text-white">
<img src="./img/icon.png" alt="capa icon"/>
<h2 class="display-5 fw-bold text-white">
capa
</h3>
</h2>
<div class="col-lg-6 mx-auto">
<p class="fs-5 my-4">
@@ -379,7 +391,7 @@
</div>
</div>
</div>
</main>
</main>
<script>
window.addEventListener('DOMContentLoaded', (event) => {