gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2025-12-17 18:07:47 -08:00
Code Issues Packages Projects Releases Wiki Activity
5,726 Commits 46 Branches 48 Tags
add-codemap-script
Commit Graph

948 Commits

Author SHA1 Message Date
Willi Ballenthin
9e579f9de3 tests: viv: reenable elf tests 
revert 56f9e16a8b

viv is reverted to v1.0.3 so tests should pass again ref $735
 2021-08-26 16:50:57 -06:00
William Ballenthin
2989732637 tests: fix fva of substring test function 2021-08-24 16:32:27 -06:00
William Ballenthin
db45068357 tests: fix tests for substring 2021-08-24 16:13:41 -06:00
William Ballenthin
3b4cb47597 pep8 2021-08-24 11:45:48 -06:00
William Ballenthin
f55e758d47 tests: rules: demonstrate substring with description 2021-08-24 11:45:24 -06:00
William Ballenthin
6989e8b8cf rules: add substring feature 
closes #737
 2021-08-24 11:35:01 -06:00
Capa Bot
057eeb3629 Sync capa-testfiles submodule 2021-08-24 15:45:39 +00:00
Capa Bot
0dea4e8b7d Sync capa-testfiles submodule 2021-08-24 15:45:04 +00:00
William Ballenthin
56f9e16a8b tests: viv: disable ELF tests due to #735 2021-08-23 17:51:28 -06:00
William Ballenthin
30a5493414 tests: smda: remove unused import 2021-08-23 16:13:01 -06:00
William Ballenthin
a96a5de12d tests: re-enable SMDA ELF API tests 2021-08-19 08:02:17 -06:00
William Ballenthin
766ac7e500 Merge branch 'master' of github.com:fireeye/capa into feature-701 2021-08-18 14:33:17 -06:00
Capa Bot
51ac57c657 Sync capa-testfiles submodule 2021-08-18 20:33:02 +00:00
William Ballenthin
f1df29d27e tests: xfail smda ELF API 
waiting for #725
 2021-08-18 14:08:36 -06:00
William Ballenthin
8e689c39f4 features: add Arch feature at global scope 2021-08-16 17:06:56 -06:00
William Ballenthin
738fa9150e fixtures: update tests to account for Format scope 2021-08-16 16:39:40 -06:00
William Ballenthin
ab1326f858 features: move OS and Format to their own features, not characteristics 2021-08-16 16:28:26 -06:00
William Ballenthin
f013815b2a features: rename legacy term arch to bitness 
makes space for upcoming feature `arch: ` for things like i386/amd64/aarch64
 2021-08-16 12:21:25 -06:00
William Ballenthin
05f8e2445a fixtures: add tests demonstrating extraction of features from ELF files 2021-08-11 09:29:05 -06:00
William Ballenthin
753b003107 pep8 2021-08-11 09:23:41 -06:00
William Ballenthin
97092c91db tests: assert absence of the wrong os/format 2021-08-11 09:13:56 -06:00
William Ballenthin
20859d2796 extractors: pefile: extract OS and format 2021-08-11 09:11:29 -06:00
William Ballenthin
06f8943bc4 features: add format/pe and format/elf characteristics 2021-08-11 09:10:04 -06:00
William Ballenthin
a1eca58d7a features: support characteristic(os/*) features 2021-08-11 08:40:40 -06:00
Capa Bot
811f484d3b Sync capa-testfiles submodule 2021-08-11 14:18:28 +00:00
Capa Bot
ef003366da Sync capa-testfiles submodule 2021-07-21 07:12:59 +00:00
Moritz Raabe
6fc2037f45 update sig file names 2021-06-30 08:54:37 +02:00
Moritz Raabe
6860b9a040 address Willi's feedback 2021-06-29 21:16:31 +02:00
Moritz Raabe
5c8a4aafd7 test scripts and fix show-features 2021-06-29 21:16:31 +02:00
William Ballenthin
09ad0ec184 tests: save .viv by default, hopefully improve test performance 2021-06-15 12:24:29 -06:00
William Ballenthin
9484fadd0f submodule sync data 2021-06-15 09:08:14 -06:00
Willi Ballenthin
b47b398b07 Merge pull request #636 from fireeye/fix-629 
move test sigs into testfiles
 2021-06-14 13:56:21 -06:00
William Ballenthin
c1acf702b6 fixtures: move test sigs to testfiles 2021-06-14 11:37:39 -06:00
William Ballenthin
ee41d47e4d test_function_id: fix test imports 2021-06-09 22:35:26 -06:00
William Ballenthin
527e993bb4 engine: remove dependency on rules, fixing circular import 2021-06-09 22:30:43 -06:00
William Ballenthin
954ed3a408 pep8 2021-06-09 22:22:03 -06:00
William Ballenthin
ac59e50b5f move capa/features/__init__.py logic to common.py 
also cleanup imports across the board,
thanks to pylance.
 2021-06-09 22:20:53 -06:00
William Ballenthin
7029ad32c4 move capa/features/extractors/__init__.py logic to base_extractor.py 2021-06-09 21:09:29 -06:00
William Ballenthin
fc9ad6c737 move extractors/ida/__init__.py logic to extractor.py 2021-06-09 17:55:44 -06:00
William Ballenthin
7d2e664320 move extractors/smda/__init__.py logic to extractor.py 2021-06-09 17:52:06 -06:00
William Ballenthin
6187317a4e move extractors/viv/__init__.py logic to extractor.py 2021-06-09 17:49:50 -06:00
Capa Bot
40b6575db6 Sync capa-testfiles submodule 2021-06-08 12:48:33 +00:00
Moritz Raabe
8b58723f40 bump smda and remove xfail 2021-06-07 13:56:55 +02:00
Capa Bot
6f51324cca Sync capa-testfiles submodule 2021-06-07 07:45:31 +00:00
Capa Bot
438677b129 Sync capa-testfiles submodule 2021-06-07 06:48:11 +00:00
Moritz Raabe
94089ff43f parse att&ck for output doc 2021-06-02 10:37:19 +02:00
Moritz Raabe
e6f45b63d6 fix test xfail 2021-05-31 10:02:31 +02:00
Willi Ballenthin
ed02088c82 detect (and short circuit) file limitations at file scope (#586) 
* smda: move pe carve into helpers

* smda: simplify test parametrization/xfail

* extractors: add pefile extractor for file scope features

* pep8

* main: bail early on file limitation detected at file scope

closes #583

* changelog
 2021-05-28 08:14:44 -06:00
Willi Ballenthin
bd63ded1dd file scope API features (#568) 
* smda: minor unrelated fixes

* file features: extract API features at file scope for library functions

closes #567

* changelog

* ida: add file-scope API feature

Co-authored-by: mike-hunhoff <mike.hunhoff@gmail.com>

* fix lints from pylance

* features: use "function-name" for recognized linked functions

* pep8

* pep8

* rules: remove incorrect feature scope

* tests: xfail SMDA tests relying on function id

* tests: fixtures: order tests by sample, ideally improving memory usage

* pep8

* pep8

* smda: xfail two more tests

Co-authored-by: mike-hunhoff <mike.hunhoff@gmail.com>
 2021-05-27 12:59:00 -06:00
Capa Bot
7df29b491c Sync capa-testfiles submodule 2021-05-27 07:08:00 +00:00