gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2026-01-25 02:34:51 -08:00
Code Issues Packages Projects Releases Wiki Activity
4,658 Commits 44 Branches 48 Tags
1acc2d19590b22fceddd74cdc4675314ac62417e
Commit Graph

4658 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Moritz
1acc2d1959 Merge branch 'dynamic-feature-extraction' into fix/issue-1816 2023-11-08 16:56:05 +01:00
Willi Ballenthin
a52af3895a verbose: remove TODOs 2023-11-06 10:37:22 +00:00
Willi Ballenthin
5d31bc462b verbose: render dynamic match locations 2023-11-06 10:34:26 +00:00
Willi Ballenthin
7678897334 tests: fix render tests 2023-11-06 10:32:44 +00:00
Willi Ballenthin
75ff58edaa vverbose: better render pid/tid/call index 2023-11-06 10:09:23 +00:00
Willi Ballenthin
eb12ec43f0 mypy 2023-11-06 09:52:00 +00:00
Willi Ballenthin
f7c72cd1c3 vverbose: don't repeat rendered calls when in call scope 2023-11-06 09:52:00 +00:00
Willi Ballenthin
0da614aa4f vverbose: dynamic: show rendered matching API call 2023-11-06 09:52:00 +00:00
Willi Ballenthin
9c81ccf88a vverbose: make missing names an error 2023-11-06 09:52:00 +00:00
Willi Ballenthin
c141f7ec6e verbose: better render scopes 2023-11-06 09:52:00 +00:00
Willi Ballenthin
274a710bb1 report: better compute dynamic layout 2023-11-06 09:52:00 +00:00
Willi Ballenthin
4a7e488e4c Update capa/render/vverbose.py 
Co-authored-by: Moritz <mr-tz@users.noreply.github.com>
 2023-11-01 12:19:13 +01:00
Yacine
0097822e51 Merge pull request #1820 from yelhamer/capabilities-module 
add a capabilities module
 2023-10-27 13:39:49 +02:00
Yacine Elhamer
e559cc27d5 capa.rules: remove redundant ceng.MatchResults import 2023-10-26 19:43:26 +02:00
Yacine Elhamer
a0cec3f07d capa.rules: remove redundant is_internal_rule() and has_file_limitations() from capa source code 2023-10-26 19:41:09 +02:00
Moritz
db53424548 Merge pull request #1826 from mandiant/fix-model-hexint 
fix parsing base 10/16
 2023-10-23 09:02:21 +02:00
Yacine Elhamer
8029fed31c Merge branch 'capabilities-module' of https://github.com/yelhamer/capa into capabilities-module 2023-10-20 20:11:28 +02:00
Yacine Elhamer
3572b512d9 test_capabilities.py: add missing test_com_feature_matching() test 2023-10-20 20:11:08 +02:00
Yacine Elhamer
ab06c94d80 capa/main.py: move has_rule_with_namespace() to capa.rules.RuleSet 2023-10-20 20:10:29 +02:00
Willi Ballenthin
9e6919f33c layout: capture call names 
so that they can be rendered to output
 2023-10-20 14:21:13 +00:00
mr-tz
99042f232d fix parsing base 10/16 2023-10-20 15:26:11 +02:00
Willi Ballenthin
393b0e63f0 layout: capture process name 2023-10-20 12:39:28 +00:00
Willi Ballenthin
ee4f02908c layout: capture process name 2023-10-20 12:38:35 +00:00
Moritz
c9df78252a Ignore DLL names for API features (#1824) 
* ignore DLL name for api features

* keep DLL name for import features

* fix tests
 2023-10-20 13:39:15 +02:00
Willi Ballenthin
788251ba2b vverbose: render scope for humans 2023-10-20 11:37:42 +00:00
Willi Ballenthin
62d4b008c5 Merge pull request #1822 from mandiant/fix/dynamic-freeze 
update freeze for dynamic
 2023-10-20 13:16:48 +02:00
Yacine Elhamer
aae72667a3 Merge branch 'capabilities-module' of https://github.com/yelhamer/capa into capabilities-module 2023-10-20 10:16:41 +02:00
Yacine Elhamer
d6c5d98b0d move is_file_limitation_rule() to the rules module (Rule class) 2023-10-20 10:16:09 +02:00
Yacine Elhamer
d5ae2ffd91 capa.capabilities: move has_file_limitations() from capa.main to the capabilities module 2023-10-20 10:15:20 +02:00
Yacine Elhamer
96fb204d9d move capa.features.capabilities to capa.capabilities, and update scripts 2023-10-20 09:54:24 +02:00
Yacine
20604c4b41 Update capa/capabilities/static.py 
Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>
 2023-10-20 09:28:13 +02:00
Yacine
423d942bd0 Update capa/capabilities/dynamic.py 
Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>
 2023-10-20 09:28:05 +02:00
Yacine
f9b87417e6 Update capa/capabilities/common.py 
Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>
 2023-10-20 09:27:58 +02:00
Willi Ballenthin
fc4618e234 Merge branch 'dynamic-feature-extraction' into fix/dynamic-freeze 2023-10-20 09:16:07 +02:00
Willi Ballenthin
1143f2ba56 changelog 2023-10-20 07:11:42 +00:00
Willi Ballenthin
10dc4b92b1 freeze: update freeze format v3 2023-10-20 06:59:53 +00:00
Willi Ballenthin
bfecf414fb freeze: add dynamic tests 2023-10-20 06:59:34 +00:00
Willi Ballenthin
0231ceef87 null extractor: fix typings 2023-10-20 06:59:16 +00:00
Yacine
0ae8f34aff Merge branch 'dynamic-feature-extraction' into capabilities-module 2023-10-20 08:55:49 +02:00
Moritz
b8b55f4e19 identify potential JSON object data start (#1819) 
* identify potential JSON object data start
 2023-10-19 17:17:57 +02:00
Willi Ballenthin
d42829d7e7 Merge pull request #1765 from mandiant/fix/dynamic-proto 
protobuf: add dynamic support
 2023-10-19 13:37:45 +02:00
Willi Ballenthin
c724a4b311 ci: only run BN and Ghidra tests after others complete 
these are much less likely to fail because they're
changed less often, so don't run them until we know
other tests also pass.
 2023-10-19 11:35:42 +00:00
Willi Ballenthin
84e22b187d doc 2023-10-19 11:29:30 +00:00
Willi Ballenthin
b6a0d6e1f3 pre-commit: fix stages 2023-10-19 11:26:22 +00:00
Willi Ballenthin
1cb3ca61cd pre-commit: only run fast checks during commit 2023-10-19 10:35:57 +00:00
Willi Ballenthin
288313a300 changelog 2023-10-19 10:28:37 +00:00
Willi Ballenthin
2cc6a37713 ci: run fast tests before the full suite 2023-10-19 10:23:03 +00:00
Willi Ballenthin
fbeb33a91f Merge branch 'dynamic-feature-extraction' into fix/dynamic-proto 2023-10-19 10:05:26 +00:00
Willi Ballenthin
3519125e03 tests: fix COM tests with dynamic scope 2023-10-19 10:04:26 +00:00
Willi Ballenthin
98360328f9 proto: fix serialization of call address 2023-10-19 09:59:18 +00:00