4337 Commits

This Branch

This Branch

All Branches

Author	SHA1	Message	Date
Yacine Elhamer	77b3fadf79	lint.py: add 'unsupported' keyword	2023-08-23 01:39:14 +02:00
Yacine Elhamer	44fc3357d1	initial commit	2023-08-23 01:32:01 +02:00
Willi Ballenthin	25414044ef	Merge pull request #1748 from mandiant/feat/issue-1744 ... rules: add scope terms "unsupported" and "unspecified"	2023-08-22 15:59:57 +02:00
Yacine Elhamer	d1068991e3	test_rules_insn_scope.py: update rules missing the dynamic scope	2023-08-22 16:26:54 +02:00
Willi Ballenthin	4ab240e990	rules: add scope terms "unsupported" and "unspecified" ... closes #1744	2023-08-22 12:58:06 +00:00
Willi Ballenthin	9489927bed	Merge pull request #1746 from mandiant/fix/issue-1745 ... fix detection of CAPE reports	2023-08-22 14:34:23 +02:00
Willi Ballenthin	c160f45849	main: fix rendering of logging message	2023-08-22 12:32:53 +00:00
Willi Ballenthin	5b585c0e39	cape: better detect CAPE reports ... fixes #1745	2023-08-22 12:32:30 +00:00
Willi Ballenthin	675ad364ac	point submodule rules to branch dynamic-syntax	2023-08-22 08:50:18 +00:00
Willi Ballenthin	21cefa0932	Merge branch 'master' into dynamic-feature-extraction	2023-08-22 09:53:42 +02:00
Willi Ballenthin	934d0f969b	Merge pull request #1740 from mandiant/dependabot/pip/mypy-1.5.1 ... build(deps-dev): bump mypy from 1.5.0 to 1.5.1	2023-08-22 09:53:15 +02:00
dependabot[bot]	b7b79b565b	build(deps-dev): bump mypy from 1.5.0 to 1.5.1 ... Bumps [mypy](https://github.com/python/mypy) from 1.5.0 to 1.5.1. - [Commits](https://github.com/python/mypy/compare/v1.5.0...v1.5.1) --- updated-dependencies: - dependency-name: mypy dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2023-08-22 07:48:33 +00:00
Moritz	979aab3098	Merge pull request #1741 from mandiant/dependabot/pip/ruff-0.0.285 ... build(deps-dev): bump ruff from 0.0.284 to 0.0.285	2023-08-22 09:47:50 +02:00
Willi Ballenthin	89c8c6d212	Update capa/rules/__init__.py	2023-08-22 09:38:41 +02:00
Willi Ballenthin	e5af7165ea	Update capa/features/freeze/__init__.py	2023-08-22 09:31:35 +02:00
Willi Ballenthin	ee936f9257	Merge pull request #1729 from mandiant/feat/cape-pydantic ... add Pydantic models for CAPE sandbox	2023-08-22 09:25:02 +02:00
dependabot[bot]	8ed00a2847	build(deps-dev): bump ruff from 0.0.284 to 0.0.285 ... Bumps [ruff](https://github.com/astral-sh/ruff) from 0.0.284 to 0.0.285. - [Release notes](https://github.com/astral-sh/ruff/releases) - [Changelog](https://github.com/astral-sh/ruff/blob/main/BREAKING_CHANGES.md) - [Commits](https://github.com/astral-sh/ruff/compare/v0.0.284...v0.0.285) --- updated-dependencies: - dependency-name: ruff dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2023-08-21 14:50:50 +00:00
Capa Bot	5787e41dd2	Sync capa rules submodule	2023-08-19 18:14:15 +00:00
Capa Bot	0265657937	Sync capa rules submodule	2023-08-19 09:36:35 +00:00
Capa Bot	73477b6495	Sync capa rules submodule	2023-08-19 09:34:30 +00:00
Yacine Elhamer	521bd25d31	remove file-limitations checks for dynamic extractors	2023-08-18 15:23:19 +02:00
Yacine Elhamer	e7c0bea6e5	Match.from_capa(): remove reliance on the meta field to get the scope	2023-08-18 15:05:15 +02:00
Yacine Elhamer	a8bd5b1119	disable packed-sample warning for dynamic feature extractors	2023-08-18 14:31:32 +02:00
Yacine Elhamer	9144d12e51	add error message for invalid report files	2023-08-18 14:28:02 +02:00
Yacine Elhamer	d741544514	result_document.py: use the scopes attribute instead of meta["scope"]	2023-08-18 14:15:36 +02:00
Willi Ballenthin	5e31f0df23	cape: models: more fixes thanks to avast	2023-08-18 10:19:07 +00:00
Willi Ballenthin	18dff9d664	cape: models: more fixes thanks to avast	2023-08-18 10:15:12 +00:00
Yacine Elhamer	350094759a	main.py: look up rules scope with scopes attribute, not their meta field	2023-08-18 12:37:42 +02:00
Willi Ballenthin	b10275e851	black	2023-08-18 08:23:21 +00:00
Willi Ballenthin	05cf7201ad	Merge branch 'dynamic-feature-extraction' into feat/cape-pydantic	2023-08-18 10:22:55 +02:00
Willi Ballenthin	8cd5e03e87	ci: pre-commit: show-diff-on-failure	2023-08-18 08:19:27 +00:00
Willi Ballenthin	120917e0b5	cape: models: tweaks from Avast dataset	2023-08-18 08:10:55 +00:00
Yacine	264958ebfe	Update capa/features/common.py ... Co-authored-by: Willi Ballenthin <wballenthin@google.com>	2023-08-16 16:12:26 +02:00
Willi Ballenthin	3614ce1409	cape: fix test failures	2023-08-16 11:43:45 +00:00
Willi Ballenthin	c80542ded3	cape: call: fix argument type switch	2023-08-16 11:37:41 +00:00
Willi Ballenthin	3350a936b7	ida: use ida_nalt not idaapi ... closes #1730	2023-08-16 13:33:01 +02:00
Willi Ballenthin	724db83920	cape: require PE analysis	2023-08-16 13:23:00 +02:00
Willi Ballenthin	8788a40d12	Merge branch 'dynamic-feature-extraction' into feat/cape-pydantic	2023-08-16 13:13:29 +02:00
Willi Ballenthin	6f7bf96776	cape: use pydantic model	2023-08-16 11:12:05 +00:00
Willi Ballenthin	e943a71dff	cape: models: relax deserializing FlexibleModels	2023-08-16 10:04:20 +00:00
Willi Ballenthin	4be1c89c5b	cape: models: more data shapes	2023-08-16 09:50:13 +00:00
Willi Ballenthin	2eda053c79	cape: models: more data shapes	2023-08-16 09:41:36 +00:00
Willi Ballenthin	26539e68d9	cape: models: add tests	2023-08-16 08:57:54 +00:00
Willi Ballenthin	046427cf55	cape: model: document the data we'll use in cape	2023-08-16 08:57:17 +00:00
Willi Ballenthin	25aabcd7e4	cape: models: more shapes	2023-08-16 07:48:59 +00:00
Willi Ballenthin	d8bea816dd	cape: models: add more fields	2023-08-15 14:36:49 +00:00
Willi Ballenthin	bb2b1824a9	Merge branch 'master' into dynamic-feature-extraction	2023-08-15 14:01:30 +02:00
Willi Ballenthin	7e78133925	Merge pull request #1728 from mandiant/fix/issue-1719 ... fix deprecation warnings	2023-08-15 14:00:15 +02:00
Willi Ballenthin	59a129d6d6	cape: add pydantic model for v2.2	2023-08-15 11:54:15 +00:00
Willi Ballenthin	db40d9bc7a	wip: add initial CAPE model	2023-08-15 11:41:11 +00:00