gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2025-12-12 23:59:48 -08:00
Code Issues Packages Projects Releases Wiki Activity
5,385 Commits 43 Branches 48 Tags
7b101b33dcbde5b53814e7d33a4d38e7d842adad
Commit Graph

5385 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
7b101b33dc build(deps): bump vivisect from 1.1.1 to 1.2.1 (#2345) 
* build(deps): bump vivisect from 1.1.1 to 1.2.1

Bumps [vivisect](https://github.com/vivisect/vivisect) from 1.1.1 to 1.2.1.
- [Changelog](https://github.com/vivisect/vivisect/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/vivisect/vivisect/compare/v1.1.1...v1.2.1)

---
updated-dependencies:
- dependency-name: vivisect
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump pyasn1 versions

* Bump cxxfilt version

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Moritz <mr-tz@users.noreply.github.com>
 2024-09-11 11:18:02 +02:00
Fariss
e70d5b3e27 webui: show capabilities by function - make function count reactive (#2352) 
* web explorer: make function count reflective when show-lib-func is
toggled on/off

* introduce match-count class to mute and minimize match count text labels

* fix typo
 2024-09-10 16:46:42 +02:00
dependabot[bot]
529a5de534 build(deps): bump deptry from 0.19.1 to 0.20.0 (#2344) 
Bumps [deptry](https://github.com/fpgmaas/deptry) from 0.19.1 to 0.20.0.
- [Release notes](https://github.com/fpgmaas/deptry/releases)
- [Changelog](https://github.com/fpgmaas/deptry/blob/main/CHANGELOG.md)
- [Commits](https://github.com/fpgmaas/deptry/compare/0.19.1...0.20.0)

---
updated-dependencies:
- dependency-name: deptry
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Moritz <mr-tz@users.noreply.github.com>
 2024-09-10 12:56:04 +02:00
Moritz
9459251e12 use new IDAPython 9.0 APIs (#2339) 
* use new IDAPython 9.0 APIs

* add IDAPython compatibility wrappers
 2024-09-10 12:55:42 +02:00
Moritz
113b2593fa Merge pull request #2351 from mandiant/dependabot/pip/ruff-0.6.4 
build(deps): bump ruff from 0.6.2 to 0.6.4
 2024-09-10 12:11:19 +02:00
Moritz
80cae197d1 Merge pull request #2347 from mandiant/dependabot/pip/types-psutil-6.0.0.20240901 
build(deps): bump types-psutil from 6.0.0.20240621 to 6.0.0.20240901
 2024-09-10 12:10:48 +02:00
dependabot[bot]
923132b9b7 build(deps): bump rich from 13.7.1 to 13.8.0 (#2343) 
Bumps [rich](https://github.com/Textualize/rich) from 13.7.1 to 13.8.0.
- [Release notes](https://github.com/Textualize/rich/releases)
- [Changelog](https://github.com/Textualize/rich/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Textualize/rich/compare/v13.7.1...v13.8.0)

---
updated-dependencies:
- dependency-name: rich
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Moritz <mr-tz@users.noreply.github.com>
 2024-09-10 11:30:16 +02:00
dependabot[bot]
363e70f523 build(deps): bump ruff from 0.6.2 to 0.6.4 
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.6.2 to 0.6.4.
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.6.2...0.6.4)

---
updated-dependencies:
- dependency-name: ruff
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-09-09 14:04:36 +00:00
Capa Bot
eab3ff8726 Sync capa-testfiles submodule 2024-09-09 13:45:30 +00:00
Capa Bot
f1453eac59 Sync capa-testfiles submodule 2024-09-09 08:57:36 +00:00
Capa Bot
44e6594a1c Sync capa-testfiles submodule 2024-09-09 08:31:06 +00:00
dependabot[bot]
a4e81540d1 build(deps): bump types-psutil from 6.0.0.20240621 to 6.0.0.20240901 
Bumps [types-psutil](https://github.com/python/typeshed) from 6.0.0.20240621 to 6.0.0.20240901.
- [Commits](https://github.com/python/typeshed/commits)

---
updated-dependencies:
- dependency-name: types-psutil
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-09-02 14:49:59 +00:00
Fariss
68e07fbb9a web: omit unneeded function param in createCapaRulesUrl (#2342) 2024-08-29 10:42:23 -06:00
Willi Ballenthin
729a1a85b7 cli: link to rule names to capa rules website (#2338) 
* web: rules: redirect from various rule names to canonical rule URL

closes #2319

Update index.html

Co-authored-by: Moritz <mr-tz@users.noreply.github.com>

* cli: link to rule names to capa rules website

* just: make `just lint` run all steps, not fail on first error

---------

Co-authored-by: Moritz <mr-tz@users.noreply.github.com>
 2024-08-29 16:56:14 +02:00
Moritz
db4798aaf6 Merge pull request #2335 from mandiant/dependabot/pip/pygithub-2.4.0 
build(deps): bump pygithub from 2.3.0 to 2.4.0
 2024-08-27 12:13:26 +02:00
Moritz
ce62fecbea Merge pull request #2336 from mandiant/dependabot/pip/flake8-bugbear-24.8.19 
build(deps): bump flake8-bugbear from 24.4.26 to 24.8.19
 2024-08-27 12:13:11 +02:00
Moritz
138c7014e5 Merge pull request #2334 from mandiant/dependabot/pip/ruff-0.6.2 
build(deps): bump ruff from 0.5.6 to 0.6.2
 2024-08-27 12:12:51 +02:00
Moritz
9d8401a9a7 Merge pull request #2333 from mandiant/dependabot/pip/mypy-1.11.2 
build(deps): bump mypy from 1.11.1 to 1.11.2
 2024-08-27 12:12:44 +02:00
Moritz
0db53e5086 Merge pull request #2332 from mandiant/dependabot/pip/pyyaml-6.0.2 
build(deps): bump pyyaml from 6.0.1 to 6.0.2
 2024-08-27 12:12:35 +02:00
Moritz
3223d3f24f Merge pull request #2208 from mandiant/vmray-extractor 
dynamic: add extractor for VMRay dynamic sandbox traces
 2024-08-27 12:11:36 +02:00
dependabot[bot]
b1a79fba9d build(deps): bump flake8-bugbear from 24.4.26 to 24.8.19 
Bumps [flake8-bugbear](https://github.com/PyCQA/flake8-bugbear) from 24.4.26 to 24.8.19.
- [Release notes](https://github.com/PyCQA/flake8-bugbear/releases)
- [Commits](https://github.com/PyCQA/flake8-bugbear/compare/24.4.26...24.8.19)

---
updated-dependencies:
- dependency-name: flake8-bugbear
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-26 14:48:38 +00:00
dependabot[bot]
770fefbba8 build(deps): bump pygithub from 2.3.0 to 2.4.0 
Bumps [pygithub](https://github.com/pygithub/pygithub) from 2.3.0 to 2.4.0.
- [Release notes](https://github.com/pygithub/pygithub/releases)
- [Changelog](https://github.com/PyGithub/PyGithub/blob/main/doc/changes.rst)
- [Commits](https://github.com/pygithub/pygithub/compare/v2.3.0...v2.4.0)

---
updated-dependencies:
- dependency-name: pygithub
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-26 14:48:34 +00:00
dependabot[bot]
3108ac0928 build(deps): bump ruff from 0.5.6 to 0.6.2 
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.5.6 to 0.6.2.
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.5.6...0.6.2)

---
updated-dependencies:
- dependency-name: ruff
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-26 14:48:29 +00:00
dependabot[bot]
7e7d511201 build(deps): bump mypy from 1.11.1 to 1.11.2 
Bumps [mypy](https://github.com/python/mypy) from 1.11.1 to 1.11.2.
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](https://github.com/python/mypy/compare/v1.11.1...v1.11.2)

---
updated-dependencies:
- dependency-name: mypy
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-26 14:48:15 +00:00
dependabot[bot]
6d6c245241 build(deps): bump pyyaml from 6.0.1 to 6.0.2 
Bumps [pyyaml](https://github.com/yaml/pyyaml) from 6.0.1 to 6.0.2.
- [Release notes](https://github.com/yaml/pyyaml/releases)
- [Changelog](https://github.com/yaml/pyyaml/blob/main/CHANGES)
- [Commits](https://github.com/yaml/pyyaml/compare/6.0.1...6.0.2)

---
updated-dependencies:
- dependency-name: pyyaml
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-26 14:48:08 +00:00
Moritz
fa92cfd43d Merge branch 'master' into vmray-extractor 2024-08-26 16:18:34 +02:00
Fariss
ed5dd38e7e feat: auto-generate ruleset cache on source change (#2133) 
* feat: auto-generate ruleset cache on source change

---------

Co-authored-by: mr-tz <moritz.raabe@mandiant.com>
Co-authored-by: Moritz <mr-tz@users.noreply.github.com>
Co-authored-by: Willi Ballenthin <wballenthin@google.com>
 2024-08-26 14:01:10 +02:00
Fariss
b4f60eca64 web: fix class feature type (#2331) 2024-08-26 05:12:55 -06:00
mr-tz
e46811685d Merge branch 'vmray-extractor' of github.com:mandiant/capa into vmray-extractor 2024-08-26 10:54:36 +00:00
Moritz
6ce130e6da Merge branch 'master' into vmray-extractor 2024-08-26 12:34:03 +02:00
Capa Bot
a380609514 Sync capa-testfiles submodule 2024-08-26 10:30:55 +00:00
Moritz
e71f90c618 dos2unix (#2330) 2024-08-26 12:22:06 +02:00
mr-tz
9eab7eb143 update names 2024-08-26 10:11:51 +00:00
mr-tz
e8550f242c rename using dashes for consistency 2024-08-26 09:55:00 +00:00
Moritz
d98c315eb4 Merge branch 'master' into vmray-extractor 2024-08-26 11:31:18 +02:00
Fariss
a779cf2a28 cli: add note about capa explorer web to CLI help text (#2329) 
* cli: add note about capa explorer web to CLI help text

---------

Co-authored-by: Willi Ballenthin <wballenthin@google.com>
 2024-08-26 09:22:55 +02:00
Moritz
a5c14c32b8 Merge pull request #2312 from s-ff/edit-explorer-landing-page 
Edit explorer landing page
 2024-08-23 17:30:38 +02:00
Fariss
88a632c2d4 Update web/explorer/README.md 
Co-authored-by: Moritz <mr-tz@users.noreply.github.com>
 2024-08-23 17:21:12 +02:00
Fariss
89443742cd Update web/explorer/README.md 
Co-authored-by: Moritz <mr-tz@users.noreply.github.com>
 2024-08-23 17:21:06 +02:00
Soufiane Fariss
1ffee81cea introduce getting started step to explorer landing page 2024-08-23 17:13:43 +02:00
Willi Ballenthin
6c883f37a8 add .justfile (#2325) 2024-08-22 13:25:53 +02:00
Moritz
dcc74eb07a Merge pull request #2326 from mandiant/williballenthin-patch-1 
readme: add quick links to header
 2024-08-22 13:25:06 +02:00
Moritz
0a6bc20eed Merge pull request #2324 from williballenthin/fix/2323 
rules: deduplicate API features with stripped DLL
 2024-08-22 13:22:05 +02:00
dependabot[bot]
df3c265bd5 build(deps): bump deptry from 0.17.0 to 0.19.1 (#2303) 
Bumps [deptry](https://github.com/fpgmaas/deptry) from 0.17.0 to 0.19.1.
- [Release notes](https://github.com/fpgmaas/deptry/releases)
- [Changelog](https://github.com/fpgmaas/deptry/blob/main/CHANGELOG.md)
- [Commits](https://github.com/fpgmaas/deptry/compare/0.17.0...0.19.1)

---
updated-dependencies:
- dependency-name: deptry
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Moritz <mr-tz@users.noreply.github.com>
Co-authored-by: Willi Ballenthin <wballenthin@google.com>
 2024-08-22 13:18:19 +02:00
dependabot[bot]
73120a5c0b build(deps): bump humanize from 4.9.0 to 4.10.0 (#2304) 
Bumps [humanize](https://github.com/python-humanize/humanize) from 4.9.0 to 4.10.0.
- [Release notes](https://github.com/python-humanize/humanize/releases)
- [Commits](https://github.com/python-humanize/humanize/compare/4.9.0...4.10.0)

---
updated-dependencies:
- dependency-name: humanize
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-08-22 13:16:45 +02:00
dependabot[bot]
a0ed2127f9 build(deps): bump flake8 from 7.1.0 to 7.1.1 (#2306) 
Bumps [flake8](https://github.com/pycqa/flake8) from 7.1.0 to 7.1.1.
- [Commits](https://github.com/pycqa/flake8/compare/7.1.0...7.1.1)

---
updated-dependencies:
- dependency-name: flake8
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-08-22 13:16:36 +02:00
Willi Ballenthin
4df8b2b7ed readme: add quick links to header 
closes #2321
 2024-08-22 13:11:07 +02:00
Willi Ballenthin
68a38b6e6f rules: deduplicate API features with stripped DLL 
closes #2323
 2024-08-22 10:34:53 +00:00
Willi Ballenthin
a33f67b48e add landing page and rules website (#2310) 
* web: index: add gif of capa running

* index: add screencast of running capa

produced via:

```
asciinema capa.cast
./capa Practical\ Malware\ Analysis\ Lab\ 01-01.dll_
<ctrl-d>
agg --no-loop --theme solarized-light capa.cast capa.gif
```

* web: index: start to sketch out style

* web: landing page

* web: merge rules website

* web: rules: update bootstrap and integrate rules

* web: rules: use pygments to syntax highlight rules

Use the Pygments syntax-highlighting library to parse
and render the YAML rule content. This way we don't have
to manually traverse the rule nodes and emit lists; instead,
we rely on the fact that YAML is pretty easy for humans
to read and let them consume it directly, with some text 
formatting to help hint at the types/structure.

* web: rules: use capa to load rule content

capa (the library) has routines for deserializing the YAML
content into structured objects, which means we can use tools
like mypy to find bugs. So, prefer to use those routines instead
of parsing YAML ourselves.

* web: rules: linters

Run and fix the issues identified by the following linters:

  - isort
  - black
  - ruff
  - mypy

* web: rules: add some links to rule page

Add links to the following external resources:

  - GitHub rule source in capa-rules repo
  - VirusTotal search for matching samples

* web: rules: accept ?q= parameter for initial search

Update the rules landing page to accept a HTTP
query parameter named "q" that specifies an initial 
search term to to pass to pagefind. This enables
external pages link to rule searches.

* web: rules: add link to namespace search

* web: rules: use consistent header

Import header from root capa landing page.

* web: rules: add umami script

* web: add initial whats new section, TODOs

* web: rules: remove old images

* changelog

* CI: remove temporary branch push event triggers

* Delete web/rules/public/css/bootstrap-4.5.2.min.css

* Delete web/rules/public/js/bootstrap-4.5.2.min.js

* Delete web/public/img/capa.cast

* Rename readme.md to README.md

* web: rules: add scripts to pre-commit configs

* web: rules: add scripts to pre-commit configs

* lints

* ci: add temporary branch push trigger to get incremental builds

* web: rules: assert start_dir must exist

* ci: web: rules: deep checkout so we can get rule history

* web: rules: check output of subprocess

* web: rules: factor out common CSS

* web: rules: fix header links

* web: rules: only index rule content, not surrounding text

* ci: web: remote temporary branch push trigger
 2024-08-22 09:42:40 +02:00
Soufiane Fariss
f2ed09861e web: modify theming and add info to landing page 2024-08-21 18:49:26 +02:00