gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2025-12-12 15:49:46 -08:00
Code Issues Packages Projects Releases Wiki Activity
5,623 Commits 43 Branches 48 Tags
8c8d67c9397d19cfeef89966f115812f92cf54aa
Commit Graph

5623 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
8c8d67c939 build(deps): bump viv-utils from 0.7.11 to 0.8.0 (#2565) 2025-01-20 08:26:37 -07:00
dependabot[bot]
c061ec5e2b build(deps): bump ruff from 0.8.0 to 0.9.2 (#2566) 2025-01-20 08:26:20 -07:00
Capa Bot
726c89794f Sync capa-testfiles submodule 2025-01-17 12:59:22 +00:00
dependabot[bot]
0a547cf0f0 build(deps): bump types-protobuf from 5.28.0.20240924 to 5.29.1.20241207 (#2534) 
Bumps [types-protobuf](https://github.com/python/typeshed) from 5.28.0.20240924 to 5.29.1.20241207.
- [Commits](https://github.com/python/typeshed/commits)

---
updated-dependencies:
- dependency-name: types-protobuf
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-01-16 02:02:08 -07:00
dependabot[bot]
e00672006f build(deps): bump six from 1.16.0 to 1.17.0 (#2533) 
Bumps [six](https://github.com/benjaminp/six) from 1.16.0 to 1.17.0.
- [Changelog](https://github.com/benjaminp/six/blob/main/CHANGES)
- [Commits](https://github.com/benjaminp/six/compare/1.16.0...1.17.0)

---
updated-dependencies:
- dependency-name: six
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-01-16 02:01:00 -07:00
dependabot[bot]
8f8db7b023 build(deps): bump msgspec from 0.18.6 to 0.19.0 (#2547) 
Bumps [msgspec](https://github.com/jcrist/msgspec) from 0.18.6 to 0.19.0.
- [Release notes](https://github.com/jcrist/msgspec/releases)
- [Commits](https://github.com/jcrist/msgspec/compare/0.18.6...0.19.0)

---
updated-dependencies:
- dependency-name: msgspec
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-01-16 02:00:00 -07:00
dependabot[bot]
4411170869 build(deps): bump mypy from 1.13.0 to 1.14.1 (#2550) 
Bumps [mypy](https://github.com/python/mypy) from 1.13.0 to 1.14.1.
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](https://github.com/python/mypy/compare/v1.13.0...v1.14.1)

---
updated-dependencies:
- dependency-name: mypy
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-01-16 01:59:45 -07:00
Willi Ballenthin
72fe291742 strings: fix type hints and uncovered bugs (#2555) 
* strings: fix type hints and uncovered bugs

changelog

add strings tests

strings: fix buf_filled_with

fix strings tests

refactor: optimize and document buf_filled_with function in strings.py

docs: add docstring to buf_filled_with function

doc

strings: add typing

* strings: more validation and testing

thanks @fariss

* copyright
 2025-01-16 01:59:16 -07:00
Capa Bot
3eef829410 Sync capa rules submodule 2025-01-15 21:25:53 +00:00
Willi Ballenthin
8c412f361a elffile: fix handling of symbols without a name 
closes #2553

elffile: fix key error
 2025-01-15 13:45:38 -07:00
Ana Maria Martinez Gomez
df7697db84 [copyright + license] Add missing headers 
Add copyright and license information headers to the source code files
inside the `web` directory and the `capa/render/proto/capa.proto` file.
I have used addlicense to add the headers.
 2025-01-15 08:52:42 -07:00
Ana Maria Martinez Gomez
3cd97ae9f2 [copyright + license] Fix headers 
Replace the header from source code files using the following script:
```Python
for dir_path, dir_names, file_names in os.walk("capa"):
    for file_name in file_names:
        # header are only in `.py` and `.toml` files
        if file_name[-3:] not in (".py", "oml"):
            continue
        file_path = f"{dir_path}/{file_name}"
        f = open(file_path, "rb+")
        content = f.read()
        m = re.search(OLD_HEADER, content)
        if not m:
            continue
        print(f"{file_path}: {m.group('year')}")
        content = content.replace(m.group(0), NEW_HEADER % m.group("year"))
        f.seek(0)
        f.write(content)
```

Some files had the copyright headers inside a `"""` comment and needed
manual changes before applying the script. `hook-vivisect.py` and
`pyinstaller.spec` didn't include the license in the header and also
needed manual changes.

The old header had the confusing sentence `All rights reserved`, which
does not make sense for an open source license. Replace the header by
the default Google header that corrects this issue and keep capa
consistent with other Google projects.

Adapt the linter to work with the new header.

Replace also the copyright text in the `web/public/index.html` file for
consistency.
 2025-01-15 08:52:42 -07:00
Ana Maria Martinez Gomez
b4aa65daa1 [CONTRIBUTING] Use Google's Code of Conduct 
Use Google's default Code of Conduct for consistency with other Google's
projects.
 2025-01-15 08:52:42 -07:00
Ana Maria Martinez Gomez
bf9753ef93 [CONTRIBUTING] Improve CLA information 
Improve CLA information to adhere to Google policies.
 2025-01-15 08:52:42 -07:00
Ana Maria Martinez Gomez
f768f684b5 [LICENSE] Correct LICENSE file 
Replace LICENSE text file with the official Apache one:
https://www.apache.org/licenses/LICENSE-2.0.txt

This changes `Copyright (C) 2021 Mandiant, Inc.` by the following
template language that had been incorrectly replaced:
`Copyright [yyyy] [name of copyright owner]`
 2025-01-15 08:52:42 -07:00
Mike Hunhoff
c3c93685e2 vmray: skip non-printable strings (#2551) 2025-01-08 08:40:32 -07:00
Capa Bot
462e11443e Sync capa rules submodule 2025-01-07 20:03:05 +00:00
Moritz
32d6181f02 Merge pull request #2541 from mandiant/dependabot/npm_and_yarn/web/explorer/nanoid-3.3.8 
build(deps): bump nanoid from 3.3.7 to 3.3.8 in /web/explorer
 2024-12-17 14:29:32 +01:00
Moritz
6cf944b321 Merge pull request #2542 from mandiant/dependabot/pip/flake8-bugbear-24.12.12 
build(deps): bump flake8-bugbear from 24.10.31 to 24.12.12
 2024-12-17 14:29:19 +01:00
Moritz
369fbc713e Merge pull request #2538 from mandiant/williballenthin-patch-1 
readme: avoid scroll on github homepage
 2024-12-17 14:28:24 +01:00
Moritz
e3a1dbfac2 Merge pull request #2537 from mandiant/fix/vmray-improvements 
VMRay and dynamic improvements
 2024-12-17 14:27:52 +01:00
dependabot[bot]
e5fe935a8e build(deps): bump flake8-bugbear from 24.10.31 to 24.12.12 
Bumps [flake8-bugbear](https://github.com/PyCQA/flake8-bugbear) from 24.10.31 to 24.12.12.
- [Release notes](https://github.com/PyCQA/flake8-bugbear/releases)
- [Commits](https://github.com/PyCQA/flake8-bugbear/compare/24.10.31...24.12.12)

---
updated-dependencies:
- dependency-name: flake8-bugbear
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-16 14:12:27 +00:00
dependabot[bot]
233f8dcf9f build(deps): bump nanoid from 3.3.7 to 3.3.8 in /web/explorer 
Bumps [nanoid](https://github.com/ai/nanoid) from 3.3.7 to 3.3.8.
- [Release notes](https://github.com/ai/nanoid/releases)
- [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md)
- [Commits](https://github.com/ai/nanoid/compare/3.3.7...3.3.8)

---
updated-dependencies:
- dependency-name: nanoid
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-16 03:58:18 +00:00
mr-tz
51d606bc0d use default emptry list for ElfFileSection 2024-12-13 11:51:47 +00:00
Willi Ballenthin
2b46796d08 Update README.md 
Co-authored-by: Mike Hunhoff <mike.hunhoff@gmail.com>
 2024-12-12 18:49:39 +01:00
Willi Ballenthin
81f7f43b5b readme: avoid scroll on github homepage 2024-12-12 14:17:46 +01:00
mr-tz
1f34795fce vmray and dynamic updates 2024-12-12 10:12:14 +00:00
mr-tz
06f0012183 only check file limitations for static file formats 2024-12-12 10:10:35 +00:00
mr-tz
55720ddbfd make more fields optional for more flexible model 
tmp
 2024-12-12 10:10:32 +00:00
mr-tz
893378c10e record origin_monitor_id for more reliable process association 
tmp
 2024-12-12 09:51:08 +00:00
Moritz
1a82b9d0c5 Merge pull request #2536 from mandiant/release/v801 
update to v8.0.1
v8.0.1 		2024-12-09 18:11:38 +01:00
mr-tz
3cbc184020 update to v8.0.1 2024-12-09 16:19:30 +00:00
Moritz
347601a112 Merge pull request #2535 from mandiant/fix/ida-find_byte_sequence 
handle IDA 8.3/8.4 vs. 9.0 API change
 2024-12-09 17:11:33 +01:00
mr-tz
8a02b0773d handle IDA 8.3/8.4 vs. 9.0 API change 2024-12-09 15:06:38 +00:00
Moritz
f11661f8f2 release v8.0.0 (#2529) 
* update to v8.0.0

* update website v8.0.0
v8.0.0 		2024-12-09 14:15:46 +01:00
Capa Bot
518dc3381c Sync capa rules submodule 2024-12-09 10:30:27 +00:00
Willi Ballenthin
5c60adaf96 BinExport2: better handle weird Ghidra expressions 
analogous to the inspect-binexport2 issues reported in #2528 and #2530,
but this fixes the feature extractor.
 2024-12-09 11:27:11 +01:00
Willi Ballenthin
4ab8d75629 changelog 2024-12-09 11:27:11 +01:00
Willi Ballenthin
51d852d1b3 inspect-binexport: better handle MSRs exported by Ghidra 
closes #2530
 2024-12-09 11:27:11 +01:00
Willi Ballenthin
aa8e4603d1 inspect-binexport2: render aarch64 vector element sizes 
closes #2528
 2024-12-09 11:27:11 +01:00
Willi Ballenthin
6c61a91778 main: use two lines when warning about stack trace 2024-12-09 11:27:11 +01:00
Capa Bot
e633e34517 Sync capa rules submodule 2024-12-09 09:52:22 +00:00
Willi Ballenthin
9c72c9067b binexport2: better pruning of comma expressions with a single child 2024-12-06 07:19:39 +01:00
Willi Ballenthin
168435cf75 changelog 2024-12-06 07:19:39 +01:00
Willi Ballenthin
5fdf7e61e2 inspect-binexport2: better render ARM lsl/lsr and pruned expressions 2024-12-06 07:19:39 +01:00
Willi Ballenthin
95fc747e6f binexport2: prune operands more precisely 2024-12-06 07:19:39 +01:00
Willi Ballenthin
1f374e4986 binexport2: fix handling of incorrect thunks (#2526) 
* binexport2: fix handling of incorrect thunks

closes #2524

* changelog
 2024-12-05 14:36:09 +01:00
Harshit Wadhwani
28c0234339 Fix: Issue #2307 (#2439) 
* fix #2307

---------

Co-authored-by: Moritz <mr-tz@users.noreply.github.com>
 2024-12-05 09:53:15 +01:00
Moritz
f57f909e68 Merge pull request #2523 from xusheng6/master 
binja: move the stack string detection to the function level
 2024-12-04 17:43:16 +01:00
Xusheng
02c359f79f binja: move the stack string detection to the function level. Fix https://github.com/mandiant/capa/issues/2516 2024-12-04 17:00:22 +08:00