gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2026-01-17 15:22:53 -08:00
Code Issues Packages Projects Releases Wiki Activity
223 Commits 42 Branches 48 Tags
9a67cccebb479a7cc6bb0b44ad005acf748d6e82
Commit Graph

61 Commits

Author SHA1 Message Date
William Ballenthin
ff44801e5c render: meta: add base address 2020-07-02 16:24:37 -06:00
William Ballenthin
2676649342 pep8 2020-07-02 15:31:47 -06:00
William Ballenthin
6575a019c3 render: add report header and metadata 
closes #45
 2020-07-02 15:31:08 -06:00
William Ballenthin
cff7e9195a pep8 2020-07-02 12:17:53 -06:00
William Ballenthin
482bb44876 main: collect metadata for inclusion in json document 
closes #45
 2020-07-02 12:17:09 -06:00
William Ballenthin
612eefe2e8 dos2unix 2020-07-02 11:08:21 -06:00
William Ballenthin
8f7cb6dad0 pep8 2020-07-02 11:01:18 -06:00
William Ballenthin
41c32013bb Merge branch 'master' into fmt-black 2020-07-02 11:00:14 -06:00
William Ballenthin
1188103d1c pep8: isort 2020-07-02 10:52:05 -06:00
Moritz Raabe
c37365f045 fix render, cleanup feature string display 2020-07-02 18:48:14 +02:00
William Ballenthin
c185e9ef09 pep8: black 2020-07-02 10:32:26 -06:00
William Ballenthin
db2b1caeae Merge branch 'master' into fmt-black 2020-07-02 10:25:24 -06:00
Ana María Martínez Gómez
81741b49f7 Support inline descriptions for count 
```
count(number(2 = AF_INET/SOCK_DGRAM)): 2
```
 2020-07-02 16:50:22 +02:00
Ana María Martínez Gómez
64124c0b64 Remove True from Characteristic rules and output 
Get rid of `True` in characteristic (rules, output and json) as it is
implicit. This way, the same syntax is used for characteristic as for
the rest of the features.

Co-authored-by: William Ballenthin <william.ballenthin@fireeye.com>
 2020-07-02 16:50:15 +02:00
Ana María Martínez Gómez
681feebf35 Adapt description implementation to new output 
As the `__str__` method is not used anymore in the output, the
description implementation needs to be adapted.
 2020-07-02 16:50:07 +02:00
William Ballenthin
b9d017ad10 pep8 2020-07-01 12:43:12 -06:00
William Ballenthin
6229377408 render: vverbose: factor out rendering of locations 2020-07-01 12:10:52 -06:00
William Ballenthin
da9f8fede4 render: json: include locations for range 
closes #43
 2020-07-01 12:05:43 -06:00
Michael Hunhoff
ccdbd43cda fix bug in bytes feture rendering 2020-07-01 08:47:43 -06:00
William Ballenthin
3f4489849a Merge branch 'master' of github.com:fireeye/capa 2020-06-29 12:28:30 -06:00
Michael Hunhoff
52f7fb561f changes to support py3 2020-06-30 16:45:08 -06:00
William Ballenthin
51fec3959c render: fix exception when lib rule has no namespace 2020-06-29 12:28:18 -06:00
William Ballenthin
ed12c4758b render: group ATT&CK tags in a single table 2020-06-28 12:23:07 -06:00
William Ballenthin
a12bcf238b pep8 2020-06-28 12:13:31 -06:00
William Ballenthin
112ddb43c9 render: hint min width of tables 2020-06-28 12:13:17 -06:00
William Ballenthin
c9ab5f9dda render: fix handling of file-scope rules 2020-06-28 12:05:15 -06:00
William Ballenthin
7c51fd4890 render: fix rendering of file scope results 2020-06-28 12:04:53 -06:00
William Ballenthin
f77e1f4946 render: include rule source in the json 2020-06-28 11:55:33 -06:00
William Ballenthin
c34578b80c render: hint number of matches in verbose and vverbose mode 2020-06-28 11:52:03 -06:00
William Ballenthin
ef4be10543 render: show logic under not nodes 2020-06-28 11:48:23 -06:00
William Ballenthin
5f598e8a08 render: learn to render Range/Count statements 2020-06-28 11:30:23 -06:00
William Ballenthin
a355f2f0c6 render: hint the number of matches 2020-06-28 10:33:28 -06:00
William Ballenthin
c55ce3c1f0 render: hint number of hidden locations 2020-06-28 09:55:08 -06:00
William Ballenthin
1d00f188f1 render: format numbers and offsets as hex 2020-06-28 09:53:14 -06:00
William Ballenthin
d04c9db399 render: ellipsis formatting 2020-06-28 09:39:52 -06:00
William Ballenthin
617b55ae3c render: only show 4 locations before using an ellipsis 2020-06-28 09:37:48 -06:00
William Ballenthin
71177c9d77 pep8 2020-06-28 09:32:16 -06:00
William Ballenthin
4c4b538a6a render: emit bytes uppercase, separated 2020-06-28 09:31:15 -06:00
William Ballenthin
9be448a900 render: dont display implied True for characteristic 2020-06-28 09:20:34 -06:00
William Ballenthin
bdc635a0f9 render: capture and display matched regex string 2020-06-28 09:20:25 -06:00
William Ballenthin
50dc945103 render: dont forget about bytes feature 2020-06-28 08:54:46 -06:00
William Ballenthin
cad438a9bd render: remove dead code 2020-06-28 08:53:41 -06:00
William Ballenthin
eca87ab976 render: verbose: only show some meta keys 2020-06-28 08:50:05 -06:00
William Ballenthin
67c511e085 render: display lists of things as comma separated 2020-06-28 08:47:50 -06:00
William Ballenthin
9f2c4248e5 render: display addresses as upper case hex 2020-06-28 08:44:32 -06:00
William Ballenthin
6bf63f72fd render: document import loop and fix 2020-06-28 08:30:43 -06:00
William Ballenthin
0f18ce23b8 render: remove some doc that wasn't useful 2020-06-28 08:28:23 -06:00
William Ballenthin
df333042bf render: wire up vverbose mode 2020-06-28 01:29:03 -06:00
William Ballenthin
4914019503 render: utils: add second level bold style 2020-06-28 01:28:42 -06:00
William Ballenthin
20dffcdd5b render: verbose: don't display locations for file scope matches 2020-06-28 01:28:13 -06:00