gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2026-01-07 10:50:37 -08:00
Code Issues Packages Projects Releases Wiki Activity
2,678 Commits 41 Branches 48 Tags
9c77488937b244a88719dfe39eab19ea5517889b
Commit Graph

134 Commits

Author SHA1 Message Date
Willi Ballenthin
1a290a38c4 Merge branch 'master' into feature-981 2022-06-06 14:07:51 -06:00
Moritz
cb703aea18 Update build.yml 2022-05-31 22:33:53 +02:00
Moritz
3d0a59cf74 Update pyinstaller.spec (#1042) 
* Update pyinstaller.spec
 2022-05-31 13:29:04 +02:00
Moritz Raabe
83cae29dbe ci: temporarily test on PR 2022-05-12 18:40:45 +02:00
Willi Ballenthin
78e9280a93 Merge branch 'master' into feature-981 2022-05-11 13:20:48 -06:00
Moritz Raabe
80e4161b40 ci: build on PR 2022-05-06 16:29:54 +02:00
Moritz
9f12f069ee ci: fix build (#980) 
* ci: fix build

* fix: newest PyInstaller version

* fix: logo path

* fix: logo path 2

* fix: logo path 3

* fix: icon another way

* fix: remove icon for now

* ci: only build after tests succeed

* ci: add workflow_run check
 2022-04-27 15:09:58 +02:00
Willi Ballenthin
ed1009096d Merge branch 'master' of github.com:mandiant/capa into feature-981 2022-04-08 16:01:59 -06:00
Mike Hunhoff
580a2d7e45 dotnet: basic detection and feature extraction (#987) 2022-04-08 14:55:00 -06:00
Moritz
65552575f8 Update dotnet-main (#979) 
* Sync capa rules submodule

* Sync capa-testfiles submodule

* Sync capa rules submodule

* changelog

* *: remove /x32 and /x64 flavors from number and offset features

* *: remove more references to /x32 and /x64

* linter: accept instruction scope

* rules: fix max operand index (4)

* API: better support A/W functions

* vverbose: show lib rule matches

* main: accept multiple paths to rules

* main: fix removal of default rules path

* lint: fix rules path

* changelog

* capa_as_library: fix rules path is list now

* main: better handle multiple rules paths

* main: bail if python 3.6 or below

closes #964

* ida: readme: remove python 3.6 support

* capa2yara: fix rules paths

* render: meta: display rule paths on separate lines

closes #971

* render: verbose: add doc

* verbose: make rule path multiline more concise

* vverbose: don't show examples in output

closes #970

* vverbose: render subscope name, like "basic block:"

closes #963

* build(deps-dev): bump pytest from 7.0.1 to 7.1.1

Bumps [pytest](https://github.com/pytest-dev/pytest) from 7.0.1 to 7.1.1.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pytest-dev/pytest/compare/7.0.1...7.1.1)

---
updated-dependencies:
- dependency-name: pytest
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* ci: build: update pip and setuptools

* ci: build: bump pyinstall to v4.10

* Sync capa rules submodule

* Dotnet mixed mode detect (#969)

* feat: start dotnet detection (#955)

* feat: start dotnet detection

* Apply suggestions from code review

Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>

* refactor: dn instead of dotnet

* refactor: format branches, extractor reorg

* refactor: format selection and dotnet detect

* feat: get format, arch, os

* refactor: log errors and exceptions

* ci: also test and build for dotnet-main dev

* fix: import path

* fix: circular dep

* fix: remove buf argument
feat: get runtime meta data

* fix: log unsupported runtime error

* fix: type ignore

Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>

* fix: imports and add tests

* feat: detect mixed mode and tests

* feat: start dotnet detection (#955)

* feat: start dotnet detection

* Apply suggestions from code review

Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>

* refactor: dn instead of dotnet

* refactor: format branches, extractor reorg

* refactor: format selection and dotnet detect

* feat: get format, arch, os

* refactor: log errors and exceptions

* ci: also test and build for dotnet-main dev

* fix: import path

* fix: circular dep

* fix: remove buf argument
feat: get runtime meta data

* fix: log unsupported runtime error

* fix: type ignore

Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>

* fix: imports and add tests

Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>

* test: checkout submodules recursively

Co-authored-by: Capa Bot <capa-dev@mandiant.com>
Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-04-07 17:45:29 +02:00
Willi Ballenthin
dfcb3cc2ea ci: build: bump pyinstall to v4.10 2022-04-06 14:17:59 -06:00
Willi Ballenthin
587202ce43 ci: build: update pip and setuptools 2022-04-06 14:03:44 -06:00
Moritz
b5be876e61 feat: start dotnet detection (#955) 
* feat: start dotnet detection

* Apply suggestions from code review

Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>

* refactor: dn instead of dotnet

* refactor: format branches, extractor reorg

* refactor: format selection and dotnet detect

* feat: get format, arch, os

* refactor: log errors and exceptions

* ci: also test and build for dotnet-main dev

* fix: import path

* fix: circular dep

* fix: remove buf argument
feat: get runtime meta data

* fix: log unsupported runtime error

* fix: type ignore

Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>
 2022-04-06 11:33:14 +02:00
Willi Ballenthin
0617b87f36 ci: no longer test against py3.6 2022-04-05 10:19:09 -06:00
Willi Ballenthin
031ea167e8 add pycodestyle config 2022-03-28 13:17:18 -06:00
Willi Ballenthin
8afd12103d ci: build: try to use windows-2022 2022-03-11 17:40:35 -07:00
Moritz
5d106afca6 remove windows-2016 2022-03-11 08:38:09 +01:00
Willi Ballenthin
7e50a957ff ci: tests: python versions are strings not floats 2021-11-16 10:12:34 -07:00
Willi Ballenthin
137cff6127 ci: tests: test under py3.10 too 2021-11-16 10:06:32 -07:00
Moritz Raabe
8de69c639a s/fireeye/mandiant 2021-09-29 12:55:16 +02:00
Moritz Raabe
41786f4ab8 add hidden import and test 2021-09-28 15:39:23 +02:00
Willi Ballenthin
297d9aaa32 Merge pull request #770 from fireeye/elffile-extractor 
add light weight ElfFeatureExtractor
 2021-09-13 13:27:00 -06:00
Moritz Raabe
06d238a9f9 add ElfFeatureExtractor 2021-09-10 20:38:27 +02:00
Moritz Raabe
16c12f816b update to ubuntu-18.04 2021-09-09 16:45:11 +02:00
William Ballenthin
14f2391f49 mypy: add devtools ignore 2021-08-27 12:33:04 -06:00
William Ballenthin
d5c9a5cf3c mypy: ignore ida_loader 2021-08-11 15:15:33 -06:00
Moritz Raabe
6860b9a040 address Willi's feedback 2021-06-29 21:16:31 +02:00
Moritz Raabe
5c8a4aafd7 test scripts and fix show-features 2021-06-29 21:16:31 +02:00
Moritz
2d7ac73caa update dependabot actor name 2021-06-21 16:24:43 +02:00
William Ballenthin
48756a7621 ci: invoke mypy during testing 2021-06-14 10:41:53 -06:00
William Ballenthin
24d61d8634 mypy: ignore more external deps 2021-06-14 10:41:32 -06:00
William Ballenthin
853d7285bd mypy: ignore ruamel 2021-06-14 10:32:51 -06:00
William Ballenthin
b066af9506 mypy: extend lib ignore config 2021-06-10 00:28:28 -06:00
William Ballenthin
9a4e9b6586 setup: add initial mypy setup 
invoke like: mypy --config-file .github/mypy/mypy.ini capa/main.py
 2021-06-09 14:50:37 -06:00
Moritz Raabe
bed2e3777e job level exclusion 2021-06-07 12:38:03 +02:00
Moritz Raabe
ff66346d2a ignore dependabot for changelog check 2021-06-07 09:52:46 +02:00
Ana Maria Martinez Gomez
4ef3830b6b Use Ana06/get-changed-files@v1.2 
Use Ana06/get-changed-files@v1.2 which removes the _head commit is ahead
of the base commit_ check. This made the action failed in not up-to-date
branches (in which rebasing is needed).

It supersedes https://github.com/fireeye/capa/pull/599
 2021-06-04 14:03:41 +02:00
Ana Maria Martinez Gomez
f304bdbd20 ci: lint CHANGELOG 
The sync GH action in capa-rules relies on a single '- *$' in the
CHANGELOG file. Check in the tests that this is the case to avoid that
it is removed.

This happened in the following PR:
https://github.com/fireeye/capa/pull/591
This caused that the new rules in the following PR were not added to the
CHANGELOG:
https://github.com/fireeye/capa-rules/pull/400
 2021-06-02 12:42:48 +02:00
Ana María Martínez Gómez
b3fff51002 Merge pull request #584 from Ana06/changelog-GA 
ci: Reject PRs without CHANGELOG update
 2021-05-28 12:09:06 +02:00
Ana Maria Martinez Gomez
51884fea2d doc: Fix link and add more details 
Fix broken link to `pull_request_template.md` and add some more details.

Related #457
 2021-05-28 12:07:21 +02:00
Ana Maria Martinez Gomez
38d41e2f59 ci: fix get-changed-files 
Ana06/get-changed-files@v1.1 is a fork of
https://github.com/jitterbit/get-changed-files, which supports
`pull_request_target` and allow to filter files using regular
expressions.

As we need to use `pull_request_target`, Ana06/get-changed-files@v1.1
works, but jitterbit/get-changed-files@v1 doesn't.
 2021-05-28 11:08:04 +02:00
Ana Maria Martinez Gomez
23ff9e719f ci: only reject once and fix dismiss 
`Ana06/automatic-pull-request-review@v0.1.0` is a fork of
https://github.com/AndrewMusgrave/automatic-pull-request-review which
fixes `DISMISS` and provides an `allow_duplicate` option which allows to
only approve once.
 2021-05-28 11:08:04 +02:00
Ana Maria Martinez Gomez
7a0a6f9cf1 ci: check changelog 
Request changes in a PR without CHANGELOG update.
 2021-05-28 11:08:04 +02:00
Ana Maria Martinez Gomez
f6960e4deb github: Improve pull request template 
After using the PR template for a while, I think simplifying it will be
helpful:

- GitHub includes the commit message description automatically with the
aim of saving you time as it is sometimes also a good PR description.
With the current template, I need to cut this test and paste it into the
description section (which is really annoying!).

- Make a single simpler checklist. Add information as comment and have a
straightforward list which helps us remembering the changelog, tests and
documentation without needing to invest much time. The changelog
bulletpoint will also be used in GitHub Actions.
 2021-05-28 11:08:00 +02:00
Moritz
424a25cb91 Fix tests on Windows - reduced memory impact and general fixes (#545) 
* Update tests.yml

* Update .github/workflows/tests.yml

* Update tests.yml

* update

* min tests

* enable all, no sigpaths

* update cache

* save workspace, log caching

* updated tests

* update tests

* update rec call test

* lower cache size

* address Ana's feedback
 2021-05-11 16:29:01 +02:00
William Ballenthin
4962fcfcde ci: fix accidental merge conflict 2021-04-26 12:19:25 -06:00
William Ballenthin
c79f461e39 Merge branch 'master' into function-id-flirt 2021-04-26 09:47:42 -06:00
William Ballenthin
a0e045dc52 ci: use black/isort dep from setup.py 
closes #535
 2021-04-26 08:39:01 -06:00
Moritz
3023634536 build using Py3.8 and test across more OSs (#506) 
* build using Py3.8 and test across more OSs

* enable for release

* test builds on push to master
 2021-04-13 15:42:58 +02:00
Moritz
eb5c705083 Update pull_request_template.md 2021-04-09 15:03:43 +02:00