Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add dynamic analysis #1697

Merged
merged 556 commits into from
Nov 29, 2023
Merged

add dynamic analysis #1697

merged 556 commits into from
Nov 29, 2023
This pull request is big! We’re only showing the most recent 250 commits.

Commits on Aug 7, 2023

  1. delete empty files

    @yelhamer
    yelhamer committed Aug 7, 2023
    Configuration menu
    Copy the full SHA
    aacd9f5 View commit details
    Browse the repository at this point in the history

  2. features/address.py: rename CallAddress DynamicCallAddress

    @yelhamer
    yelhamer committed Aug 7, 2023
    Configuration menu
    Copy the full SHA
    a185341 View commit details
    Browse the repository at this point in the history

  3. Merge pull request #1678 from yelhamer/call-scope 

    Add a call scope
    @williballenthin
    williballenthin authored Aug 7, 2023
    Configuration menu
    Copy the full SHA
    681d4fb View commit details
    Browse the repository at this point in the history

Commits on Aug 10, 2023

  1. docstrings: improve wording

    @williballenthin
    williballenthin authored Aug 10, 2023
    Configuration menu
    Copy the full SHA
    582bb7c View commit details
    Browse the repository at this point in the history

  2. add TODO for typing.TypeAlias

    @williballenthin
    williballenthin authored Aug 10, 2023
    Configuration menu
    Copy the full SHA
    ae9d773 View commit details
    Browse the repository at this point in the history

  3. process: simplify string enumeration loop

    @williballenthin
    williballenthin authored Aug 10, 2023
    Configuration menu
    Copy the full SHA
    85b58d0 View commit details
    Browse the repository at this point in the history

  4. vverbose: render both scopes nicely

    @williballenthin
    williballenthin authored Aug 10, 2023
    Configuration menu
    Copy the full SHA
    3cf748a View commit details
    Browse the repository at this point in the history

  5. Merge branch 'master' into dynamic-feature-extraction

    @williballenthin
    williballenthin committed Aug 10, 2023
    Configuration menu
    Copy the full SHA
    c1fbb27 View commit details
    Browse the repository at this point in the history

  6. freeze: pydantic v2 fixes

    @williballenthin
    williballenthin committed Aug 10, 2023
    Configuration menu
    Copy the full SHA
    19495f6 View commit details
    Browse the repository at this point in the history

Commits on Aug 11, 2023

  1. sync submodule testfiles

    @williballenthin
    williballenthin authored Aug 11, 2023
    Configuration menu
    Copy the full SHA
    34db631 View commit details
    Browse the repository at this point in the history

  2. tests: create workspaces only during tests, not import 

    closes #1707
    @williballenthin
    williballenthin authored Aug 11, 2023
    Configuration menu
    Copy the full SHA
    1cf33e4 View commit details
    Browse the repository at this point in the history

  3. tests: main: demonstrate CAPE analysis (and bug #1702)

    @williballenthin
    williballenthin authored Aug 11, 2023
    Configuration menu
    Copy the full SHA
    6de23a9 View commit details
    Browse the repository at this point in the history

  4. render: verbose: render call address 

    closes #1702
    @williballenthin
    williballenthin authored Aug 11, 2023
    Configuration menu
    Copy the full SHA
    dafbefb View commit details
    Browse the repository at this point in the history

  5. render: verbose: render dynamic call return address

    @williballenthin
    williballenthin authored Aug 11, 2023
    Configuration menu
    Copy the full SHA
    f48e4a8 View commit details
    Browse the repository at this point in the history

  6. result document: wire analysis flavor through metadata 

    ref #1711
    @williballenthin
    williballenthin authored Aug 11, 2023
    Configuration menu
    Copy the full SHA
    c91dc71 View commit details
    Browse the repository at this point in the history

  7. render: show analysis flavor 

    closes #1711
    @williballenthin
    williballenthin authored Aug 11, 2023
    Configuration menu
    Copy the full SHA
    3057b5f View commit details
    Browse the repository at this point in the history

  8. rules: use set instead of tuple, add doc 

    since the primary operation is `contain()`,
set is more appropriate than tuple.
    @williballenthin
    williballenthin authored Aug 11, 2023
    Configuration menu
    Copy the full SHA
    e100a63 View commit details
    Browse the repository at this point in the history

  9. rules: don't change passed-in argument 

    make a local copy of the scopes dict
    @williballenthin
    williballenthin authored Aug 11, 2023
    Configuration menu
    Copy the full SHA
    3c069a6 View commit details
    Browse the repository at this point in the history

  10. main: don't use analysis flavor to filter rules 

    im worried this will interact poorly with our rule cache,
unless we add more handling there, which needs more testing.
so, since the filtering likely has only a small impact on performance,
revert the rule filtering changes for simplicity.
    @williballenthin
    williballenthin authored Aug 11, 2023
    Configuration menu
    Copy the full SHA
    8202e9e View commit details
    Browse the repository at this point in the history

  11. vverbose: render relevant scope at top of match tree 

    closes #1710
    @williballenthin
    williballenthin authored Aug 11, 2023
    Configuration menu
    Copy the full SHA
    fd1cd05 View commit details
    Browse the repository at this point in the history

  12. address: remove dynamic return address concept, as its unused today

    @williballenthin
    williballenthin authored Aug 11, 2023
    Configuration menu
    Copy the full SHA
    c6d400b View commit details
    Browse the repository at this point in the history

Commits on Aug 14, 2023

  1. fixtures.py: fix the path of '0000a567' in get_data_path_by_name() 

    …method
    @yelhamer
    yelhamer committed Aug 14, 2023
    Configuration menu
    Copy the full SHA
    751231b View commit details
    Browse the repository at this point in the history

  2. Merge pull request #1708 from mandiant/fix/issue-1707 

    tests: create workspaces only during tests, not import
    @yelhamer
    yelhamer authored Aug 14, 2023
    Configuration menu
    Copy the full SHA
    2a83f1f View commit details
    Browse the repository at this point in the history

  3. Merge pull request #1709 from mandiant/fix/issue-1702 

    fix rendering of call and return addresses
    @yelhamer
    yelhamer authored Aug 14, 2023
    Configuration menu
    Copy the full SHA
    84cddc7 View commit details
    Browse the repository at this point in the history

  4. Merge remote-tracking branch 'parentrepo/dynamic-feature-extraction' … 

    …into fix/issue-1711
    @yelhamer
    yelhamer committed Aug 14, 2023
    Configuration menu
    Copy the full SHA
    846bd62 View commit details
    Browse the repository at this point in the history

  5. Merge pull request #1713 from mandiant/fix/issue-1711 

    record and show the analysis flavor
    @williballenthin
    williballenthin authored Aug 14, 2023
    Configuration menu
    Copy the full SHA
    d648fdf View commit details
    Browse the repository at this point in the history

Commits on Aug 15, 2023

  1. Merge pull request #1716 from mandiant/fix/issue-1697-2 

    remove dynamic return address concept
    @yelhamer
    yelhamer authored Aug 15, 2023
    Configuration menu
    Copy the full SHA
    88aa17f View commit details
    Browse the repository at this point in the history

  2. Merge pull request #1715 from mandiant/fix/issue-1710 

    fix rendering of scope in vverbose mode
    @yelhamer
    yelhamer authored Aug 15, 2023
    Configuration menu
    Copy the full SHA
    0e1ce21 View commit details
    Browse the repository at this point in the history

  3. Merge remote-tracking branch 'parentrepo/dynamic-feature-extraction' … 

    …into fix/issue-1697-1
    @yelhamer
    yelhamer committed Aug 15, 2023
    Configuration menu
    Copy the full SHA
    4411911 View commit details
    Browse the repository at this point in the history

  4. tests: temporarily xfail script test 

    closes #1717
    @williballenthin
    williballenthin authored Aug 15, 2023
    Configuration menu
    Copy the full SHA
    4978aa7 View commit details
    Browse the repository at this point in the history

  5. main: provide encoding to open 

    fixes flake8 warning
    @williballenthin
    williballenthin authored Aug 15, 2023
    Configuration menu
    Copy the full SHA
    476c7ff View commit details
    Browse the repository at this point in the history

  6. Merge pull request #1714 from mandiant/fix/issue-1697-1 

    rule scoping tweaks
    @williballenthin
    williballenthin authored Aug 15, 2023
    Configuration menu
    Copy the full SHA
    c001c88 View commit details
    Browse the repository at this point in the history

  7. merge

    @williballenthin
    williballenthin authored Aug 15, 2023
    Configuration menu
    Copy the full SHA
    2a31b16 View commit details
    Browse the repository at this point in the history

  8. test_rules: fix rule scoping logic

    @williballenthin
    williballenthin authored Aug 15, 2023
    Configuration menu
    Copy the full SHA
    827b4b2 View commit details
    Browse the repository at this point in the history

  9. wip: add initial CAPE model

    @williballenthin
    williballenthin authored Aug 15, 2023
    Configuration menu
    Copy the full SHA
    db40d9b View commit details
    Browse the repository at this point in the history

  10. cape: add pydantic model for v2.2

    @williballenthin
    williballenthin authored Aug 15, 2023
    Configuration menu
    Copy the full SHA
    59a129d View commit details
    Browse the repository at this point in the history

  11. Merge branch 'master' into dynamic-feature-extraction

    @williballenthin
    williballenthin authored Aug 15, 2023
    Configuration menu
    Copy the full SHA
    bb2b182 View commit details
    Browse the repository at this point in the history

  12. cape: models: add more fields

    @williballenthin
    williballenthin authored Aug 15, 2023
    Configuration menu
    Copy the full SHA
    d8bea81 View commit details
    Browse the repository at this point in the history

Commits on Aug 16, 2023

  1. cape: models: more shapes

    @williballenthin
    williballenthin authored Aug 16, 2023
    Configuration menu
    Copy the full SHA
    25aabcd View commit details
    Browse the repository at this point in the history

  2. cape: model: document the data we'll use in cape

    @williballenthin
    williballenthin authored Aug 16, 2023
    Configuration menu
    Copy the full SHA
    046427c View commit details
    Browse the repository at this point in the history

  3. cape: models: add tests

    @williballenthin
    williballenthin authored Aug 16, 2023
    Configuration menu
    Copy the full SHA
    26539e6 View commit details
    Browse the repository at this point in the history

  4. cape: models: more data shapes

    @williballenthin
    williballenthin authored Aug 16, 2023
    Configuration menu
    Copy the full SHA
    2eda053 View commit details
    Browse the repository at this point in the history

  5. cape: models: more data shapes

    @williballenthin
    williballenthin authored Aug 16, 2023
    Configuration menu
    Copy the full SHA
    4be1c89 View commit details
    Browse the repository at this point in the history

  6. cape: models: relax deserializing FlexibleModels

    @williballenthin
    williballenthin authored Aug 16, 2023
    Configuration menu
    Copy the full SHA
    e943a71 View commit details
    Browse the repository at this point in the history

  7. cape: use pydantic model

    @williballenthin
    williballenthin authored Aug 16, 2023
    Configuration menu
    Copy the full SHA
    6f7bf96 View commit details
    Browse the repository at this point in the history

  8. Merge branch 'dynamic-feature-extraction' into feat/cape-pydantic

    @williballenthin
    williballenthin authored Aug 16, 2023
    Configuration menu
    Copy the full SHA
    8788a40 View commit details
    Browse the repository at this point in the history

  9. cape: require PE analysis

    @williballenthin
    williballenthin authored Aug 16, 2023
    Configuration menu
    Copy the full SHA
    724db83 View commit details
    Browse the repository at this point in the history

  10. ida: use ida_nalt not idaapi 

    closes #1730
    @williballenthin
    williballenthin authored Aug 16, 2023
    Configuration menu
    Copy the full SHA
    3350a93 View commit details
    Browse the repository at this point in the history

  11. cape: call: fix argument type switch

    @williballenthin
    williballenthin authored Aug 16, 2023
    Configuration menu
    Copy the full SHA
    c80542d View commit details
    Browse the repository at this point in the history

  12. cape: fix test failures

    @williballenthin
    williballenthin authored Aug 16, 2023
    Configuration menu
    Copy the full SHA
    3614ce1 View commit details
    Browse the repository at this point in the history

  13. Update capa/features/common.py 

    Co-authored-by: Willi Ballenthin <[email protected]>
    @yelhamer @williballenthin
    yelhamer and williballenthin authored Aug 16, 2023
    Configuration menu
    Copy the full SHA
    264958e View commit details
    Browse the repository at this point in the history

Commits on Aug 18, 2023

  1. cape: models: tweaks from Avast dataset

    @williballenthin
    williballenthin committed Aug 18, 2023
    Configuration menu
    Copy the full SHA
    120917e View commit details
    Browse the repository at this point in the history

  2. ci: pre-commit: show-diff-on-failure

    @williballenthin
    williballenthin committed Aug 18, 2023
    Configuration menu
    Copy the full SHA
    8cd5e03 View commit details
    Browse the repository at this point in the history

  3. Merge branch 'dynamic-feature-extraction' into feat/cape-pydantic

    @williballenthin
    williballenthin authored Aug 18, 2023
    Configuration menu
    Copy the full SHA
    05cf720 View commit details
    Browse the repository at this point in the history

  4. black

    @williballenthin
    williballenthin committed Aug 18, 2023
    Configuration menu
    Copy the full SHA
    b10275e View commit details
    Browse the repository at this point in the history

  5. cape: models: more fixes thanks to avast

    @williballenthin
    williballenthin committed Aug 18, 2023
    Configuration menu
    Copy the full SHA
    5e31f0d View commit details
    Browse the repository at this point in the history

  6. main.py: look up rules scope with scopes attribute, not their meta field

    @yelhamer
    yelhamer committed Aug 18, 2023
    Configuration menu
    Copy the full SHA
    3500947 View commit details
    Browse the repository at this point in the history

  7. cape: models: more fixes thanks to avast

    @williballenthin
    williballenthin committed Aug 18, 2023
    Configuration menu
    Copy the full SHA
    18dff9d View commit details
    Browse the repository at this point in the history

  8. result_document.py: use the scopes attribute instead of meta["scope"]

    @yelhamer
    yelhamer committed Aug 18, 2023
    Configuration menu
    Copy the full SHA
    d741544 View commit details
    Browse the repository at this point in the history

  9. add error message for invalid report files

    @yelhamer
    yelhamer committed Aug 18, 2023
    Configuration menu
    Copy the full SHA
    9144d12 View commit details
    Browse the repository at this point in the history

  10. disable packed-sample warning for dynamic feature extractors

    @yelhamer
    yelhamer committed Aug 18, 2023
    Configuration menu
    Copy the full SHA
    a8bd5b1 View commit details
    Browse the repository at this point in the history

  11. Match.from_capa(): remove reliance on the meta field to get the scope

    @yelhamer
    yelhamer committed Aug 18, 2023
    Configuration menu
    Copy the full SHA
    e7c0bea View commit details
    Browse the repository at this point in the history

  12. remove file-limitations checks for dynamic extractors

    @yelhamer
    yelhamer committed Aug 18, 2023
    Configuration menu
    Copy the full SHA
    521bd25 View commit details
    Browse the repository at this point in the history

Commits on Aug 22, 2023

  1. Merge pull request #1729 from mandiant/feat/cape-pydantic 

    add Pydantic models for CAPE sandbox
    @williballenthin
    williballenthin authored Aug 22, 2023
    Configuration menu
    Copy the full SHA
    ee936f9 View commit details
    Browse the repository at this point in the history

  2. Update capa/features/freeze/__init__.py

    @williballenthin
    williballenthin authored Aug 22, 2023
    Configuration menu
    Copy the full SHA
    e5af716 View commit details
    Browse the repository at this point in the history

  3. Update capa/rules/__init__.py

    @williballenthin
    williballenthin authored Aug 22, 2023
    Configuration menu
    Copy the full SHA
    89c8c6d View commit details
    Browse the repository at this point in the history

  4. Merge branch 'master' into dynamic-feature-extraction

    @williballenthin
    williballenthin authored Aug 22, 2023
    Configuration menu
    Copy the full SHA
    21cefa0 View commit details
    Browse the repository at this point in the history

  5. point submodule rules to branch dynamic-syntax

    @williballenthin
    williballenthin committed Aug 22, 2023
    Configuration menu
    Copy the full SHA
    675ad36 View commit details
    Browse the repository at this point in the history

  6. cape: better detect CAPE reports 

    fixes #1745
    @williballenthin
    williballenthin committed Aug 22, 2023
    Configuration menu
    Copy the full SHA
    5b585c0 View commit details
    Browse the repository at this point in the history

  7. main: fix rendering of logging message

    @williballenthin
    williballenthin committed Aug 22, 2023
    Configuration menu
    Copy the full SHA
    c160f45 View commit details
    Browse the repository at this point in the history

  8. Merge pull request #1746 from mandiant/fix/issue-1745 

    fix detection of CAPE reports
    @williballenthin
    williballenthin authored Aug 22, 2023
    Configuration menu
    Copy the full SHA
    9489927 View commit details
    Browse the repository at this point in the history

  9. rules: add scope terms "unsupported" and "unspecified" 

    closes #1744
    @williballenthin
    williballenthin committed Aug 22, 2023
    Configuration menu
    Copy the full SHA
    4ab240e View commit details
    Browse the repository at this point in the history

  10. test_rules_insn_scope.py: update rules missing the dynamic scope

    @yelhamer
    yelhamer committed Aug 22, 2023
    Configuration menu
    Copy the full SHA
    d106899 View commit details
    Browse the repository at this point in the history

  11. Merge pull request #1748 from mandiant/feat/issue-1744 

    rules: add scope terms "unsupported" and "unspecified"
    @williballenthin
    williballenthin authored Aug 22, 2023
    Configuration menu
    Copy the full SHA
    2541404 View commit details
    Browse the repository at this point in the history

  12. initial commit

    @yelhamer
    yelhamer committed Aug 22, 2023
    Configuration menu
    Copy the full SHA
    44fc335 View commit details
    Browse the repository at this point in the history

  13. lint.py: add 'unsupported' keyword

    @yelhamer
    yelhamer committed Aug 22, 2023
    Configuration menu
    Copy the full SHA
    77b3fad View commit details
    Browse the repository at this point in the history

  14. lint.py: fix boolean statement

    @yelhamer
    yelhamer committed Aug 22, 2023
    Configuration menu
    Copy the full SHA
    901ba55 View commit details
    Browse the repository at this point in the history

  15. lint.py: update recommendation messages

    @yelhamer
    yelhamer committed Aug 22, 2023
    Configuration menu
    Copy the full SHA
    5730e55 View commit details
    Browse the repository at this point in the history

Commits on Aug 23, 2023

  1. Update capa/features/freeze/__init__.py 

    Co-authored-by: Willi Ballenthin <[email protected]>
    @yelhamer @williballenthin
    yelhamer and williballenthin authored Aug 23, 2023
    Configuration menu
    Copy the full SHA
    39c8fd8 View commit details
    Browse the repository at this point in the history

  2. capa/features/freeze/__init__.py: remove comment 

    Co-authored-by: Willi Ballenthin <[email protected]>
    @yelhamer @williballenthin
    yelhamer and williballenthin authored Aug 23, 2023
    Configuration menu
    Copy the full SHA
    cdb469e View commit details
    Browse the repository at this point in the history

  3. capa/rules/__init__.py: merge features from small scopes into larger … 

    …ones

Co-authored-by: Willi Ballenthin <[email protected]>
    @yelhamer @williballenthin
    yelhamer and williballenthin authored Aug 23, 2023
    Configuration menu
    Copy the full SHA
    86effec View commit details
    Browse the repository at this point in the history

  4. Merge pull request #1753 from yelhamer/update-linter 

    Update the rules linter
    @yelhamer
    yelhamer authored Aug 23, 2023
    Configuration menu
    Copy the full SHA
    5ba7325 View commit details
    Browse the repository at this point in the history

Commits on Aug 24, 2023

  1. test_main.py: revert ruleset-related xfails

    @yelhamer
    yelhamer committed Aug 24, 2023
    Configuration menu
    Copy the full SHA
    42689ef View commit details
    Browse the repository at this point in the history

  2. test_binja.py: revert ruleset-related xfails

    @yelhamer
    yelhamer committed Aug 24, 2023
    Configuration menu
    Copy the full SHA
    7c101f0 View commit details
    Browse the repository at this point in the history

  3. Update tests/test_scripts.py 

    Co-authored-by: Moritz <[email protected]>
    @yelhamer @mr-tz
    yelhamer and mr-tz authored Aug 24, 2023
    Configuration menu
    Copy the full SHA
    d66f834 View commit details
    Browse the repository at this point in the history

  4. cape2yara.py: update for use of scopes, and fix bug

    @yelhamer
    yelhamer committed Aug 24, 2023
    Configuration menu
    Copy the full SHA
    9eb1255 View commit details
    Browse the repository at this point in the history

  5. test_main.py: remove unused pytest

    @yelhamer
    yelhamer committed Aug 24, 2023
    Configuration menu
    Copy the full SHA
    46217a3 View commit details
    Browse the repository at this point in the history

  6. Merge remote-tracking branch 'parentrepo/dynamic-feature-extraction' … 

    …into fix-cape2fmt
    @yelhamer
    yelhamer committed Aug 24, 2023
    Configuration menu
    Copy the full SHA
    3574bd4 View commit details
    Browse the repository at this point in the history

  7. freeze/__init__.py: fix missing space

    @yelhamer
    yelhamer committed Aug 24, 2023
    Configuration menu
    Copy the full SHA
    70eae1a View commit details
    Browse the repository at this point in the history

  8. Merge branch 'fix-cape2fmt' of https://github.com/yelhamer/capa into … 

    …fix-cape2fmt
    @yelhamer
    yelhamer committed Aug 24, 2023
    Configuration menu
    Copy the full SHA
    b636f23 View commit details
    Browse the repository at this point in the history

  9. Merge pull request #1758 from yelhamer/fix-cape2fmt 

    Add dynamic scopes to capa2fmt
    @yelhamer
    yelhamer authored Aug 24, 2023
    Configuration menu
    Copy the full SHA
    acd3a30 View commit details
    Browse the repository at this point in the history

Commits on Aug 25, 2023

  1. initial commit

    @yelhamer
    yelhamer committed Aug 25, 2023
    Configuration menu
    Copy the full SHA
    f74107d View commit details
    Browse the repository at this point in the history

  2. modify null extractor

    @yelhamer
    yelhamer committed Aug 25, 2023
    Configuration menu
    Copy the full SHA
    0ded827 View commit details
    Browse the repository at this point in the history

  3. base_Extractor.py: make sample_hashes attribute private

    @yelhamer
    yelhamer committed Aug 25, 2023
    Configuration menu
    Copy the full SHA
    707dee4 View commit details
    Browse the repository at this point in the history

  4. base_extractor.py: replace dunder with single underscore for `sample_… 

    …hashes` attribute
    @yelhamer
    yelhamer committed Aug 25, 2023
    Configuration menu
    Copy the full SHA
    49bf2eb View commit details
    Browse the repository at this point in the history

  5. Merge pull request #1762 from yelhamer/modify-sample-hashes 

    Modify sample hashes
    @yelhamer
    yelhamer authored Aug 25, 2023
    Configuration menu
    Copy the full SHA
    3ee56e3 View commit details
    Browse the repository at this point in the history

  6. test_result_document.py: re-enable result-document related tests

    @yelhamer
    yelhamer committed Aug 25, 2023
    Configuration menu
    Copy the full SHA
    f34b035 View commit details
    Browse the repository at this point in the history

  7. freeze: add TODO issue link

    @williballenthin
    williballenthin authored Aug 25, 2023
    Configuration menu
    Copy the full SHA
    b930523 View commit details
    Browse the repository at this point in the history

  8. extractor: tweak hashes to fix mypy

    @williballenthin
    williballenthin committed Aug 25, 2023
    Configuration menu
    Copy the full SHA
    164b082 View commit details
    Browse the repository at this point in the history

  9. proto: reenable tests and linters

    @williballenthin
    williballenthin committed Aug 25, 2023
    Configuration menu
    Copy the full SHA
    f2909c8 View commit details
    Browse the repository at this point in the history

  10. proto: regenerate using 3.21 protoc

    @williballenthin
    williballenthin committed Aug 25, 2023
    Configuration menu
    Copy the full SHA
    8ff74d4 View commit details
    Browse the repository at this point in the history

  11. proto: add new scopes

    @williballenthin
    williballenthin committed Aug 25, 2023
    Configuration menu
    Copy the full SHA
    ebcbad3 View commit details
    Browse the repository at this point in the history

  12. rules: use Scope enum instead of constants

    @williballenthin
    williballenthin committed Aug 25, 2023
    Configuration menu
    Copy the full SHA
    a734358 View commit details
    Browse the repository at this point in the history

  13. Merge branch 'master' into dynamic-feature-extraction

    @williballenthin
    williballenthin authored Aug 25, 2023
    Configuration menu
    Copy the full SHA
    a60401f View commit details
    Browse the repository at this point in the history

  14. changelog

    @williballenthin
    williballenthin authored Aug 25, 2023
    Configuration menu
    Copy the full SHA
    b88853f View commit details
    Browse the repository at this point in the history

  15. Merge branch 'dynamic-feature-extraction' into fix/scope-enum-usage

    @williballenthin
    williballenthin authored Aug 25, 2023
    Configuration menu
    Copy the full SHA
    7e258a9 View commit details
    Browse the repository at this point in the history

  16. changelog

    @williballenthin
    williballenthin committed Aug 25, 2023
    Configuration menu
    Copy the full SHA
    17e4765 View commit details
    Browse the repository at this point in the history

  17. Merge branch 'fix/scope-enum-usage' into fix/dynamic-proto

    @williballenthin
    williballenthin committed Aug 25, 2023
    Configuration menu
    Copy the full SHA
    e4c1361 View commit details
    Browse the repository at this point in the history

  18. rules: handle unsupported scopes again

    @williballenthin
    williballenthin committed Aug 25, 2023
    Configuration menu
    Copy the full SHA
    9bbd318 View commit details
    Browse the repository at this point in the history

  19. proto: add RuleMetadata.scopes

    @williballenthin
    williballenthin committed Aug 25, 2023
    Configuration menu
    Copy the full SHA
    f96b9e6 View commit details
    Browse the repository at this point in the history

  20. proto: deprecate RuleMetadata.scope

    @williballenthin
    williballenthin committed Aug 25, 2023
    Configuration menu
    Copy the full SHA
    08c9bbc View commit details
    Browse the repository at this point in the history

  21. wip: proto: add Metadata.[static, dynamic]_analysis

    @williballenthin
    williballenthin committed Aug 25, 2023
    Configuration menu
    Copy the full SHA
    88ee6e6 View commit details
    Browse the repository at this point in the history

  22. Merge pull request #1764 from mandiant/fix/scope-enum-usage 

    rules: use Scope enum instead of constants
    @yelhamer
    yelhamer authored Aug 25, 2023
    Configuration menu
    Copy the full SHA
    d5daa79 View commit details
    Browse the repository at this point in the history

Commits on Aug 26, 2023

  1. point the data file to the latest PR

    @yelhamer
    yelhamer committed Aug 26, 2023
    Configuration menu
    Copy the full SHA
    e9a9b3a View commit details
    Browse the repository at this point in the history

  2. add yaml representer for the Scope class, as well as other bugfixes

    @yelhamer
    yelhamer committed Aug 26, 2023
    Configuration menu
    Copy the full SHA
    49adecb View commit details
    Browse the repository at this point in the history

  3. various fixes

    @yelhamer
    yelhamer committed Aug 26, 2023
    Configuration menu
    Copy the full SHA
    b0133f0 View commit details
    Browse the repository at this point in the history

Commits on Aug 27, 2023

  1. binja: use binja api's methods to get the file hash

    @yelhamer
    yelhamer committed Aug 27, 2023
    Configuration menu
    Copy the full SHA
    8c9e676 View commit details
    Browse the repository at this point in the history

  2. Update scripts/import-to-ida.py 

    Co-authored-by: Willi Ballenthin <[email protected]>
    @yelhamer @williballenthin
    yelhamer and williballenthin authored Aug 27, 2023
    Configuration menu
    Copy the full SHA
    4d538b9 View commit details
    Browse the repository at this point in the history

Commits on Aug 28, 2023

  1. binja extractor: remove unused pathlib.Path import

    @yelhamer
    yelhamer committed Aug 28, 2023
    Configuration menu
    Copy the full SHA
    214a355 View commit details
    Browse the repository at this point in the history

  2. Merge branch 'dynamic-feature-extraction' of https://github.com/mandi… 

    …ant/capa into dynamic-feature-extraction
    @yelhamer
    yelhamer committed Aug 28, 2023
    Configuration menu
    Copy the full SHA
    9eb88e6 View commit details
    Browse the repository at this point in the history

  3. Update capa/features/freeze/__init__.py 

    Co-authored-by: Willi Ballenthin <[email protected]>
    @yelhamer @williballenthin
    yelhamer and williballenthin authored Aug 28, 2023
    Configuration menu
    Copy the full SHA
    9dc457e View commit details
    Browse the repository at this point in the history

Commits on Aug 29, 2023

  1. render/verbose.py: remove frz.AddressType.FREEZE

    @yelhamer
    yelhamer committed Aug 29, 2023
    Configuration menu
    Copy the full SHA
    09afcfb View commit details
    Browse the repository at this point in the history

  2. main.py rdoc.Metadata creation: revert to usage of as_posix() withi… 

    …n the call to rdoc.Sample()
    @yelhamer
    yelhamer committed Aug 29, 2023
    Configuration menu
    Copy the full SHA
    2c75f78 View commit details
    Browse the repository at this point in the history

  3. verbose.py: temporarily add a mypy-related assert to `render_static_m… 

    …eta()`
    @yelhamer
    yelhamer committed Aug 29, 2023
    Configuration menu
    Copy the full SHA
    0987673 View commit details
    Browse the repository at this point in the history

  4. verbose.py render_dynamic_meta(): s/doc: rd.ResultDocument/meta: rd.M… 

    …etaData/g
    @yelhamer
    yelhamer committed Aug 29, 2023
    Configuration menu
    Copy the full SHA
    47330e6 View commit details
    Browse the repository at this point in the history

Commits on Aug 30, 2023

  1. point submodules towards the right branch

    @yelhamer
    yelhamer committed Aug 30, 2023
    Configuration menu
    Copy the full SHA
    73c158a View commit details
    Browse the repository at this point in the history

Commits on Sep 4, 2023

  1. Update capa/main.py 

    Co-authored-by: Willi Ballenthin <[email protected]>
    @yelhamer @williballenthin
    yelhamer and williballenthin authored Sep 4, 2023
    Configuration menu
    Copy the full SHA
    99caa87 View commit details
    Browse the repository at this point in the history

  2. freeze/__init__.py: bump freeze version to 3

    @yelhamer
    yelhamer committed Sep 4, 2023
    Configuration menu
    Copy the full SHA
    1d8e650 View commit details
    Browse the repository at this point in the history

  3. main.py: remove comment type annotations

    @yelhamer
    yelhamer committed Sep 4, 2023
    Configuration menu
    Copy the full SHA
    d83c0e7 View commit details
    Browse the repository at this point in the history

  4. point rules towards dynamic-syntax

    @yelhamer
    yelhamer committed Sep 4, 2023
    Configuration menu
    Copy the full SHA
    9ec1bf3 View commit details
    Browse the repository at this point in the history

  5. remove type comment

    @yelhamer
    yelhamer committed Sep 4, 2023
    Configuration menu
    Copy the full SHA
    cfa703e View commit details
    Browse the repository at this point in the history

  6. Merge branch 'dynamic-feature-extraction' of https://github.com/mandi… 

    …ant/capa into dynamic-feature-extraction
    @yelhamer
    yelhamer committed Sep 4, 2023
    Configuration menu
    Copy the full SHA
    f905ed6 View commit details
    Browse the repository at this point in the history

  7. freeze/__init__.py: bump freeze version to 3

    @yelhamer
    yelhamer committed Sep 4, 2023
    Configuration menu
    Copy the full SHA
    dd0eadb View commit details
    Browse the repository at this point in the history

Commits on Sep 5, 2023

  1. Merge branch 'dynamic-feature-extraction' into fix/dynamic-proto

    @williballenthin
    williballenthin committed Sep 5, 2023
    Configuration menu
    Copy the full SHA
    766b05e View commit details
    Browse the repository at this point in the history

  2. render: proto: use Static/Dynamic analysis types

    @williballenthin
    williballenthin committed Sep 5, 2023
    Configuration menu
    Copy the full SHA
    3725618 View commit details
    Browse the repository at this point in the history

  3. proto: deprecate metadata.analysis

    @williballenthin
    williballenthin committed Sep 5, 2023
    Configuration menu
    Copy the full SHA
    866c7c5 View commit details
    Browse the repository at this point in the history

  4. proto: add dynamic test

    @williballenthin
    williballenthin committed Sep 5, 2023
    Configuration menu
    Copy the full SHA
    69836a0 View commit details
    Browse the repository at this point in the history

  5. submodule: test data: update

    @williballenthin
    williballenthin committed Sep 5, 2023
    Configuration menu
    Copy the full SHA
    2a757b0 View commit details
    Browse the repository at this point in the history

  6. proto: add additional types

    @williballenthin
    williballenthin committed Sep 5, 2023
    Configuration menu
    Copy the full SHA
    5b4c167 View commit details
    Browse the repository at this point in the history

  7. tests: proto: add more dynamic proto tests

    @williballenthin
    williballenthin committed Sep 5, 2023
    Configuration menu
    Copy the full SHA
    d64ab41 View commit details
    Browse the repository at this point in the history

  8. proto: better convert to/from proto

    @williballenthin
    williballenthin committed Sep 5, 2023
    Configuration menu
    Copy the full SHA
    72e8361 View commit details
    Browse the repository at this point in the history

Commits on Oct 4, 2023

  1. check for pid and ppid reuse

    @yelhamer
    yelhamer committed Oct 4, 2023
    Configuration menu
    Copy the full SHA
    7d9ae57 View commit details
    Browse the repository at this point in the history

  2. cape/global_.py: throw exceptions for unrecognized OSes, formats, and… 

    … architectures
    @yelhamer
    yelhamer committed Oct 4, 2023
    Configuration menu
    Copy the full SHA
    35f64f3 View commit details
    Browse the repository at this point in the history

  3. scripts/profile_time.py: revert restriction that frozen extractors ca… 

    …n only be static ones
    @yelhamer
    yelhamer committed Oct 4, 2023
    Configuration menu
    Copy the full SHA
    28a722d View commit details
    Browse the repository at this point in the history

  4. scripts/profile_time.py: revert restriction that sample extractors ca… 

    …n only be static ones
    @yelhamer
    yelhamer committed Oct 4, 2023
    Configuration menu
    Copy the full SHA
    8b287c1 View commit details
    Browse the repository at this point in the history

Commits on Oct 11, 2023

  1. rendering: several fixes and added types/classes

    @yelhamer
    yelhamer committed Oct 11, 2023
    Configuration menu
    Copy the full SHA
    953b2e8 View commit details
    Browse the repository at this point in the history

  2. cape/file.py: flake8 fixes

    @yelhamer
    yelhamer committed Oct 11, 2023
    Configuration menu
    Copy the full SHA
    559f2fd View commit details
    Browse the repository at this point in the history

Commits on Oct 14, 2023

  1. Update capa/render/verbose.py 

    Co-authored-by: Moritz <[email protected]>
    @yelhamer @mr-tz
    yelhamer and mr-tz authored Oct 14, 2023
    Configuration menu
    Copy the full SHA
    d1b7afb View commit details
    Browse the repository at this point in the history

Commits on Oct 16, 2023

  1. main.py: load signatures only for the static context

    @yelhamer
    yelhamer committed Oct 16, 2023
    Configuration menu
    Copy the full SHA
    ffe6ab6 View commit details
    Browse the repository at this point in the history

  2. Merge branch 'dynamic-feature-extraction' of https://github.com/mandi… 

    …ant/capa into dynamic-feature-extraction
    @yelhamer
    yelhamer committed Oct 16, 2023
    Configuration menu
    Copy the full SHA
    a1aca3a View commit details
    Browse the repository at this point in the history

  3. cape/file.py: fix flake8 issue of using '+' for logging

    @yelhamer
    yelhamer committed Oct 16, 2023
    Configuration menu
    Copy the full SHA
    9a66c26 View commit details
    Browse the repository at this point in the history

Commits on Oct 17, 2023

  1. merge master

    @williballenthin
    williballenthin committed Oct 17, 2023
    Configuration menu
    Copy the full SHA
    182a986 View commit details
    Browse the repository at this point in the history

  2. integrate Ghidra backend with dynamic analysis

    @williballenthin
    williballenthin committed Oct 17, 2023
    Configuration menu
    Copy the full SHA
    bf233c1 View commit details
    Browse the repository at this point in the history

  3. dynamic: fix some tests

    @williballenthin
    williballenthin committed Oct 17, 2023
    Configuration menu
    Copy the full SHA
    44d05f9 View commit details
    Browse the repository at this point in the history

  4. dynamic: fix some tests

    @williballenthin
    williballenthin committed Oct 17, 2023
    Configuration menu
    Copy the full SHA
    8ee97ac View commit details
    Browse the repository at this point in the history

  5. flake8

    @williballenthin
    williballenthin committed Oct 17, 2023
    Configuration menu
    Copy the full SHA
    cb5fa36 View commit details
    Browse the repository at this point in the history

  6. rules: fix rendering of yaml

    @williballenthin
    williballenthin committed Oct 17, 2023
    Configuration menu
    Copy the full SHA
    e1b3a3f View commit details
    Browse the repository at this point in the history

  7. submodule: rules: update

    @williballenthin
    williballenthin committed Oct 17, 2023
    Configuration menu
    Copy the full SHA
    7205bc2 View commit details
    Browse the repository at this point in the history

  8. dynamic: fix tests

    @williballenthin
    williballenthin committed Oct 17, 2023
    Configuration menu
    Copy the full SHA
    5475020 View commit details
    Browse the repository at this point in the history

  9. elffile: fix property access

    @williballenthin
    williballenthin committed Oct 17, 2023
    Configuration menu
    Copy the full SHA
    92daf3a View commit details
    Browse the repository at this point in the history

  10. mypy

    @williballenthin
    williballenthin committed Oct 17, 2023
    Configuration menu
    Copy the full SHA
    1aac4a1 View commit details
    Browse the repository at this point in the history

  11. mypy

    @williballenthin
    williballenthin committed Oct 17, 2023
    Configuration menu
    Copy the full SHA
    55e4fdd View commit details
    Browse the repository at this point in the history

  12. isort

    @williballenthin
    williballenthin committed Oct 17, 2023
    Configuration menu
    Copy the full SHA
    21f9e07 View commit details
    Browse the repository at this point in the history

Commits on Oct 18, 2023

  1. improve and fix various dynamic parts (#1809) 

    * improve and fix various dynamic parts
    @mr-tz
    mr-tz authored Oct 18, 2023
    Configuration menu
    Copy the full SHA
    2cfd450 View commit details
    Browse the repository at this point in the history

  2. improve vverbose rendering

    @mr-tz
    mr-tz committed Oct 18, 2023
    Configuration menu
    Copy the full SHA
    b6f13f3 View commit details
    Browse the repository at this point in the history

Commits on Oct 19, 2023

  1. Update tests/test_main.py 

    Co-authored-by: Moritz <[email protected]>
    @yelhamer @mr-tz
    yelhamer and mr-tz authored Oct 19, 2023
    Configuration menu
    Copy the full SHA
    9609d63 View commit details
    Browse the repository at this point in the history

  2. Merge pull request #1817 from mandiant/improve-vv-render 

    improve vverbose rendering
    @mr-tz
    mr-tz authored Oct 19, 2023
    Configuration menu
    Copy the full SHA
    8687c74 View commit details
    Browse the repository at this point in the history

  3. capa/main.py: add a capabilities module and move all of the capabil… 

    …ity extraction there
    @yelhamer
    yelhamer committed Oct 19, 2023
    Configuration menu
    Copy the full SHA
    5c48f38 View commit details
    Browse the repository at this point in the history

  4. capabilities: add a test file for the new capabilities module, and mo… 

    …ve the corresponding tests from main to there
    @yelhamer
    yelhamer committed Oct 19, 2023
    Configuration menu
    Copy the full SHA
    37caeb2 View commit details
    Browse the repository at this point in the history

  5. fix styling issues

    @yelhamer
    yelhamer committed Oct 19, 2023
    Configuration menu
    Copy the full SHA
    f2011c1 View commit details
    Browse the repository at this point in the history

  6. changelog fix

    @yelhamer
    yelhamer committed Oct 19, 2023
    Configuration menu
    Copy the full SHA
    85610a8 View commit details
    Browse the repository at this point in the history

  7. Merge branch 'master' into dynamic-feature-extraction

    @williballenthin
    williballenthin committed Oct 19, 2023
    Configuration menu
    Copy the full SHA
    d5e187b View commit details
    Browse the repository at this point in the history

  8. Merge branch 'dynamic-feature-extraction' into fix/dynamic-proto

    @williballenthin
    williballenthin committed Oct 19, 2023
    Configuration menu
    Copy the full SHA
    7bc3fba View commit details
    Browse the repository at this point in the history

  9. tests: rename freeze tests

    @williballenthin
    williballenthin committed Oct 19, 2023
    Configuration menu
    Copy the full SHA
    8b0ba1e View commit details
    Browse the repository at this point in the history

  10. Merge branch 'dynamic-feature-extraction' into fix/dynamic-proto

    @williballenthin
    williballenthin committed Oct 19, 2023
    Configuration menu
    Copy the full SHA
    3d4facd View commit details
    Browse the repository at this point in the history

  11. proto: fix serialization of call address

    @williballenthin
    williballenthin committed Oct 19, 2023
    Configuration menu
    Copy the full SHA
    9836032 View commit details
    Browse the repository at this point in the history

  12. tests: fix COM tests with dynamic scope

    @williballenthin
    williballenthin committed Oct 19, 2023
    Configuration menu
    Copy the full SHA
    3519125 View commit details
    Browse the repository at this point in the history

  13. Merge branch 'dynamic-feature-extraction' into fix/dynamic-proto

    @williballenthin
    williballenthin committed Oct 19, 2023
    Configuration menu
    Copy the full SHA
    fbeb33a View commit details
    Browse the repository at this point in the history

  14. ci: run fast tests before the full suite

    @williballenthin
    williballenthin committed Oct 19, 2023
    Configuration menu
    Copy the full SHA
    2cc6a37 View commit details
    Browse the repository at this point in the history

  15. changelog

    @williballenthin
    williballenthin committed Oct 19, 2023
    Configuration menu
    Copy the full SHA
    288313a View commit details
    Browse the repository at this point in the history

  16. pre-commit: only run fast checks during commit

    @williballenthin
    williballenthin committed Oct 19, 2023
    Configuration menu
    Copy the full SHA
    1cb3ca6 View commit details
    Browse the repository at this point in the history

  17. pre-commit: fix stages

    @williballenthin
    williballenthin committed Oct 19, 2023
    Configuration menu
    Copy the full SHA
    b6a0d6e View commit details
    Browse the repository at this point in the history

  18. doc

    @williballenthin
    williballenthin committed Oct 19, 2023
    Configuration menu
    Copy the full SHA
    84e22b1 View commit details
    Browse the repository at this point in the history

  19. ci: only run BN and Ghidra tests after others complete 

    these are much less likely to fail because they're
changed less often, so don't run them until we know
other tests also pass.
    @williballenthin
    williballenthin committed Oct 19, 2023
    Configuration menu
    Copy the full SHA
    c724a4b View commit details
    Browse the repository at this point in the history

  20. Merge pull request #1765 from mandiant/fix/dynamic-proto 

    protobuf: add dynamic support
    @williballenthin
    williballenthin authored Oct 19, 2023
    Configuration menu
    Copy the full SHA
    d42829d View commit details
    Browse the repository at this point in the history

  21. identify potential JSON object data start (#1819) 

    * identify potential JSON object data start
    @mr-tz
    mr-tz authored Oct 19, 2023
    Configuration menu
    Copy the full SHA
    b8b55f4 View commit details
    Browse the repository at this point in the history

Commits on Oct 20, 2023

  1. Merge branch 'dynamic-feature-extraction' into capabilities-module

    @yelhamer
    yelhamer authored Oct 20, 2023
    Configuration menu
    Copy the full SHA
    0ae8f34 View commit details
    Browse the repository at this point in the history

  2. null extractor: fix typings

    @williballenthin
    williballenthin committed Oct 20, 2023
    Configuration menu
    Copy the full SHA
    0231cee View commit details
    Browse the repository at this point in the history

  3. freeze: add dynamic tests

    @williballenthin
    williballenthin committed Oct 20, 2023
    Configuration menu
    Copy the full SHA
    bfecf41 View commit details
    Browse the repository at this point in the history

  4. freeze: update freeze format v3

    @williballenthin
    williballenthin committed Oct 20, 2023
    Configuration menu
    Copy the full SHA
    10dc4b9 View commit details
    Browse the repository at this point in the history

  5. changelog

    @williballenthin
    williballenthin committed Oct 20, 2023
    Configuration menu
    Copy the full SHA
    1143f2b View commit details
    Browse the repository at this point in the history

  6. Merge branch 'dynamic-feature-extraction' into fix/dynamic-freeze

    @williballenthin
    williballenthin authored Oct 20, 2023
    Configuration menu
    Copy the full SHA
    fc4618e View commit details
    Browse the repository at this point in the history

  7. Update capa/capabilities/common.py 

    Co-authored-by: Willi Ballenthin <[email protected]>
    @yelhamer @williballenthin
    yelhamer and williballenthin authored Oct 20, 2023
    Configuration menu
    Copy the full SHA
    f9b8741 View commit details
    Browse the repository at this point in the history

  8. Update capa/capabilities/dynamic.py 

    Co-authored-by: Willi Ballenthin <[email protected]>
    @yelhamer @williballenthin
    yelhamer and williballenthin authored Oct 20, 2023
    Configuration menu
    Copy the full SHA
    423d942 View commit details
    Browse the repository at this point in the history

  9. Update capa/capabilities/static.py 

    Co-authored-by: Willi Ballenthin <[email protected]>
    @yelhamer @williballenthin
    yelhamer and williballenthin authored Oct 20, 2023
    Configuration menu
    Copy the full SHA
    20604c4 View commit details
    Browse the repository at this point in the history

  10. move capa.features.capabilities to capa.capabilities, and update scripts

    @yelhamer
    yelhamer committed Oct 20, 2023
    Configuration menu
    Copy the full SHA
    96fb204 View commit details
    Browse the repository at this point in the history

  11. capa.capabilities: move has_file_limitations() from capa.main to th… 

    …e capabilities module
    @yelhamer
    yelhamer committed Oct 20, 2023
    Configuration menu
    Copy the full SHA
    d5ae2ff View commit details
    Browse the repository at this point in the history

  12. move is_file_limitation_rule() to the rules module (Rule class)

    @yelhamer
    yelhamer committed Oct 20, 2023
    Configuration menu
    Copy the full SHA
    d6c5d98 View commit details
    Browse the repository at this point in the history

  13. Merge branch 'capabilities-module' of https://github.com/yelhamer/capa 

    …into capabilities-module
    @yelhamer
    yelhamer committed Oct 20, 2023
    Configuration menu
    Copy the full SHA
    aae7266 View commit details
    Browse the repository at this point in the history

  14. Merge pull request #1822 from mandiant/fix/dynamic-freeze 

    update freeze for dynamic
    @williballenthin
    williballenthin authored Oct 20, 2023
    Configuration menu
    Copy the full SHA
    62d4b00 View commit details
    Browse the repository at this point in the history

  15. vverbose: render scope for humans

    @williballenthin
    williballenthin committed Oct 20, 2023
    Configuration menu
    Copy the full SHA
    788251b View commit details
    Browse the repository at this point in the history

  16. Ignore DLL names for API features (#1824) 

    * ignore DLL name for api features

* keep DLL name for import features

* fix tests
    @mr-tz
    mr-tz authored Oct 20, 2023
    Configuration menu
    Copy the full SHA
    c9df782 View commit details
    Browse the repository at this point in the history

  17. layout: capture process name

    @williballenthin
    williballenthin committed Oct 20, 2023
    Configuration menu
    Copy the full SHA
    ee4f029 View commit details
    Browse the repository at this point in the history

  18. layout: capture process name

    @williballenthin
    williballenthin committed Oct 20, 2023
    Configuration menu
    Copy the full SHA
    393b0e6 View commit details
    Browse the repository at this point in the history

  19. fix parsing base 10/16

    @mr-tz
    mr-tz committed Oct 20, 2023
    Configuration menu
    Copy the full SHA
    99042f2 View commit details
    Browse the repository at this point in the history

  20. layout: capture call names 

    so that they can be rendered to output
    @williballenthin
    williballenthin committed Oct 20, 2023
    Configuration menu
    Copy the full SHA
    9e6919f View commit details
    Browse the repository at this point in the history

  21. capa/main.py: move has_rule_with_namespace() to capa.rules.RuleSet

    @yelhamer
    yelhamer committed Oct 20, 2023
    Configuration menu
    Copy the full SHA
    ab06c94 View commit details
    Browse the repository at this point in the history

  22. test_capabilities.py: add missing test_com_feature_matching() test

    @yelhamer
    yelhamer committed Oct 20, 2023
    Configuration menu
    Copy the full SHA
    3572b51 View commit details
    Browse the repository at this point in the history

  23. Merge branch 'capabilities-module' of https://github.com/yelhamer/capa 

    …into capabilities-module
    @yelhamer
    yelhamer committed Oct 20, 2023
    Configuration menu
    Copy the full SHA
    8029fed View commit details
    Browse the repository at this point in the history

Commits on Oct 23, 2023

  1. Merge pull request #1826 from mandiant/fix-model-hexint 

    fix parsing base 10/16
    @mr-tz
    mr-tz authored Oct 23, 2023
    Configuration menu
    Copy the full SHA
    db53424 View commit details
    Browse the repository at this point in the history

Commits on Oct 26, 2023

  1. capa.rules: remove redundant is_internal_rule() and `has_file_limit… 

    …ations()` from capa source code
    @yelhamer
    yelhamer committed Oct 26, 2023
    Configuration menu
    Copy the full SHA
    a0cec3f View commit details
    Browse the repository at this point in the history

  2. capa.rules: remove redundant ceng.MatchResults import

    @yelhamer
    yelhamer committed Oct 26, 2023
    Configuration menu
    Copy the full SHA
    e559cc2 View commit details
    Browse the repository at this point in the history

Commits on Oct 27, 2023

  1. Merge pull request #1820 from yelhamer/capabilities-module 

    add a capabilities module
    @yelhamer
    yelhamer authored Oct 27, 2023
    Configuration menu
    Copy the full SHA
    0097822 View commit details
    Browse the repository at this point in the history

Commits on Nov 1, 2023

  1. Update capa/render/vverbose.py 

    Co-authored-by: Moritz <[email protected]>
    @williballenthin @mr-tz
    williballenthin and mr-tz authored Nov 1, 2023
    Configuration menu
    Copy the full SHA
    4a7e488 View commit details
    Browse the repository at this point in the history

Commits on Nov 6, 2023

  1. report: better compute dynamic layout

    @williballenthin
    williballenthin committed Nov 6, 2023
    Configuration menu
    Copy the full SHA
    274a710 View commit details
    Browse the repository at this point in the history

  2. verbose: better render scopes

    @williballenthin
    williballenthin committed Nov 6, 2023
    Configuration menu
    Copy the full SHA
    c141f7e View commit details
    Browse the repository at this point in the history

  3. vverbose: make missing names an error

    @williballenthin
    williballenthin committed Nov 6, 2023
    Configuration menu
    Copy the full SHA
    9c81ccf View commit details
    Browse the repository at this point in the history

  4. vverbose: dynamic: show rendered matching API call

    @williballenthin
    williballenthin committed Nov 6, 2023
    Configuration menu
    Copy the full SHA
    0da614a View commit details
    Browse the repository at this point in the history

  5. vverbose: don't repeat rendered calls when in call scope

    @williballenthin
    williballenthin committed Nov 6, 2023
    Configuration menu
    Copy the full SHA
    f7c72cd View commit details
    Browse the repository at this point in the history

  6. mypy

    @williballenthin
    williballenthin committed Nov 6, 2023
    Configuration menu
    Copy the full SHA
    eb12ec4 View commit details
    Browse the repository at this point in the history

  7. vverbose: better render pid/tid/call index

    @williballenthin
    williballenthin committed Nov 6, 2023
    Configuration menu
    Copy the full SHA
    75ff58e View commit details
    Browse the repository at this point in the history

  8. tests: fix render tests

    @williballenthin
    williballenthin committed Nov 6, 2023
    Configuration menu
    Copy the full SHA
    7678897 View commit details
    Browse the repository at this point in the history

  9. verbose: render dynamic match locations

    @williballenthin
    williballenthin committed Nov 6, 2023
    Configuration menu
    Copy the full SHA
    5d31bc4 View commit details
    Browse the repository at this point in the history

  10. verbose: remove TODOs

    @williballenthin
    williballenthin committed Nov 6, 2023
    Configuration menu
    Copy the full SHA
    a52af38 View commit details
    Browse the repository at this point in the history

Commits on Nov 8, 2023

  1. Merge branch 'dynamic-feature-extraction' into fix/issue-1816

    @mr-tz
    mr-tz authored Nov 8, 2023
    Configuration menu
    Copy the full SHA
    1acc2d1 View commit details
    Browse the repository at this point in the history

  2. fix imports according to ruff

    @mr-tz
    mr-tz authored Nov 8, 2023
    Configuration menu
    Copy the full SHA
    52997e7 View commit details
    Browse the repository at this point in the history

Commits on Nov 10, 2023

  1. fix whitespace removal in format check

    @mr-tz
    mr-tz authored Nov 10, 2023
    Configuration menu
    Copy the full SHA
    41a3976 View commit details
    Browse the repository at this point in the history

Commits on Nov 11, 2023

  1. Merge pull request #1844 from mandiant/mr-tz-patch-1 

    fix whitespace removal in format check
    @mr-tz
    mr-tz authored Nov 11, 2023
    Configuration menu
    Copy the full SHA
    dee0aa7 View commit details
    Browse the repository at this point in the history

Commits on Nov 14, 2023

  1. submodule: tests: data: sync

    @williballenthin
    williballenthin committed Nov 14, 2023
    Configuration menu
    Copy the full SHA
    82013f0 View commit details
    Browse the repository at this point in the history

  2. Merge branch 'dynamic-feature-extraction' into fix/issue-1816

    @williballenthin
    williballenthin authored Nov 14, 2023
    Configuration menu
    Copy the full SHA
    c68c68d View commit details
    Browse the repository at this point in the history

  3. Merge pull request #1825 from mandiant/fix/issue-1816 

    verbose: show process name and other human-level details
    @williballenthin
    williballenthin authored Nov 14, 2023
    Configuration menu
    Copy the full SHA
    a705bf9 View commit details
    Browse the repository at this point in the history

  4. use latest rules migration

    @williballenthin
    williballenthin committed Nov 14, 2023
    Configuration menu
    Copy the full SHA
    6e3fff4 View commit details
    Browse the repository at this point in the history

  5. sync rules submodule

    @williballenthin
    williballenthin committed Nov 14, 2023
    Configuration menu
    Copy the full SHA
    987eb2d View commit details
    Browse the repository at this point in the history

Commits on Nov 15, 2023

  1. sync submodule rules

    @williballenthin
    williballenthin committed Nov 15, 2023
    Configuration menu
    Copy the full SHA
    de5f088 View commit details
    Browse the repository at this point in the history

  2. sync submodule rules

    @williballenthin
    williballenthin committed Nov 15, 2023
    Configuration menu
    Copy the full SHA
    a870c92 View commit details
    Browse the repository at this point in the history

Commits on Nov 27, 2023

  1. actually get global feature values

    @mr-tz
    mr-tz committed Nov 27, 2023
    Configuration menu
    Copy the full SHA
    f201ef1 View commit details
    Browse the repository at this point in the history

  2. only check and display file limitation once

    @mr-tz
    mr-tz committed Nov 27, 2023
    Configuration menu
    Copy the full SHA
    890c879 View commit details
    Browse the repository at this point in the history

  3. Merge pull request #1868 from mandiant/fix/global-features 

    Fix global features and display
    @mr-tz
    mr-tz authored Nov 27, 2023
    Configuration menu
    Copy the full SHA
    d84457e View commit details
    Browse the repository at this point in the history

Commits on Nov 28, 2023

  1. only check and display file limitation once

    @mr-tz
    mr-tz committed Nov 28, 2023
    Configuration menu
    Copy the full SHA
    8f0eb56 View commit details
    Browse the repository at this point in the history

  2. Merge pull request #1874 from mandiant/fix/global-features 

    only check and display file limitation once
    @mr-tz
    mr-tz authored Nov 28, 2023
    Configuration menu
    Copy the full SHA
    8946cb6 View commit details
    Browse the repository at this point in the history

  3. set os, arch, format in meta table

    @mr-tz
    mr-tz committed Nov 28, 2023
    Configuration menu
    Copy the full SHA
    92770dd View commit details
    Browse the repository at this point in the history

Commits on Nov 29, 2023

  1. Merge pull request #1876 from mandiant/fix/1867 

    set os, arch, format in meta table
    @mr-tz
    mr-tz authored Nov 29, 2023
    Configuration menu
    Copy the full SHA
    ba9da0d View commit details
    Browse the repository at this point in the history

  2. changelog

    @williballenthin
    williballenthin committed Nov 29, 2023
    Configuration menu
    Copy the full SHA
    b4c6bf8 View commit details
    Browse the repository at this point in the history

  3. Merge branch 'dynamic-feature-extraction' of public.github.com:mandia… 

    …nt/capa into dynamic-feature-extraction
    @williballenthin
    williballenthin committed Nov 29, 2023
    Configuration menu
    Copy the full SHA
    583f8b5 View commit details
    Browse the repository at this point in the history

  4. add documentation for dynamic capa capabilties (#1837) 

    * README: adapt for dynamic capa

* README.md: fix duplication error

* Update README.md

Co-authored-by: Moritz <[email protected]>

* documentation: add review suggestions

* documentation: newline fix

* Update README.md

Co-authored-by: Moritz <[email protected]>

* Update README.md

Co-authored-by: Moritz <[email protected]>

* Update README.md

Co-authored-by: Moritz <[email protected]>

---------

Co-authored-by: Moritz <[email protected]>
Co-authored-by: Willi Ballenthin <[email protected]>
    @yelhamer @mr-tz @williballenthin
    3 people authored Nov 29, 2023
    Configuration menu
    Copy the full SHA
    e66c2ef View commit details
    Browse the repository at this point in the history

  5. sync testfiles submodule

    @williballenthin
    williballenthin committed Nov 29, 2023
    Configuration menu
    Copy the full SHA
    93cfb6e View commit details
    Browse the repository at this point in the history

  6. Merge branch 'dynamic-feature-extraction' of public.github.com:mandia… 

    …nt/capa into dynamic-feature-extraction
    @williballenthin
    williballenthin committed Nov 29, 2023
    Configuration menu
    Copy the full SHA
    9a996d0 View commit details
    Browse the repository at this point in the history

  7. ci: revert temporary CI event subscription

    @williballenthin
    williballenthin committed Nov 29, 2023
    Configuration menu
    Copy the full SHA
    3c159a1 View commit details
    Browse the repository at this point in the history

  8. Merge branch 'master' into dynamic-feature-extraction

    @mr-tz
    mr-tz committed Nov 29, 2023
    Configuration menu
    Copy the full SHA
    73ea822 View commit details
    Browse the repository at this point in the history

  9. Merge branch 'master' into dynamic-feature-extraction

    @mr-tz
    mr-tz committed Nov 29, 2023
    Configuration menu
    Copy the full SHA
    47019e4 View commit details
    Browse the repository at this point in the history