Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Create a script called match-2-yara #1703

Open
wants to merge 23 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
23 commits
Select commit Hold shift + click to select a range
718ab68
Create a script called match-2-yara
jconnor0426 Aug 10, 2023
44104f2
Add tests and address sources of non-deterministic output in match-2-yar
jconnor0426 Aug 11, 2023
913084a
Update the test repo version to include yara test files
jconnor0426 Aug 11, 2023
3178936
Update changelog for match-2-yar
jconnor0426 Aug 11, 2023
e6edf43
Updating to be compliant with code style of project
jconnor0426 Aug 22, 2023
f04359c
Add test to validate match-2-yar feature extraction
jconnor0426 Aug 22, 2023
db9b2b4
Address code style issues
jconnor0426 Aug 22, 2023
a33194c
Syncs data directory with current master
jconnor0426 Aug 22, 2023
dd5ff32
Adds match-2-yar test dependencies to github action
jconnor0426 Aug 23, 2023
72c1cc3
Revert "Adds match-2-yar test dependencies to github action"
jconnor0426 Aug 23, 2023
beaf8b2
Add dev dependency to support running match-2-yar testing
jconnor0426 Aug 23, 2023
036fccb
Address type issue
jconnor0426 Aug 23, 2023
27049b7
Remove unnecessary debug logging and updated one expected yara file
jconnor0426 Aug 24, 2023
f4d0c2f
Remove type hint incompatible with python 3.8 and remove unnecessary …
jconnor0426 Aug 24, 2023
21e067b
Update spelling and name suggestions
jconnor0426 Aug 29, 2023
b544ea3
Simplify the match-2-yar function size logic
jconnor0426 Aug 29, 2023
6919c5b
Move match-2-yar dependecies to another optional set of dependencies
jconnor0426 Aug 29, 2023
ba0b6e3
Merge branch 'master' into capa_match_2_yara
jconnor0426 Aug 29, 2023
86a4a3e
Remove artifact of merge commit
jconnor0426 Aug 29, 2023
a888c15
Add in dependency installation to tests github action
jconnor0426 Aug 29, 2023
400bc89
Update CHANGELOG.md based on suggestion
jconnor0426 Aug 30, 2023
8a0fa9d
Updating test yara file names to avoid name issues in test files repo
jconnor0426 Aug 31, 2023
3da1ad3
Merge branch 'master' into capa_match_2_yara
jconnor0426 Aug 31, 2023
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions .github/workflows/tests.yml
Original file line number Diff line number Diff line change
Expand Up @@ -94,7 +94,7 @@ jobs:
if: matrix.os == 'ubuntu-20.04'
run: sudo apt-get install -y libyaml-dev
- name: Install capa
run: pip install -e .[dev]
run: pip install -e .[dev,scripts]
- name: Run tests
run: pytest -v tests/

Expand Down Expand Up @@ -125,7 +125,7 @@ jobs:
run: sudo apt-get install -y libyaml-dev
- name: Install capa
if: ${{ env.BN_SERIAL != 0 }}
run: pip install -e .[dev]
run: pip install -e .[dev,scripts]
- name: install Binary Ninja
if: ${{ env.BN_SERIAL != 0 }}
run: |
Expand Down
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
## master (unreleased)

### New Features
- add script to create code-based YARA based on CAPA match details called match-2-yar @jconnor0426
- ghidra: add Ghidra feature extractor and supporting code #1770 @colton-gabertan
- ghidra: add entry script helping users run capa against a loaded Ghidra database #1767 @mike-hunhoff

Expand Down
4 changes: 4 additions & 0 deletions pyproject.toml
Original file line number Diff line number Diff line change
Expand Up @@ -95,6 +95,10 @@ dev = [
"types_requests==2.31.0.2",
"types-protobuf==4.23.0.3",
]
scripts = [
"yaramod==3.20.1",
"mkYARA==1.0.0",
mr-tz marked this conversation as resolved.
Show resolved Hide resolved
]
build = [
"pyinstaller==5.10.1",
"setuptools==68.0.0",
Expand Down
Loading