MBot Postado Abril 7, 2021 em 16:06 Compartilhar Postado Abril 7, 2021 em 16:06 v1.6.1 (2021-04-07) This release includes several bug fixes, such as a vivisect issue that prevented capa from working on Windows with Python 3. It also adds 17 new rules and a bunch of improvements in the rules and IDA rule generator. We appreciate everyone who opened issues, provided feedback, and contributed code and rules. Upcoming changes This is the very last capa release that supports Python 2. The next release will be v2.0 and will have breaking changes, including the removal of Python 2 support. New features explorer: add support for multi-line tab and SHIFT + Tab #474 @mike-hunhoff https://github.com/fireeye/capa/raw/407ecab1620caefbe40738a7c11ed30d21e5ccfc/doc/img/changelog/tab.gif New Rules (17) encrypt data using RC4 with custom key via WinAPI @MalwareMechanic encrypt data using Curve25519 @dandonov packaged as an IExpress self-extracting archive @recvfrom create registry key via offline registry library @johnk3r open registry key via offline registry library @johnk3r query registry key via offline registry library @johnk3r set registry key via offline registry library @johnk3r delete registry key via offline registry library @johnk3r enumerate PE sections @Ana06 inject DLL reflectively @Ana06 inspect section memory permissions @Ana06 parse PE exports @Ana06 rebuild import table @Ana06 compare security identifiers @mike-hunhoff get user security identifier @mike-hunhoff listen for remote procedure calls @mike-hunhoff query remote server for available data @mike-hunhoff Bug Fixes vivisect: update to v1.0.1 which includes bug fix for #459 (capa failed in Windows with Python 3 and vivisect) #512 @williballenthin explorer: fix initialize rules directory #464 @mike-hunhoff explorer: support subscope rules #493 @mike-hunhoff explorer: add checks to validate matched data when searching #500 @mike-hunhoff features, explorer: add support for string features with special characters e.g. '\n' #468 @mike-hunhoff Changes vivisect: raises IncompatibleVivVersion instead of UnicodeDecodeError when using incompatible Python 2 .viv files with Python3 #479 @Ana06 explorer: improve settings modification #465 @mike-hunhoff rules: improvements @mr-tz, @re-fox, @mike-hunhoff rules, lint: enforce string with double quotes formatting in rules #468 @mike-hunhoff lint: ensure LF end of line #485 #486 @mr-tz setup: pin dependencies #513 #504 @Ana06 @mr-tz Development ci: test on Windows, Ubuntu, macOS across Python versions #470 @mr-tz @Ana06 ci: pin OS versions #491 @williballenthin ci: tag capa-rules on release #476 @Ana06 doc: document release process #476 @Ana06 doc: Improve README badges #477 #478 @Ana06 @mr-tz doc: update capa explorer documentation #503 @mike-hunhoff doc: add PR template #495 @mr-tz changelog: document incompatibility of viv files #475 @Ana06 rule loading: ignore files starting with .git #492 @mr-tz Raw diffs capa v1.6.0...v1.6.1 capa-rules v1.6.0...v1.6.1 Download Link para o comentário Compartilhar em outros sites More sharing options...
Posts Recomendados
Arquivado
Este tópico foi arquivado e está fechado para novas respostas.