MBot Posted March 3, 2022 at 07:07 PM Share Posted March 3, 2022 at 07:07 PM This release adds a new characteristic characteristic: call $+5 enabling users to create more explicit rules. The linter now also validates ATT&CK and MBC categories. Additionally, many dependencies, including the vivisect backend, have been updated. One rule has been added and many more have been improved. Thanks for all the support, especially to @kn0wl3dge and first time contributor @uckelman-sf! New Features linter: validate ATT&CK/MBC categories and IDs #103 @kn0wl3dge extractor: add characteristic "call $+5" feature #366 @kn0wl3dge New Rules (1) anti-analysis/obfuscation/obfuscated-with-advobfuscator jakub.jozwiak@mandiant.com Bug Fixes remove typing package as a requirement for Python 3.7+ compatibility #901 @uckelman-sf elf: fix OS detection for Linux kernel modules #867 @williballenthin Raw diffs capa v3.1.0...v3.2.0 capa-rules v3.1.0...v3.2.0 Download Link to comment Share on other sites More sharing options...
Recommended Posts