MBot Posted October 4, 2024 Posted October 4, 2024 The v7.4.0 capa release fixes a bug when processing VMRay analysis archives and enhances API extraction for all dynamic backends. For better terminal rendering capa now solely relies on the rich library. The standalone capa executable can now automatically detect installations of relevant third party applications and use their backends (notably, idalib and Binary Ninja). For the extra standalone Linux build we've upgraded from Python 3.11 to 3.12. Twelve new rules have been added. Thanks to all the contributors! This is the last capa version supporting Python 3.8 and 3.9. If you have major concerns about this please reach out to us. New Features add IDA v9.0 backend via idalib #2376 @williballenthin locate Binary Ninja API using XDG Desktop Entries #2376 @williballenthin New Rules (15) nursery/access-unmanaged-com-objects-in-dotnet mehunhoff@google.com nursery/implement-ui-automation-client-in-dotnet mehunhoff@google.com nursery/interact-with-shortcut-via-iwshshortcut-in-dotnet mehunhoff@google.com nursery/interact-with-windows-scripting-host-in-dotnet mehunhoff@google.com nursery/use-dotnet-library-simplejson mehunhoff@google.com nursery/use-dotnet-library-websocket-sharp mehunhoff@google.com linking/runtime-linking/populate-syswhispers2-syscall-list still@teamt5.org host-interaction/os/hide-shutdown-actions-via-policy still@teamt5.org host-interaction/process/get-process-filename matthew.williams@mandiant.com host-interaction/driver/complete-processing-asynchronous-io-request moritz.raabe@mandiant.com anti-analysis/packer/nmm-protect/packed-with-nmm-protect william.ballenthin@mandiant.com host-interaction/firewall/modify/access-firewall-policy-via-inetfwpolicy2 jakub.jozwiak@mandiant.com host-interaction/firewall/modify/access-firewall-rule-properties-via-inetfwrule jakub.jozwiak@mandiant.com host-interaction/registry/open-recentdocs-registry-key matthew.williams@mandiant.com Bug Fixes use Python 3.12 to build extra standalone build on Linux #2383 @williballenthin bump minimum Python version to 3.8.1 to satisfy uv #2387 @williballenthin vmray: collect more process information from flog.xml #2394 @mr-tz @mike-hunhoff replace tabulate, tqdm, and termcolor with rich #2374 @s-ff dynamic: emit complete features for A/W APIs #2409 @mike-hunhoff vmray: fix backslash handling in string call arguments #2428 @mr-tz capa Explorer Web improve navigation in capa Explorer Web @s-ff #2425 Raw diffs capa v7.3.0...v7.4.0 capa-rules v7.3.0...v7.4.0 Download
Recommended Posts