Ir para conteúdo

MBot

Membros
 Perfil  Explorar Conteúdo

  • Postagens

    688

  • Registro em

  • Última visita

    Nunca

  • Dias Ganhos

    1

 Tipo de Conteúdo 

Posts postados por MBot

    Windows Package Manager 1.7.10514

    em Releases de software

    Postado

    This release represents our first Windows Package Manager 1.7 release candidate build for Windows 10 (1809+), and Windows 11. Experimental features have been disabled in this release.

    Features

    • The winget repair command is now available and can be used to repair a package that is having issues.
    • Winget can enable Windows Features as a package dependency.
    • Winget now supports rebooting your machine if the installer return code indicates that a reboot is required. You can do this by passing the --allow-reboot flag.
    • WinGet configuration can accept a URL rather than only a local file.
    • Performance improvements to be more network efficient with the CDN along with better flows to handle scenarios with elevation requirements.
    • Support for Entra Id authentication (formerly Azure Active Directory) for private REST sources. Note: The REST source reference implementation still needs to be updated.

    What's Changed

    New Contributors

    Full Changelog: v1.6.2631...v1.7.10514

    Download

    YARA v4.5.0

    em Releases de software

    Postado

    • Unreferenced strings are allowed if their identifier start with _ (#1941)
    • New command-line option --disable-console-logs for disabling the output of the console module (#1915)
    • New command-line option --strict-escape that raises warnings on unknown escape sequences (#1880).
    • Improve performance by avoiding the execution of rule conditions that can't match (#1927)
    • Add callback message CALLBACK_MSG_TOO_SLOW_SCANNING for notifying about slow rules (#1921).
    • Expose function RVA in pe.export_details(#1882).
    • BUGFIX: Fix issues in the computation of imphash in pe module (#1944). Credits to the NSHC ThreatRecon team!
      BUGFIX: Fix multiple out-of-bound memory reads in dex module (#1949, #1951).
    • BUGFIX: Fix memory alignment issues (#1930).
    • BUGFIX: Some strings with the wide and ascii modifiers not matching as they should (#1933).
    • BUGFIX: Some rules not matching when --fast-scan is used (4de3d57)
    • BUGFIX: Properly list memory regions while scanning processes in Mac OS. (#2033)
    • BUGFIX: RFC5652 countersignatures are now correctly parsed in pe module (#2034)
    • BUGFIX: Fix potential DoS due to crashes in authenticode parser with malformed files (#2034). Credits to Bahaa Naamneh!
    • BUGFIX: Fix SIGSEGV in magic module when libmagic returns null pointer (3342aa0)
    • BUGFIX: Prevent infinite recursion while following symlinks (923368e)

    Thanks to: @mgoffin, @wxsBSD, @cblichmann, @secDre4mer, @vthib, @regeciovad, @kylereedmsft, @TommYDeeee, @humpalum, @metthal

    Download

    capa v7.0.0

    em Releases de software

    Postado

    This is the v7.0.0 release of capa which was mainly worked on during the Google Summer of Code (GSoC) 2023. A huge
    shoutout to our GSoC contributors @colton-gabertan and @yelhamer for their amazing work.

    Also, a big thanks to the other contributors: @aaronatp, @Aayush-Goel-04, @bkojusner, @doomedraven, @ruppde, @larchchen, @JCoonradt, and @xusheng6.

    New Features

    Breaking Changes

    New Rules (41)

    Bug Fixes

    capa explorer IDA Pro plugin

    • various integration updates and minor bug fixes

    Development

    Developer Notes

    With this new release, many classes and concepts have been split up into static (mostly identical to the
    prior implementations) and dynamic ones. For example, the legacy FeatureExtractor class has been renamed to
    StaticFeatureExtractor and the DynamicFeatureExtractor has been added.

    Starting from version 7.0, we have moved the component responsible for feature extractor from main to a new
    capabilities' module. Now, users wishing to utilize capa’s feature extraction abilities should use that module instead
    of importing the relevant logic from the main file.

    For sandbox-based feature extractors, we are using Pydantic models. Contributions of more models for other sandboxes
    are very welcome!

    With this release we've reorganized the logic found in main() to localize logic and ease readability and ease changes
    and integrations. The new "main routines" are expected to be used only within main functions, either capa main or
    related scripts. These functions should not be invoked from library code.

    Beyond copying code around, we've refined the handling of the input file/format/backend. The logic for picking the
    format and backend is more consistent. We've documented that the input file is not necessarily the sample itself
    (cape/freeze/etc.) inputs are not actually the sample.

    Raw diffs

    Download

    capa v7.0.0-beta

    em Releases de software

    Postado

    v7.0.0-beta

    This is the beta release of capa v7.0 which was mainly worked on during the Google Summer of Code (GSoC) 2023. A huge
    shoutout to @colton-gabertan and @yelhamer for their amazing work.

    Also a big thanks to the other contributors: @aaronatp, @Aayush-Goel-04, @bkojusner, @doomedraven, @ruppde, and @xusheng6.

    New Features

    Breaking Changes

    • remove the SCOPE_* constants in favor of the Scope enum #1764 @williballenthin
    • protobuf: deprecate RuleMetadata.scope in favor of RuleMetadata.scopes @williballenthin
    • protobuf: deprecate Metadata.analysis in favor of Metadata.analysis2 that is dynamic analysis aware @williballenthin
    • update freeze format to v3, adding support for dynamic analysis @williballenthin
    • extractor: ignore DLL name for api features #1815 @mr-tz

    New Rules (41)

    Bug Fixes

    Development

    Developer Notes

    With this new release, many classes and concepts have been split up into static (mostly identical to the
    prior implementations) and dynamic ones. For example, the legacy FeatureExtractor class has been renamed to
    StaticFeatureExtractor and the DynamicFeatureExtractor has been added.

    Starting from version 7.0, we have moved the component responsible for feature extractor from main to a new
    capabilities' module. Now, users wishing to utilize capa’s feature extraction abilities should use that module instead
    of importing the relevant logic from the main file.

    For sandbox-based feature extractors, we are using Pydantic models. Contributions of more models for other sandboxes
    are very welcome!

    Raw diffs

    Download

    GEF 2024.01 - Evergreen Response

    em Releases de software

    Postado

    Changelog: 2024.01 - Evergreen Response

    What's Changed in Evergreen Response

    • install curl coverage.yml by @therealdreg in #997
    • gef-remote: Fix issue with remote path having a space by @Grazfather in #998
    • Tiny cleanup by @Grazfather in #994
    • Let GefSetting write hooks see value by @Grazfather in #1000
    • Fix gdb.execute not quoting paths by @Grazfather in #999
    • Do not quote paths when running 'source' by @Grazfather in #1005
    • show basename in source: split line by @bartman in #1017
    • [Installers] Use latest tag, not main by @hugsy in #1007
    • Reorder reset_arch: param forced, elf header, gdb conf by @josx in #1004
    • Run validate CI step with Python 3.11 by @Grazfather in #1022
    • [target-remote] Basic support for the target remote command by @ValekoZ in #1020
    • Coverage workflow should only be triggered by pull_request by @hugsy in #1023
    • Dump memory usage when listing arenas, and add summary option in heap chunks command. by @r12f in #1024
    • Memory map provider by @Grazfather in #1003
    • Fix clear-screen timing when showing context by @r12f in #1026
    • Add min-size and max-size filter to heap chunks command by @r12f in #1025
    • Add c++ symbol support in xinfo. by @r12f in #1028
    • Add config to override libc version. by @r12f in #1027
    • Add option to resolve type when dumping heap summary. by @r12f in #1030
    • Rename _target to debug_target for building test cases. by @r12f in #1031
    • gef.sh: Fix which: command not found by @osalbahr in #1032
    • [docs] document conditional context panes by @Ordoviz in #1035
    • support 64 bit retval for stub by @Angelo942 in #1034
    • Add count option in heap chunks command to limit the number of chunks to process / output. by @r12f in #1029
    • correct parsing in gdb_get_location_from_symbol by @Angelo942 in #1037
    • Migrate tests to RPyC by @hugsy in #1040
    • Remove old context_times script + tuneup by @Grazfather in #1042
    • Update rpyc example in docs/testing.md by @hugsy in #1041

    Contributors

    Author Number of commits
    Angelo942 2
    Bart Trojanowski 1
    crazy hugsy 4
    Dreg 1
    Grazfather 8
    José Luis Di Biase 1
    Lennard Hofmann 1
    Osama Albahrani 1
    Riff 8
    ValekoZ 1

    New Contributors 🎉

    Closed Issues

    Closed Pull Requests

    Commit details

    28 commits since 2023.08

    Commit log

    • 2023-08-21 d6ce056Dreg • Install curl coverage.yml (#997)
    • 2023-08-25 bba5f1cGrazfather • gef-remote: Fix issue with remote path having a space (#998)
    • 2023-08-26 46fba8bGrazfather • Tiny cleanup (#994)
    • 2023-08-26 6a6e2a0Grazfather • Let GefSetting write hooks see value (#1000)
    • 2023-09-09 1247fe4Grazfather • Fix gdb.execute not quoting paths (#999)
    • 2023-09-11 5927df4Grazfather • Do not quote paths when running 'source' (#1005)
    • 2023-11-28 788f56bBart Trojanowski • show basename in source: split line (#1017)
    • 2023-11-28 0f6255ecrazy hugsy • [Installers] Use latest tag, not main (#1007)
    • 2023-11-29 295cbf7José Luis Di Biase • Reorder reset_arch: parameter forced, elf header, gdb conf (#1004)
    • 2023-12-13 15b09cfGrazfather • Run validate CI step with Python 3.11 (#1022)
    • 2023-12-16 f7a2105ValekoZ • [target-remote] Basic support for the target remote command (#1020)
    • 2023-12-16 0eb7f5ccrazy hugsy • Coverage workflow should only be triggered by pull_request (#1023)
    • 2023-12-18 17c496cRiff • Dump memory usage when listing arenas, and add summary option (#1024)
    • 2023-12-18 4f20983Grazfather • Memory map provider (#1003)
    • 2023-12-20 f0d2818Riff • Fix clear-screen timing when showing context (#1026)
    • 2023-12-20 fbda021Riff • Add min-size and max-size filter to heap chunks command (#1025)
    • 2023-12-20 023b1a9Riff • Add c++ symbol support in xinfo. (#1028)
    • 2023-12-22 663d4a2Riff • Add config to override libc version. (#1027)
    • 2023-12-22 e629f02Riff • Add option to resolve type when dumping heap summary. (#1030)
    • 2023-12-22 53c769cRiff • Rename _target to debug_target for building test cases. (#1031)
    • 2023-12-26 951872bOsama Albahrani • [gef.sh] Replaced which with command (#1032)
    • 2023-12-30 5cc4ef2Lennard Hofmann • [docs] document conditional context panes (#1035)
    • 2023-12-30 a2704c9Angelo942 • Support 64 bit return value for stub (#1034)
    • 2024-01-02 d4b849eRiff • Add count option in heap chunks command to limit the number of chunks to process / output. (#1029)
    • 2024-01-04 deeab2fAngelo942 • Set correct parsing to gdb_get_location_from_symbol (#1037)
    • 2024-01-09 bcaabffcrazy hugsy • Migrate tests to RPyC (#1040)
    • 2024-01-10 8395f0bGrazfather • Remove old context_times script + tuneup (#1042)
    • 2024-01-10 b56bf9dcrazy hugsy • Update rpyc example in docs/testing.md (#1041)

    File diff

    .github/workflows/coverage.yml                |  72 ++-
 .github/workflows/generate-docs.yml           |   1 +
 .github/workflows/validate.yml                |   2 +
 .pylintrc                                     |  20 +-
 docs/api.md                                   |   3 +-
 docs/commands/context.md                      |  20 +
 docs/commands/gef-remote.md                   |   6 +-
 docs/commands/heap.md                         |  47 ++
 docs/testing.md                               |  69 ++-
 gef.py                                        | 741 ++++++++++++++++----------
 scripts/gef-extras.sh                         |   6 +-
 scripts/gef.sh                                |  11 +-
 scripts/generate-coverage-docs.sh             |   2 +-
 scripts/remote_debug.py                       |  36 ++
 tests/api/deprecated.py                       |  30 +-
 tests/api/gef_arch.py                         |  45 +-
 tests/api/gef_disasemble.py                   |  30 --
 tests/api/gef_disassemble.py                  |  51 ++
 tests/api/gef_heap.py                         |  45 +-
 tests/api/gef_session.py                      |  98 ++--
 tests/api/misc.py                             | 169 ++++--
 tests/base.py                                 | 108 ++++
 tests/binaries/Makefile                       |   6 +
 tests/binaries/class.cpp                      |  29 +
 tests/commands/aliases.py                     |  54 +-
 tests/commands/aslr.py                        |  57 +-
 tests/commands/canary.py                      |  43 +-
 tests/commands/checksec.py                    |  53 +-
 tests/commands/context.py                     |   4 +-
 tests/commands/dereference.py                 |  74 +--
 tests/commands/edit_flags.py                  |  68 +--
 tests/commands/elf_info.py                    |   8 +-
 tests/commands/entry_break.py                 |  18 +-
 tests/commands/format_string_helper.py        |  27 +-
 tests/commands/functions.py                   |  11 +-
 tests/commands/gef.py                         |  96 ++--
 tests/commands/gef_remote.py                  |  74 ++-
 tests/commands/got.py                         |  26 +-
 tests/commands/heap.py                        | 314 +++++++----
 tests/commands/heap_analysis.py               |  24 +-
 tests/commands/hexdump.py                     |  23 +-
 tests/commands/highlight.py                   |  23 +-
 tests/commands/hijack_fd.py                   |   8 +-
 tests/commands/ksymaddr.py                    |  19 -
 tests/commands/memory.py                      | 118 ++--
 tests/commands/name_break.py                  |  19 +-
 tests/commands/nop.py                         | 408 +++++++-------
 tests/commands/patch.py                       |  92 ++--
 tests/commands/pattern.py                     |  83 +--
 tests/commands/pcustom.py                     | 132 +++--
 tests/commands/pie.py                         |  46 +-
 tests/commands/print_format.py                |  61 ++-
 tests/commands/process_search.py              |  52 +-
 tests/commands/process_status.py              |  17 +-
 tests/commands/registers.py                   |  32 +-
 tests/commands/reset_cache.py                 |  11 +-
 tests/commands/scan.py                        |  24 +-
 tests/commands/search_pattern.py              |  37 +-
 tests/commands/shellcode.py                   |  28 +-
 tests/commands/skipi.py                       |  67 ++-
 tests/commands/smart_eval.py                  |  14 +-
 tests/commands/stub.py                        |  49 +-
 tests/commands/theme.py                       |  20 +-
 tests/commands/trace_run.py                   |  19 +-
 tests/commands/version.py                     |  10 +-
 tests/commands/vmmap.py                       |  21 +-
 tests/commands/xfiles.py                      |  17 +-
 tests/commands/xinfo.py                       |  34 +-
 tests/commands/xor_memory.py                  |  26 +-
 tests/config/__init__.py                      |  89 +++-
 tests/functions/elf_sections.py               |  97 ++--
 tests/perf/benchmark.py                       |  50 +-
 tests/perf/context_times.sh                   |  75 ---
 tests/regressions/gdbserver_connection.py     |  14 +-
 tests/regressions/registers_register_order.py |  90 +++-
 tests/requirements.txt                        |   1 +
 tests/utils.py                                | 303 ++++-------
 77 files changed, 2888 insertions(+), 1939 deletions(-)

    Full Changelog: 2023.08...2024.01

    Download

    Detect It Easy 3.09

    em Releases de software

    Postado

    Please see the file CHANGELOG for a detailed list of changes.

    Asset / File Description / Host OS
    die_sourcecode_3.09.tar.gz Source code tarball
    Detect_It_Easy-3.09-x86_64.AppImage Portable version for Linux How to run
    die_3.09_Debian_10_amd64.deb Installer for Debian 10
    die_3.09_Debian_11_amd64.deb Installer for Debian 11
    die_3.09_Debian_12_amd64.deb Installer for Debian 12
    die_3.09_Ubuntu_14.04_amd64.deb Installer for Ubuntu 14.04
    die_3.09_Ubuntu_16.04_amd64.deb Installer for Ubuntu 16.04
    die_3.09_Ubuntu_18.04_amd64.deb Installer for Ubuntu 18.04
    die_3.09_Ubuntu_20.04_amd64.deb Installer for Ubuntu 20.04
    die_3.09_Ubuntu_22.04_amd64.deb Installer for Ubuntu 22.04
    die_3.09_Ubuntu_22.10_amd64.deb Installer for Ubuntu 22.10
    die_3.09_Ubuntu_23.04_amd64.deb Installer for Ubuntu 23.04
    die_3.09_Ubuntu_23.10_amd64.deb Installer for Ubuntu 23.10
    die_3.09_Kali_2023.4_amd64 Installer for Kali 2023.4
    die_3.09_Parrot_5.3_amd64.deb Installer for Ubuntu 23.10
    die_3.09_portable_Ubuntu_20.04_amd64.tar.gz Portable version for Ubuntu 20.04
    detect-it-easy-3.09-1-x86_64.pkg.tar.zst Installer for Arch Linux
    die_mac_3.09_x86_64.pkg Installer for macOS
    die_mac_qt6_3.09_arm64.pkg Installer for macOS Qt6 M1 processor
    die_mac_portable_3.09_x86_64.zip Portable version for macOS
    die_win32_portable_3.09_x86.zip Portable version for x86 Win32 (Win7-Win11)
    die_win64_portable_3.09_x64.zip Portable version for x64 Win64 (Win7-Win11)
    die_winxp_portable_3.09_x86.zip Portable version for Windows XP (WinXP-Win11)

    Experimental versions - There may be bugs in the GUI

    Asset / File Description / Host OS
    die_win64_qt6_portable_3.09_x64.zip Portable version for x64 Win64 Qt6 (Win10-Win11)

    Download

    HexFiend v2.18.0b2

    em Releases de software

    Postado

    General:

    • On Sonoma use the new text insertion style
    • Bookmarks no longer mark the document as edited
    • Release notes now support dark mode

    Jump to Offset:

    • Highlight only applies to a single byte
    • Remove rounded corners on highlight overlay
    • Extend visible time to 0.5 seconds

    Compare:

    • Refinements to menu items enablement for Compare
    • Byte Theme and Columns apply to the left side of Compare

    Templates:

    • Fix nested section error handling
    • Add -utcOffset argument to unixtime and macdate

    Download

×
×
  • Criar Novo...