-
Postagens
688 -
Registro em
-
Última visita
Nunca -
Dias Ganhos
1
Tipo de Conteúdo
Fóruns
Treinamentos
Notícias
Artigos
Contribuindo
Profissões
Materiais de estudo
Pesquisa
Downloads
Loja
Eventos
Blogs
Galeria
Posts postados por MBot
-
-
This release represents our first Windows Package Manager 1.7 release candidate build for Windows 10 (1809+), and Windows 11. Experimental features have been disabled in this release.
Features
- The
winget repair
command is now available and can be used to repair a package that is having issues. - Winget can enable Windows Features as a package dependency.
- Winget now supports rebooting your machine if the installer return code indicates that a reboot is required. You can do this by passing the
--allow-reboot
flag. - WinGet configuration can accept a URL rather than only a local file.
- Performance improvements to be more network efficient with the CDN along with better flows to handle scenarios with elevation requirements.
- Support for Entra Id authentication (formerly Azure Active Directory) for private REST sources. Note: The REST source reference implementation still needs to be updated.
What's Changed
- Remove Invoke-CommandInDesktopPackage use by @JohnMcPMS in #3658
- Improve packaged source updating by @JohnMcPMS in #3657
- Add a bit of randomness to the wait time after source update failure by @JohnMcPMS in #3661
- Reduce the size of the index by @JohnMcPMS in #3666
- Log Com invocation startup telemetry and delay auto update time when invoked from explorer by @yao-msft in #3665
- Enable COM API access to correlate with the tracking database only by @JohnMcPMS in #3670
- Fix localized strings output by @mdanish-kh in #3673
- Improve the version header detection and logging by @JohnMcPMS in #3680
- Revert 3670 by @JohnMcPMS in #3700
- Enable COM API access to correlate with the tracking database only by @JohnMcPMS in #3703
- Use correct caller name in Com startup telemetry event by @yao-msft in #3711
- Platform source should not be blocked by policy check by @yao-msft in #3725
- Update docs for upgrade command by @KK-Designs in #3639
- Honor 429 Retry-After by @msftrubengu in #3718
- Make manifest retrieval choice more dynamic by @JohnMcPMS in #3738
- Allow --accept-source-agreements with local manifests by @Trenly in #3573
- Invoke ShellExecute on dism.exe for enabling Windows Features by @ryfu-msft in #3659
- Allow --include-unknown with install by @Trenly in #3752
- Broadcast WM_SETTINGCHANGE on change of path by @Trenly in #3751
- Add
resume
command and support saving the argument state. by @ryfu-msft in #3508 - Allow higher versions to satisfy the VCLibs dependency in Repair by @JohnMcPMS in #3763
- Use package version as potential last update timestamp by @JohnMcPMS in #3759
- Add missing condition for using toolset v143 when building JsonCppLib for arm by @florelis in #3773
- Move SQLite base code by @JohnMcPMS in #3790
- Fix non-test hook code for Windows Feature by @JohnMcPMS in #3789
- Skip dependency evaluation with
--skip-dependencies
by @mdanish-kh in #3784 - Download and install Workflow patches for skip dependencies by @yao-msft in #3794
- Add experimental feature for initiating reboot for single package installs by @ryfu-msft in #3631
- Microsoft.WinGet.Client Any CPU by @msftrubengu in #3622
- Inform user if a module requires elevation by @msftrubengu in #3758
- Add missing manifest fields by @hackean-msft in #3757
- Configuration Schema 0.3 by @JohnMcPMS in #3779
- Extend Configuration COM API for export by @florelis in #3787
- Fix binskim issues by @ryfu-msft in #3815
- Performance improvements by @JohnMcPMS in #3808
- Fix OOP config helper by @JohnMcPMS in #3873
- Revert manifest schemas to json draft-07 by @ryfu-msft in #3875
- Allow Microsoft.WinGet.Client to run in any PowerShell session running as system by @msftrubengu in #3816
- Fix signaling the app shutdown event running as admin by @msftrubengu in #3874
- Configuration schema property descriptions added by @alexravenna in #3499
- The initial yaml schema manifest for version 1.7.0 by @Madhusudhan-MSFT in #3876
- Move to latest cppwinrt package across all projects by @JohnMcPMS in #3868
- Add suggested dictionaries for spellchecking and remove unneeded words by @florelis in #3885
- Remove unneeded words from spellchecking by @florelis in #3890
- Update docs for winget commands by @KK-Designs in #3909
- Ignore deprecation warning by @JohnMcPMS in #3905
- Fix pipeline build error by @florelis in #3937
- Add support for double-clicking on .wingetdev files for applying configuration by @florelis in #3860
- Add a script to bootstrap running Pester tests by @JohnMcPMS in #3899
- Add WingetDSC E2E tests by @ryfu-msft in #3939
- Improve repair by @msftrubengu in #3886
- Enable cmdlets for Windows PowerShell by @msftrubengu in #3951
- Register restart for resume by @ryfu-msft in #3858
- Allow user settings to control logging channels by @JohnMcPMS in #3955
- Add package id, name, and source to install/update/uninstall result for PowerShell cmdlet by @ryfu-msft in #3954
- Update Store Certs by @yao-msft in #3968
- Introduce strong and weak comparisons between installers by @JohnMcPMS in #3956
- Include framework packages during installed packages enumeration by @yao-msft in #3975
- Allow winget configure from https location and extend winget configure validate for winget resource units by @yao-msft in #3833
- Update comment around MotW application by @florelis in #3979
- Restrict on agreement text only by @yao-msft in #3998
- Create similarissues.yml by @craigloewen-msft in #4035
- Update similarIssues.yml to not show 'fail' when no similar issues found by @craigloewen-msft in #4042
- Similar issues workflow explicit permission by @msftrubengu in #4040
- Update WinGetUtilInterop project by @msftrubengu in #4045
- Repair switch support for V1.7 YAML manifest by @Madhusudhan-MSFT in #4041
- Update dependency on System.Data.SqlClient by @florelis in #4083
- Use std::variant in ManifestYamlPopulator by @msftrubengu in #4081
- Show only agreement related info during install by @Trenly in #3999
- Support group processing of configurations by @JohnMcPMS in #4059
- Improve progress handling for group processor by @JohnMcPMS in #4121
- Shadow Manifest by @msftrubengu in #4104
- Remove debug flags to unblock utils nuget release (#4030) by @msftrubengu in #4127
- Revert "Remove debug flags to unblock utils nuget release (#4030)" by @msftrubengu in #4128
- Support Microsoft Entra Id authentication for rest source by @yao-msft in #4123
- Retarget to netstandard2.1 (#4130) by @msftrubengu in #4132
- Make windows feature and reboot features stable by @ryfu-msft in #4137
- Update links in Roadmap by @Trenly in #4142
- Refactor pinning evaluation by @JohnMcPMS in #4151
- Winget client rest source parsing for 1.7 manifest by @yao-msft in #4155
- Add 1.7 manifest fields to WingetUtilsInterop by @yao-msft in #4157
- Update fuzzer and integrate with OneFuzz by @ryfu-msft in #4135
- Add additional switches for Inno Setup based installers by @SpecterShell in #3562
- Create #658 - WinGet Download.md by @RDMacLachlan in #2953
- Log configuration input hash in configuration summary telemetry by @yao-msft in #4173
- Implement Export-WinGetPackage powershell cmdlet for
winget download
by @ryfu-msft in #3977 - winget repair cli implementation by @Madhusudhan-MSFT in #4168
- Fix typo in '#658 - WinGet Download.md' Spec File by @og-mrk in #4179
New Contributors
- @KK-Designs made their first contribution in #3639
- @alexravenna made their first contribution in #3499
- @craigloewen-msft made their first contribution in #4035
- @og-mrk made their first contribution in #4179
Full Changelog: v1.6.2631...v1.7.10514
- The
-
See https://frida.re/news/ for details.
-
submodules: Bump outdated
-
Release 0.61.0
-
- Unreferenced strings are allowed if their identifier start with
_
(#1941) - New command-line option
--disable-console-logs
for disabling the output of the console module (#1915) - New command-line option
--strict-escape
that raises warnings on unknown escape sequences (#1880). - Improve performance by avoiding the execution of rule conditions that can't match (#1927)
- Add callback message
CALLBACK_MSG_TOO_SLOW_SCANNING
for notifying about slow rules (#1921). - Expose function RVA in
pe.export_details
(#1882). - BUGFIX: Fix issues in the computation of
imphash
inpe
module (#1944). Credits to the NSHC ThreatRecon team!
BUGFIX: Fix multiple out-of-bound memory reads index
module (#1949, #1951). - BUGFIX: Fix memory alignment issues (#1930).
- BUGFIX: Some strings with the wide and ascii modifiers not matching as they should (#1933).
- BUGFIX: Some rules not matching when
--fast-scan
is used (4de3d57) - BUGFIX: Properly list memory regions while scanning processes in Mac OS. (#2033)
- BUGFIX: RFC5652 countersignatures are now correctly parsed in
pe
module (#2034) - BUGFIX: Fix potential DoS due to crashes in authenticode parser with malformed files (#2034). Credits to Bahaa Naamneh!
- BUGFIX: Fix SIGSEGV in
magic
module whenlibmagic
returns null pointer (3342aa0) - BUGFIX: Prevent infinite recursion while following symlinks (923368e)
Thanks to: @mgoffin, @wxsBSD, @cblichmann, @secDre4mer, @vthib, @regeciovad, @kylereedmsft, @TommYDeeee, @humpalum, @metthal
- Unreferenced strings are allowed if their identifier start with
-
This release fixes a circular import error.
-
This is the v7.0.0 release of capa which was mainly worked on during the Google Summer of Code (GSoC) 2023. A huge
shoutout to our GSoC contributors @colton-gabertan and @yelhamer for their amazing work.Also, a big thanks to the other contributors: @aaronatp, @Aayush-Goel-04, @bkojusner, @doomedraven, @ruppde, @larchchen, @JCoonradt, and @xusheng6.
New Features
- add Ghidra backend #1770 #1767 @colton-gabertan @mike-hunhoff
- add Ghidra UI integration #1734 @colton-gabertan @mike-hunhoff
- add dynamic analysis via CAPE sandbox reports #48 #1535 @yelhamer
- binja: add support for forwarded exports #1646 @xusheng6
- binja: add support for symtab names #1504 @xusheng6
- add com class/interface features #322 @Aayush-Goel-04
- dotnet: emit enclosing class information for nested classes #1780 #1913 @bkojusner @mike-hunhoff
Breaking Changes
- remove the
SCOPE_*
constants in favor of theScope
enum #1764 @williballenthin - protobuf: deprecate
RuleMetadata.scope
in favor ofRuleMetadata.scopes
@williballenthin - protobuf: deprecate
Metadata.analysis
in favor ofMetadata.analysis2
that is dynamic analysis aware @williballenthin - update freeze format to v3, adding support for dynamic analysis @williballenthin
- extractor: ignore DLL name for api features #1815 @mr-tz
- main: introduce wrapping routines within main for working with CLI args #1813 @williballenthin
- move functions from
capa.main
to newcapa.loader
namespace #1821 @williballenthin - proto: add
package
declaration #1960 @larchchen
New Rules (41)
- nursery/get-ntoskrnl-base-address @mr-tz
- host-interaction/network/connectivity/set-tcp-connection-state @johnk3r
- nursery/capture-process-snapshot-data @mr-tz
- collection/network/capture-packets-using-sharppcap jakub.jozwiak@mandiant.com
- nursery/communicate-with-kernel-module-via-netlink-socket-on-linux michael.hunhoff@mandiant.com
- nursery/get-current-pid-on-linux michael.hunhoff@mandiant.com
- nursery/get-file-system-information-on-linux michael.hunhoff@mandiant.com
- nursery/get-password-database-entry-on-linux michael.hunhoff@mandiant.com
- nursery/mark-thread-detached-on-linux michael.hunhoff@mandiant.com
- nursery/persist-via-gnome-autostart-on-linux michael.hunhoff@mandiant.com
- nursery/set-thread-name-on-linux michael.hunhoff@mandiant.com
- load-code/dotnet/load-windows-common-language-runtime michael.hunhoff@mandiant.com blas.kojusner@mandiant.com jakub.jozwiak@mandiant.com
- nursery/log-keystrokes-via-input-method-manager @mr-tz
- nursery/encrypt-data-using-rc4-via-systemfunction032 richard.weiss@mandiant.com
- nursery/add-value-to-global-atom-table @mr-tz
- nursery/enumerate-processes-that-use-resource @Ana06
- host-interaction/process/inject/allocate-or-change-rwx-memory @mr-tz
- lib/allocate-or-change-rw-memory 0x534a@mailbox.org @mr-tz
- lib/change-memory-protection @mr-tz
- anti-analysis/anti-av/patch-antimalware-scan-interface-function jakub.jozwiak@mandiant.com
- executable/dotnet-singlefile/bundled-with-dotnet-single-file-deployment sara.rincon@mandiant.com
- internal/limitation/file/internal-dotnet-single-file-deployment-limitation sara.rincon@mandiant.com
- data-manipulation/encoding/encode-data-using-add-xor-sub-operations jakub.jozwiak@mandiant.com
- nursery/access-camera-in-dotnet-on-android michael.hunhoff@mandiant.com
- nursery/capture-microphone-audio-in-dotnet-on-android michael.hunhoff@mandiant.com
- nursery/capture-screenshot-in-dotnet-on-android michael.hunhoff@mandiant.com
- nursery/check-for-incoming-call-in-dotnet-on-android michael.hunhoff@mandiant.com
- nursery/check-for-outgoing-call-in-dotnet-on-android michael.hunhoff@mandiant.com
- nursery/compiled-with-xamarin michael.hunhoff@mandiant.com
- nursery/get-os-version-in-dotnet-on-android michael.hunhoff@mandiant.com
- data-manipulation/compression/create-cabinet-on-windows michael.hunhoff@mandiant.com jakub.jozwiak@mandiant.com
- data-manipulation/compression/extract-cabinet-on-windows jakub.jozwiak@mandiant.com
- lib/create-file-decompression-interface-context-on-windows jakub.jozwiak@mandiant.com
- nursery/enumerate-files-in-dotnet moritz.raabe@mandiant.com anushka.virgaonkar@mandiant.com
- nursery/get-mac-address-in-dotnet moritz.raabe@mandiant.com michael.hunhoff@mandiant.com echernofsky@google.com
- nursery/get-current-process-command-line william.ballenthin@mandiant.com
- nursery/get-current-process-file-path william.ballenthin@mandiant.com
- nursery/hook-routines-via-dlsym-rtld_next william.ballenthin@mandiant.com
- nursery/linked-against-hp-socket still@teamt5.org
- host-interaction/process/inject/process-ghostly-hollowing sara.rincon@mandiant.com
Bug Fixes
- ghidra: fix
ints_to_bytes
performance #1761 @mike-hunhoff - binja: improve function call site detection @xusheng6
- binja: use
binaryninja.load
to open files @xusheng6 - binja: bump binja version to 3.5 #1789 @xusheng6
- elf: better detect ELF OS via GCC .ident directives #1928 @williballenthin
- elf: better detect ELF OS via Android dependencies #1947 @williballenthin
- fix setuptools package discovery #1886 @gmacon @mr-tz
- remove unnecessary scripts/vivisect-py2-vs-py3.sh file #1949 @JCoonradt
capa explorer IDA Pro plugin
- various integration updates and minor bug fixes
Development
Developer Notes
With this new release, many classes and concepts have been split up into static (mostly identical to the
prior implementations) and dynamic ones. For example, the legacy FeatureExtractor class has been renamed to
StaticFeatureExtractor and the DynamicFeatureExtractor has been added.Starting from version 7.0, we have moved the component responsible for feature extractor from main to a new
capabilities' module. Now, users wishing to utilize capa’s feature extraction abilities should use that module instead
of importing the relevant logic from the main file.For sandbox-based feature extractors, we are using Pydantic models. Contributions of more models for other sandboxes
are very welcome!With this release we've reorganized the logic found in
main()
to localize logic and ease readability and ease changes
and integrations. The new "main routines" are expected to be used only within main functions, either capa main or
related scripts. These functions should not be invoked from library code.Beyond copying code around, we've refined the handling of the input file/format/backend. The logic for picking the
format and backend is more consistent. We've documented that the input file is not necessarily the sample itself
(cape/freeze/etc.) inputs are not actually the sample.Raw diffs
-
v1.20.10303.0
-
v1.19.10302.0
-
v1.18.10301.0
-
- What's New
- Change History
- Installation Guide
- SHA-256:
a0bc9450aa3a231096b13a823c66311b9f84cb9cec4624393221cfed40ef6924
-
v1.20.10293.0
-
v1.19.10292.0
-
v1.18.10291.0
-
Official GNU Binutils 2.42 Release
-
v7.0.0-beta
This is the beta release of capa v7.0 which was mainly worked on during the Google Summer of Code (GSoC) 2023. A huge
shoutout to @colton-gabertan and @yelhamer for their amazing work.Also a big thanks to the other contributors: @aaronatp, @Aayush-Goel-04, @bkojusner, @doomedraven, @ruppde, and @xusheng6.
New Features
- add Ghidra backend #1770 #1767 @colton-gabertan @mike-hunhoff
- add dynamic analysis via CAPE sandbox reports #48 #1535 @yelhamer
- binja: add support for forwarded exports #1646 @xusheng6
- binja: add support for symtab names #1504 @xusheng6
- add com class/interface features #322 @Aayush-Goel-04
- dotnet: emit enclosing class information for nested classes #1780 #1913 @bkojusner @mike-hunhoff
Breaking Changes
- remove the
SCOPE_*
constants in favor of theScope
enum #1764 @williballenthin - protobuf: deprecate
RuleMetadata.scope
in favor ofRuleMetadata.scopes
@williballenthin - protobuf: deprecate
Metadata.analysis
in favor ofMetadata.analysis2
that is dynamic analysis aware @williballenthin - update freeze format to v3, adding support for dynamic analysis @williballenthin
- extractor: ignore DLL name for api features #1815 @mr-tz
New Rules (41)
- nursery/get-ntoskrnl-base-address @mr-tz
- host-interaction/network/connectivity/set-tcp-connection-state @johnk3r
- nursery/capture-process-snapshot-data @mr-tz
- collection/network/capture-packets-using-sharppcap jakub.jozwiak@mandiant.com
- nursery/communicate-with-kernel-module-via-netlink-socket-on-linux michael.hunhoff@mandiant.com
- nursery/get-current-pid-on-linux michael.hunhoff@mandiant.com
- nursery/get-file-system-information-on-linux michael.hunhoff@mandiant.com
- nursery/get-password-database-entry-on-linux michael.hunhoff@mandiant.com
- nursery/mark-thread-detached-on-linux michael.hunhoff@mandiant.com
- nursery/persist-via-gnome-autostart-on-linux michael.hunhoff@mandiant.com
- nursery/set-thread-name-on-linux michael.hunhoff@mandiant.com
- load-code/dotnet/load-windows-common-language-runtime michael.hunhoff@mandiant.com blas.kojusner@mandiant.com jakub.jozwiak@mandiant.com
- nursery/log-keystrokes-via-input-method-manager @mr-tz
- nursery/encrypt-data-using-rc4-via-systemfunction032 richard.weiss@mandiant.com
- nursery/add-value-to-global-atom-table @mr-tz
- nursery/enumerate-processes-that-use-resource @Ana06
- host-interaction/process/inject/allocate-or-change-rwx-memory @mr-tz
- lib/allocate-or-change-rw-memory 0x534a@mailbox.org @mr-tz
- lib/change-memory-protection @mr-tz
- anti-analysis/anti-av/patch-antimalware-scan-interface-function jakub.jozwiak@mandiant.com
- executable/dotnet-singlefile/bundled-with-dotnet-single-file-deployment sara.rincon@mandiant.com
- internal/limitation/file/internal-dotnet-single-file-deployment-limitation sara.rincon@mandiant.com
- data-manipulation/encoding/encode-data-using-add-xor-sub-operations jakub.jozwiak@mandiant.com
- nursery/access-camera-in-dotnet-on-android michael.hunhoff@mandiant.com
- nursery/capture-microphone-audio-in-dotnet-on-android michael.hunhoff@mandiant.com
- nursery/capture-screenshot-in-dotnet-on-android michael.hunhoff@mandiant.com
- nursery/check-for-incoming-call-in-dotnet-on-android michael.hunhoff@mandiant.com
- nursery/check-for-outgoing-call-in-dotnet-on-android michael.hunhoff@mandiant.com
- nursery/compiled-with-xamarin michael.hunhoff@mandiant.com
- nursery/get-os-version-in-dotnet-on-android michael.hunhoff@mandiant.com
- data-manipulation/compression/create-cabinet-on-windows michael.hunhoff@mandiant.com jakub.jozwiak@mandiant.com
- data-manipulation/compression/extract-cabinet-on-windows jakub.jozwiak@mandiant.com
- lib/create-file-decompression-interface-context-on-windows jakub.jozwiak@mandiant.com
- nursery/enumerate-files-in-dotnet moritz.raabe@mandiant.com anushka.virgaonkar@mandiant.com
- nursery/get-mac-address-in-dotnet moritz.raabe@mandiant.com michael.hunhoff@mandiant.com echernofsky@google.com
- nursery/get-current-process-command-line william.ballenthin@mandiant.com
- nursery/get-current-process-file-path william.ballenthin@mandiant.com
- nursery/hook-routines-via-dlsym-rtld_next william.ballenthin@mandiant.com
- nursery/linked-against-hp-socket still@teamt5.org
- host-interaction/process/inject/process-ghostly-hollowing sara.rincon@mandiant.com
Bug Fixes
- ghidra: fix
ints_to_bytes
performance #1761 @mike-hunhoff - binja: improve function call site detection @xusheng6
- binja: use
binaryninja.load
to open files @xusheng6 - binja: bump binja version to 3.5 #1789 @xusheng6
- elf: better detect ELF OS via GCC .ident directives #1928 @williballenthin
- fix setuptools package discovery #1886 @gmacon @mr-tz
Development
Developer Notes
With this new release, many classes and concepts have been split up into static (mostly identical to the
prior implementations) and dynamic ones. For example, the legacy FeatureExtractor class has been renamed to
StaticFeatureExtractor and the DynamicFeatureExtractor has been added.Starting from version 7.0, we have moved the component responsible for feature extractor from main to a new
capabilities' module. Now, users wishing to utilize capa’s feature extraction abilities should use that module instead
of importing the relevant logic from the main file.For sandbox-based feature extractors, we are using Pydantic models. Contributions of more models for other sandboxes
are very welcome!Raw diffs
-
Changelog: 2024.01 - Evergreen Response
What's Changed in
Evergreen Response
- install curl coverage.yml by @therealdreg in #997
- gef-remote: Fix issue with remote path having a space by @Grazfather in #998
- Tiny cleanup by @Grazfather in #994
- Let GefSetting write hooks see value by @Grazfather in #1000
- Fix gdb.execute not quoting paths by @Grazfather in #999
- Do not quote paths when running 'source' by @Grazfather in #1005
- show basename in source: split line by @bartman in #1017
- [Installers] Use latest tag, not main by @hugsy in #1007
- Reorder reset_arch: param forced, elf header, gdb conf by @josx in #1004
- Run validate CI step with Python 3.11 by @Grazfather in #1022
- [target-remote] Basic support for the
target remote
command by @ValekoZ in #1020 - Coverage workflow should only be triggered by
pull_request
by @hugsy in #1023 - Dump memory usage when listing arenas, and add summary option in heap chunks command. by @r12f in #1024
- Memory map provider by @Grazfather in #1003
- Fix clear-screen timing when showing context by @r12f in #1026
- Add min-size and max-size filter to heap chunks command by @r12f in #1025
- Add c++ symbol support in xinfo. by @r12f in #1028
- Add config to override libc version. by @r12f in #1027
- Add option to resolve type when dumping heap summary. by @r12f in #1030
- Rename _target to debug_target for building test cases. by @r12f in #1031
- gef.sh: Fix
which: command not found
by @osalbahr in #1032 - [docs] document conditional context panes by @Ordoviz in #1035
- support 64 bit retval for stub by @Angelo942 in #1034
- Add count option in heap chunks command to limit the number of chunks to process / output. by @r12f in #1029
- correct parsing in gdb_get_location_from_symbol by @Angelo942 in #1037
- Migrate tests to RPyC by @hugsy in #1040
- Remove old context_times script + tuneup by @Grazfather in #1042
- Update rpyc example in
docs/testing.md
by @hugsy in #1041
Contributors
Author Number of commits Angelo942 2 Bart Trojanowski 1 crazy hugsy 4 Dreg 1 Grazfather 8 José Luis Di Biase 1 Lennard Hofmann 1 Osama Albahrani 1 Riff 8 ValekoZ 1 New Contributors 🎉
- @bartman made their first contribution in #1017
- @josx made their first contribution in #1004
- @ValekoZ made their first contribution in #1020
- @r12f made their first contribution in #1024
- @osalbahr made their first contribution in #1032
- @Ordoviz made their first contribution in #1035
- @Angelo942 made their first contribution in #1034
Closed Issues
Closed Pull Requests
- 21 PRs closed ( 1042 • 1041 • 1040 • 1037 • 1035 • 1034 • 1032 • 1031 • 1030 • 1029 • 1028 • 1027 • 1026 • 1025 • 1024 • 1023 • 1022 • 1020 • 1019 • 1017 • 1013 )
Commit details
28 commits since 2023.08Commit log
- 2023-08-21 d6ce056 • Dreg • Install curl coverage.yml (#997)
- 2023-08-25 bba5f1c • Grazfather • gef-remote: Fix issue with remote path having a space (#998)
- 2023-08-26 46fba8b • Grazfather • Tiny cleanup (#994)
- 2023-08-26 6a6e2a0 • Grazfather • Let
GefSetting
write hooks see value (#1000) - 2023-09-09 1247fe4 • Grazfather • Fix gdb.execute not quoting paths (#999)
- 2023-09-11 5927df4 • Grazfather • Do not quote paths when running 'source' (#1005)
- 2023-11-28 788f56b • Bart Trojanowski • show basename in source: split line (#1017)
- 2023-11-28 0f6255e • crazy hugsy • [Installers] Use latest tag, not main (#1007)
- 2023-11-29 295cbf7 • José Luis Di Biase • Reorder
reset_arch
: parameter forced, elf header, gdb conf (#1004) - 2023-12-13 15b09cf • Grazfather • Run validate CI step with Python 3.11 (#1022)
- 2023-12-16 f7a2105 • ValekoZ • [target-remote] Basic support for the
target remote
command (#1020) - 2023-12-16 0eb7f5c • crazy hugsy • Coverage workflow should only be triggered by
pull_request
(#1023) - 2023-12-18 17c496c • Riff • Dump memory usage when listing arenas, and add summary option (#1024)
- 2023-12-18 4f20983 • Grazfather • Memory map provider (#1003)
- 2023-12-20 f0d2818 • Riff • Fix clear-screen timing when showing context (#1026)
- 2023-12-20 fbda021 • Riff • Add min-size and max-size filter to heap chunks command (#1025)
- 2023-12-20 023b1a9 • Riff • Add c++ symbol support in xinfo. (#1028)
- 2023-12-22 663d4a2 • Riff • Add config to override libc version. (#1027)
- 2023-12-22 e629f02 • Riff • Add option to resolve type when dumping heap summary. (#1030)
- 2023-12-22 53c769c • Riff • Rename _target to debug_target for building test cases. (#1031)
- 2023-12-26 951872b • Osama Albahrani • [gef.sh] Replaced
which
withcommand
(#1032) - 2023-12-30 5cc4ef2 • Lennard Hofmann • [docs] document conditional context panes (#1035)
- 2023-12-30 a2704c9 • Angelo942 • Support 64 bit return value for stub (#1034)
- 2024-01-02 d4b849e • Riff • Add count option in heap chunks command to limit the number of chunks to process / output. (#1029)
- 2024-01-04 deeab2f • Angelo942 • Set correct parsing to
gdb_get_location_from_symbol
(#1037) - 2024-01-09 bcaabff • crazy hugsy • Migrate tests to RPyC (#1040)
- 2024-01-10 8395f0b • Grazfather • Remove old context_times script + tuneup (#1042)
- 2024-01-10 b56bf9d • crazy hugsy • Update rpyc example in
docs/testing.md
(#1041)
File diff
.github/workflows/coverage.yml | 72 ++- .github/workflows/generate-docs.yml | 1 + .github/workflows/validate.yml | 2 + .pylintrc | 20 +- docs/api.md | 3 +- docs/commands/context.md | 20 + docs/commands/gef-remote.md | 6 +- docs/commands/heap.md | 47 ++ docs/testing.md | 69 ++- gef.py | 741 ++++++++++++++++---------- scripts/gef-extras.sh | 6 +- scripts/gef.sh | 11 +- scripts/generate-coverage-docs.sh | 2 +- scripts/remote_debug.py | 36 ++ tests/api/deprecated.py | 30 +- tests/api/gef_arch.py | 45 +- tests/api/gef_disasemble.py | 30 -- tests/api/gef_disassemble.py | 51 ++ tests/api/gef_heap.py | 45 +- tests/api/gef_session.py | 98 ++-- tests/api/misc.py | 169 ++++-- tests/base.py | 108 ++++ tests/binaries/Makefile | 6 + tests/binaries/class.cpp | 29 + tests/commands/aliases.py | 54 +- tests/commands/aslr.py | 57 +- tests/commands/canary.py | 43 +- tests/commands/checksec.py | 53 +- tests/commands/context.py | 4 +- tests/commands/dereference.py | 74 +-- tests/commands/edit_flags.py | 68 +-- tests/commands/elf_info.py | 8 +- tests/commands/entry_break.py | 18 +- tests/commands/format_string_helper.py | 27 +- tests/commands/functions.py | 11 +- tests/commands/gef.py | 96 ++-- tests/commands/gef_remote.py | 74 ++- tests/commands/got.py | 26 +- tests/commands/heap.py | 314 +++++++---- tests/commands/heap_analysis.py | 24 +- tests/commands/hexdump.py | 23 +- tests/commands/highlight.py | 23 +- tests/commands/hijack_fd.py | 8 +- tests/commands/ksymaddr.py | 19 - tests/commands/memory.py | 118 ++-- tests/commands/name_break.py | 19 +- tests/commands/nop.py | 408 +++++++------- tests/commands/patch.py | 92 ++-- tests/commands/pattern.py | 83 +-- tests/commands/pcustom.py | 132 +++-- tests/commands/pie.py | 46 +- tests/commands/print_format.py | 61 ++- tests/commands/process_search.py | 52 +- tests/commands/process_status.py | 17 +- tests/commands/registers.py | 32 +- tests/commands/reset_cache.py | 11 +- tests/commands/scan.py | 24 +- tests/commands/search_pattern.py | 37 +- tests/commands/shellcode.py | 28 +- tests/commands/skipi.py | 67 ++- tests/commands/smart_eval.py | 14 +- tests/commands/stub.py | 49 +- tests/commands/theme.py | 20 +- tests/commands/trace_run.py | 19 +- tests/commands/version.py | 10 +- tests/commands/vmmap.py | 21 +- tests/commands/xfiles.py | 17 +- tests/commands/xinfo.py | 34 +- tests/commands/xor_memory.py | 26 +- tests/config/__init__.py | 89 +++- tests/functions/elf_sections.py | 97 ++-- tests/perf/benchmark.py | 50 +- tests/perf/context_times.sh | 75 --- tests/regressions/gdbserver_connection.py | 14 +- tests/regressions/registers_register_order.py | 90 +++- tests/requirements.txt | 1 + tests/utils.py | 303 ++++------- 77 files changed, 2888 insertions(+), 1939 deletions(-)
Full Changelog: 2023.08...2024.01
-
-
submodules: Bump outdated
-
v4.2.2
-
Please see the file CHANGELOG for a detailed list of changes.
Asset / File Description / Host OS die_sourcecode_3.09.tar.gz Source code tarball Detect_It_Easy-3.09-x86_64.AppImage Portable version for Linux How to run die_3.09_Debian_10_amd64.deb Installer for Debian 10 die_3.09_Debian_11_amd64.deb Installer for Debian 11 die_3.09_Debian_12_amd64.deb Installer for Debian 12 die_3.09_Ubuntu_14.04_amd64.deb Installer for Ubuntu 14.04 die_3.09_Ubuntu_16.04_amd64.deb Installer for Ubuntu 16.04 die_3.09_Ubuntu_18.04_amd64.deb Installer for Ubuntu 18.04 die_3.09_Ubuntu_20.04_amd64.deb Installer for Ubuntu 20.04 die_3.09_Ubuntu_22.04_amd64.deb Installer for Ubuntu 22.04 die_3.09_Ubuntu_22.10_amd64.deb Installer for Ubuntu 22.10 die_3.09_Ubuntu_23.04_amd64.deb Installer for Ubuntu 23.04 die_3.09_Ubuntu_23.10_amd64.deb Installer for Ubuntu 23.10 die_3.09_Kali_2023.4_amd64 Installer for Kali 2023.4 die_3.09_Parrot_5.3_amd64.deb Installer for Ubuntu 23.10 die_3.09_portable_Ubuntu_20.04_amd64.tar.gz Portable version for Ubuntu 20.04 detect-it-easy-3.09-1-x86_64.pkg.tar.zst Installer for Arch Linux die_mac_3.09_x86_64.pkg Installer for macOS die_mac_qt6_3.09_arm64.pkg Installer for macOS Qt6 M1 processor die_mac_portable_3.09_x86_64.zip Portable version for macOS die_win32_portable_3.09_x86.zip Portable version for x86 Win32 (Win7-Win11) die_win64_portable_3.09_x64.zip Portable version for x64 Win64 (Win7-Win11) die_winxp_portable_3.09_x86.zip Portable version for Windows XP (WinXP-Win11) Experimental versions - There may be bugs in the GUI
Asset / File Description / Host OS die_win64_qt6_portable_3.09_x64.zip Portable version for x64 Win64 Qt6 (Win10-Win11) -
-
General:
- On Sonoma use the new text insertion style
- Bookmarks no longer mark the document as edited
- Release notes now support dark mode
Jump to Offset:
- Highlight only applies to a single byte
- Remove rounded corners on highlight overlay
- Extend visible time to 0.5 seconds
Compare:
- Refinements to menu items enablement for Compare
- Byte Theme and Columns apply to the left side of Compare
Templates:
- Fix nested section error handling
- Add
-utcOffset
argument to unixtime and macdate
-
See https://frida.re/news/ for details.
Saferwall saferwall-helm-chart-0.5.0
em Releases de software
Postado
A hackable malware sandbox for the 21st Century
Download