Skip to content

Commit

Permalink
update to v5.1.0 (#1429)
Browse files Browse the repository at this point in the history 
* update to v5.1.0

---------

Co-authored-by: Willi Ballenthin <[email protected]>
  • Loading branch information
@mr-tz @williballenthin
mr-tz and williballenthin authored Apr 6, 2023
1 parent 8fe88f6 commit 7c4a46b
Show file tree
Hide file tree
Showing 2 changed files with 30 additions and 9 deletions.
37 changes: 29 additions & 8 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,14 +2,38 @@

## master (unreleased)

### New Features

### Breaking Changes

### New Rules (0)

-

### Bug Fixes

### capa explorer IDA Pro plugin

### Development

### Raw diffs
- [capa v5.1.0...master](https://github.com/mandiant/capa/compare/v5.1.0...master)
- [capa-rules v5.1.0...master](https://github.com/mandiant/capa-rules/compare/v5.1.0...master)

## v5.1.0
capa version 5.1.0 adds a Protocol Buffers (protobuf) format for result documents. Additionally, the [Vector35](https://vector35.com/) team contributed a new feature extractor using Binary Ninja. Other new features are a new CLI flag to override the detected operating system, functionality to read and render existing result documents, and a output color format that's easier to read.

Over 25 capa rules have been added and improved.

Thanks for all the support, especially to @xusheng6, @captainGeech42, @ggold7046, @manasghandat, @ooprathamm, @linpeiyu164, @yelhamer, @HongThatCong, @naikordian, @stevemk14ebr, @emtuls, @raymondlleong, @bkojusner, @joren485, and everyone else who submitted bugs and provided feedback!

### New Features
- add protobuf format for result documents #1219 @williballenthin @mr-tz
- extractor: add Binary Ninja feature extractor @xusheng6
- new cli flag `--os` to override auto-detected operating system for a sample @captainGeech42
- Change colour/highlight to "cyan" instead of "blue" for easy noticing.#1384 @ggold7046
- change colour/highlight to "cyan" instead of "blue" for better readability #1384 @ggold7046
- add new format to parse output json back to capa #1396 @ooprathamm

### Breaking Changes
- parse ELF symbols' names to guess OS #1403 @yelhamer

### New Rules (26)

Expand Down Expand Up @@ -39,7 +63,6 @@
- nursery/send-data-to-internet [email protected]
- nursery/compiled-with-cx_freeze @mr-tz
- nursery/contain-a-thread-local-storage-tls-section-in-dotnet [email protected]
-

### Bug Fixes
- extractor: removed '.dynsym' as the library name for ELF imports #1318 @stevemk14ebr
Expand All @@ -51,11 +74,9 @@
- fix exception when plugin loaded in IDA hosted under idat #1341 @mike-hunhoff
- improve embedded PE detection performance and reduce FP potential #1344 @mike-hunhoff

### Development

### Raw diffs
- [capa v5.0.0...master](https://github.com/mandiant/capa/compare/v5.0.0...master)
- [capa-rules v5.0.0...master](https://github.com/mandiant/capa-rules/compare/v5.0.0...master)
- [capa v5.0.0...v5.1.0](https://github.com/mandiant/capa/compare/v5.0.0...v5.1.0)
- [capa-rules v5.0.0...v5.1.0](https://github.com/mandiant/capa-rules/compare/v5.0.0...v5.1.0)


## v5.0.0 (2023-02-08)
Expand Down
2 changes: 1 addition & 1 deletion capa/version.py
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
__version__ = "5.0.0"
__version__ = "5.1.0"


def get_major_version():
Expand Down

0 comments on commit 7c4a46b

Please sign in to comment.