From 7c4a46b7b4235849515bb4455c9788f324858310 Mon Sep 17 00:00:00 2001 From: Moritz Date: Thu, 6 Apr 2023 12:55:25 +0200 Subject: [PATCH] update to v5.1.0 (#1429) * update to v5.1.0 --------- Co-authored-by: Willi Ballenthin --- CHANGELOG.md | 37 +++++++++++++++++++++++++++++-------- capa/version.py | 2 +- 2 files changed, 30 insertions(+), 9 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 31254ffba..9737725a5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,14 +2,38 @@ ## master (unreleased) +### New Features + +### Breaking Changes + +### New Rules (0) + +- + +### Bug Fixes + +### capa explorer IDA Pro plugin + +### Development + +### Raw diffs +- [capa v5.1.0...master](https://github.com/mandiant/capa/compare/v5.1.0...master) +- [capa-rules v5.1.0...master](https://github.com/mandiant/capa-rules/compare/v5.1.0...master) + +## v5.1.0 +capa version 5.1.0 adds a Protocol Buffers (protobuf) format for result documents. Additionally, the [Vector35](https://vector35.com/) team contributed a new feature extractor using Binary Ninja. Other new features are a new CLI flag to override the detected operating system, functionality to read and render existing result documents, and a output color format that's easier to read. + +Over 25 capa rules have been added and improved. + +Thanks for all the support, especially to @xusheng6, @captainGeech42, @ggold7046, @manasghandat, @ooprathamm, @linpeiyu164, @yelhamer, @HongThatCong, @naikordian, @stevemk14ebr, @emtuls, @raymondlleong, @bkojusner, @joren485, and everyone else who submitted bugs and provided feedback! + ### New Features - add protobuf format for result documents #1219 @williballenthin @mr-tz - extractor: add Binary Ninja feature extractor @xusheng6 - new cli flag `--os` to override auto-detected operating system for a sample @captainGeech42 -- Change colour/highlight to "cyan" instead of "blue" for easy noticing.#1384 @ggold7046 +- change colour/highlight to "cyan" instead of "blue" for better readability #1384 @ggold7046 - add new format to parse output json back to capa #1396 @ooprathamm - -### Breaking Changes +- parse ELF symbols' names to guess OS #1403 @yelhamer ### New Rules (26) @@ -39,7 +63,6 @@ - nursery/send-data-to-internet michael.hunhoff@mandiant.com - nursery/compiled-with-cx_freeze @mr-tz - nursery/contain-a-thread-local-storage-tls-section-in-dotnet michael.hunhoff@mandiant.com -- ### Bug Fixes - extractor: removed '.dynsym' as the library name for ELF imports #1318 @stevemk14ebr @@ -51,11 +74,9 @@ - fix exception when plugin loaded in IDA hosted under idat #1341 @mike-hunhoff - improve embedded PE detection performance and reduce FP potential #1344 @mike-hunhoff -### Development - ### Raw diffs -- [capa v5.0.0...master](https://github.com/mandiant/capa/compare/v5.0.0...master) -- [capa-rules v5.0.0...master](https://github.com/mandiant/capa-rules/compare/v5.0.0...master) +- [capa v5.0.0...v5.1.0](https://github.com/mandiant/capa/compare/v5.0.0...v5.1.0) +- [capa-rules v5.0.0...v5.1.0](https://github.com/mandiant/capa-rules/compare/v5.0.0...v5.1.0) ## v5.0.0 (2023-02-08) diff --git a/capa/version.py b/capa/version.py index 1c661ff7b..2c2704022 100644 --- a/capa/version.py +++ b/capa/version.py @@ -1,4 +1,4 @@ -__version__ = "5.0.0" +__version__ = "5.1.0" def get_major_version():