Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ELF: Detect OS from Go binaries #1987

Merged
merged 27 commits into from
Jun 13, 2024
Merged

ELF: Detect OS from Go binaries #1987

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
27 commits
Select commit Hold shift + click to select a range
fe29bb7
elf: read segment memory size
williballenthin Feb 14, 2024
2b61484
elf: add routine to read mapped memory
williballenthin Feb 14, 2024
720db58
elf: better detect OS for binaries compiled by Go
williballenthin Feb 14, 2024
fc2a1ce
elf: guess OS from Go source filenames
williballenthin Feb 14, 2024
6a31053
changelog
williballenthin Feb 14, 2024
d4daf6a
elf: mypy
williballenthin Feb 14, 2024
84b061d
Merge branch 'master' into go-elf-os-detection
williballenthin Feb 14, 2024
e2436b8
Merge branch 'master' into go-elf-os-detection
williballenthin Feb 14, 2024
430e61e
merge
williballenthin Feb 16, 2024
3dd92f2
elf: add OS detection based on vDSO strings
williballenthin Feb 16, 2024
1af14e8
Merge branch 'go-elf-os-detection' of public.github.com:mandiant/capa…
williballenthin Feb 16, 2024
a66abd1
Merge branch 'fix/2145' into go-elf-os-detection
williballenthin Jun 13, 2024
61f6bed
elf: document VTGrep searches
williballenthin Jun 13, 2024
50e7869
elf: describe further technique to identify Go binaries
williballenthin Jun 13, 2024
d54f8b5
elf: search for `.go.buildinfo` section via @yelhamer
williballenthin Jun 13, 2024
16e1419
black
williballenthin Jun 13, 2024
5097949
elf: detect Alpine Linux ident
williballenthin Jun 13, 2024
7265ed9
elf: log interest symtab entries
williballenthin Jun 13, 2024
9388ae0
tests: add test for OS detection by Go buildinfo
williballenthin Jun 13, 2024
3f2afb1
loader: handle missing viv modules
williballenthin Jun 13, 2024
31f263e
pre-commit: run deptry before tests (which are slow)
williballenthin Jun 13, 2024
2e940ec
loader: describe removing viv symbolic switch solver
williballenthin Jun 13, 2024
4116b71
pyproject: add PyGithub for deptry
williballenthin Jun 13, 2024
a73b466
Merge branch 'master' into go-elf-os-detection
williballenthin Jun 13, 2024
937fa93
black
williballenthin Jun 13, 2024
9948db5
Merge branch 'master' of github.com:mandiant/capa into go-elf-os-dete…
williballenthin Jun 13, 2024
facde1f
Merge branch 'go-elf-os-detection' of github.com:mandiant/capa into g…
williballenthin Jun 13, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 10 additions & 9 deletions .pre-commit-config.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -110,6 +110,16 @@ repos:
always_run: true
pass_filenames: false

- repo: local
hooks:
- id: deptry
name: deptry
stages: [push, manual]
language: system
entry: deptry .
always_run: true
pass_filenames: false

- repo: local
hooks:
- id: pytest-fast
Expand All @@ -128,12 +138,3 @@ repos:
always_run: true
pass_filenames: false

- repo: local
hooks:
- id: deptry
name: deptry
stages: [push, manual]
language: system
entry: deptry .
always_run: true
pass_filenames: false
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@
- Emit "dotnet" as format to ResultDocument when processing .NET files #2024 @samadpls

### New Features
- ELF: detect OS from statically-linked Go binaries #1978 @williballenthin

- add function in capa/helpers to load plain and compressed JSON reports #1883 @Rohit1123
- document Antivirus warnings and VirusTotal false positive detections #2028 @RionEV @mr-tz
Expand Down
Loading
Loading