-
Notifications
You must be signed in to change notification settings - Fork 567
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #222 from fireeye/release-v1.1.0
draft v1.1.0 release
- Loading branch information
Showing
2 changed files
with
89 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,88 @@ | ||
| # Change Log | ||
|
|
||
| ## v1.1.0 (2020-08-05) | ||
|
|
||
| This release brings new rule format updates, such as adding `offset/x32` and negative offsets, | ||
| fixes some bugs identified by the community, and 28 (!) new rules. | ||
| We received contributions from eight reverse engineers, including four new ones: | ||
|
|
||
| - @re-fox | ||
| - @psifertex | ||
| - @bitsofbinary | ||
| - @threathive | ||
|
|
||
| Download a standalone binary below and checkout the readme [here on GitHub](https://github.com/fireeye/capa/). Report issues on our [issue tracker](https://github.com/fireeye/capa/issues) and contribute new rules at [capa-rules](https://github.com/fireeye/capa-rules/). | ||
|
|
||
| ### New features | ||
|
|
||
| - import: add Binary Ninja import script #205 #207 @psifertex | ||
| - rules: offsets can be negative #197 #208 @williballenthin | ||
| - rules: enable descriptions for statement nodes #194 #209 @Ana06 | ||
| - rules: add arch flavors to number and offset features #210 #216 @williballenthin | ||
| - render: show SHA1/SHA256 in default report #164 @threathive | ||
| - tests: add tests for IDA Pro backend #202 @williballenthin | ||
|
|
||
| ### New rules | ||
|
|
||
| - check for unmoving mouse cursor @BitsOfBinary | ||
| - check mutex and exit @re-fox | ||
| - parse credit card information @re-fox | ||
| - read ini file @re-fox | ||
| - validate credit card number with luhn algorithm @re-fox | ||
| - change the wallpaper @re-fox | ||
| - acquire debug privileges @williballenthin | ||
| - import public key @williballenthin | ||
| - terminate process by name @williballenthin | ||
| - encrypt data using DES @re-fox | ||
| - encrypt data using DES via WinAPI @re-fox | ||
| - hash data using sha1 via x86 extensions @re-fox | ||
| - hash data using sha256 via x86 extensions @re-fox | ||
| - capture network configuration via ipconfig @re-fox | ||
| - hash data via WinCrypt @michael-hunhoff | ||
| - get file attributes @michael-hunhoff | ||
| - allocate thread local storage @michael-hunhoff | ||
| - get thread local storage value @michael-hunhoff | ||
| - set thread local storage @michael-hunhoff | ||
| - get session integrity level @michael-hunhoff | ||
| - add file to cabinet file @michael-hunhoff | ||
| - flush cabinet file @michael-hunhoff | ||
| - open cabinet file @michael-hunhoff | ||
| - gather firefox profile information @re-fox | ||
| - encrypt data using skipjack @re-fox | ||
| - encrypt data using camellia @re-fox | ||
| - hash data using tiger @re-fox | ||
| - encrypt data using blowfish @re-fox | ||
| - encrypt data using twofish @re-fox | ||
|
|
||
| ### Bug fixes | ||
|
|
||
| - linter: fix exception when examples is `None` @Ana06 | ||
| - linter: fix suggested recommendations via templating @williballenthin | ||
| - render: fix exception when rendering counts @williballenthin | ||
| - render: fix render of negative offsets @williballenthin | ||
| - extractor: fix segmentation violation from vivisect @williballenthin | ||
| - main: fix crash when .viv cannot be saved #168 @secshoggoth @williballenthin | ||
| - main: fix shellcode .viv save path @williballenthin | ||
|
|
||
| ### Changes | ||
|
|
||
| - doc: explain how to bypass gatekeeper on macOS @psifertex | ||
| - doc: explain supported linux distributions @Ana06 | ||
| - doc: explain submodule update with --init @psifertex | ||
| - main: improve program help output @mr-tz | ||
| - main: disable progress when run in quiet mode @mr-tz | ||
| - main: assert supported IDA versions @mr-tz | ||
| - extractor: better identify nested pointers to strings @williballenthin | ||
| - setup: specify vivisect download url @Ana06 | ||
| - setup: pin vivisect version @williballenthin | ||
| - setup: bump vivisect dependency version @williballenthin | ||
| - setup: set Python project name to `flare-capa` @williballenthin | ||
| - ci: run tests and linter via Github Actions @Ana06 | ||
| - hooks: run style checkers and hide stashed output @Ana06 | ||
| - linter: ignore period in rule filename @williballenthin | ||
| - linter: warn on nursery rule with no changes needed @williballenthin | ||
|
|
||
| ### Raw diffs | ||
|
|
||
| - [capa v1.0.0...v1.1.0](https://github.com/fireeye/capa/compare/v1.0.0...v1.1.0) | ||
| - [capa-rules v1.0.0...v1.1.0](https://github.com/fireeye/capa-rules/compare/v1.0.0...v1.1.0) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1 +1 @@ | ||
| __version__ = "1.0.0" | ||
| __version__ = "1.1.0" |