Merge branch 'master' into fix/issue-1579

mandiant · Jul 10, 2023 · 430f9da · 430f9da
2 parents ae10a2e + fc1dd40
commit 430f9da
Show file tree

Hide file tree

Showing 4 changed files with 6 additions and 3 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -12,7 +12,7 @@
 - Update Metadata type in capa main [#1411](https://github.com/mandiant/capa/issues/1411) [@Aayush-Goel-04](https://github.com/aayush-goel-04) @manasghandat
 - Python 3.8 is now the minimum supported Python version #1578 @williballenthin
 
-### New Rules (22)
+### New Rules (23)
 
 - load-code/shellcode/execute-shellcode-via-windows-callback-function ervin.ocampo@mandiant.com jakub.jozwiak@mandiant.com
 - nursery/execute-shellcode-via-indirect-call ronnie.salomonsen@mandiant.com
@@ -35,6 +35,7 @@
 - anti-analysis/anti-debugging/debugger-evasion/hide-thread-from-debugger michael.hunhoff@mandiant.com jakub.jozwiak@mandiant.com
 - host-interaction/memory/create-new-application-domain-in-dotnet jakub.jozwiak@mandiant.com
 - host-interaction/gui/switch-active-desktop jakub.jozwiak@mandiant.com
+- host-interaction/service/query-service-configuration @mr-tz
 -
 
 ### Bug Fixes

diff --git a/README.md b/README.md
@@ -2,7 +2,7 @@
 
 [![PyPI - Python Version](https://img.shields.io/pypi/pyversions/flare-capa)](https://pypi.org/project/flare-capa)
 [![Last release](https://img.shields.io/github/v/release/mandiant/capa)](https://github.com/mandiant/capa/releases)
-[![Number of rules](https://img.shields.io/badge/rules-810-blue.svg)](https://github.com/mandiant/capa-rules)
+[![Number of rules](https://img.shields.io/badge/rules-811-blue.svg)](https://github.com/mandiant/capa-rules)
 [![CI status](https://github.com/mandiant/capa/workflows/CI/badge.svg)](https://github.com/mandiant/capa/actions?query=workflow%3ACI+event%3Apush+branch%3Amaster)
 [![Downloads](https://img.shields.io/github/downloads/mandiant/capa/total)](https://github.com/mandiant/capa/releases)
 [![License](https://img.shields.io/badge/license-Apache--2.0-green.svg)](LICENSE.txt)

diff --git a/rules b/rules
diff --git a/tests/test_binja_features.py b/tests/test_binja_features.py
@@ -39,6 +39,8 @@
     indirect=["sample", "scope"],
 )
 def test_binja_features(sample, scope, feature, expected):
+    if feature == capa.features.common.Characteristic("stack string"):
+        pytest.xfail("skip failing Binja stack string detection temporarily, see #1473")
     fixtures.do_test_feature_presence(fixtures.get_binja_extractor, sample, scope, feature, expected)
+1 −1		README.md
+15 −0		host-interaction/service/query-service-configuration.yml