mr-tz Follow

mr-tz Follow

Moritz mr-tz

Follow

13 followers · 6 following · 4

FLARE/FireEye
Germany
@m_r_tz

Highlights

Arctic Code Vault Contributor

Popular repositories

idapython

IDAPython scripts

Python 8 2
flare-ida

Forked from fireeye/flare-ida

IDA Pro utilities from FLARE team

Python 1
vivisect

Forked from vivisect/vivisect

Python
viv-utils

Forked from williballenthin/viv-utils

Utilities for working with vivisect

Python
blackhat-arsenal-tools

Forked from toolswatch/blackhat-arsenal-tools

Official Black Hat Arsenal Security Tools Repository
flare-floss

Forked from fireeye/flare-floss

FireEye Labs Obfuscated String Solver - Automatically extract obfuscated strings from malware.

Python

198 contributions in the last year

Contribution activity

July 2020

mr-tz/github-issue-templates Jul 13

Created a pull request in fireeye/capa that received 2 comments

account for Windows paths

posixpath.normpath does not alter Windows backslash paths

+6 −2 • 2 comments

doc: add license Jul 16
main: fix version and reorder options Jul 15
remove testbed scripts Jul 14
Update setup.py Jul 14
doc: add usage examples Jul 12
update README Jul 11
main: output updates Jul 9
increase stack cookie byte delta Jul 6
set rule scopes Jul 6
remove unused function.py file Jul 3
ensure string feature values are strings, tests Jul 2
only allow supported scopes Jul 2
fix render, cleanup feature string display Jul 2

Revert "Improve capa checkout in sync workflow" Jul 17
doc: add issue templates Jul 13
update to basic block scope Jul 11
reduce RC4 FPs Jul 3

Fix rule linter and run it in the CI GitHub action Jul 17
main: fix version and reorder options Jul 15
ci: Add GitHub action for style checkers Jul 15
capa explorer: add file menu option to export capa results Jul 15
Add rules number badge to README Jul 14
update README Jul 11
main: output updates Jul 9
Fix testbed Jul 7
add import to IDA script Jul 7
move CI files into .github directory Jul 7
add cli option --color Jul 7
fix #111 Jul 7
#102 #87 Jul 7
#28 contributing guide Jul 7
Remove args from Features Jul 6
Output feature count Jul 6
render: simplify metadata display Jul 6
Remove stale capa features function imports Jul 3
Document how to install development dependencies Jul 3
Fix misplaced type annotation Jul 3
fix #78 count bb Jul 3
render: report header and metadata Jul 2
pyinstaller working on linux/py2 Jul 2
Allow to add a description for every feature Jul 2
Fix KeyError in Range#evaluate() Jul 2
Some pull request reviews not shown.

Improve capa checkout in sync workflow Jul 17
Run rules linter in master and PRs Jul 17
doc: fix/improve rule format documentation Jul 16
Add license badge to README Jul 16
Add rules number badge to README & GitHub actions Jul 14
add murmur hash constants Jul 10

Add GitHub action to sync test/data submodule in capa Jul 17

Fix --ida, broken in IDA >= 7.4 Jul 7

Created an issue in fireeye/capa that received 6 comments

vivisect extractor: bytes features for immediate operands

currently this gets bytes features for many invalid immediate operators if isinstance(oper, envi.archs.i386.disasm.i386ImmOper): v = oper.getOperV…

6 comments

Rule generator IDA Pro plugin Jul 16
-q output: none for packed sample Jul 14
doc: update example in readme Jul 13
Update or temporarily remove IDA rule generator plugin Jul 12
Update setup.py, doc: install rules in git submodule Jul 11
include reference to function that contains a given bb in json doc Jul 11
Reduce info output and output modes Jul 10
output feature count Jul 3
capa explorer fails on Python 2, IDA 7.5 Jul 3
simplify metadata rendering Jul 3
count basic block Jul 2
update serialization of characteristic feature Jul 1
count: 0 - range fails if no feature extracted Jul 1
vivisect/viv-utils - Exception: Invalid File: shellcode Jul 1

Add capa Jul 17

Move doc to .doc directory? Jul 13

You can’t perform that action at this time.