Releases: mandiant/flare-floss
Releases · mandiant/flare-floss
v3.1.0
New Features
- updated Rust Version Database and Scripts by @Arker123 in #926
- fix: handle default prompt when stdout is redirected by @Arker123 in #938
- provide an option to install right click menu option for Windows by @lyc8503 in #970
- feat: added decoding functions calls by @RahulSankhla312 in #978
Other Updates
- fix typo in README.md by @sleeyax in #936
- updated various dependencies
- including bump-pydantic from 1.10.9 to 2.6.0 by @Aayush-Goel-04 in #954
- changed deprecated pytest functionality by @Sylan-Padmakumar in #959
- migrate to pyproject toml by @s-ff in #967
- [CI] Update GitHub actions by @rimvydascivilis in #982
New Contributors
- @sleeyax made their first contribution in #936
- @Sylan-Padmakumar made their first contribution in #959
- @s-ff made their first contribution in #967
- @lyc8503 made their first contribution in #970
- @rimvydascivilis made their first contribution in #982
- @RahulSankhla312 made their first contribution in #978
Full Changelog: v3.0.1...v3.1.0
Contributors
sleeyax, s-ff, and 6 other contributors
Assets 5
v3.0.1
v3.0.0
New Features
- identification of programs written in Go, Rust, and .NET
- extraction of strings embedded in Go programs
- extraction of strings embedded in Rust programs
Other Updates
- updates to the IDA plugin
- upgraded minimum required Python version to 3.8
- various bug fixes
- various code quality improvements
Google Summer of Code 2023
@Arker123 contributed the majority of features and improvements during the Google Summer of Code working closely with the Mandiant FLARE team. We'd like to thank him for the great collaboration and discussions before, during, and after the twelve week program.
Contributors
Thanks to all our contributors, including @symbolicvoid, @DiegoRomeo, @sara-rn and especially @Arker123
Full Changelog: v2.3.0...v3.0.0
Contributors
DiegoRomeo, Arker123, and 2 other contributors
Assets 5
QUANTUMSTRAND preview 7
fixes:
- PyInstaller build
QUANTUMSTRAND preview 6
changes:
- add column to show
Uto indicated UTF-16LE string (versus ASCII default) - add database of common junk code strings
- add -n minimum string length CLI option
QUANTUMSTRAND preview 5
changes:
- parse and display PE Authenticode signature region
fixes:
- handling of non-PE files
- various PE and code parsing fixes in lancelot
v2.3.0
New Features
- added false positive string filters
- use rich library for rendering of output and traceback
- initial detection of binaries compiled using Go
- updated dependencies
Other Updates
- various bug fixes
Contributors
Thanks to all our contributors, including @d01a, @Arker123, @Dobatymo, @Aayush-Goel-04, @symbolicvoid, @EmperialX, @ggold7046, @ooprathamm, @deepaksirohiwal, and @DeeyaSingh!
Contributors
Dobatymo, deepaksirohiwal, and 8 other contributors
Assets 5
QUANTUMSTRAND preview 4
changes:
- re-enable structure hints for strings found in known structures
- tweak color used to display string address
QUANTUMSTRAND preview 3
changes:
- recursively parse PE files, such as those found with resources
- add additional global prevalence database derived from 7 days of VT downloads
- render regions with borders to better show groupings
- don't show library tags when there are less than five matches to avoid false positives
- hide strings that overlap with code
QUANTUMSTRAND preview 2
