v0.11.0
What's Changed
We're on the road to v1.0.0: #173
Tool Improvements
- Add support for archives within directories by @egibs in #174
- Ignore the bincapz binary by default by @egibs in #167
- Make --ignore-self more precise by @tstromberg in #194
- Import rule URLs, add them to markdown & JSON output by @tstromberg in #165
Rule Improvements
- Add ThreatHunting-Keywords-yara-rules by @egibs in #160
- Add rule to detect references to Github comment attachments by @tstromberg in #166
- Improve rules based on LightSpy + add Huntress to third_party by @tstromberg in #169
- Mask Chrome extension IDs in threat-hunting keyword list by @tstromberg in #177
- Rule improvements based on temporal analysis by @tstromberg in #175
- powershell: detect verbose hidden incantation by @tstromberg in #163
- python/shell rule improvements based on UPSTYLE analysis by @tstromberg in #126
Development Improvements
- remove release job, it does not work as is and need more things by @cpanato in #179
- Use go.mod for setup-go; update golangci-lint by @egibs in #186
- fix reversed got/want in integration test diffs by @tstromberg in #193
- actions: reduce unnecessary lint noise for non-code files by @tstromberg in #152
Full Changelog: v0.10.0...v0.11.0
Contributors
tstromberg, cpanato, and egibs