Skip to content

Instantly share code, notes, and snippets.

@mr-tz

mr-tz/embed-dependencies-as-resources-using-fody-costura.yml

Created August 11, 2022 08:16
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save mr-tz/46983e141a6f6ac9654b75ec86748a7d to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save mr-tz/46983e141a6f6ac9654b75ec86748a7d to your computer and use it in GitHub Desktop.
Download ZIP
Raw
embed-dependencies-as-resources-using-fody-costura.yml
rule:
meta:
name: embed dependencies as resources using Fody/Costura
namespace: executable/resource
authors:
- @mr-tz
scope: file
features:
- or:
- class: ProcessedByFody
- namespace: Costura
- class: Costura.AssemblyLoader
@mr-tz
Copy link
Author

mr-tz commented Aug 11, 2022

Test run:

$ capa 5726b391becb03320d53559fa81bf87ac89bca15ccff416581084cc9a9f01cac.exe_ -r rules/nursery/ embed-dependencies-as-resources-using-fody-costura.yml  -vv
loading : 100%|███████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████| 1/1 [00:00<00:00, 335.81 rules/s]
matching: 100%|██████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████| 113/113 [00:00<00:00, 292.43 functions/s, skipped 0 library functions]
md5                     ee9cc441ab7d23a82a48f6af6ae0634f
sha1                    6bd0e26e0b5e1c7d2e98c465d18e67235d3f55ec
sha256                  5726b391becb03320d53559fa81bf87ac89bca15ccff416581084cc9a9f01cac
path                    tests\data\dotnet\5726b391becb03320d53559fa81bf87ac89bca15ccff416581084cc9a9f01cac.exe_
timestamp               2022-08-11 10:14:49.893450
capa version            4.0.0
os                      windows
format                  pe
arch                    i386
extractor               DnfileFeatureExtractor
base address            global
rules                   C:\Users\moritz.raabe\code\Exclusions\capa\rules\nursery\ fody-costura.yml
function count          113
library function count  0
total feature count     8902

embed dependencies as resources using Fody/Costura
namespace  executable/resource
author     @mr-tz
scope      file
or:
  class: ProcessedByFody @ token(0x2000010)
  namespace: Costura @ global
  class: Costura.AssemblyLoader @ token(0x200000F)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment