update screenshot rule: add display regex and GDI+ routines#1148
Open
cipherBT wants to merge 1 commit intomandiant:masterfrom
Open
update screenshot rule: add display regex and GDI+ routines#1148cipherBT wants to merge 1 commit intomandiant:masterfrom
cipherBT wants to merge 1 commit intomandiant:masterfrom
Conversation
Collaborator
|
@cipherBT please post a screenshot of the unit tests passing locally before we give this a review. |
Author
Hi @mike-hunhoff Here are the local test results Results: 944 passed, 566 skipped, 179 xfailed, 1 xpassed, 1 failed The single failure ( All rule-related tests pass cleanly. I have also verified locally that the updated rule successfully detects the GDI+ screenshot behavior against the |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
closes #981
Hi! I'm an undergraduate student actively preparing a proposal for the Automated Rule Generation GSoC 2026 project. This PR fixes the false negatives for the screenshot capability by accurately implementing @williballenthin original suggestions.
I have verified it locally and ran it against the
2f8...sandbox report to ensure the GDI+ branch fires successfully. Since this is my first time modifying existing rule architecture, I would deeply appreciate any review or feedback on the formatting!