v2.2.0

New Features

• ignore stackstrings and decoded strings that functions reference before analysis/decoding
• updated dependencies, FLOSS now supports Python 3.11

Other Updates

• macOS builds and tests now use macos-11

v2.1.0

New Features

• add --large-file argument to process larger files
• Python package now contains the signature files to identify library functions

Other Updates

• updated IDA Pro integration and annotation scripts

v2.0.0

This major update brings many new features and improvements. FLOSS now handles an additional string obfuscation technique that we call "tight strings". For details on tight strings and the additional changes please see our FLOSS Version 2.0 release blog post.

New Features

• extract tight strings
• library function recognition via FLIRT signatures
• improved logging and results output
• enhanced decoding and extraction of stackstrings and encoded strings
• shortcut emulation if no results identified
• reduce false positive strings output
• load and render existing results document

Breaking Changes

• simplified usage via improved command-line arguments
• changed many internal functions and the FLOSS API
• FLOSS supports Python 3 only now
• all output is based on JSON results document now
• revamped function identification mechanism and removed old plugin system
• more and enhanced API emulation hooks

Other Updates

• new logo and icon
• updated CI to use GitHub Actions

v1.7.0

adds:

• static string json output format @mr-tz
• test case invoking main @mr-tz
• tests via GH actions @mr-tz
• builds via GH actions, uploads to releases page @williballenthin
• pushed to pypi via GH actions @williballenthin

changes:

• package relative imports @b0urb0n
• register tests in setup.py @b0urb0n
• vivisect version @r0ny123
• code style via black, isort @mr-tz
• test files in sub repo @mr-tz

fixes:

• vivisect pyinstaller @williballenthin
• IDA 7.4+ support @Ana06
• strings algorithm via bytes @jedimasterbot

changes: v1.6.1...v1.7.0

v1.7.0-alpha2

preparing CI for release

v1.7.0-alpha1

preparing CI for release

v1.7.0-alpha0

preparing CI for release v1.7.0

hotfix v1.6.1

fixes the version embedded within the binary

2020 Twizzler

fixes:

• logging levels
• some api function hooks
• code style

adds:

• additional scripts for ida and binja
• cli option to configure max emulation instruction count
• option to emit json file with results

contributors:

• @capnspacehook
• @BenjaminSoelberg
• @fevral
• @Ana06
• @b0urb0n

Thanks, all!

changes

Spring Snake

Major changes:

• filtering of false positive deobfuscated strings
• new --no-filter option to disable filtering
• improved heuristics to find stackstrings
• enhanced stackstrings extraction
• additional API hooks, improving emulation coverage

Please be aware that some of the APIs, e.g. decode_strings and extract_stackstrings, changed.