zdw@

+1 for this feature, just ran into this while working on https://github.com/mandiant/capa-rules/pull/1046. i want to match on 3 arguments to a function being 0 but MSVC is emitting xor's to...

@Jinsakai-25 https://github.com/mandiant/capa-testfiles/blob/master/7d333c9b11b06ef0982b61bfc062631bb6cf9d12d0d4f2cf1b807a25ddf62fbc.exe_

many of them are, handle them appropriately with care

it did not extract the API name, that's the point of this featreq - i would like it to

> you analysed the NtFsControlFile dynamic call in ghidra right ? those are IDA screenshots

i have no immediate use case for that, i just thought if there was an easy way to expose that datapoint then it could be interesting for rule authors. if...

with this patch, errors get successfully outputted, nice! ``` $ venv/bin/mitmdump --script ~/mitmproxy_arg_repro/plugin.py --set shout=1 [07:44:08.093] Loading script /mitmproxy_arg_repro/plugin.py [07:44:08.094] error in script /mitmproxy_arg_repro/plugin.py Traceback (most recent call last): File...

huh, for some reason when single stepping in `pdb`, I hit this [`raise exceptions.OptionsError`](https://github.com/mitmproxy/mitmproxy/blob/116e3cd149c895b814df2ab754adc0e97e77703a/mitmproxy/optmanager.py#L403) line, but when running without single stepping into there, it is getting swallowed somewhere (NOTE: my...