From f89a440b0949048a04d20db1fc640faf99845f23 Mon Sep 17 00:00:00 2001
From: Herman Slatman <hermanslatman@hotmail.com>
Date: Sat, 18 Jul 2020 00:01:38 +0200
Subject: [PATCH 1/2] Add FireEye capa

---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index 76750c1..0d4ee5c 100644
--- a/README.md
+++ b/README.md
@@ -535,6 +535,7 @@ the [browser malware](#browser-malware) section.*
   that is an alternative to IDA.
 * [Binwalk](https://github.com/devttys0/binwalk) - Firmware analysis tool.
 * [BluePill](https://github.com/season-lab/bluepill) - Framework for executing and debugging evasive malware and protected executables.
+* [capa](https://github.com/fireeye/capa) - Detects capabilities in executable files.
 * [Capstone](https://github.com/aquynh/capstone) - Disassembly framework for
   binary analysis and reversing, with support for many architectures and
   bindings in several languages.

From 0565cbd96f86a244b18676d3ee75080212d678ff Mon Sep 17 00:00:00 2001
From: Herman Slatman <hermanslatman@hotmail.com>
Date: Sat, 18 Jul 2020 00:05:52 +0200
Subject: [PATCH 2/2] Move capa to Detection and Classification section

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 0d4ee5c..134561e 100644
--- a/README.md
+++ b/README.md
@@ -226,6 +226,7 @@ View Chinese translation: [恶意软件分析大合集.md](恶意软件分析大
 * [BinaryAlert](https://github.com/airbnb/binaryalert) - An open source, serverless
   AWS pipeline that scans and alerts on uploaded files based on a set of
   YARA rules.
+* [capa](https://github.com/fireeye/capa) - Detects capabilities in executable files.
 * [chkrootkit](http://www.chkrootkit.org/) - Local Linux rootkit detection.
 * [ClamAV](http://www.clamav.net/) - Open source antivirus engine.
 * [Detect It Easy(DiE)](https://github.com/horsicq/Detect-It-Easy) - A program for
@@ -535,7 +536,6 @@ the [browser malware](#browser-malware) section.*
   that is an alternative to IDA.
 * [Binwalk](https://github.com/devttys0/binwalk) - Firmware analysis tool.
 * [BluePill](https://github.com/season-lab/bluepill) - Framework for executing and debugging evasive malware and protected executables.
-* [capa](https://github.com/fireeye/capa) - Detects capabilities in executable files.
 * [Capstone](https://github.com/aquynh/capstone) - Disassembly framework for
   binary analysis and reversing, with support for many architectures and
   bindings in several languages.