This directory contains FLIRT signatures that capa uses to identify library functions. Typically, capa will ignore library functions, which reduces false positives and improves runtime.
These FLIRT signatures were generated by Mandiant using the Hex-Rays FLAIR tools such as pcf and sigmake.
Mandiant generated the signatures from source data that they collected; these signatures are not derived from the FLIRT signatures distributed with IDA Pro.
The signatures in this directory have the same license as capa: Apache 2.0.