Update project dependencies and drop support for Python 3.9

[yunzheng]

We now depend on:

• dissect.executable for easier PE parsing
• dissect.util for RangeStream and OverlayStream

Also added dependency-groups for uv and improved linting and formatting.

[codecov]

Codecov Report

❌ Patch coverage is 90.00000% with 3 lines in your changes missing coverage. Please review.
✅ Project coverage is 74.18%. Comparing base (1e0a45e) to head (da74bb6).

Files with missing lines	Patch %	Lines
dissect/cobaltstrike/pe.py	88.88%	3 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main      #82      +/-   ##
==========================================
- Coverage   76.40%   74.18%   -2.22%     
==========================================
  Files          12       12              
  Lines        2729     2716      -13     
==========================================
- Hits         2085     2015      -70     
- Misses        644      701      +57     

Flag	Coverage Δ
unittests	74.18% <90.00%> (-2.22%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[Copilot]

Pull request overview

This pull request updates the project’s dependency set (including introducing dissect.executable and dissect.util) while also raising the supported Python baseline to 3.10+, and adjusts the lint/format workflow around Ruff + pre-commit.

Changes:

• Drop Python 3.9 support (requires-python >=3.10) and refresh dependency versions, adding dissect.executable and dissect.util.
• Refactor PE parsing to use dissect.executable and stream helpers (RangeStream/OverlayStream) with a new lenient PE wrapper.
• Rework linting/formatting: update pre-commit hooks to Ruff + codespell, and split tox into lint vs fix.

Reviewed changes

Copilot reviewed 11 out of 11 changed files in this pull request and generated 5 comments.

Show a summary per file

File	Description
pyproject.toml	Raises Python minimum to 3.10, adds new runtime deps, and introduces dependency-groups for uv.
dissect/cobaltstrike/pe.py	Switches compile/export timestamp extraction to dissect.executable and adds LenientPE.
dissect/cobaltstrike/xordecode.py	Adjusts typing/casting around find_mz_offset usage.
dissect/cobaltstrike/beacon.py	Adjusts typing/casting when wrapping XorEncodedFile.
tox.ini	Splits linting and formatting into separate tox -e lint and tox -e fix envs.
.pre-commit-config.yaml	Replaces black with ruff-format, updates Ruff/codespell hooks and versions.
docs/installation.rst	Updates Python requirement + dependency list; documents new lint/fix commands.
README.rst	Updates stated Python minimum version.
dissect/cobaltstrike/guardrails.py	Import ordering / whitespace cleanup.
tests/test_beacon.py	Formatting-only cleanups and Ruff noqa code adjustment.
tests/test_c2profile.py	Normalizes byte literal hex casing (formatting-only).

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

You can also share your feedback on Copilot code review. Take the survey.