ossmalware

command module

v0.0.0-...-0b6db94 Latest Latest Go to latest Published: Nov 30, 2020 License: MIT Imports: 11 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/jordan-wright/ossmalware

Links

Open Source Insights

README ¶

ossmalware

Attempts to use dynamic analysis to find malware hosted on package managers.

Current Status

This is currently a personal project, so getting setup isn't streamlined. I'll be working to improve this shortly.

Getting Started

The first thing you'll need to do is to change up the variables in the terraform/ directory to point to an S3 bucket and SQS queue you control.

Then, you'll need to create an EC2 instance with permission to write to S3 and read from SQS.

When you're SSH'd into that EC2 instance, run the scripts/setup.sh script in this repository to bootstrap the host. This downloads the various Docker images and tooling (like sysdig and tcpdump) that you'll need during analysis.

Then, you can adjust the environment variables in the scripts/start.sh script in this repository, then run it to start listening for packages on the SQS queue.

At this point, you can upload packages to SQS and the worker(s) will start processing them.

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
pkg
consumer
docker
library
processor
sysdig
tcpdump
uploader

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL