Skip to content

jordan-wright/ossmalware

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits

pkg

pkg

 
 

scripts

scripts

 
 

terraform

terraform

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

go.mod

go.mod

 
 

go.sum

go.sum

 
 

main.go

main.go

 
 

tcpdump.Dockerfile

tcpdump.Dockerfile

 
 

Repository files navigation

ossmalware

Attempts to use dynamic analysis to find malware hosted on package managers.

Current Status

This is currently a personal project, so getting setup isn't streamlined. I'll be working to improve this shortly.

Getting Started

The first thing you'll need to do is to change up the variables in the terraform/ directory to point to an S3 bucket and SQS queue you control.

Then, you'll need to create an EC2 instance with permission to write to S3 and read from SQS.

When you're SSH'd into that EC2 instance, run the scripts/setup.sh script in this repository to bootstrap the host. This downloads the various Docker images and tooling (like sysdig and tcpdump) that you'll need during analysis.

Then, you can adjust the environment variables in the scripts/start.sh script in this repository, then run it to start listening for packages on the SQS queue.

At this point, you can upload packages to SQS and the worker(s) will start processing them.

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

91 stars

Watchers

8 watching

Forks

5 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages