Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Manalyze analyzer #116

Closed
lctrcl opened this issue Oct 22, 2017 · 8 comments
Closed

Manalyze analyzer #116

lctrcl opened this issue Oct 22, 2017 · 8 comments
Assignees
@3c7
Labels
category:feature-request Issue is related to a feature request scope:analyzer Issue is analyzer related status:merged status:pr-submitted
Milestone
1.13.0

Comments

@lctrcl
Copy link

lctrcl commented Oct 22, 2017

Request Type

Analyzer

Work Environment

N/A

Description

Create analyzer for Manalyze, static analyzer for PE executables.

I created initial analyzer for Manalyze, using this quite a lot for quick malware triage. Feel free to try it out, it has very basic report template because my angular and html skills are not good. Requires docker.

https://github.com/lctrcl/cortex-analyzers
@saadkadhi saadkadhi added scope:analyzer Issue is analyzer related category:feature-request Issue is related to a feature request labels Oct 25, 2017
@saadkadhi
Copy link
Contributor

@lctrcl wouldn't it be possible to remove the docker requirement?

@lctrcl
Copy link
Author

lctrcl commented Oct 25, 2017

@saadkadhi I certainly can, and it would require compile Manalyze from sources. But I also would like to keep docker option, as it's quite easy to deploy without managing additional requirements (except for having docker).
Should I create this as separate analyzers?

@saadkadhi
Copy link
Contributor

Thanks for your reply. Stay put. We'll look at the code and let you know if we can stay like this or not? At any rate, thanks for your contribution!

@JusticeRage
Copy link

Hi! I'm Manalyze's original developer. Is there something I can do to help this happen? I would love to see the tool available in The Hive.

@saadkadhi
Copy link
Contributor

Ping @3c7

@3c7
Copy link
Contributor

3c7 commented Jun 28, 2018

The analyzer provided by @lctrcl looks fine. I'd prefer to let the user choose if using docker or the native binary. If using docker, I need to check if it works with the containerized analyzers in #171. I think it might be possible to implement a Manalyzer analyzer for Cortex-Analyzers 1.12.0.

@3c7 3c7 added this to the 1.12.0 milestone Jun 28, 2018
@3c7
Copy link
Contributor

3c7 commented Aug 16, 2018

Currently in the process of integrating manalyze as FileInfo submodule.

@3c7 3c7 mentioned this issue Aug 17, 2018
Merged
@3c7
Copy link
Contributor

3c7 commented Sep 3, 2018

Finished and tested in #333 and ready for review/merge

jeromeleonard added a commit that referenced this issue Sep 17, 2018
@jeromeleonard
#333 #116 update with packer report
92ccb6c
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@3c7 3c7

Labels
category:feature-request Issue is related to a feature request scope:analyzer Issue is analyzer related status:merged status:pr-submitted
Projects
None yet
Milestone
1.13.0
Development

No branches or pull requests
5 participants
@lctrcl @3c7 @saadkadhi @JusticeRage @jeromeleonard