

The airflow/ folder handles distributed computing for static analyses.Each individual analyses may need to change.The slave nodes connect to the broker and fetches jobs from broker.The master node load the list of jobs (packages and their versions to analyze), send them to the rabbitmq broker.The main/ folder handles distributed computing for metadata and dynamic analyses.Each individual analyses should be developed and contained in this folder.In particular, for static/dynamic/metadata analysis, the jobs in src/ folder should be handling only one package and one versoin.
OSQUERY VS SYSDIG CODE

OSQUERY VS SYSDIG INSTALL
sudo apt-get install -yqq curl php git ruby-full rubygems-integration nuget python python-pip python3-pip npm jq strace.for the others (TODO: simplify this giant list).pip install -r src/requirements.txt -user.for js and python static analysis development.these instructions are simply copied from the Dockerfile, look into it for troubleshooting. if you find them not working on other systems, please fix and commit the necessary changes. the instructions are for ubuntu 16.04.install dependencies locally and test it.change to the mapped mounted source root and start making changes.sudo docker run -it -rm -v $(pwd):/code maloss /bin/bash.run the docker image and map your local source root to it.re-build docker image without cache (used when re-building image).build the maloss docker image and test inside it.


There are two ways to prepare dependencies To test and run the project locally, you need dependencies.MacOS and Windows), please look at setup.sh and figure out their equivalencies If you find this repository helpful, please cite our Measuring Supply Chain Attacks on Package Managers for Interpreted Languages},Īuthor=, This repository is open sourced under MIT license.
OSQUERY VS SYSDIG HOW TO
For how to request access to the supply chain attack samples, please refer to request instructions For how to deploy on machines, please refer to deploy instructions. Please find the todo list here.įor how to run commands, please refer to howto section. We are actively working on the testing and improvements. The majority of the code is updated until May 2019, which indicates that some components may not work any more.Įspecially the components that depends on external tools (e.g. This project analyzes open source projects for malware.ĭue to the high demand of the community, we decide to open source the code as it is now, to allow collaboration. Static analysis tools for different languages.Statistics for different package managers.
