-
Notifications
You must be signed in to change notification settings - Fork 229
Analyzers
To-om edited this page Jan 18, 2017
·
17 revisions
Analyzers are not included in the Cortex core project. They are in a dedicated GitHub repository Cortex-Analyzers. Currently, analyzers are autonomous application, hosted in Cortex server. This will change in future (see our road map).
Provided analyzers are written in Python. They don't require any build phase but their dependencies must be installed.
First, clone the repository to get up-to-dated analyzers:
cd /opt/cortex
git clone https://github.com/CERT-BDF/Cortex-Analyzers
First ensure python-pip and its dependencies are installed
apt-get install python-pip python2.7-dev
Analyzers use a base library cortexutils which to common tasks (get configuration parameters, parse inputs, format outputs, ...)
sudo pip install cortexutils
Then you must install dependencies of each analyzers
sudo pip install datetime simplejson
install pehashng:
git clone https://github.com/AnyMaster/pehashng
cd pehashng
sudo python setup.py install
and other dependencies:
sudo apt-get install ssdeep libfuzzy-dev libfuzzy2 libimage-exiftool-perl
sudo -E pip install python-magic pefile2 hashlib pydeep pyexifinfo oletools olefile