These are the tools that are available in the Vault1337 project
Tool/Subtool | Description |
---|---|
Strings | Shows all strings from a sample |
LIEF Parser- DOS Header
- Rich Header
- PE Header
- Engtrypoint
- Sections
- Imports
|
Utiliese the Lief-Project |
Hex Viewer | Returns a hex view of a sample |
PDF Parser | Utilises PyPDF2 to dump the data from PDF samples |
OLE Tools- OLEID
- OLEMETA
- OLEDUMP
- OLEVBA
- RTFOBJ
- OLEOBJ
|
Utilises OLE Tools to analyse Microsoft OLE2 samples |
ExifTool | Requires ExifTool by Phil Harvey to display Exif data |
IOC Extractor (work in progress) | A script I am working on to extract IOCs from samples |
Yara | Create, Edit and run Yara rules against samples |
Step | Instruction |
---|---|
Update your distro | sudo apt update && sudo apt upgrade -y |
Install extra dependancies | sudo apt install exiftool libmpc-dev git-all -y |
Download the vault - Clone the repository and make sure to take ownership of the files |
cd /var/www (or where ever you want it to live) |
python venv - Create a python virtual environment and install the requirements |
python3 -m venv env |
Generate a new APP Key - rename the .env.sample to .env and copy your new key inside | python3 -c 'from django.core.management.utils import get_random_secret_key; print(get_random_secret_key())' |
Initialise database |
python3 manage.py makemigrations |
Create SuperUser | python3 manage.py createsuperuser |
Create samples folder - I'll fix this step in the code soon |
mkdir vault/samples |
You're good to go! Run the app server | python3 manage.py runserver |
Step | Instruction |
---|---|
Update your distro | sudo apt update && sudo apt upgrade -y |
Install extra dependancies | sudo apt install exiftool libmpc-dev git-all -y |
Download the vault - Clone the repository and make sure to take ownership of the files |
cd /var/www (or where ever you want it to live) |
Make the install script executable | chmod +x install.sh |
Execute the script | ./install.sh |
You're good to go! Run the app server | python3 manage.py runserver |
- mkdir -p vault/samples and mkdir -p vault/yara-rules are used to create the required directories.
- python3 -m venv env creates a virtual environment named env.
- source env/bin/activate activates the virtual environment.
- The pip install -r requirements.txt command is wrapped in an if statement to check if it succeeds.
- If the command fails, it prints an error message and exits the script with a non-zero status.
- The python3 manage.py makemigrations and python3 manage.py migrate commands are also wrapped in an if statement to ensure they succeed.
- The python3 manage.py createsuperuser command is wrapped in an if statement to ensure it succeeds.
- The script generates a Django secret key using Python and displays it to the user.