Try Vault1337 for yourself!


Tools

These are the tools that are available in the Vault1337 project

Tool/Subtool Description
Strings Shows all strings from a sample
LIEF Parser
- DOS Header
- Rich Header
- PE Header
- Engtrypoint
- Sections
- Imports
Utiliese the Lief-Project
Hex Viewer Returns a hex view of a sample
PDF Parser Utilises PyPDF2 to dump the data from PDF samples
OLE Tools
- OLEID
- OLEMETA
- OLEDUMP
- OLEVBA
- RTFOBJ
- OLEOBJ
Utilises OLE Tools to analyse Microsoft OLE2 samples
ExifTool Requires ExifTool by Phil Harvey to display Exif data
IOC Extractor (work in progress) A script I am working on to extract IOCs from samples
Yara Create, Edit and run Yara rules against samples


Manual Installation

Step Instruction
Update your distro sudo apt update && sudo apt upgrade -y
Install extra dependancies sudo apt install exiftool libmpc-dev git-all -y
Download the vault - Clone the repository and make sure to take ownership of the files cd /var/www (or where ever you want it to live)
git clone https://github.com/DanDreadless/Vault1337/
sudo chown -R your_user:your_user
cd Vault1337/
python venv - Create a python virtual environment and install the requirements python3 -m venv env
source env/bin/activate
pip install -r requirements.txt
Generate a new APP Key - rename the .env.sample to .env and copy your new key inside python3 -c 'from django.core.management.utils import get_random_secret_key; print(get_random_secret_key())'
Initialise database python3 manage.py makemigrations
python3 manage.py migrate
Create SuperUser python3 manage.py createsuperuser
Create samples folder - I'll fix this step in the code soon mkdir vault/samples
mkdir vault/yara-rules
You're good to go! Run the app server python3 manage.py runserver


Installation Script (Work in Progress)

Step Instruction
Update your distro sudo apt update && sudo apt upgrade -y
Install extra dependancies sudo apt install exiftool libmpc-dev git-all -y
Download the vault - Clone the repository and
make sure to take ownership of the files
cd /var/www (or where ever you want it to live)
git clone https://github.com/DanDreadless/Vault1337/
sudo chown -R your_user:your_user
cd Vault1337/
Make the install script executable chmod +x install.sh
Execute the script ./install.sh
You're good to go! Run the app server python3 manage.py runserver

What does the script do?

  1. Create Necessary Directories
    - mkdir -p vault/samples and mkdir -p vault/yara-rules are used to create the required directories.
  2. Set Up Python Virtual Environment
    - python3 -m venv env creates a virtual environment named env.
    - source env/bin/activate activates the virtual environment.
  3. Install Required Python Packages with Error Handling
    - The pip install -r requirements.txt command is wrapped in an if statement to check if it succeeds.
    - If the command fails, it prints an error message and exits the script with a non-zero status.
  4. Apply Database Migrations with Error Handling
    - The python3 manage.py makemigrations and python3 manage.py migrate commands are also wrapped in an if statement to ensure they succeed.
  5. Prompt User to Create a Superuser with Error Handling
    - The python3 manage.py createsuperuser command is wrapped in an if statement to ensure it succeeds.
  6. Generate and Display Django Secret Key
    - The script generates a Django secret key using Python and displays it to the user.