Skip to content

Commit

Permalink
Merge pull request #101 from EC-DIGIT-CSIRC/feature/folder_structure
Browse files Browse the repository at this point in the history 
chg: [main] new folder structure to be a better module
  • Loading branch information
@cvandeplas
cvandeplas authored Oct 1, 2024
2 parents 17d10b8 + bae5f7f commit 65ed423
Show file tree
Hide file tree
Showing 96 changed files with 380 additions and 387 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/unittest.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ jobs:
run: |
python -m pip install --upgrade pip
pip install flake8 pytest coverage
if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
pip install .
- name: Install yara
run: |
if [ ${{ matrix.os }} == 'ubuntu-latest' ]; then
Expand Down
58 changes: 29 additions & 29 deletions .vscode/launch.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,231 +17,231 @@
"name": "Python Debugger: cases",
"type": "debugpy",
"request": "launch",
"program": "${workspaceFolder}/sysdiagnose.py",
"module": "sysdiagnose.main",
"args": "cases",
"cwd": "${workspaceFolder}/"
},
{
"name": "Python Debugger: init ios15",
"type": "debugpy",
"request": "launch",
"program": "${workspaceFolder}/sysdiagnose.py",
"module": "sysdiagnose.main",
"args": "init 'tests/testdata/iOS15/sysdiagnose_2023.05.24_13-29-15-0700_iPhone-OS_iPhone_19H349.tar.gz'",
"cwd": "${workspaceFolder}/"
},
{
"name": "Python Debugger: -c 1234-345-1345 init ios15",
"type": "debugpy",
"request": "launch",
"program": "${workspaceFolder}/sysdiagnose.py",
"module": "sysdiagnose.main",
"args": "-c 1234-345-1345 init 'tests/testdata/iOS15/sysdiagnose_2023.05.24_13-29-15-0700_iPhone-OS_iPhone_19H349.tar.gz'",
"cwd": "${workspaceFolder}/"
},
{
"name": "Python Debugger: analysers list",
"type": "debugpy",
"request": "launch",
"program": "${workspaceFolder}/sysdiagnose.py",
"module": "sysdiagnose.main",
"args": "analysers",
"cwd": "${workspaceFolder}/"
},
{
"name": "Python Debugger: analyse all",
"type": "debugpy",
"request": "launch",
"program": "${workspaceFolder}/sysdiagnose.py",
"module": "sysdiagnose.main",
"args": "-c public analyse all",
"cwd": "${workspaceFolder}/"
},
{
"name": "Python Debugger: analyse timeliner",
"type": "debugpy",
"request": "launch",
"program": "${workspaceFolder}/sysdiagnose.py",
"module": "sysdiagnose.main",
"args": "-c public analyse timeliner",
"cwd": "${workspaceFolder}/"
},
{
"name": "Python Debugger: analyse demo_analyser",
"type": "debugpy",
"request": "launch",
"program": "${workspaceFolder}/sysdiagnose.py",
"module": "sysdiagnose.main",
"args": "-c public analyse demo_analyser",
"cwd": "${workspaceFolder}/"
},
{
"name": "Python Debugger: analyse apps 1",
"type": "debugpy",
"request": "launch",
"program": "${workspaceFolder}/sysdiagnose.py",
"module": "sysdiagnose.main",
"args": "-c public analyse apps",
"cwd": "${workspaceFolder}/"
},
{
"name": "Python Debugger: analyse ps_everywhere 1",
"type": "debugpy",
"request": "launch",
"program": "${workspaceFolder}/sysdiagnose.py",
"module": "sysdiagnose.main",
"args": "-c public analyse ps_everywhere",
"cwd": "${workspaceFolder}/"
},
{
"name": "Python Debugger: analyse wifi_geolocation 1",
"type": "debugpy",
"request": "launch",
"program": "${workspaceFolder}/sysdiagnose.py",
"module": "sysdiagnose.main",
"args": "-c public analyse wifi_geolocation",
"cwd": "${workspaceFolder}/"
},
{
"name": "Python Debugger: analyse wifi_geolocation_kml 1",
"type": "debugpy",
"request": "launch",
"program": "${workspaceFolder}/sysdiagnose.py",
"module": "sysdiagnose.main",
"args": "-c public analyse wifi_geolocation_kml",
"cwd": "${workspaceFolder}/"
},
{
"name": "Python Debugger: analyse timeliner 1",
"type": "debugpy",
"request": "launch",
"program": "${workspaceFolder}/sysdiagnose.py",
"module": "sysdiagnose.main",
"args": "-c public analyse timeliner",
"cwd": "${workspaceFolder}/"
},
{
"name": "Python Debugger: analyse yarascan",
"type": "debugpy",
"request": "launch",
"program": "${workspaceFolder}/sysdiagnose.py",
"module": "sysdiagnose.main",
"args": "-c public analyse yarascan",
"cwd": "${workspaceFolder}/"
},
{
"name": "Python Debugger: list parsers",
"type": "debugpy",
"request": "launch",
"program": "${workspaceFolder}/sysdiagnose.py",
"module": "sysdiagnose.main",
"args": "parsers",
"cwd": "${workspaceFolder}/"
},
{
"name": "Python Debugger: parse demo_parser",
"type": "debugpy",
"request": "launch",
"program": "${workspaceFolder}/sysdiagnose.py",
"module": "sysdiagnose.main",
"args": "-c public parse demo_parser",
"cwd": "${workspaceFolder}/"
},
{
"name": "Python Debugger: parse logarchive",
"type": "debugpy",
"request": "launch",
"program": "${workspaceFolder}/sysdiagnose.py",
"module": "sysdiagnose.main",
"args": "-c public parse logarchive",
"cwd": "${workspaceFolder}/"
},
{
"name": "Python Debugger: parse lockdownd",
"type": "debugpy",
"request": "launch",
"program": "${workspaceFolder}/sysdiagnose.py",
"module": "sysdiagnose.main",
"args": "-c public parse lockdownd",
"cwd": "${workspaceFolder}/"
},
{
"name": "Python Debugger: parse security_sysdiagnose",
"type": "debugpy",
"request": "launch",
"program": "${workspaceFolder}/sysdiagnose.py",
"module": "sysdiagnose.main",
"args": "-c public parse security_sysdiagnose",
"cwd": "${workspaceFolder}/"
},
{
"name": "Python Debugger: parse powerlogs",
"type": "debugpy",
"request": "launch",
"program": "${workspaceFolder}/sysdiagnose.py",
"module": "sysdiagnose.main",
"args": "-c public parse powerlogs",
"cwd": "${workspaceFolder}/"
},
{
"name": "Python Debugger: parse mobileactivation",
"type": "debugpy",
"request": "launch",
"program": "${workspaceFolder}/sysdiagnose.py",
"module": "sysdiagnose.main",
"args": "-c public parse mobileactivation",
"cwd": "${workspaceFolder}/"
},
{
"name": "Python Debugger: parse networkextension",
"type": "debugpy",
"request": "launch",
"program": "${workspaceFolder}/sysdiagnose.py",
"module": "sysdiagnose.main",
"args": "-c 2 parse networkextension",
"cwd": "${workspaceFolder}/"
},
{
"name": "Python Debugger: parse psthread",
"type": "debugpy",
"request": "launch",
"program": "${workspaceFolder}/sysdiagnose.py",
"module": "sysdiagnose.main",
"args": "-c public parse psthread",
"cwd": "${workspaceFolder}/"
},
{
"name": "Python Debugger: parse ps",
"type": "debugpy",
"request": "launch",
"program": "${workspaceFolder}/sysdiagnose.py",
"module": "sysdiagnose.main",
"args": "-c public parse ps",
"cwd": "${workspaceFolder}/"
},
{
"name": "Python Debugger: parse spindumpnosymbols",
"type": "debugpy",
"request": "launch",
"program": "${workspaceFolder}/sysdiagnose.py",
"module": "sysdiagnose.main",
"args": "-c public parse spindumpnosymbols",
"cwd": "${workspaceFolder}/"
},
{
"name": "Python Debugger: parse shutdownlogs",
"type": "debugpy",
"request": "launch",
"program": "${workspaceFolder}/sysdiagnose.py",
"module": "sysdiagnose.main",
"args": "-c public parse shutdownlogs",
"cwd": "${workspaceFolder}/"
},
{
"name": "Python Debugger: parse ps ALL",
"type": "debugpy",
"request": "launch",
"program": "${workspaceFolder}/sysdiagnose.py",
"module": "sysdiagnose.main",
"args": "-c all parse ps",
"cwd": "${workspaceFolder}/"
},
{
"name": "Python Debugger: parse crashlogs",
"type": "debugpy",
"request": "launch",
"program": "${workspaceFolder}/sysdiagnose.py",
"module": "sysdiagnose.main",
"args": "-c public parse crashlogs",
"cwd": "${workspaceFolder}/"
},
{
"name": "Python Debugger: parse plists",
"type": "debugpy",
"request": "launch",
"program": "${workspaceFolder}/sysdiagnose.py",
"module": "sysdiagnose.main",
"args": "-c public parse plists",
"cwd": "${workspaceFolder}/"
},
{
"name": "Python Debugger: parse wifinetworks",
"type": "debugpy",
"request": "launch",
"program": "${workspaceFolder}/sysdiagnose.py",
"module": "sysdiagnose.main",
"args": "-c public parse wifinetworks",
"cwd": "${workspaceFolder}/"
}
Expand Down
12 changes: 4 additions & 8 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,18 +5,14 @@

# Installation

Note that you will need Python 3.6 or higher.
Note that you will need Python 3.11 or higher.

Create a virtual environment:
Create a virtual environment and install dependencies:

```bash
virtualenv --python python3.10 venv
python3 -m venv venv
source venv/bin/activate
```

Install dependencies:
```bash
pip install -r requirements.txt
pip install .
sudo apt install graphviz
```

Expand Down
36 changes: 36 additions & 0 deletions pyproject.toml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
[build-system]
requires = ["setuptools", "wheel"]
build-backend = "setuptools.build_meta"

[project]
name = "sysdiagnose"
version = "0.1.0"
description = "A tool for sysdiagnose parsing and analysis"
readme = {file = "README.md", content-type = "text/markdown"}
requires-python = ">=3.11"
license = { text = "EUPL-1.2" }
authors = [
{name = "EC-DIGIT-CSIRC"}
]
classifiers = [
"Programming Language :: Python :: 3",
"License :: OSI Approved :: EUPL 1.2",
"Operating System :: OS Independent",
]
keywords = ["sysdiagnose", "analysis", "parsing", "iOS", "apple", "malware", "forensics"]
urls = { "Homepage" = "https://github.com/EC-DIGIT-CSIRC/sysdiagnose" }

dependencies = [
"docopt==0.6.2",
"graphviz==0.20.3",
"tabulate==0.9.0",
"python-dateutil==2.9.0.post0",
"gpxpy==1.6.2",
"pandas==2.2.2",
"numpy==2.0.0",
"nska-deserialize==1.5.1",
"yara-python==4.5.1"
]

[project.scripts]
sysdiagnose = "sysdiagnose.main:main"
41 changes: 0 additions & 41 deletions setup.py
View file

This file was deleted.

Loading

0 comments on commit 65ed423

Please sign in to comment.