Skip to content

CybercentreCanada/assemblyline-service-pe

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

161 Commits

.vscode

.vscode

 
 

pe

pe

 
 

pipelines

pipelines

 
 

tests

tests

 
 

.dockerignore

.dockerignore

 
 

.git-blame-ignore-revs

.git-blame-ignore-revs

 
 

.gitignore

.gitignore

 
 

CONTRIBUTING.md

CONTRIBUTING.md

 
 

Dockerfile

Dockerfile

 
 

LICENCE.md

LICENCE.md

 
 

README.md

README.md

 
 

__init__.py

__init__.py

 
 

requirements.txt

requirements.txt

 
 

service_manifest.yml

service_manifest.yml

 
 

Repository files navigation

PE Service

This is a replacement for the original PEFile service of AssemblyLine

Dependencies

This service uses the LIEF library. It also downloads the latest version of the Rich Header compiler information from https://github.com/dishather/richprint/blob/master/comp_id.txt And the latest version of MalwareBazaar's Code Signing Certificate Blocklist from https://bazaar.abuse.ch/export/csv/cscb/ When building the docker container

It also incorporate the ordlookup files from https://github.com/erocarrera/pefile/tree/master/ordlookup And the statically built c release of https://github.com/NextronSystems/gimphash Those last two are statically built in the module and may need to be updated once in a while.

About

Assemblyline 4 Portable Executable analysis service

cybercentrecanada.github.io/assemblyline4_docs/

Topics

dll malware-analysis exe assemblyline

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

3 watching

Forks

2 forks
Report repository

Releases 49

v4.5.0.stable4 Latest
Apr 18, 2024
+ 48 releases

Packages

No packages published

Contributors 5

Languages