Fedora Cyber Test Lab offers quantitative static and dynamic risk analysis of binaries
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
ctl-results @ 3a5bef6
cybertestlab
docker
.gitignore
.gitmodules
LICENSE
README.md
afCc_pdf.py
cleanup.sh
compare.py
demo_scan.py
fedora.py
plot_centos.py
plot_fedora.py
plot_rhel.py
prep_fedora_host.yml
rhel.py
score.py
scoring.yml

README.md

cyber-test-lab

Fedora Cyber Test Lab offers quantitative static and dynamic risk analysis of binaries

This project is in beta. It can still be hard to get working. Contact jasoncallaway@fedoraproject.org for help.

If you're looking for a place to contribute, we need help with documentation! For development contributions, read on.

How to run CTL

The CTL code can be executed from within a docker container, making cross-platform development much easier. These instructions assume PyCharm is your development environment, but others will work fine too.

First, set up PyCharm and Docker on your system.

Next, configure PyCharm's Docker plugin. Here's a tutorial.

Now it's time to build your CTL container.

git clone https://github.com/fedoraredteam/cyber-test-lab
cd cyber-test-lab/docker
docker built -t fctl .

Then you can configure your remote interpreter in PyCharm.

You've got one step left before you can run the CTL, which is downloading some packages. Since docker containers are ephemeral, you want to mount a local directory into the fctl container before syncing any repos.

On Docker 17.06 or later:

docker run --rm -ti \
  --mount type=bind,source="~/fctl/fedora27",target=/repo \
  fctl \
  timeout 600 reposync -p /repo

On earlier versions:

docker run --rm -ti -v /home/jason/fctl/fedora27:/repo fctl \
  timeout 600 reposync -p /repo

Note that if you're using Fedora, RHEL, or a variant, you'll need to add a :z to the bind mount for SELinux relabeling. I.E., -v /home/jason/fctl/fedora27:/repo:z.

Now you should have some rpms with binaries to analyze. Note that we're using timeout to sync for 10 minutes to limit disk usage. Remove timeout 600 if you want the whole shebang.

The last step is to create a new run/debug configuration. But there are two tricky parts:

  1. Be sure to pick the remote docker interpreter under "Python Interpreter"
  2. Mount the repo using Docker Container Image Settings > Volume Bindings. Be sure to use the same mapping as above, i.e., /home/jason/fctl/fedora27 to /repo.