Fedora Cyber Test Lab offers quantitative static and dynamic risk analysis of binaries
This project is in beta. It can still be hard to get working. Contact firstname.lastname@example.org for help.
If you're looking for a place to contribute, we need help with documentation! For development contributions, read on.
How to run CTL
The CTL code can be executed from within a docker container, making cross-platform development much easier. These instructions assume PyCharm is your development environment, but others will work fine too.
Next, configure PyCharm's Docker plugin. Here's a tutorial.
Now it's time to build your CTL container.
git clone https://github.com/fedoraredteam/cyber-test-lab cd cyber-test-lab/docker docker built -t fctl .
Then you can configure your remote interpreter in PyCharm.
You've got one step left before you can run the CTL, which is downloading some packages. Since docker containers are ephemeral, you want to mount a local directory into the fctl container before syncing any repos.
On Docker 17.06 or later:
docker run --rm -ti \ --mount type=bind,source="~/fctl/fedora27",target=/repo \ fctl \ timeout 600 reposync -p /repo
On earlier versions:
docker run --rm -ti -v /home/jason/fctl/fedora27:/repo fctl \ timeout 600 reposync -p /repo
Note that if you're using Fedora, RHEL, or a variant, you'll need to add a
:z to the bind mount for SELinux relabeling. I.E.,
Now you should have some rpms with binaries to analyze. Note that we're using
timeout to sync for 10 minutes to limit disk usage. Remove
timeout 600 if you want the whole shebang.
The last step is to create a new run/debug configuration. But there are two tricky parts:
- Be sure to pick the remote docker interpreter under "Python Interpreter"
- Mount the repo using Docker Container Image Settings > Volume Bindings. Be sure to use the same mapping as above, i.e.,