Here's the quick overview to get going with the minimum effort:
- Install docker for linux, osx, or windows.
- If linux, also install docker-compose (docker-compose is installed by default on Windows and OS X).
- Download this repository (either as a zip, or using a
git clone https://github.com/Vector35/traceapi/, whichever is easier. - Extract the
ziporcdinto the directory where it was cloned - Combine the SQL database (Linux/OS X:
cat master/traceapi.sql.gz.? > master/traceapi.sql.gzor Windows:copy /b master\traceapi.sql.gz.? master\traceapi.sql.gz) - Launch docker-compose:
docker-compose build docker-compose up - Wait for all the initialization to finish. You should now have a traceapi instance running on port 8000 of the machine that ran these steps! Now, simply point your Haxxis configuration at this IP and port.
client/: Worker code that generates instrumented trace files among other analysisclient/qemu-decree-fork: Fork of QEMU that adds taint tracking and understanding of DECREE syscallsREADME.md: this filemaster/: The nodejs server that acts as the API for Haxxis into game state, does job management for additional analytics and also allows interactively exploring results from CGC CFE.master/store: Cache of submitted binaries, IDS rules, POVs, and a small sample of polls for each service.master/traceapi.sql.gz: Preconfigured database dump with imported results from a complete run of the final event.
QEMU is a fork of a GPLv2 product and is accordingly licensed under the GPLv2. All other content not specifically listed with a given license is released under an MIT license.