2021-04-14 23:18:09 +02:00
|
|
|
{ lib
|
|
|
|
, buildPythonPackage
|
|
|
|
, capstone
|
|
|
|
, click
|
|
|
|
, cryptography
|
|
|
|
, fetchFromGitHub
|
|
|
|
, pefile
|
|
|
|
, pycryptodomex
|
|
|
|
, pyelftools
|
|
|
|
, pythonOlder
|
|
|
|
, typing-extensions
|
|
|
|
, yara-python
|
|
|
|
}:
|
|
|
|
|
|
|
|
buildPythonPackage rec {
|
|
|
|
pname = "malduck";
|
|
|
|
version = "4.1.0";
|
|
|
|
disabled = pythonOlder "3.7";
|
|
|
|
|
|
|
|
src = fetchFromGitHub {
|
|
|
|
owner = "CERT-Polska";
|
|
|
|
repo = pname;
|
|
|
|
rev = "v${version}";
|
|
|
|
sha256 = "04d8bhzax9ynbl83hif9i8gcs29zrvcay2r6n7mcxiixlxcqciak";
|
|
|
|
};
|
|
|
|
|
|
|
|
propagatedBuildInputs = [
|
|
|
|
capstone
|
|
|
|
click
|
|
|
|
cryptography
|
|
|
|
pefile
|
|
|
|
pycryptodomex
|
|
|
|
pyelftools
|
|
|
|
typing-extensions
|
|
|
|
yara-python
|
|
|
|
];
|
|
|
|
|
2021-06-30 19:04:03 +02:00
|
|
|
postPatch = ''
|
|
|
|
substituteInPlace requirements.txt \
|
|
|
|
--replace "pefile==2019.4.18" "pefile"
|
|
|
|
'';
|
|
|
|
|
2021-04-14 23:18:09 +02:00
|
|
|
# Project has no tests. They will come with the next release
|
|
|
|
doCheck = false;
|
2021-06-30 19:04:03 +02:00
|
|
|
|
2021-04-14 23:18:09 +02:00
|
|
|
pythonImportsCheck = [ "malduck" ];
|
|
|
|
|
|
|
|
meta = with lib; {
|
|
|
|
description = "Helper for malware analysis";
|
|
|
|
homepage = "https://github.com/CERT-Polska/malduck";
|
|
|
|
license = with licenses; [ bsd3 ];
|
|
|
|
maintainers = with maintainers; [ fab ];
|
|
|
|
};
|
|
|
|
}
|