bazaar
bazaar copied to clipboard
Pithus
Workspace
Build and extend the hunting section to set up an entire workspace allowing users to track, bookmark sample, generate reports etc.
Workspace:
- generation of reports from markdown and one or more samples
- hunting capabilities with bookmarks and Yara searches
- history of the results of one searches (1d, 1w, 1m...)
- dynamic analysis (R2frida inside pithus)
sections:
- investigation/projects : group samples and have notes capacities + report
- saved searches : tag/notes + link
- hunting: Yara
- bookmarks : bookmarked with notes (Show bookmark to user)
Hi @As0ler @Trufae! @enovella told me to ping you on this issue, more precisely regarding the dynamic analysis stuff. Do you think it would be possible to open an interactive radare+r2frida session within a web browser? The objective would be doing dynamic analysis directly within Pithus.
Sorry for the delay, couldnt answer earlier.
Sure, i don't know how Pittus works, but it should be pretty straigh forward to integrate r2frida in a web user interface. There are several ways to do that, but probably the easiest and more stable would be to use websockets, so the backend knows when the frontend connects and disconnects and can handle the sessions properly.
I wrote a PoC of this in here https://github.com/radareorg/radare2-r2pipe/tree/master/websocket
r2 compiles as webassembly and asm.js, so its also possible to run it entirely inside the browser, but making r2fria work in there will require extra work that its probably not worth for now
