IntelOwl icon indicating copy to clipboard operation
IntelOwl copied to clipboard
verified publisher icon intelowlproject

Move Flare Capa and Floss from binary download to pip installation

Open mlodic opened this issue 10 months ago • 8 comments

Right now those two tools are installed from the malware_tools_analzyers Docker Integration by downloading the binary. This solution is not optimal because it makes difficult to track updates and the downloaded binary is made for a single arch. We should try to rewrite the analyzers to leverage the officialy supported python libraries. See: https://pypi.org/project/flare-capa/ and https://pypi.org/project/flare-floss/

mlodic avatar Feb 14 '25 17:02 mlodic

It can be more complicated than expected because these libraries were not built to provide easy classes to import and use

mlodic avatar Feb 17 '25 11:02 mlodic

This issue has been marked as stale because it has had no activity for 10 days. If you are still working on this, please provide some updates.

github-actions[bot] avatar Feb 28 '25 09:02 github-actions[bot]

Hi, I'd like to work on this issue. Can you provide any additional details? I'll update Flare Capa and Floss to install via pip.

Hijanhv avatar Mar 20 '25 16:03 Hijanhv

Sure! I expect this PR to remove those two analyzers from malware_tools_analyzers and create two "classic" analyzers leveraging pip packages for better version control

fgibertoni avatar Mar 21 '25 07:03 fgibertoni

ill check it out tomorrow

On Fri, 21 Mar 2025, 12:38 pm Federico Gibertoni, @.***> wrote:

Assigned #2738 https://github.com/intelowlproject/IntelOwl/issues/2738 to @Hijanhv https://github.com/Hijanhv.

— Reply to this email directly, view it on GitHub https://github.com/intelowlproject/IntelOwl/issues/2738#event-16923247315, or unsubscribe https://github.com/notifications/unsubscribe-auth/A6XKC5WTYR5LCUNZEQB7EHL2VO3HXAVCNFSM6AAAAABXFDZL3KVHI2DSMVQWIX3LMV45UABCJFZXG5LFIV3GK3TUJZXXI2LGNFRWC5DJN5XDWMJWHEZDGMRUG4ZTCNI . You are receiving this because you were assigned.Message ID: @.***>

Hijanhv avatar Mar 22 '25 11:03 Hijanhv

i have made a pull request can you please check it

Hijanhv avatar Mar 23 '25 17:03 Hijanhv

This issue has been marked as stale because it has had no activity for 10 days. If you are still working on this, please provide some updates.

github-actions[bot] avatar Apr 04 '25 09:04 github-actions[bot]

This issue has been marked as stale because it has had no activity for 30 days. If you are still working on this, please provide some updates.

github-actions[bot] avatar Aug 18 '25 09:08 github-actions[bot]