{"id":33244924,"url":"https://github.com/WithSecureLabs/snake","last_synced_at":"2025-11-21T15:01:12.144Z","repository":{"id":41579938,"uuid":"124369549","full_name":"WithSecureLabs/snake","owner":"WithSecureLabs","description":"snake - a malware storage zoo","archived":false,"fork":false,"pushed_at":"2023-07-11T16:12:15.000Z","size":1823,"stargazers_count":216,"open_issues_count":4,"forks_count":40,"subscribers_count":20,"default_branch":"master","last_synced_at":"2025-08-20T20:37:32.815Z","etag":null,"topics":["countercept","python","snake"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/WithSecureLabs.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2018-03-08T09:36:09.000Z","updated_at":"2025-04-11T21:25:53.000Z","dependencies_parsed_at":"2024-01-21T20:13:55.921Z","dependency_job_id":null,"html_url":"https://github.com/WithSecureLabs/snake","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/WithSecureLabs/snake","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/WithSecureLabs%2Fsnake","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/WithSecureLabs%2Fsnake/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/WithSecureLabs%2Fsnake/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/WithSecureLabs%2Fsnake/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/WithSecureLabs","download_url":"https://codeload.github.com/WithSecureLabs/snake/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/WithSecureLabs%2Fsnake/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":285636544,"owners_count":27205878,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-11-21T02:00:06.175Z","response_time":61,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["countercept","python","snake"],"created_at":"2025-11-16T21:00:32.204Z","updated_at":"2025-11-21T15:01:12.130Z","avatar_url":"https://github.com/WithSecureLabs.png","language":"Shell","readme":"![banner](https://github.com/countercept/snake/raw/master/images/banner.png)\n\n# Introduction\n\nSnake is a malware storage zoo that was built out of the need for a centralised and unified storage solution for malicious samples that could seamlessly integrate into the investigation pipeline.\n\nSnake is designed to provide just enough information to allow analysts to quickly and efficiently pivot to the most suitable tools for the task at hand.\nThat being said there will be times where the information provided by Snake is more than sufficient.\nIt is a Python based application built on top of Tornado and MongoDB.\nScales provide Snake with a variety of functionality from static analysis through to interaction with external services.\n\nFor more information, please see: [Wiki](https://github.com/countercept/snake-core/wiki)\n\n# The Snake Family\n\nThere is more to Snake than just the above, below is a summary:\n\n- [snake](https://github.com/countercept/snake-core): The malware storage zoo.\n  - core: The main guts of Snake and the RESTful API.\n  - pit: The celery based workers that are used to execute static based commands.\n- [snake-charmer](https://github.com/countercept/snake-charmer): The regression based test suite.\n- [snake-scales](https://github.com/countercept/snake-scales): The official repository of snake scales (plugins).\n- [snake-skin](https://github.com/countercept/snake-skin): The Web UI.\n- [snake-tail](https://github.com/countercept/snake-tail): The UNIX based command line UI.\n\n# Install\n\nThere are a few ways to install Snake, but the install scripts below will install Snake and the Web UI (Snake Skin).\n\n\u003e Note: To install these components individually refer to their respective repositories.\n\n## Docker\n\nSnake can be run simply with the following commands:\n\n```bash\n# Get the lastest version of Snake\ngit clone https://github.com/countercept/snake.git\ngit submodule init\ngit submodule update\n\n# Run Snake\nsudo docker-compose up\n```\n\nSnake scales can be installed by exec'ing into the Snake container and running `snake install`:\n\n```bash\n# Exec into the Snake container\nsudo docker exec -it snake_snake_1 /entrypoint.sh /bin/bash\n\n# Install a scale\nsnake install SCALE_NAME\n```\n\n## Production\n\nThis is the preferred method and will install Snake and the Web UI (Snake Skin) into the UNIX system.\n\n### Dependencies\n\nThere are a few dependencies to install Snake and Web UI (Snake Skin).\n\n### Required\n\n- (Snake) LibYAML\n- (Snake) MongoDB 3.4 or greater\n- (Snake) Python 3.5 or greater\n- (Snake) Redis\n- (Snake Skin) NodeJS 8 or greater\n- (Snake Skin) NPM\n\n#### Optional\n\n- (Snake) libfuzzy \u0026 ssdeep\n\nThe above can be installed like so:\n\n`Ubuntu 17.10`\n```bash\n# Install dependencies\nsudo apt-get install libyaml-dev mongodb nodejs npm python3-dev python3-pip redis-server libfuzzy-dev ssdeep\n```\n\n`Ubuntu 16.04`\n```bash\n# Install cURL\nsudo apt-get install curl\n\n# Add repository for MongoDB 3.6\nsudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 2930ADAE8CAF5059EE73BB4B58712A2291FA4AD5\necho \"deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu xenial/mongodb-org/3.6 multiverse\" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.6.list\n\n# Add repository for nodejs 8\ncurl -sL https://deb.nodesource.com/setup_8.x | sudo -E bash -\n\n# Install dependencies\nsudo apt-get update\nsudo apt-get install libyaml-dev mongodb-org nodejs python3-dev python3-pip redis-server libfuzzy-dev ssdeep\n\n# Update pip and setuptools\nsudo -H pip3 install --upgrade pip setuptools\n```\n\n```bash\ngit clone https://github.com/countercept/snake.git\ncd snake\nsys/install.sh\n```\n\nTo start Snake:\n\n```bash\n# Start Snake Pit and Snake services\nsystemctl start snake-pit\nsystemctl start snake\n```\n\nTo serve Snake Skin (port: 3000):\n\n```bash\n# Start Snake Skin\nsystemctl start snake-skin\n```\n\n# Scales (Plugins)\n\nBy default Snake only provides three core scales:\n\n- hashes: a command based scale used to perform a variety of hashing techniques on a sample.\n- strings: a command based module to run strings on a sample.\n- url: an upload based component used to upload samples to Snake from URLs.\n\n## Installing Additional Scales\n\nAdditional Scales are available at [snake-scales](https://github.com/countercept/snake-scales)\n\nSnake provides a wrapper around pip to ease the installation of scales.\nA scale can be installed with this utility like so:\n```bash\nsnake install virustotal\n```\n\nA scale can be checked at any time to see if it will successfully load in Snake.\n```bash\nsnake check virustotal\n```\n\n\u003e Note: Whenever a new scale is installed, Snake and Celery must be restarted.\n\nTo create a scale, please see [Scale Documentation](https://github.com/countercept/snake-core/wiki/scales)\n\n# Usage\n\nBoth installations will serve Snake on port 5000 (API) and Snake Skin on port 8000.\n\nTo communicate with the WebUI:\n\n```bash\nVisit http://127.0.0.1:8000\n```\n\nTo communicate with the API:\n\n```bash\ncurl http://127.0.0.1:5000\n```\n\n# Screenshots\n\n## Details View\n\nAn overview of a sample that has been uploaded to Snake, with additional data enrichment from Cuckoo and VirusTotal.\n\n![details](https://github.com/countercept/snake/raw/master/images/details.png)\n\n## Notes View\n\nStores an user written notes about the sample.\n\n![notes](https://github.com/countercept/snake/raw/master/images/notes.png)\n\n## Analysis View\n\nThis view is used to execute and view commands on a sample.\n\n![analysis](https://github.com/countercept/snake/raw/master/images/analysis.png)\n\n## Interfaces View\n\nThis view is used to communicate with external services in relation to a sample.\n\n![interfaces](https://github.com/countercept/snake/raw/master/images/interfaces.png)\n\n\n# Configuration\n\nFor an overview of Snake's settings, please see [Snake](https://github.com/countercept/snake-core#configuration)\n\nFor an overview of Snake Skin's settings, please see [Snake Skin](https://github.com/countercept/snake-skin)\n","funding_links":[],"categories":["Malware Analysis"],"sub_categories":["Hashing"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FWithSecureLabs%2Fsnake","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FWithSecureLabs%2Fsnake","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FWithSecureLabs%2Fsnake/lists"}