{"id":15551399,"url":"https://github.com/google/picatrix","last_synced_at":"2025-10-04T14:19:26.183Z","repository":{"id":41552584,"uuid":"304856836","full_name":"google/picatrix","owner":"google","description":"Picatrix is a library designed to help security analysts in a notebook environment, such as colab or jupyter.","archived":false,"fork":false,"pushed_at":"2025-03-26T22:27:35.000Z","size":234,"stargazers_count":50,"open_issues_count":7,"forks_count":17,"subscribers_count":10,"default_branch":"main","last_synced_at":"2025-08-27T09:09:05.159Z","etag":null,"topics":["colab","jupyter","security"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/google.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"docs/Contributing.md","funding":null,"license":"LICENSE","code_of_conduct":"docs/code-of-conduct.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2020-10-17T10:55:05.000Z","updated_at":"2025-08-23T06:36:57.000Z","dependencies_parsed_at":"2022-09-02T06:53:21.720Z","dependency_job_id":"472f075b-c499-4a79-816d-4b0b79b5ccf7","html_url":"https://github.com/google/picatrix","commit_stats":{"total_commits":76,"total_committers":5,"mean_commits":15.2,"dds":0.1842105263157895,"last_synced_commit":"b2aa91737273e36526129b69f60e5fc3a8c6fa4e"},"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/google/picatrix","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fpicatrix","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fpicatrix/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fpicatrix/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fpicatrix/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/google","download_url":"https://codeload.github.com/google/picatrix/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fpicatrix/sbom","scorecard":{"id":437658,"data":{"date":"2025-08-11","repo":{"name":"github.com/google/picatrix","commit":"b2aa91737273e36526129b69f60e5fc3a8c6fa4e"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":4.7,"checks":[{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Code-Review","score":9,"reason":"Found 16/17 approved changesets -- score normalized to 9","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/e2etests.yml:1","Warn: no topLevel permission defined: .github/workflows/pre-commit.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2etests.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/google/picatrix/e2etests.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pre-commit.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/google/picatrix/pre-commit.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pre-commit.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/google/picatrix/pre-commit.yml/main?enable=pin","Warn: containerImage not pinned by hash: .devcontainer/Dockerfile:5","Warn: containerImage not pinned by hash: docker/Dockerfile:1: pin your Docker image by updating python:3.8-slim to python:3.8-slim@sha256:1d52838af602b4b5a831beb13a0e4d073280665ea7be7f69ce2382f29c5a613f","Warn: pipCommand not pinned by hash: docker/Dockerfile:24-26","Warn: pipCommand not pinned by hash: docker/Dockerfile:24-26","Warn: pipCommand not pinned by hash: .github/workflows/pre-commit.yml:25","Warn: pipCommand not pinned by hash: .github/workflows/pre-commit.yml:26","Info:   0 out of   3 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   2 containerImage dependencies pinned","Info:   0 out of   4 pipCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: github.com/google/.github/SECURITY.md:1","Info: Found linked content: github.com/google/.github/SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: github.com/google/.github/SECURITY.md:1","Info: Found text in security policy: github.com/google/.github/SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":3,"reason":"7 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-29gw-9793-fvw7","Warn: Project is vulnerable to: PYSEC-2022-12 / GHSA-pq7m-3gw7-gq5x","Warn: Project is vulnerable to: GHSA-6p56-wp2h-9hxr","Warn: Project is vulnerable to: GHSA-fpfv-jqm9-f5jm","Warn: Project is vulnerable to: PYSEC-2021-856","Warn: Project is vulnerable to: PYSEC-2024-110 / GHSA-jw8x-6495-233v","Warn: Project is vulnerable to: GHSA-jxfp-4rvq-9h9m"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 29 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-19T05:03:14.450Z","repository_id":41552584,"created_at":"2025-08-19T05:03:14.450Z","updated_at":"2025-08-19T05:03:14.450Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":272625630,"owners_count":24966291,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-29T02:00:10.610Z","response_time":87,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["colab","jupyter","security"],"created_at":"2024-10-02T14:04:46.152Z","updated_at":"2025-10-04T14:19:21.118Z","avatar_url":"https://github.com/google.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Picatrix\n\n[![Open In Colab](https://colab.research.google.com/assets/colab-badge.svg)](https://colab.research.google.com/github/google/picatrix/blob/main/notebooks/Quick_Primer_on_Colab_Jupyter.ipynb)\n[![Open In Binder](https://mybinder.org/badge_logo.svg)](https://mybinder.org/v2/gh/google/picatrix.git/main?filepath=notebooks%2F)\n[![Version](https://img.shields.io/pypi/v/picatrix.svg)](https://pypi.python.org/pypi/picatrix)\n![GitHub e2e Test Status](https://img.shields.io/github/workflow/status/google/picatrix/picatrix-end-to-end)\n\nPicatrix is a framework that is meant to be used within a [Colab](https://colab.research.google.com) or\n[Jupyter](https://jupyter.org/) notebooks. The framework is designed around\nproviding a security analyst with the libraries to develop helper functions\nthat will be exposed as magics and regular python functions in notebooks.\n\nThis makes it easier to share an environment with other analysts, exposing\ncommon functions that are used in notebooks to everyone. In addition to that\nthe functions themselves are designed to make it easier to work with various\nAPIs and backends in a notebook environment. The functions mostly involve\nreturning data back as a pandas DataFrame for further processing or to work\nwith pandas (manipulate pandas, change values, enrich data, upload data frames\nto other services, etC).\n\n## Howto Get Started\n\nRead the [installation instructions](docs/Installation.md) on the best ways\nto install picatrix.\n\nAfter installing, connect to the Jupyter notebook in your web browser (should open\nup automatically). Inside the notebook you need to import the picatrix library\nand initialize it:\n\n```\nfrom picatrix import notebook_init\nnotebook_init.init()\n```\n\n(if you are using the docker container you don't need to import these libraries,\nthat is done for you automatically).\n\nAnd that's it, then all the magics/helper functions are now ready and accessible\nto your notebook. To get a list of the available helpers, use:\n\n```\n%picatrixmagics\n```\n\nOr\n\n```\npicatrixmagics_func()\n```\n\nEach magic has a `--help` parameter or the functions with `_func?`. Eg.\n\n```\ntimesketch_set_active_sketch_func?\n```\n\n## Examples\n\nTo get all sketches, you can use the following magic\n\n```\n%timesketch_get_sketches\n```\n\nFor most of the magics you need to set an active sketch\n\n```\n%timesketch_set_active_sketch 1\n```\n\nTo query the sketch, the following magic will execute a search and return the results as a search object,\nthat can be easily converted into a pandas dataframe:\n\n```\nsearch_obj = %timesketch_query 'message:Another'\nsearch_obj.table\n```\n\nFurther documentation on the search object can be [found\nhere](https://timesketch.org/developers/api-client/#search-query)\n\n\nTo add a manual event with a function use:\n\n```\ntimesketch_add_manual_event_func('Eventdescriptiontext', attributes=attributesdict)\n```\n\nWhich is the same as:\n```\n%timesketch_add_manual_event Eventdescriptiontext --attributes {{attributesdict}}\n```\n\n## Discussions\n\nWant to discuss the project, have issues, want new features, join the slack\nworkspace [here](http://join-open-source-dfir-slack.herokuapp.com/), the\nchannel for picatrix is #picatrix.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgoogle%2Fpicatrix","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgoogle%2Fpicatrix","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgoogle%2Fpicatrix/lists"}