Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/f-secure/see
Sandboxed Execution Environment
https://github.com/f-secure/see
malware-analysis malware-research python sandbox virtualization
Last synced: 3 months ago
JSON representation
Sandboxed Execution Environment
- Host: GitHub
- URL: https://github.com/f-secure/see
- Owner: WithSecureOpenSource
- License: apache-2.0
- Created: 2015-10-26T11:13:22.000Z (about 9 years ago)
- Default Branch: master
- Last Pushed: 2020-10-05T06:43:46.000Z (about 4 years ago)
- Last Synced: 2024-04-14T19:49:47.273Z (7 months ago)
- Topics: malware-analysis, malware-research, python, sandbox, virtualization
- Language: Python
- Size: 357 KB
- Stars: 807
- Watchers: 57
- Forks: 104
- Open Issues: 5
-
Metadata Files:
- Readme: README.rst
- License: LICENSE.txt
Awesome Lists containing this project
README
Sandboxed Execution Environment
===============================:Source: https://github.com/F-Secure/see
:Documentation: https://see.readthedocs.io
:Download: https://pypi.python.org/pypi/python-see|travis badge| |docs badge|
.. |travis badge| image:: https://travis-ci.org/F-Secure/see.svg?branch=master
:target: https://travis-ci.org/F-Secure/see
:alt: Build Status
.. |docs badge| image:: https://readthedocs.org/projects/see/badge/?version=latest
:target: http://see.readthedocs.io/en/latest/?badge=latest
:alt: Documentation StatusIntroduction
------------Sandboxed Execution Environment (SEE) is a framework for building test automation in secured Environments.
The Sandboxes, provided via libvirt, are customizable allowing high degree of flexibility. Different type of Hypervisors (Qemu, VirtualBox, LXC) can be employed to run the Test Environments.
Plugins can be added to a Test Environment which provides an Event mechanism synchronisation for their interaction. Users can enable and configure the plugins through a JSON configuration file.
Audience
--------SEE is for automating tests against unknown, dangerous or unstable software tracking its activity during the execution.
SEE is well suited for building modular test platforms or managing executable code with a good degree of isolation.
SEE allows to write sandboxed tests both for quick prototyping and for running on production environment.
Installation
------------SEE is available as Python package on the Python Package Index (PyPI).
It's user's responsibility to install and setup the hypervisors intended to be controlled with SEE and the possible dependencies and subsystems used by the selected image providers.
Please refer to the documentation to see how to setup and configure each hypervisor.
Supported hypervisors
---------------------SEE is build on top of libvirt's APIs, therefore all hypervisors supported by libvirt can be controlled through SEE.
SEE comes with a basic support for QEMU, VirtualBox and LXC, to add more hypervisor or customize the basic ones see the code contained in see/context.
Image providers
---------------SEE uses a system of pluggable providers to retrieve disk images from arbitrary sources and make them available to SEE.
SEE bundles providers for `LibVirt storage pools `_ and `OpenStack Glance `_ as well as a dummy provider implementation, to add more providers see the code contained in see/image_providers.
Principles
----------SEE is an event-driven, plugin-based sandbox provider for synchronous and asynchronous test flow control.
::
+----------+
| |
+-------| SEE Hook |
| | |
| +----------+
+---------+-------+ +---------+ | +----------+
| | | | | | |
User -------> | SEE Environment |-------| Sandbox |-------+-------| SEE Hook |
| | | | | | |
+-----------------+ +---------+ | +----------+
| +----------+
| | |
+-------| SEE Hook |
| |
+----------+A SEE Environment encapsulates all the required resources acting as a handler for the User. The Sandbox is controlled by the Hooks which act as plugins, Hooks communicate and co-ordinate themselves through Events.
Each Hook has direct access to the Sandbox which exposes a simple API for it's control and libvirt's APIs for more fine grained control.
Links
-----Libvirt project page.
https://libvirt.org
Presentation on PyCon Finland 2015.
https://www.youtube.com/watch?v=k185OMivqbQ