https://github.com/grantseltzer/prism

Container based binary analysis tool
https://github.com/grantseltzer/prism

binary-analysis containers prism security snapshot

Last synced: about 2 months ago
JSON representation

Container based binary analysis tool

• Host: GitHub
• URL: https://github.com/grantseltzer/prism
• Owner: grantseltzer
• License: gpl-3.0
• Created: 2016-11-13T23:06:30.000Z (about 8 years ago)
• Default Branch: master
• Last Pushed: 2017-02-12T05:34:54.000Z (almost 8 years ago)
• Last Synced: 2024-06-20T14:22:20.292Z (7 months ago)
• Topics: binary-analysis, containers, prism, security, snapshot
• Language: Go
• Size: 18.6 KB
• Stars: 3
• Watchers: 2
• Forks: 2
• Open Issues: 5
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# Prism

Tool for analyzing the effects an application will have on your system when run

### Prism is still a work in progress

- It started as a hackathon project, so there's definitely parts that need revision/optimization

- Take a look at the issues if you'd like to contribute. (Thanks in advance!)

### The following steps are used to analyze an executable:

- A 'snapshot' is created of your linux filesystem. This includes path, last access timestamp, permission bits, and content (mocked).

- The snapshot and the executable is loaded into a container image.

- The container is run, and then the snapshot is used to repopulate your directory tree. 

- The executable is run.

- Another snapshot is taken.

- Compare the two snapshots and report back to user what was changed.

### What still needs to be done:

- JSON snapshot comparison.

- Improve bash script quality.

- Expand snapshot to include more than just filesystem objects.