security-forensics/pyioc
SHA256
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
pyioc/pyioc.spec
Greg Freemyer 2d83a940f1 Accepting request 248422 from home:gregfreemyer:Tools-for-forensic-boot-cd 
This is an early stage version of this, but it seems useful to have in a public place.

OBS-URL: https://build.opensuse.org/request/show/248422
OBS-URL: https://build.opensuse.org/package/show/security:forensics/pyioc?expand=0&rev=1
2014-09-10 23:12:08 +00:00

85 lines
2.8 KiB
RPMSpec
Raw Permalink Blame History

#
# spec file for package pyioc
#
# Copyright (c) 2012 Greg Freemyer <Greg.Freemyer@gmail.com>
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
#
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
Name: pyioc
#not released yet, this the git id I think
%define timestamp 20130422
#sha of last commit on Apr 22, 2013
# 6310f9f5fcf6aa0e20767b30e3a084dbe6b9cd32
Version: 0~%{timestamp}
Release: 0
License: GPL-3.0+
Summary: Python tools for IOC (Indicator of Compromise) handling
#DL_URL: git clone https://github.com/jeffbryner/pyioc.git
#DL_tarball: tar -czf pyioc-20130422.tar.gz pyioc
Url: https://github.com/jeffbryner/pyioc
Group: Development/Libraries/Python
Source0: pyioc-20130422.tar.gz
Source1: README.opensuse
BuildRequires: pkg-config
BuildRequires: python-devel
Requires: python-SOAPpy
Requires: python-M2Crypto
Requires: python-psutil
Requires: python-lxml = 2.3.2
Requires: python-netaddr
BuildArch: noarch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%if 0%{?suse_version} && 0%{?suse_version} <= 1110
%{!?python_sitearch: %global python_sitearch %(python -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")}
%endif
%description
Some simple utilities for parsing IOC files:
iocdump.py: spit out the indicator items being referenced
iocwalk.py: parse the boolean logic behind the IOC and the items referenced.
pyiocClient:
A client for linux/windows that handles basic searches for Files,
processes, registry items and ports. It compiles to native linux/windows
32 or 64bit code via pyinstaller and can therefore be run with no python
interpreter on the client system.
pyiocServer:
The server-side compliment to the client. It dishes out .ioc files to
clients that call in via SOAP over SSL and logs the results of the
client checks.
IOCs can be tailored by a simple directory structure corresponding to
the net CIDR mask of the client system.
i.e.
iocs/172.21-16/firefox.ioc
will issue the firefox.ioc to any system inthe 172.21.0.0/16 ip range
when the client is run.
%prep
%setup -q -n pyioc
cp %{SOURCE1} .
%build
# CFLAGS="%%{optflags}" python setup.py build
%install
# python setup.py install --root=%%{buildroot} --prefix=%%{_prefix} --record-rpm=INSTALLED_FILES
%files
%defattr(-,root,root)
%doc COPYING README README.opensuse
%changelog
Reference in New Issue View Git Blame Copy Permalink