Skip to content

Commit

Permalink
Merge pull request #1232 from sara-rn/python-package-template
Browse files Browse the repository at this point in the history
Create template new_python_tool_pip
  • Loading branch information
sara-rn authored Jan 17, 2025
2 parents c2c7a01 + 491d0d2 commit 52a0ed7
Show file tree
Hide file tree
Showing 2 changed files with 196 additions and 1 deletion.
128 changes: 128 additions & 0 deletions .github/ISSUE_TEMPLATE/new_python_tool_pip.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,128 @@
name: 🆕 NEW PIP PACKAGE
description: Propose the addition of a new Python package/tool that is installed with pip
title: "pip package proposal: <package_name>.vm"
labels: [":new: package"]
body:
- type: markdown
attributes:
value: |
Thanks for contributing to [VM-Packages](https://github.com/mandiant/VM-Packages), your package proposal supports tools available for [FLARE-VM](https://github.com/mandiant/flare-vm) and [CommandoVM](https://github.com/mandiant/commando-vm)! :cupid: Please ensure that your suggested tool doesn't already exist within the set of [current packages](https://github.com/mandiant/VM-Packages/tree/main/packages) and that there is no [issue](https://github.com/mandiant/VM-Packages/issues?q=is%3Aopen+is%3Aissue+label%3A%22%3Anew%3A+package%22) proposal already. If the tool is not related malware analysis, incident response, penetration testing and other security related tasking, consider using directly the [Chocolatey community package](https://community.chocolatey.org/packages) if there is one for the tool.
- type: input
id: pkg_name
attributes:
label: Package Name
description: |
The convention is to use lowercase names with the following format: `toolname` or `tool-name` and without `.vm` appended. Example: `autoit-ripper`. **Please add this name to the issue title as well** (keep the `.vm` in the title).
placeholder: ex. autoit-ripper
validations:
required: true
- type: input
id: tool_name
attributes:
label: Tool Name
description: |
The name of the tool being installed with `py -3.10 -m pip install <tool_name><version>`, Example: `autoit-ripper`.
placeholder: ex. autoit-ripper
validations:
required: true
- type: dropdown
id: type
validations:
required: true
attributes:
label: Package type
description: |
- **`PIP`** - A Python tool installed with `py -3.10 -m pip install <tool_name><version>`. Example: `py -3.10 -m pip install magika==0.5.0`
For other types of tools, use a different issue template.
options:
- PIP
- type: input
id: version
attributes:
label: Version
description: |
Tool's version number. Example: `1.4.11`. See the [_Version_ documentation in our wiki](https://github.com/mandiant/VM-Packages/wiki/Package-Structure#version) for more details.
placeholder: ex. 1.4.11
validations:
required: true
- type: dropdown
id: category
validations:
required: true
attributes:
label: Category
description: Which category should this tool be installed to?
options:
- Command & Control
- Credential Access
- Debuggers
- Delphi
- Disassemblers
- dotNet
- Documents
- Exploitation
- File Information
- Forensic
- Hex Editors
- InnoSetup
- Java & Android
- Javascript
- Lateral Movement
- Memory
- Networking
- Packers
- Payload Development
- PE
- Persistence
- Privilege Escalation
- Productivity Tools
- Python
- Reconnaissance
- Registry
- Shellcode
- Utilities
- Visual Basic
- Web Application
- Wordlists
- type: input
id: authors
attributes:
label: Tool's authors
description: |
Comma separated list of the tool's authors. Example: `Elmo, Bert, Grover, Cookie Monster`.
placeholder: ex. Elmo, Bert, Grover, Cookie Monster
validations:
required: true
- type: input
id: description
validations:
required: true
attributes:
label: Tool's description
description: |
The tool description should be short and not include version specific details or other information that is likely to change in a future version. Example: `FakeNet-NG is a dynamic network analysis tool.`
- type: input
id: dependencies
attributes:
label: Dependencies
description: |
The dependencies (tools/libraries that need to be installed) needed for installing or using this tool. Do not include Python3, as it is already included by default.
placeholder: ex. openjdk.vm, vcredist140, nodejs >= 5
- type: textarea
id: why
attributes:
label: Why is this tool a good addition?
description: Tell us why you would like to have this package in FLARE-VM/CommandoVM and how this tool is useful for malware analysis, incident response, penetration testing and other security related tasking. Adding new packages involves more maintenance work, tell us what is unique about this tool that can not be done with the current toolset.
validations:
required: true
- type: textarea
id: info
attributes:
label: Extra information
description: Tell us any other extra information that may be useful to create the package, such us how is the tool installed if it is not done in a standard way (if you selected type `OTHER/UNKNOWN`.).
- type: markdown
attributes:
value: |
---
We really appreciate that you share your package idea with us and we will review your issue as soon as possible. Please understand that our time is limited and we may not be able to create a package for this tool as fast as you may like. To speed up the process, please select the correct issue template and fill the issue accurately as this may allow our bot to send an automatic PR. Note that this may not work for all cases. You can check our [Contributing Wiki page](https://github.com/mandiant/VM-Packages/wiki/Contributing) and send a pull request with the new package. We encourage the community to help us create new packages and to maintain existing ones. Join us! :hugs:
69 changes: 68 additions & 1 deletion scripts/utils/create_package_template.py
Original file line number Diff line number Diff line change
Expand Up @@ -65,6 +65,21 @@ def package_version(dependency_version):
</package>
"""

NUSPEC_TEMPLATE_PIP = r"""<?xml version="1.0" encoding="utf-8"?>
<package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
<metadata>
<id>{pkg_name}.vm</id>
<version>{version}</version>
<authors>{authors}</authors>
<description>{description}</description>
<dependencies>
<dependency id="common.vm" version="0.0.0.20241209" />
<dependency id="python3.vm" />
</dependencies>
</metadata>
</package>
"""

"""
Needs the following format strings:
pkg_name="...", version="...", authors="...", description="...", dependency="...", dependency_version="..."
Expand Down Expand Up @@ -178,6 +193,22 @@ def package_version(dependency_version):
Needs the following format strings:
tool_name="...", category="..."
"""

PIP_TEMPLATE = r"""$ErrorActionPreference = 'Stop'
Import-Module vm.common -Force -DisableNameChecking
$toolName = '{tool_name}'
$category = '{category}'
$version = '=={version}'
VM-Install-With-Pip -toolName $toolName -category $category -version $version
"""

"""
Needs the following format strings:
tool_name="...", category="..."
"""

GENERIC_UNINSTALL_TEMPLATE = r"""$ErrorActionPreference = 'Continue'
Import-Module vm.common -Force -DisableNameChecking
Expand Down Expand Up @@ -211,6 +242,15 @@ def package_version(dependency_version):
VM-Uninstall-IDA-Plugin -pluginName $pluginName
"""
PIP_UNINSTALL_TEMPLATE = r"""$ErrorActionPreference = 'Continue'
Import-Module vm.common -Force -DisableNameChecking
$toolName = '{tool_name}'
$category = '{category}'
VM-Uninstall-With-Pip $toolName $category
"""



def create_zip_exe_template(packages_path, **kwargs):
Expand Down Expand Up @@ -305,7 +345,20 @@ def create_ida_plugin_template(packages_path, **kwargs):
target_url=kwargs.get("target_url"),
target_hash=kwargs.get("target_hash"),
)


def create_pip_template(packages_path, **kwargs):
create_template(
PIP_TEMPLATE,
nuspec_template=NUSPEC_TEMPLATE_PIP,
uninstall_template=PIP_UNINSTALL_TEMPLATE,
packages_path=packages_path,
pkg_name=kwargs.get("pkg_name"),
version=kwargs.get("version"),
authors=kwargs.get("authors"),
description=kwargs.get("description"),
tool_name=kwargs.get("tool_name"),
category=kwargs.get("category"),
)

def create_template(
template="",
Expand Down Expand Up @@ -353,6 +406,7 @@ def create_template(
f.write(
template.format(
tool_name=tool_name,
version=version,
category=category,
target_url=target_url,
target_hash=target_hash,
Expand Down Expand Up @@ -464,6 +518,19 @@ def get_script_directory():
"shim_path",
],
},
"PIP": {
"cb": create_pip_template,
"doc": "A Python package installed with pip",
"example": "py3 -m pip install magika==0.5.0",
"arguments": [
"pkg_name",
"version",
"authors",
"description",
"tool_name",
"category",
],
},
}


Expand Down

0 comments on commit 52a0ed7

Please sign in to comment.