assemblyline 4.7.0.dev16__tar.gz → 4.7.0.dev45__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (179) hide show
  1. {assemblyline-4.7.0.dev16/assemblyline.egg-info → assemblyline-4.7.0.dev45}/PKG-INFO +2 -2
  2. assemblyline-4.7.0.dev45/assemblyline/VERSION +1 -0
  3. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/bundling.py +24 -1
  4. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/custom.yara +22 -35
  5. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/config.py +6 -42
  6. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/remote/datatypes/daily_quota_tracker.py +14 -0
  7. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/remote/datatypes/user_quota_tracker.py +6 -1
  8. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45/assemblyline.egg-info}/PKG-INFO +2 -2
  9. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline.egg-info/requires.txt +1 -1
  10. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/setup.py +1 -1
  11. assemblyline-4.7.0.dev16/assemblyline/VERSION +0 -1
  12. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/LICENCE.md +0 -0
  13. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/MANIFEST.in +0 -0
  14. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/README.md +0 -0
  15. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/__init__.py +0 -0
  16. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/cachestore/__init__.py +0 -0
  17. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/__init__.py +0 -0
  18. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/archiving.py +0 -0
  19. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/attack_map.py +0 -0
  20. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/backupmanager.py +0 -0
  21. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/banner.py +0 -0
  22. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/caching.py +0 -0
  23. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/chunk.py +0 -0
  24. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/classification.py +0 -0
  25. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/classification.yml +0 -0
  26. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/cleanup_filestore.py +0 -0
  27. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/codec.py +0 -0
  28. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/comms.py +0 -0
  29. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/constants.py +0 -0
  30. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/custom.magic +0 -0
  31. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/dict_utils.py +0 -0
  32. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/digests.py +0 -0
  33. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/dispatcher.py +0 -0
  34. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/entropy.py +0 -0
  35. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/exceptions.py +0 -0
  36. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/file.py +0 -0
  37. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/forge.py +0 -0
  38. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/frequency.pyx +0 -0
  39. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/heuristics.py +0 -0
  40. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/hexdump.py +0 -0
  41. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/identify.py +0 -0
  42. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/identify_defaults.py +0 -0
  43. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/importing.py +0 -0
  44. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/iprange.py +0 -0
  45. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/isotime.py +0 -0
  46. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/log.py +0 -0
  47. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/logformat.py +0 -0
  48. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/lucene.lark +0 -0
  49. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/memory_zip.py +0 -0
  50. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/metrics.py +0 -0
  51. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/net.py +0 -0
  52. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/net_static.py +0 -0
  53. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/null.py +0 -0
  54. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/path.py +0 -0
  55. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/postprocess.py +0 -0
  56. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/random_user.py +0 -0
  57. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/security.py +0 -0
  58. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/signaturing.py +0 -0
  59. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/str_utils.py +0 -0
  60. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/tag_safelist.yml +0 -0
  61. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/tagging.py +0 -0
  62. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/threading.py +0 -0
  63. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/uid.py +0 -0
  64. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/version.py +0 -0
  65. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/datasource/__init__.py +0 -0
  66. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/datasource/al.py +0 -0
  67. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/datasource/alert.py +0 -0
  68. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/datasource/common.py +0 -0
  69. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/datastore/__init__.py +0 -0
  70. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/datastore/bulk.py +0 -0
  71. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/datastore/collection.py +0 -0
  72. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/datastore/exceptions.py +0 -0
  73. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/datastore/helper.py +0 -0
  74. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/datastore/store.py +0 -0
  75. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/datastore/support/__init__.py +0 -0
  76. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/datastore/support/build.py +0 -0
  77. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/datastore/support/schemas.py +0 -0
  78. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/filestore/__init__.py +0 -0
  79. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/filestore/transport/__init__.py +0 -0
  80. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/filestore/transport/azure.py +0 -0
  81. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/filestore/transport/base.py +0 -0
  82. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/filestore/transport/ftp.py +0 -0
  83. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/filestore/transport/http.py +0 -0
  84. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/filestore/transport/local.py +0 -0
  85. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/filestore/transport/s3.py +0 -0
  86. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/filestore/transport/sftp.py +0 -0
  87. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/__init__.py +0 -0
  88. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/base.py +0 -0
  89. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/common.py +0 -0
  90. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/messages/__init__.py +0 -0
  91. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/messages/alert.py +0 -0
  92. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/messages/alerter_heartbeat.py +0 -0
  93. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/messages/archive_heartbeat.py +0 -0
  94. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/messages/changes.py +0 -0
  95. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/messages/dispatcher_heartbeat.py +0 -0
  96. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/messages/dispatching.py +0 -0
  97. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/messages/elastic_heartbeat.py +0 -0
  98. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/messages/expiry_heartbeat.py +0 -0
  99. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/messages/ingest_heartbeat.py +0 -0
  100. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/messages/metrics.py +0 -0
  101. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/messages/retrohunt_heartbeat.py +0 -0
  102. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/messages/scaler_heartbeat.py +0 -0
  103. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/messages/scaler_status_heartbeat.py +0 -0
  104. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/messages/service_heartbeat.py +0 -0
  105. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/messages/service_timing_heartbeat.py +0 -0
  106. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/messages/submission.py +0 -0
  107. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/messages/task.py +0 -0
  108. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/messages/vacuum_heartbeat.py +0 -0
  109. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/__init__.py +0 -0
  110. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/actions.py +0 -0
  111. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/alert.py +0 -0
  112. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/apikey.py +0 -0
  113. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/badlist.py +0 -0
  114. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/cached_file.py +0 -0
  115. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/emptyresult.py +0 -0
  116. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/error.py +0 -0
  117. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/file.py +0 -0
  118. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/filescore.py +0 -0
  119. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/heuristic.py +0 -0
  120. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/ontology/__init__.py +0 -0
  121. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/ontology/file.py +0 -0
  122. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/ontology/filetypes/__init__.py +0 -0
  123. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/ontology/filetypes/pe.py +0 -0
  124. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/ontology/ontology.py +0 -0
  125. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/ontology/results/__init__.py +0 -0
  126. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/ontology/results/antivirus.py +0 -0
  127. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/ontology/results/http.py +0 -0
  128. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/ontology/results/malware_config.py +0 -0
  129. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/ontology/results/network.py +0 -0
  130. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/ontology/results/process.py +0 -0
  131. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/ontology/results/sandbox.py +0 -0
  132. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/ontology/results/signature.py +0 -0
  133. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/replay.py +0 -0
  134. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/result.py +0 -0
  135. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/retrohunt.py +0 -0
  136. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/safelist.py +0 -0
  137. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/service.py +0 -0
  138. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/service_delta.py +0 -0
  139. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/signature.py +0 -0
  140. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/statistics.py +0 -0
  141. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/submission.py +0 -0
  142. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/submission_summary.py +0 -0
  143. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/submission_tree.py +0 -0
  144. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/tagging.py +0 -0
  145. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/user.py +0 -0
  146. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/user_favorites.py +0 -0
  147. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/user_settings.py +0 -0
  148. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/workflow.py +0 -0
  149. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/random_data/__init__.py +0 -0
  150. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/random_data/create_test_data.py +0 -0
  151. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/random_data/sample_rules.yar +0 -0
  152. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/random_data/sample_suricata.rules +0 -0
  153. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/randomizer.py +0 -0
  154. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/py.typed +0 -0
  155. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/remote/__init__.py +0 -0
  156. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/remote/datatypes/__init__.py +0 -0
  157. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/remote/datatypes/cache.py +0 -0
  158. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/remote/datatypes/counters.py +0 -0
  159. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/remote/datatypes/events.py +0 -0
  160. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/remote/datatypes/exporting_counter.py +0 -0
  161. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/remote/datatypes/hash.py +0 -0
  162. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/remote/datatypes/lock.py +0 -0
  163. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/remote/datatypes/queues/__init__.py +0 -0
  164. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/remote/datatypes/queues/comms.py +0 -0
  165. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/remote/datatypes/queues/multi.py +0 -0
  166. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/remote/datatypes/queues/named.py +0 -0
  167. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/remote/datatypes/queues/priority.py +0 -0
  168. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/remote/datatypes/set.py +0 -0
  169. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/run/__init__.py +0 -0
  170. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/run/cli.py +0 -0
  171. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/run/pubsub_reader.py +0 -0
  172. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/run/suricata_importer.py +0 -0
  173. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/run/yara_importer.py +0 -0
  174. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline.egg-info/SOURCES.txt +0 -0
  175. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline.egg-info/dependency_links.txt +0 -0
  176. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline.egg-info/entry_points.txt +0 -0
  177. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline.egg-info/top_level.txt +0 -0
  178. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/pyproject.toml +0 -0
  179. {assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/setup.cfg +0 -0
{assemblyline-4.7.0.dev16/assemblyline.egg-info → assemblyline-4.7.0.dev45}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: assemblyline
3
- Version: 4.7.0.dev16
3
+ Version: 4.7.0.dev45
4
4
  Summary: Assemblyline 4 - Automated malware analysis framework
5
5
  Home-page: https://github.com/CybercentreCanada/assemblyline-base
6
6
  Author: CCCS Assemblyline development team
@@ -20,7 +20,7 @@ License-File: LICENCE.md
20
20
  Requires-Dist: arrow
21
21
  Requires-Dist: aiohttp
22
22
  Requires-Dist: lark
23
- Requires-Dist: urllib3
23
+ Requires-Dist: urllib3>=2.6.0
24
24
  Requires-Dist: python-baseconv
25
25
  Requires-Dist: boto3
26
26
  Requires-Dist: pysftp
assemblyline-4.7.0.dev45/assemblyline/VERSION ADDED
@@ -0,0 +1 @@
1
+ 4.7.0.dev45
{assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/bundling.py RENAMED
@@ -268,6 +268,7 @@ def import_bundle(
268
268
  identify=None,
269
269
  reclassification=None,
270
270
  to_ingest=False,
271
+ dtl=None
271
272
  ):
272
273
  with forge.get_datastore(archive_access=True) as datastore:
273
274
  current_working_dir = os.path.join(working_dir, get_random_id())
@@ -352,6 +353,13 @@ def import_bundle(
352
353
  submission['metadata']['bundle.loaded'] = now_as_iso()
353
354
  submission['metadata']['bundle.classification'] = original_classification
354
355
  submission['metadata'].pop('replay', None)
356
+ if dtl:
357
+ if dtl <= 0:
358
+ # Submission should never expire
359
+ submission['expiry_ts'] = None
360
+ else:
361
+ # Otherwise set the new expiry time
362
+ submission['expiry_ts'] = now_as_iso(dtl * 24 * 60 * 60)
355
363
  submission.update(Classification.get_access_control_parts(submission['classification']))
356
364
 
357
365
  if not rescan_services:
@@ -362,7 +370,15 @@ def import_bundle(
362
370
  with forge.get_filestore() as filestore:
363
371
  for f, f_data in files['infos'].items():
364
372
  check_classification(f_data)
365
- datastore.save_or_freshen_file(f, f_data, f_data['expiry_ts'], f_data['classification'],
373
+ expiry_ts = f_data.get('expiry_ts', None)
374
+ if dtl is not None:
375
+ if dtl <= 0:
376
+ # File should never expire
377
+ expiry_ts = None
378
+ else:
379
+ # Otherwise set the new expiry time
380
+ expiry_ts = now_as_iso(dtl * 24 * 60 * 60)
381
+ datastore.save_or_freshen_file(f, f_data, expiry_ts, f_data['classification'],
366
382
  cl_engine=Classification)
367
383
  try:
368
384
  filestore.upload(os.path.join(current_working_dir, f), f)
@@ -376,6 +392,13 @@ def import_bundle(
376
392
  config.submission.emptyresult_dtl * 24 * 60 * 60)})
377
393
  else:
378
394
  check_classification(res)
395
+ if dtl is not None:
396
+ if dtl <= 0:
397
+ # Result should never expire
398
+ res.pop('expiry_ts', None)
399
+ else:
400
+ # Otherwise set the new expiry time
401
+ res['expiry_ts'] = now_as_iso(dtl * 24 * 60 * 60)
379
402
  datastore.result.save(key, res)
380
403
 
381
404
  # Make sure errors meet minimum classification and save the errors
{assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/common/custom.yara RENAMED
@@ -382,52 +382,39 @@ rule code_html_component {
382
382
  document/email
383
383
  */
384
384
 
385
- rule document_email_1 {
385
+ rule document_email {
386
386
 
387
387
  meta:
388
388
  type = "document/email"
389
389
  score = 15
390
390
 
391
391
  strings:
392
- // This is a common JavaScript key
393
- $rec = "From:"
394
- $subrec1 = "Bcc:"
395
- // This is a common JavaScript key
396
- $subrec2 = "To:"
397
- $subrec3 = "Date:"
398
- // This is a common JavaScript key
399
- $opt1 = ">Subject:"
400
- $opt2 = "Received: from"
401
- $opt3 = "MIME-Version:"
402
- $opt4 = "Content-Type:"
403
- $opt5 = "Sent on:"
392
+ $from = /(^|\n)From: /
393
+ $to = /(^|\n)To: /
394
+ $subject = /(^|\n)Subject: /
395
+ $date = /(^|\n)Date: /
396
+ $mime_version = /(^|\n)MIME-Version: /
397
+ $multipart_content_type = /(^|\n)Content-Type: multipart\/(alternative|byteranges|digest|form-data|mixed|parallel|related);\s{0,20}boundary=/
398
+ $html_content_type = /(^|\n)Content-Type: text\/html;\s{0,20}charset=/
399
+ $html_tag = /<html/i
404
400
 
405
401
  condition:
406
- // This is a relatively* trusted mime for identifying JavaScript that could be mis-identified as emails
407
- mime != "application/javascript"
408
- and
409
- (
410
- all of ($rec*)
411
- and 1 of ($subrec*)
412
- and 1 of ($opt*)
402
+ $from
403
+ and (
404
+ $mime_version
405
+ or (
406
+ $to and $subject and $date
407
+ )
408
+ ) and (
409
+ $multipart_content_type
410
+ or (
411
+ $html_content_type
412
+ and $html_tag
413
+ and @html_content_type[1] < @html_tag[1]
414
+ )
413
415
  )
414
416
  }
415
417
 
416
- rule document_email_2 {
417
-
418
- meta:
419
- type = "document/email"
420
- score = 10
421
-
422
- strings:
423
- $ = /(^|\n)From: /
424
- $ = /(^|\n)MIME-Version: /
425
- $ = /(^|\n)Content-Type: multipart\/mixed;\s*boundary=/
426
-
427
- condition:
428
- all of them
429
- }
430
-
431
418
 
432
419
  /*
433
420
  log/vipermonkey
{assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/odm/models/config.py RENAMED
@@ -247,46 +247,6 @@ class OAuthProvider(odm.Model):
247
247
  default="groups", description="Name of the field in the id token that contains the list of groups."
248
248
  )
249
249
 
250
-
251
- DEFAULT_OAUTH_PROVIDER_AZURE = {
252
- "access_token_url": 'https://login.microsoftonline.com/common/oauth2/token',
253
- "api_base_url": 'https://login.microsoft.com/common/',
254
- "authorize_url": 'https://login.microsoftonline.com/common/oauth2/authorize',
255
- "client_id": None,
256
- "client_secret": None,
257
- "client_kwargs": {"scope": "openid email profile"},
258
- "jwks_uri": "https://login.microsoftonline.com/common/discovery/v2.0/keys",
259
- "user_get": "openid/userinfo"
260
- }
261
-
262
- DEFAULT_OAUTH_PROVIDER_GOOGLE = {
263
- "access_token_url": 'https://oauth2.googleapis.com/token',
264
- "api_base_url": 'https://openidconnect.googleapis.com/',
265
- "authorize_url": 'https://accounts.google.com/o/oauth2/v2/auth',
266
- "client_id": None,
267
- "client_secret": None,
268
- "client_kwargs": {"scope": "openid email profile"},
269
- "jwks_uri": "https://www.googleapis.com/oauth2/v3/certs",
270
- "user_get": "v1/userinfo"
271
- }
272
-
273
- DEFAULT_OAUTH_PROVIDER_AUTH_ZERO = {
274
- "access_token_url": 'https://{TENANT}.auth0.com/oauth/token',
275
- "api_base_url": 'https://{TENANT}.auth0.com/',
276
- "authorize_url": 'https://{TENANT}.auth0.com/authorize',
277
- "client_id": None,
278
- "client_secret": None,
279
- "client_kwargs": {"scope": "openid email profile"},
280
- "jwks_uri": "https://{TENANT}.auth0.com/.well-known/jwks.json",
281
- "user_get": "userinfo"
282
- }
283
-
284
- DEFAULT_OAUTH_PROVIDERS = {
285
- 'auth0': DEFAULT_OAUTH_PROVIDER_AUTH_ZERO,
286
- 'azure_ad': DEFAULT_OAUTH_PROVIDER_AZURE,
287
- 'google': DEFAULT_OAUTH_PROVIDER_GOOGLE,
288
- }
289
-
290
250
  OPEN_ID_CONFIGURATION_TO_OAUTH_PROVIDER_MAP = {
291
251
  "authorization_endpoint": "authorize_url",
292
252
  "issuer": "api_base_url",
@@ -300,14 +260,14 @@ class OAuth(odm.Model):
300
260
  enabled: bool = odm.Boolean(description="Enable use of OAuth?")
301
261
  gravatar_enabled: bool = odm.Boolean(description="Enable gravatar?")
302
262
  providers: Dict[str, OAuthProvider] = odm.Mapping(odm.Compound(OAuthProvider),
303
- default=DEFAULT_OAUTH_PROVIDERS,
263
+ default={},
304
264
  description="OAuth provider configuration")
305
265
 
306
266
 
307
267
  DEFAULT_OAUTH = {
308
268
  "enabled": False,
309
269
  "gravatar_enabled": True,
310
- "providers": DEFAULT_OAUTH_PROVIDERS
270
+ "providers": {}
311
271
  }
312
272
 
313
273
 
@@ -457,6 +417,10 @@ class SAMLAttributes(odm.Model):
457
417
  email_attribute: str = odm.Keyword(description="SAML attribute name for a user's email address ", default="email")
458
418
  fullname_attribute: str = odm.Keyword(description="SAML attribute name for a user's first name", default="name")
459
419
  groups_attribute: str = odm.Keyword(description="SAML attribute name for the groups", default="groups")
420
+ classification_attribute: str = odm.Keyword(
421
+ description="SAML attribute name for cliassification", default="classification"
422
+ )
423
+ dn_attribute: str = odm.Keyword(description="SAML attribute name for user's LDAP DN", default="dn")
460
424
  roles_attribute: str = odm.Keyword(description="SAML attribute name for the roles", default="roles")
461
425
  group_type_mapping: Dict[str, str] = odm.Mapping(
462
426
  odm.Keyword(), description="SAML group to role mapping", default={})
{assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/remote/datatypes/daily_quota_tracker.py RENAMED
@@ -51,3 +51,17 @@ class DailyQuotaTracker(object):
51
51
 
52
52
  def get_submission(self, user):
53
53
  return int(self._get(user, 'submission'))
54
+
55
+ def _reset(self, user, type):
56
+ counter = self._counter_name(user, type)
57
+ with self.c.pipeline() as pipe:
58
+ pipe.set(counter, 0)
59
+ pipe.expire(counter, self.ttl, nx=True)
60
+
61
+ val, _ = retry_call(pipe.execute)
62
+
63
+ def reset_api(self, user):
64
+ self._reset(user, "api")
65
+
66
+ def reset_submission(self, user):
67
+ self._reset(user, "submission")
{assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline/remote/datatypes/user_quota_tracker.py RENAMED
@@ -1,4 +1,3 @@
1
-
2
1
  import redis
3
2
  from assemblyline.remote.datatypes import get_client, retry_call
4
3
 
@@ -52,3 +51,9 @@ class UserQuotaTracker(object):
52
51
  retry_call(self.c.zpopmin, self._queue_name(user))
53
52
  else:
54
53
  raise
54
+
55
+ def reset(self, user):
56
+ retry_call(self.c.delete, self._queue_name(user))
57
+
58
+ def get_count(self, user):
59
+ return retry_call(self.c.zcard, self._queue_name(user))
{assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45/assemblyline.egg-info}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: assemblyline
3
- Version: 4.7.0.dev16
3
+ Version: 4.7.0.dev45
4
4
  Summary: Assemblyline 4 - Automated malware analysis framework
5
5
  Home-page: https://github.com/CybercentreCanada/assemblyline-base
6
6
  Author: CCCS Assemblyline development team
@@ -20,7 +20,7 @@ License-File: LICENCE.md
20
20
  Requires-Dist: arrow
21
21
  Requires-Dist: aiohttp
22
22
  Requires-Dist: lark
23
- Requires-Dist: urllib3
23
+ Requires-Dist: urllib3>=2.6.0
24
24
  Requires-Dist: python-baseconv
25
25
  Requires-Dist: boto3
26
26
  Requires-Dist: pysftp
{assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/assemblyline.egg-info/requires.txt RENAMED
@@ -1,7 +1,7 @@
1
1
  arrow
2
2
  aiohttp
3
3
  lark
4
- urllib3
4
+ urllib3>=2.6.0
5
5
  python-baseconv
6
6
  boto3
7
7
  pysftp
{assemblyline-4.7.0.dev16 → assemblyline-4.7.0.dev45}/setup.py RENAMED
@@ -47,7 +47,7 @@ setup(
47
47
  'arrow',
48
48
  'aiohttp',
49
49
  'lark',
50
- 'urllib3',
50
+ 'urllib3>=2.6.0',
51
51
  'python-baseconv',
52
52
  'boto3',
53
53
  'pysftp',
assemblyline-4.7.0.dev16/assemblyline/VERSION DELETED
@@ -1 +0,0 @@
1
- 4.7.0.dev16