assemblyline 4.7.1.dev18__tar.gz → 4.7.1.dev20__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (179) hide show
  1. {assemblyline-4.7.1.dev18/assemblyline.egg-info → assemblyline-4.7.1.dev20}/PKG-INFO +1 -1
  2. assemblyline-4.7.1.dev20/assemblyline/VERSION +1 -0
  3. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/config.py +74 -10
  4. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20/assemblyline.egg-info}/PKG-INFO +1 -1
  5. assemblyline-4.7.1.dev18/assemblyline/VERSION +0 -1
  6. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/LICENCE.md +0 -0
  7. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/MANIFEST.in +0 -0
  8. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/README.md +0 -0
  9. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/__init__.py +0 -0
  10. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/cachestore/__init__.py +0 -0
  11. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/__init__.py +0 -0
  12. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/archiving.py +0 -0
  13. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/attack_map.py +0 -0
  14. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/backupmanager.py +0 -0
  15. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/banner.py +0 -0
  16. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/bundling.py +0 -0
  17. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/caching.py +0 -0
  18. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/chunk.py +0 -0
  19. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/classification.py +0 -0
  20. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/classification.yml +0 -0
  21. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/cleanup_filestore.py +0 -0
  22. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/codec.py +0 -0
  23. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/comms.py +0 -0
  24. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/constants.py +0 -0
  25. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/custom.magic +0 -0
  26. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/custom.yara +0 -0
  27. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/dict_utils.py +0 -0
  28. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/digests.py +0 -0
  29. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/dispatcher.py +0 -0
  30. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/entropy.py +0 -0
  31. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/exceptions.py +0 -0
  32. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/file.py +0 -0
  33. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/forge.py +0 -0
  34. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/frequency.pyx +0 -0
  35. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/heuristics.py +0 -0
  36. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/hexdump.py +0 -0
  37. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/identify.py +0 -0
  38. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/identify_defaults.py +0 -0
  39. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/importing.py +0 -0
  40. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/iprange.py +0 -0
  41. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/isotime.py +0 -0
  42. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/log.py +0 -0
  43. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/logformat.py +0 -0
  44. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/lucene.lark +0 -0
  45. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/memory_zip.py +0 -0
  46. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/metrics.py +0 -0
  47. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/net.py +0 -0
  48. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/net_static.py +0 -0
  49. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/null.py +0 -0
  50. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/path.py +0 -0
  51. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/postprocess.py +0 -0
  52. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/random_user.py +0 -0
  53. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/security.py +0 -0
  54. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/signaturing.py +0 -0
  55. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/str_utils.py +0 -0
  56. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/tag_safelist.yml +0 -0
  57. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/tagging.py +0 -0
  58. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/threading.py +0 -0
  59. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/uid.py +0 -0
  60. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/common/version.py +0 -0
  61. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/datasource/__init__.py +0 -0
  62. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/datasource/al.py +0 -0
  63. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/datasource/alert.py +0 -0
  64. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/datasource/common.py +0 -0
  65. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/datastore/__init__.py +0 -0
  66. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/datastore/bulk.py +0 -0
  67. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/datastore/collection.py +0 -0
  68. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/datastore/exceptions.py +0 -0
  69. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/datastore/helper.py +0 -0
  70. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/datastore/store.py +0 -0
  71. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/datastore/support/__init__.py +0 -0
  72. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/datastore/support/build.py +0 -0
  73. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/datastore/support/schemas.py +0 -0
  74. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/filestore/__init__.py +0 -0
  75. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/filestore/transport/__init__.py +0 -0
  76. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/filestore/transport/azure.py +0 -0
  77. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/filestore/transport/base.py +0 -0
  78. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/filestore/transport/ftp.py +0 -0
  79. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/filestore/transport/http.py +0 -0
  80. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/filestore/transport/local.py +0 -0
  81. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/filestore/transport/s3.py +0 -0
  82. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/filestore/transport/sftp.py +0 -0
  83. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/__init__.py +0 -0
  84. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/base.py +0 -0
  85. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/common.py +0 -0
  86. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/messages/__init__.py +0 -0
  87. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/messages/alert.py +0 -0
  88. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/messages/alerter_heartbeat.py +0 -0
  89. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/messages/archive_heartbeat.py +0 -0
  90. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/messages/changes.py +0 -0
  91. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/messages/dispatcher_heartbeat.py +0 -0
  92. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/messages/dispatching.py +0 -0
  93. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/messages/elastic_heartbeat.py +0 -0
  94. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/messages/expiry_heartbeat.py +0 -0
  95. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/messages/ingest_heartbeat.py +0 -0
  96. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/messages/metrics.py +0 -0
  97. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/messages/retrohunt_heartbeat.py +0 -0
  98. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/messages/scaler_heartbeat.py +0 -0
  99. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/messages/scaler_status_heartbeat.py +0 -0
  100. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/messages/service_heartbeat.py +0 -0
  101. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/messages/service_timing_heartbeat.py +0 -0
  102. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/messages/submission.py +0 -0
  103. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/messages/task.py +0 -0
  104. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/messages/vacuum_heartbeat.py +0 -0
  105. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/__init__.py +0 -0
  106. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/actions.py +0 -0
  107. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/alert.py +0 -0
  108. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/apikey.py +0 -0
  109. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/badlist.py +0 -0
  110. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/cached_file.py +0 -0
  111. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/emptyresult.py +0 -0
  112. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/error.py +0 -0
  113. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/file.py +0 -0
  114. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/filescore.py +0 -0
  115. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/heuristic.py +0 -0
  116. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/ontology/__init__.py +0 -0
  117. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/ontology/file.py +0 -0
  118. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/ontology/filetypes/__init__.py +0 -0
  119. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/ontology/filetypes/pe.py +0 -0
  120. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/ontology/ontology.py +0 -0
  121. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/ontology/results/__init__.py +0 -0
  122. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/ontology/results/antivirus.py +0 -0
  123. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/ontology/results/http.py +0 -0
  124. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/ontology/results/malware_config.py +0 -0
  125. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/ontology/results/network.py +0 -0
  126. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/ontology/results/process.py +0 -0
  127. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/ontology/results/sandbox.py +0 -0
  128. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/ontology/results/signature.py +0 -0
  129. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/replay.py +0 -0
  130. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/result.py +0 -0
  131. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/retrohunt.py +0 -0
  132. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/safelist.py +0 -0
  133. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/service.py +0 -0
  134. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/service_delta.py +0 -0
  135. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/signature.py +0 -0
  136. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/statistics.py +0 -0
  137. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/submission.py +0 -0
  138. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/submission_summary.py +0 -0
  139. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/submission_tree.py +0 -0
  140. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/tagging.py +0 -0
  141. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/user.py +0 -0
  142. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/user_favorites.py +0 -0
  143. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/user_settings.py +0 -0
  144. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/workflow.py +0 -0
  145. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/random_data/__init__.py +0 -0
  146. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/random_data/create_test_data.py +0 -0
  147. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/random_data/sample_rules.yar +0 -0
  148. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/random_data/sample_suricata.rules +0 -0
  149. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/randomizer.py +0 -0
  150. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/py.typed +0 -0
  151. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/remote/__init__.py +0 -0
  152. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/remote/datatypes/__init__.py +0 -0
  153. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/remote/datatypes/cache.py +0 -0
  154. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/remote/datatypes/counters.py +0 -0
  155. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/remote/datatypes/daily_quota_tracker.py +0 -0
  156. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/remote/datatypes/events.py +0 -0
  157. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/remote/datatypes/exporting_counter.py +0 -0
  158. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/remote/datatypes/hash.py +0 -0
  159. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/remote/datatypes/lock.py +0 -0
  160. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/remote/datatypes/queues/__init__.py +0 -0
  161. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/remote/datatypes/queues/comms.py +0 -0
  162. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/remote/datatypes/queues/multi.py +0 -0
  163. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/remote/datatypes/queues/named.py +0 -0
  164. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/remote/datatypes/queues/priority.py +0 -0
  165. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/remote/datatypes/set.py +0 -0
  166. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/remote/datatypes/user_quota_tracker.py +0 -0
  167. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/run/__init__.py +0 -0
  168. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/run/cli.py +0 -0
  169. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/run/pubsub_reader.py +0 -0
  170. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/run/suricata_importer.py +0 -0
  171. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/run/yara_importer.py +0 -0
  172. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline.egg-info/SOURCES.txt +0 -0
  173. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline.egg-info/dependency_links.txt +0 -0
  174. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline.egg-info/entry_points.txt +0 -0
  175. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline.egg-info/requires.txt +0 -0
  176. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline.egg-info/top_level.txt +0 -0
  177. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/pyproject.toml +0 -0
  178. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/setup.cfg +0 -0
  179. {assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/setup.py +0 -0
{assemblyline-4.7.1.dev18/assemblyline.egg-info → assemblyline-4.7.1.dev20}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: assemblyline
3
- Version: 4.7.1.dev18
3
+ Version: 4.7.1.dev20
4
4
  Summary: Assemblyline 4 - Automated malware analysis framework
5
5
  Home-page: https://github.com/CybercentreCanada/assemblyline-base
6
6
  Author: CCCS Assemblyline development team
assemblyline-4.7.1.dev20/assemblyline/VERSION ADDED
@@ -0,0 +1 @@
1
+ 4.7.1.dev20
{assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20}/assemblyline/odm/models/config.py RENAMED
@@ -2078,39 +2078,104 @@ DEFAULT_SUBMISSION_PROFILES = [
2078
2078
  {
2079
2079
  "name": "static",
2080
2080
  "display_name": "Static Analysis [OFFLINE]",
2081
- "params": {
2081
+ "summary": "Quick scan; keep it local",
2082
+ "description": """
2083
+ **Summary**
2084
+
2085
+ Quick, local-only scan with no execution.
2086
+
2087
+ **What it does**
2088
+
2089
+ Analyzes files using internal and open-source tools (e.g., YARA, CAPA) to inspect their structure, metadata, and embedded indicators without running any code.
2090
+
2091
+ **When to use it**
2092
+ - Rapid triage
2093
+ - Checking sensitive or proprietary files that must never leave the local network
2094
+
2095
+ **Limitations**
2096
+ - Low detection rate for packed or heavily obfuscated malware
2097
+ - Cannot observe runtime behavior or command-and-control (C2) logic
2098
+ """,
2099
+ "params": {
2082
2100
  "services": {
2083
2101
  "selected": DEFAULT_SRV_SEL
2084
2102
  }
2085
2103
  },
2086
- "summary": "Only perform static analysis",
2087
- "description": "Analyze files using static analysis techniques and extract information from the file without executing it, such as metadata, strings, and structural information."
2088
2104
  },
2089
2105
  {
2090
2106
  "name": "static_with_dynamic",
2091
2107
  "display_name": "Static + Dynamic Analysis [OFFLINE]",
2092
- "params": {
2108
+ "summary": "See behavior; keep it local",
2109
+ "description": """
2110
+ **Summary**
2111
+
2112
+ Local sandbox detonation with behavioral visibility.
2113
+
2114
+ **What it does**
2115
+
2116
+ Combines static analysis with full dynamic execution in a local sandbox to observe process creation, file system changes, registry activity, and system interactions.
2117
+
2118
+ **When to use it**
2119
+ - Standard malware investigation
2120
+ - Understanding what a file does at runtime without risking data leakage to third-party APIs
2121
+
2122
+ **Limitations**
2123
+ - Malware may evade or delay execution if it detects the sandbox environment
2124
+ - Limited visibility into network-based indicators without internet access
2125
+ """, "params": {
2093
2126
  "services": {
2094
2127
  "selected": DEFAULT_SRV_SEL + ["Dynamic Analysis"]
2095
2128
  }
2096
2129
  },
2097
- "summary": "Perform static analysis along with dynamic analysis",
2098
- "description": "Analyze files using static analysis techniques along with executing them in a controlled environment to observe their behavior and capture runtime activities, interactions with the system, network communications, and any malicious behavior exhibited by the file during execution."
2099
2130
  },
2100
2131
  {
2101
2132
  "name": "static_with_internet",
2102
2133
  "display_name": "Static Analysis [ONLINE]",
2134
+ "summary": "Is this a known threat? (Quick check)",
2135
+ "description": """
2136
+ **Summary**
2137
+
2138
+ Quick reputation check using global intelligence sources.
2139
+
2140
+ **What it does**
2141
+
2142
+ Performs metadata and hash lookups against external services (e.g., VirusTotal, Google Threat Intelligence) without executing the file.
2143
+
2144
+ **When to use it**
2145
+ - Quickly determining whether a file is already known malicious
2146
+ - Prioritizing triage based on global reputation
2147
+
2148
+ **Limitations**
2149
+ - Potential data leakage via hash or metadata queries
2150
+ - Unique samples may alert adversaries that analysis is occurring
2151
+ """,
2103
2152
  "params": {
2104
2153
  "services": {
2105
2154
  "selected": DEFAULT_SRV_SEL + ["Internet Connected"]
2106
2155
  },
2107
2156
  },
2108
- "summary": "Perform static analysis along with internet connected services",
2109
- "description": "Combine traditional static analysis techniques with internet-connected services to gather additional information and context about the file being analyzed."
2110
2157
  },
2111
2158
  {
2112
2159
  "name": "static_and_dynamic_with_internet",
2113
2160
  "display_name": "Static + Dynamic Analysis [ONLINE]",
2161
+ "summary": "Full deep-dive; allow network traffic",
2162
+ "description": """
2163
+ **Summary**
2164
+
2165
+ Complete analysis with execution and internet access.
2166
+
2167
+ **What it does**
2168
+
2169
+ Executes files in a sandbox with live internet connectivity to capture command-and-control traffic, network indicators, and runtime behavior, while also leveraging external reputation services.
2170
+
2171
+ **When to use it**
2172
+ - Deep investigation of unknown or high-risk samples
2173
+ - Identifying network IOCs and full malware lifecycle behavior
2174
+
2175
+ **Limitations**
2176
+ - Privacy and data exposure risk
2177
+ - Sample or metadata may be shared with third-party services
2178
+ """,
2114
2179
  "params": {
2115
2180
  "services": {
2116
2181
  "selected": DEFAULT_SRV_SEL + ["Internet Connected", "Dynamic Analysis"]
@@ -2124,8 +2189,6 @@ DEFAULT_SUBMISSION_PROFILES = [
2124
2189
  }
2125
2190
  }
2126
2191
  },
2127
- "summary": "Perform static + dynamic analysis with internet connectivity",
2128
- "description": "Perform comprehensive file analysis using traditional static and dynamic analysis techniques with internet access."
2129
2192
  },
2130
2193
  ]
2131
2194
 
@@ -2166,6 +2229,7 @@ class Submission(odm.Model):
2166
2229
  description="Set the operation that will be used to update values "
2167
2230
  "using this key in the temporary submission data.")
2168
2231
  profiles = odm.List(odm.Compound(SubmissionProfile),
2232
+ default=DEFAULT_SUBMISSION_PROFILES,
2169
2233
  description="Submission profiles with preset submission parameters")
2170
2234
 
2171
2235
 
{assemblyline-4.7.1.dev18 → assemblyline-4.7.1.dev20/assemblyline.egg-info}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: assemblyline
3
- Version: 4.7.1.dev18
3
+ Version: 4.7.1.dev20
4
4
  Summary: Assemblyline 4 - Automated malware analysis framework
5
5
  Home-page: https://github.com/CybercentreCanada/assemblyline-base
6
6
  Author: CCCS Assemblyline development team
assemblyline-4.7.1.dev18/assemblyline/VERSION DELETED
@@ -1 +0,0 @@
1
- 4.7.1.dev18