Arvos Command Line Utility
Project description
CLI tool for running arvos.
Requirements
Python >= 3.9 and pip installed
Docker installed
Debugfs mounted ( sudo mount -t debugfs debugfs /sys/kernel/debug )
- Linux kernel headers ( If not installed already )
Ubuntu/Debian : apt-get install -y linux-headers-$(uname -r)
CentOs : yum install -y kernel-devel
Fedora : dnf install -y kernel-devel
How to install
$ pip install arvos
Usage
The following command will build an application image ( based on jdk 17 ) from the specified jar, run it, and run the tracer app for a period of 2 minutes.
$ arvos scan --java 17 --jar target/application.jar --trace-period 2 --pom pom.xml
Or ( This will generate a .pdf report of the found vunlerable )
$ arvos scan --java 18 --jar target/java-app-0.0.1-SNAPSHOT.jar --trace-period 2 --save-report
If you do not have a ready Java 17/18 based application, you can use the following sample application: https://github.com/ayoubeddafali/spring-vulnerable-app.
The .jar file can be downloaded from : https://github.com/ayoubeddafali/spring-vulnerable-app/releases/download/0.0.1-snapshot/java-app-0.0.1-SNAPSHOT.jar
Supported platforms
Only Linux is supported.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
Built Distribution
Hashes for arvos-3.0.8-py2.py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 3b2cc781d4b3c8025cbc18054e042a9ad63ebdd8456eb2653106abc6b326e9c2 |
|
MD5 | d22e47d58946b1f13faa5d2027ecd8e7 |
|
BLAKE2b-256 | 14fca4f2fd8e9fcafb33af9a7b7b69d560e44c6cf777776f415a86c0f49ac1c7 |