This is a pre-production deployment of Warehouse. Changes made here affect the production instance of PyPI (pypi.python.org).
Help us improve Python packaging - Donate today!

Django application for submitting and tracking malicious code samples to AV companies

Project Description

django-avsubmit is an application written for Django to allow security response groups (CIRTs, SOCs, etc.) to easily upload and submit malicious code samples to antivirus vendors and other security research partners.

The application supports the following workflow and features:

Workflow

  1. User creates “submission targets” as organizations with email addresses to which samples may be submitted.
  2. User uploads malware sample. File properties (size, type, hashes, etc.) are extracted.
  3. User supplies notes/background for sample and selects one or more organizations to whom sample will be submitted. Freeform Cc email addresses may also be specified.
  4. Sample is zipped, encrypted with a password, and emailed to recipients. Each specified recipient receives a copy of the email complete with user’s supplied notes.
  5. Submission is logged, capturing time of submission, file name, hash details, file size and type, submitter name, notes supplied about the sample, and the organizations to whom the message was submitted successfully.

Features

  • Provides solution to limited authorized submitters as allowed by some “enterprise” AV support contracts. Multiple users may submit samples using a single email sender address, while also gaining a standardized process and tracking/collaborative benefits.
  • Calculates file size, file type (using file(1)), and cryptographic hashes: MD5, SHA1, SHA256.
  • Provides a permission for Django’s auth framework to control who may submit samples to targets.
  • Provides search interface and paginated output. Search supports searching by supported file hashes, file name and submitter name.
  • Uses by default the standard passphase of “infected” (no quotes) for ZIP archives.
Release History

Release History

This version
History Node

0.1.0.1

History Node

0.1.0

Download Files

Download Files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

File Name & Checksum SHA256 Checksum Help Version File Type Upload Date
django-avsubmit-0.1.0.1.tar.gz (20.0 kB) Copy SHA256 Checksum SHA256 Source Jun 23, 2012

Supported By

WebFaction WebFaction Technical Writing Elastic Elastic Search Pingdom Pingdom Monitoring Dyn Dyn DNS Sentry Sentry Error Logging CloudAMQP CloudAMQP RabbitMQ Heroku Heroku PaaS Kabu Creative Kabu Creative UX & Design Fastly Fastly CDN DigiCert DigiCert EV Certificate Rackspace Rackspace Cloud Servers DreamHost DreamHost Log Hosting