🔍
CSAPP
  • 🔍CSAPP
  • Overview
    • 💡Why??
    • ✨Features
      • ⛏️pypi_data_harvest.py
      • 🗃️pypi_package_validator.py
      • 🎯audit_pypi_info_db.py
  • Fundamentals
    • 🛠️Getting set up
  • Web App Walkthrough
    • 🏠Homepage
    • 🧐Explore Page
  • Threat Hunting
    • 📔PyPI's Terms of Use
    • ❔Useful SQL Queries
    • 🕵️‍♂️Analyzing A Python Package
    • 👾Malicious Package Techniques
    • 🎯Hunting Tips
Powered by GitBook
On this page
  1. Fundamentals

Getting set up

Steps to install CSAPP and start the web app

Step1: Clone the CSAPP repository
git clone https://github.com/adamcysec/CSAPP.git
Step 2: Install the dependencies
pip install streamlit duckdb csapptools beautifulsoup4 requests argparse
Step 3: Download the full PyPI data set

https://drive.google.com/file/d/176E-5gb97egmRe8W9K-bh2YqHPn1W0PE/view?usp=sharing

  • Due to the file size being about 160 MB, I have to host the file on Google Drive.

  • Store the data set CSV file in the CSAPP directory.

Step 4: Update the data set

pypi_data_harvest.py requires an API key from libraries.io

  1. Create an account on libraries.io

  2. Create a hidden directory in your user's home folder called .librariesio

  3. Saved libraries.io api key in a txt file called api_key.txt

py pypi_data_harvest.py --update "pypi_info_db.csv"

  • New PyPI packages are uploaded every day, therefore you will want to update the data set before use.

Step 5: Run the web app locally
streamlit run pypi_streamlit.py

if you have more than one version of python installed you may need to run streamlit like so:

python3 -m streamlit run pypi_streamlit.py

  • You will want to run the app locally to use the full data set.

Previousaudit_pypi_info_db.pyNextHomepage

Last updated 1 year ago

🛠️