pyrox.dev
1{
2 lib,
3 buildPythonPackage,
4 dissect-cstruct,
5 dissect-util,
6 fetchFromGitHub,
7 flow-record,
8 hatch-vcs,
9 hatchling,
10 httpx,
11 lark,
12 pycryptodome,
13 pyshark,
14 pytest-httpserver,
15 pytestCheckHook,
16 pythonOlder,
17 rich,
18}:
19
20buildPythonPackage rec {
21 pname = "dissect-cobaltstrike";
22 version = "1.2.1";
23 pyproject = true;
24
25 disabled = pythonOlder "3.7";
26
27 src = fetchFromGitHub {
28 owner = "fox-it";
29 repo = "dissect.cobaltstrike";
30 tag = "v${version}";
31 hash = "sha256-0Wi0H9jL7suF/d92Sg2LuE6M2EzbIWsEC7Jjd1eJGTw=";
32 };
33
34 build-system = [
35 hatch-vcs
36 hatchling
37 ];
38
39 dependencies = [
40 dissect-cstruct
41 dissect-util
42 lark
43 ];
44
45 optional-dependencies = {
46 c2 = [
47 flow-record
48 httpx
49 pycryptodome
50 ];
51 pcap = [
52 flow-record
53 httpx
54 pycryptodome
55 pyshark
56 ];
57 full = [
58 flow-record
59 httpx
60 pycryptodome
61 pyshark
62 rich
63 ];
64 };
65
66 __darwinAllowLocalNetworking = true;
67
68 nativeCheckInputs = [
69 pytest-httpserver
70 pytestCheckHook
71 ]
72 ++ lib.flatten (builtins.attrValues optional-dependencies);
73
74 pythonImportsCheck = [ "dissect.cobaltstrike" ];
75
76 meta = with lib; {
77 description = "Dissect module implementing a parser for Cobalt Strike related data";
78 homepage = "https://github.com/fox-it/dissect.cobaltstrike";
79 changelog = "https://github.com/fox-it/dissect.cobaltstrike/releases/tag/${src.tag}";
80 license = licenses.agpl3Only;
81 maintainers = with maintainers; [ fab ];
82 };
83}