%global _empty_manifest_terminate_build 0 Name: python-libcsce Version: 0.1.0 Release: 1 Summary: Cobalt Strike configuration extractor and parser library and scripts. License: Apache-2.0 URL: https://github.com/strozfriedberg/cobaltstrike-config-extractor Source0: https://mirrors.aliyun.com/pypi/web/packages/84/32/cea16d30b5b5379a19f9fe1e1d410f32d6ac4a25872f6ab59c5570fb8bbf/libcsce-0.1.0.tar.gz BuildArch: noarch Requires: python3-pefile %description Pure Python library and set of scripts to extract and parse configurations (configs) from `Cobalt Strike Beacons `_. The library, ``libcsce``, contains classes for building tools to work with Beacon configs. There are also two CLI scripts included that use the library to parse Beacon config data: 1. ``csce``: Parses all known Beacon config settings to JSON, mimicing the `Malleable C2 profile `_ structure. 2. ``list-cs-settings``: Attempts to find by brute-force the associated Cobalt Strike version, and all settings/their types, of a Beacon config. This script is useful for conducting research on Beacon samples. %package -n python3-libcsce Summary: Cobalt Strike configuration extractor and parser library and scripts. Provides: python-libcsce BuildRequires: python3-devel BuildRequires: python3-setuptools BuildRequires: python3-pip %description -n python3-libcsce Pure Python library and set of scripts to extract and parse configurations (configs) from `Cobalt Strike Beacons `_. The library, ``libcsce``, contains classes for building tools to work with Beacon configs. There are also two CLI scripts included that use the library to parse Beacon config data: 1. ``csce``: Parses all known Beacon config settings to JSON, mimicing the `Malleable C2 profile `_ structure. 2. ``list-cs-settings``: Attempts to find by brute-force the associated Cobalt Strike version, and all settings/their types, of a Beacon config. This script is useful for conducting research on Beacon samples. %package help Summary: Development documents and examples for libcsce Provides: python3-libcsce-doc %description help Pure Python library and set of scripts to extract and parse configurations (configs) from `Cobalt Strike Beacons `_. The library, ``libcsce``, contains classes for building tools to work with Beacon configs. There are also two CLI scripts included that use the library to parse Beacon config data: 1. ``csce``: Parses all known Beacon config settings to JSON, mimicing the `Malleable C2 profile `_ structure. 2. ``list-cs-settings``: Attempts to find by brute-force the associated Cobalt Strike version, and all settings/their types, of a Beacon config. This script is useful for conducting research on Beacon samples. %prep %autosetup -n libcsce-0.1.0 %build %py3_build %install %py3_install install -d -m755 %{buildroot}/%{_pkgdocdir} if [ -d doc ]; then cp -arf doc %{buildroot}/%{_pkgdocdir}; fi if [ -d docs ]; then cp -arf docs %{buildroot}/%{_pkgdocdir}; fi if [ -d example ]; then cp -arf example %{buildroot}/%{_pkgdocdir}; fi if [ -d examples ]; then cp -arf examples %{buildroot}/%{_pkgdocdir}; fi pushd %{buildroot} if [ -d usr/lib ]; then find usr/lib -type f -printf "\"/%h/%f\"\n" >> filelist.lst fi if [ -d usr/lib64 ]; then find usr/lib64 -type f -printf "\"/%h/%f\"\n" >> filelist.lst fi if [ -d usr/bin ]; then find usr/bin -type f -printf "\"/%h/%f\"\n" >> filelist.lst fi if [ -d usr/sbin ]; then find usr/sbin -type f -printf "\"/%h/%f\"\n" >> filelist.lst fi touch doclist.lst if [ -d usr/share/man ]; then find usr/share/man -type f -printf "\"/%h/%f.gz\"\n" >> doclist.lst fi popd mv %{buildroot}/filelist.lst . mv %{buildroot}/doclist.lst . %files -n python3-libcsce -f filelist.lst %dir %{python3_sitelib}/* %files help -f doclist.lst %{_docdir}/* %changelog * Tue Jun 20 2023 Python_Bot - 0.1.0-1 - Package Spec generated