sidra-asa · sidra-asa · Oct 11, 2022 · Oct 13, 2022 · Oct 16, 2022 · Oct 19, 2022
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -35,11 +35,11 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v2
+      uses: actions/checkout@v3
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v1
+      uses: github/codeql-action/init@v2
       with:
         languages: ${{ matrix.language }}
         # If you wish to specify custom queries, you can do so here or in a config file.
@@ -50,7 +50,7 @@ jobs:
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)
     - name: Autobuild
-      uses: github/codeql-action/autobuild@v1
+      uses: github/codeql-action/autobuild@v2
 
     # ℹ️ Command-line programs to run using the OS shell.
     # 📚 https://git.io/JvXDl
@@ -64,4 +64,4 @@ jobs:
     #   make release
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1
+      uses: github/codeql-action/analyze@v2
diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml
@@ -13,6 +13,6 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
     - name: Build the Docker image
       run: docker build . --file Dockerfile --tag my-image-name:$(date +%s)
diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml
@@ -24,7 +24,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
 
       - name: Run tests
         run: |
@@ -45,7 +45,7 @@ jobs:
     if: github.event_name == 'push'
 
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
 
       - name: Build image
         run: docker build . --file Dockerfile --tag $IMAGE_NAME

diff --git a/.github/workflows/pytest.yml b/.github/workflows/pytest.yml
@@ -15,20 +15,30 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
     - name: Set up Python 3.8
-      uses: actions/setup-python@v2
+      uses: actions/setup-python@v4
       with:
         python-version: 3.8
+        # cache: 'pipenv'
+        # cache-dependency-path: |
+        #   **/Pipfile
+
+    - name: Install pipenv
+      run: |
+        python -m pip install --upgrade pipenv wheel
+
     - name: Install dependencies
       run: |
-        python -m pip install --upgrade pip
-        python -m pip install pytest rzpipe meson==0.62.0 ninja coverage ciphey frida objection
-        sudo apt-get install -y ninja-build
-
-        # Install graphviz
-        sudo apt-get -y install graphviz
-
+        pipenv install --dev --skip-lock
+        # pipenv run pip install git+https://github.com/Ciphey/Ciphey.git@aec8a74#egg=ciphey
+        # pipenv sync
+        pip install meson==0.62.0 ninja
+        # sudo apt-get install ninja-build
+
+        # Install graphviz & ninja
+        sudo apt-get -y install graphviz ninja-build
+
         # Install Rizin
         sudo git clone --branch v0.3.4 https://github.com/rizinorg/rizin /opt/rizin/
         cd /opt/rizin/
@@ -38,23 +48,14 @@ jobs:
         sudo ldconfig -v
         cd -
 
-        # Install click >= 8.0.0 for CLI supports
-        python -m pip install click==8.0.3
-
-    - name: Install Quark-Engine
-      run: |
-        python setup.py build
-        python setup.py install
-
     - name: Test with pytest
       run: |
-        python -m pip install black pytest sphinx sphinx-rtd-theme
-        python -m pip install coveralls codecov pytest-cov
-        pytest --cov=./
+        # pipenv install pytest-cov ciphey frida --skip-lock
+        pipenv run pytest --cov=. --cov-report=xml
 
     - name: Upload coverage to Codecov
-      uses: codecov/codecov-action@v1
+      uses: codecov/codecov-action@v3
       with:
         flags: unittests
         fail_ci_if_error: true
-          
+        verbose: true
diff --git a/.github/workflows/pythonpublish.yml b/.github/workflows/pythonpublish.yml
@@ -8,11 +8,12 @@ jobs:
   deploy:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v1
+    - uses: actions/checkout@v3
     - name: Set up Python
-      uses: actions/setup-python@v1
+      uses: actions/setup-python@v4
       with:
         python-version: '3.x'
+
     - name: Install dependencies
       run: |
         python -m pip install --upgrade pip

diff --git a/.github/workflows/smoke_test.yml b/.github/workflows/smoke_test.yml
@@ -26,56 +26,57 @@ jobs:
         python-version: [3.8, 3.9]
 
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
 
     - name: Set up Python
-      uses: actions/setup-python@v2
+      uses: actions/setup-python@v4
       with:
         python-version: ${{ matrix.python-version }}
 
     - name: Install dependencies
       run: |
-        python -m pip install --upgrade pip
-        python -m pip install ciphey frida objection
-        python -m pip install black pytest sphinx sphinx-rtd-theme
-
+        # python -m pip install --upgrade pip
+        # python -m pip install ciphey frida objection
+        # python -m pip install black pytest sphinx sphinx-rtd-theme
         # Install click >= 8.0.0 for CLI supports
-        python -m pip install click==8.0.3
+        # python -m pip install click==8.0.3
+        python -m pip install --upgrade pipenv wheel
+        pipenv run pip install git+https://github.com/Ciphey/Ciphey.git@aec8a74#egg=ciphey
+        pipenv sync
 
-    - run: sudo apt-get -y install graphviz
+    - run: sudo apt-get -y install graphviz ninja-build
       if: matrix.os == 'ubuntu-latest'
-    - run: brew install graphviz
+    - run: brew install graphviz ninja
       if: matrix.os == 'macOS-latest'
-    - run: choco install graphviz
+    - run: choco install graphviz ninja
       if: matrix.os == 'windows-latest'
 
-    - name: Install Quark-Engine
-      run: |
-        python setup.py build
-        python setup.py install
+    # - name: Install Quark-Engine
+    #   run: |
+    #     pipenv run python setup.py build
+    #     pipenv run python setup.py install
 
     # Download the latest rule set
     - name: Download rule from https://github.com/quark-engine/quark-rules
-      run: freshquark
+      run: pipenv run freshquark
 
     # Runs a set of commands using the quark-engine
     - name: Run a multi-line script
       run: |
-        quark --help
+        pipenv run quark --help
         git clone https://github.com/quark-engine/apk-malware-samples
-        quark -a apk-malware-samples/14d9f1a92dd984d6040cc41ed06e273e.apk -s
-        quark -a apk-malware-samples/14d9f1a92dd984d6040cc41ed06e273e.apk -d
-        quark -a apk-malware-samples/14d9f1a92dd984d6040cc41ed06e273e.apk -s -g
-        quark -a apk-malware-samples/14d9f1a92dd984d6040cc41ed06e273e.apk -d -g
-        quark -a apk-malware-samples/14d9f1a92dd984d6040cc41ed06e273e.apk -s -c
-
+        pipenv run quark -a apk-malware-samples/14d9f1a92dd984d6040cc41ed06e273e.apk -s
+        pipenv run quark -a apk-malware-samples/14d9f1a92dd984d6040cc41ed06e273e.apk -d
+        pipenv run quark -a apk-malware-samples/14d9f1a92dd984d6040cc41ed06e273e.apk -s -g
+        pipenv run quark -a apk-malware-samples/14d9f1a92dd984d6040cc41ed06e273e.apk -d -g
+        pipenv run quark -a apk-malware-samples/14d9f1a92dd984d6040cc41ed06e273e.apk -s -c
+        pipenv run quark -a apk-malware-samples/Ahmyth.apk -s -t 100
     - name: Check Accuracy
       shell: bash
       run: |
-        echo "Ahmyth_RESULT=$(quark -a apk-malware-samples/Ahmyth.apk -s -t 100 | grep 100% | wc -l | awk '{print $1}')" >> $GITHUB_ENV
-        echo "a4db_RESULT=$(quark -a apk-malware-samples/13667fe3b0ad496a0cd157f34b7e0c991d72a4db.apk -s -t 100 | grep 100% | wc -l | awk '{print $1}')" >> $GITHUB_ENV
-        echo "e273e_RESULT=$(quark -a apk-malware-samples/14d9f1a92dd984d6040cc41ed06e273e.apk -s -t 100 | grep 100% | wc -l | awk '{print $1}')" >> $GITHUB_ENV
-
+        echo "Ahmyth_RESULT=$(pipenv run quark -a apk-malware-samples/Ahmyth.apk -s -t 100 | grep 100% | wc -l | awk '{print $1}')" >> $GITHUB_ENV
+        echo "a4db_RESULT=$(pipenv run quark -a apk-malware-samples/13667fe3b0ad496a0cd157f34b7e0c991d72a4db.apk -s -t 100 | grep 100% | wc -l | awk '{print $1}')" >> $GITHUB_ENV
+        echo "e273e_RESULT=$(pipenv run quark -a apk-malware-samples/14d9f1a92dd984d6040cc41ed06e273e.apk -s -t 100 | grep 100% | wc -l | awk '{print $1}')" >> $GITHUB_ENV
     - name: Check Ahmyt Result
       shell: bash
       # This sample should have 16 behaviors with 100% confidence
@@ -85,7 +86,6 @@ jobs:
         else
           exit 1
         fi
-
     - name: Check 13667fe3b0ad496a0cd157f34b7e0c991d72a4db.apk Result
       shell: bash
       # This sample should have 11 behaviors with 100% confidence
@@ -95,7 +95,6 @@ jobs:
         else
           exit 1
         fi
-
     - name: Check 14d9f1a92dd984d6040cc41ed06e273e.apk Result
       shell: bash
       # This sample should have 15 behaviors with 100% confidence

diff --git a/Pipfile b/Pipfile
@@ -1,33 +1,19 @@
 [[source]]
-name = "pypi"
 url = "https://pypi.org/simple"
 verify_ssl = true
+name = "pypi"
+
+[packages]
+frida = "*"
+quark-engine = {editable = true, path = "."}
+click = ">=8.0.0"
 
 [dev-packages]
-black = "*"
-pytest = "*"
 sphinx = "*"
 sphinx-rtd-theme = "*"
-
-[packages]
-prettytable = "<=2.4.0"
-tqdm = "<=4.62.3"
-colorama = "<=0.4.4"
-quark-engine = {editable = true,path = "."}
-click = "<=8.0.3"
-androguard = "==3.4.0a1"
-graphviz = "<=0.18.2"
-requests = "<=2.26.0"
-pandas = "<=1.3.4"
-plotly = "<=5.4.0"
-prompt-toolkit = "==3.0.19"
-rzpipe = "<=0.1.2"
-objection = "<=1.11.0"
-frida = "<=15.2.2"
-ciphey = ">=5.0.0,<=5.14.0"
+pytest-cov = "*"
+coveralls = "*"
+codecov = "*"
 
 [requires]
 python_version = "3.8"
-
-[pipenv]
-allow_prereleases = true