Viper is a binary analysis and management framework. Its fundamental objective is to provide a solution to easily organize your collection of malware and exploit samples as well as your collection of scripts you created or found over the time to facilitate your daily research.
Viper is written in Python and it requires Python 2.7 to function properly. In this documentation, we will use Debian GNU/Linux based distributions, such as Ubuntu, as a reference platform. The following installation instructions should apply similarly to other distributions and possibly to Mac OS X as well, although it has not been properly tested.
Before proceeding, you should make sure you have the basic tools installed to be able to compile additional Python extensions:
$ sudo apt-get install gcc python-dev python-pip
In order to have support for certain modules, you will need to install the following dependencies too before proceeding:
$ sudo apt-get install libssl-dev swig
Viper makes use of a number of Python library for its core functioning, which can be installed with the command:
$ sudo pip install SQLAlchemy PrettyTable python-magic
In addition, you should install ssdeep with pydeep. After you downloaded the source code for ssdeep from the official website, proceed with the following:
Viper can retrieve files remotely through Tor if you’re interested in such feature you should install SocksiPy:
$ sudo apt-get install python-socksipy
You will also clearly need a running Tor daemon, refer to the official website for setup instructions.