Skip to content

User Guide

Jump to bottom
Luke Lyon edited this page May 19, 2020 · 34 revisions

Carbon Black Cloud Binary Toolkit User Guide

Who is this for?

Those who want to get up and running with the built-in functionality provided with the Toolkit. This includes how to use the example YARA Analysis Engine, as well as details of the built-in SQLite State Management database, and other components.

Where do I go if I have questions?

Review the troubleshooting section if something isn't working as expected. If you want to modify the Toolkit, see the Developer Guide.

In what order should I follow the guide?

Generally,

  1. Configure API Access
  2. Edit your configuration file
  3. Configure YARA rules (optional)
  4. Run the analysis utility

Pages

Assumptions

  1. The Toolkit has been installed via pip

pip install cbc-binary-toolkit

  1. You have configured a Carbon Black API Key

  2. You have read the README and installed the requirements via pip

  3. The built-in examples are being used for execution, including the Analysis Utility, Built-in State Management Database, and YARA Analysis Engine.

Copyright © 2020 VMware Inc., All Rights Reserved.

Information here is current as of Carbon Black Cloud Binary Toolkit 1.0.0

CBC Binary Toolkit

Clone this wiki locally