<p align="center">
<a href="https://www.blackhat.com/asia-24/arsenal/schedule/index.html#quark-script---dig-vulnerabilities-in-the-blackbox-37549">
<img alt="Black Hat Arsenal" src="https://img.shields.io/badge/Black%20Hat%20Arsenal-Asia%202024-blue">
</a>
<a href="https://www.blackhat.com/asia-21/arsenal/schedule/index.html#quark-engine-storyteller-of-android-malware-22458">
<img alt="Black Hat Arsenal" src="https://img.shields.io/badge/Black%20Hat%20Arsenal-Asia%202021-blue">
</a>
<a href="https://conference.hitb.org/hitb-lockdown002/sessions/quark-engine-an-obfuscation-neglect-android-malware-scoring-system/">
<img alt="HITB" src="https://img.shields.io/badge/HITB-Lockdown%20002-red">
</a>
<a href="https://www.youtube.com/watch?v=XK-yqHPnsvc&ab_channel=DEFCONConference">
<img alt="defcon" src="https://img.shields.io/badge/DEFCON%2028-BTV-blue">
</a><br>
<a href="https://github.com/quark-engine/quark-engine/actions/workflows/pytest.yml">
<img alt="build status" src="https://github.com/quark-engine/quark-engine/actions/workflows/pytest.yml/badge.svg">
</a>
<a href="https://codecov.io/gh/quark-engine/quark-engine">
<img alt="codecov" src="https://codecov.io/gh/quark-engine/quark-engine/branch/master/graph/badge.svg">
</a>
<a href="https://github.com/18z/quark-rules/blob/master/LICENSE">
<img alt="license" src="https://img.shields.io/badge/License-GPLv3-blue.svg">
</a>
<a href="https://www.python.org/downloads/release/python-31015/">
<img alt="python version" src="https://img.shields.io/badge/python-3.10-blue.svg">
</a>
<a href="https://pypi.org/project/quark-engine/">
<img alt="PyPi Download" src="https://pepy.tech/badge/quark-engine">
</a><br>
<a href="https://twitter.com/quarkengine">
<img alt="Twitter" src="https://img.shields.io/twitter/follow/quarkengine?style=social">
</a><br>
<img src="https://i.imgur.com/8GwkWei.png"/>
</p>
# New Features Coming Soon to Quark Agent
<img width="1507" alt="Screenshot 2024-09-26 at 2 41 52 PM" src="https://github.com/user-attachments/assets/b6c3c1bf-aa6a-40e3-aebb-7f1ec375d3d5">
We are currently focused on:
- The next step of the detection process for auto-suggestion.
- Effortlessly create detection workflows with natural language—no coding required.
- Easily adjust and refine workflows through an intuitive drag-and-drop interface.
- Instantly update and integrate changes as Quark Agent understands and adapts to workflow modifications.
We are committed to providing an intuitive and user-friendly experience, enabling users to design detection workflows seamlessly through both textual and visual methods.
Many features are still under development and fine-tuning, and we will roll them out step by step as they become ready.
If you have any suggestions, please don’t hesitate to share them with us!
To stay updated with the latest news, make sure to watch our GitHub repository and follow us on [X (Twitter)](https://twitter.com/quarkengine).
# Quark Agent - Your AI-powered Android APK Analyst
With Quark Agent, you can perform analyses using only natural language. It creates Quark Script code following your ideas and adjusts the code promptly as you provide feedback.
# Showcase:
Here’s a demonstration of using Quark Agent to detect the CWE-798 vulnerability in the ovaa.apk file.
### Step 1: Environments Requirements
* Make sure your Python version is 3.10 or above.
### Step 2: Install Quark Agent
* Install Quark Agent by running:
```bash
git clone https://github.com/quark-engine/quark-engine.git && cd quark-engine
pip install .[QuarkAgent]
```
### Step 3: Prepare the Detection Rule and the Sample File
```bash
.
├── ...
├── quark
├── ...
├── agent # Put rule file and sample file here
├── ...
```
You can download the **rule file** [here](https://github.com/quark-engine/quark-script/blob/main/constructCryptoGraphicKey.json) and the **sample file** [here](https://github.com/oversecured/ovaa).
### Step 4: Add your OpenAI API key
Add your OpenAI API key in `quarkAgentWeb.py`
```python
os.environ["OPENAI_API_KEY"] = 'your-api-key-here'
```
### Step 5: Run Quark Agent
```bash
$ cd quark/agent
$ python3 quarkAgentWeb.py
# You can now chat with Quark Agent in your browser.
# The default URL is http://127.0.0.1:5000
```
Open a browser and navigate to `127.0.0.1:5000` to start using Quark Agent
See more CWE detections using [quark scripts](https://quark-engine.readthedocs.io/en/latest/quark_script.html) and play them with Quark Agent !
# Acknowledgments
### The Honeynet Project
<a href="https://www.honeynet.org"> <img style="border: 0.2px solid black" width=115 height=150 src="https://i.imgur.com/znu7cMJ.png" alt="Honeynet.org logo"> </a>
### Google Summer Of Code
Quark-Engine has been participating in the GSoC under the Honeynet Project!
* 2021:
* [YuShiang Dang](https://twitter.com/YushianhD): [New Rule Generation Technique & Make Quark Everywhere Among Security Open Source Projects](https://quark-engine.github.io/2021/08/17/GSoC-2021-YuShiangDang/)
* [Sheng-Feng Lu](https://twitter.com/haeter525): [Replace the core library of Quark-Engine](https://quark-engine.github.io/2021/08/17/GSoC-2021-ShengFengLu/)
Stay tuned for the upcoming GSoC! Join the [Honeynet Slack chat](https://gsoc-slack.honeynet.org/) for more info.
# Core Values of Quark Engine Team
* We love **battle fields**. We embrace **uncertainties**. We challenge **impossibles**. We **rethink** everything. We change the way people think. And the most important of all, we benefit ourselves by benefit others **first**.
Raw data
{
"_id": null,
"home_page": "https://github.com/quark-engine/quark-engine",
"name": "quark-engine",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.10",
"maintainer_email": null,
"keywords": null,
"author": "YuShiang Dang, ShengFeng Lu, KunYu Chen",
"author_email": "pulorsok@gmail.com",
"download_url": "https://files.pythonhosted.org/packages/f0/7b/4ce65cc69380f0e49c9790f280872404543296f4bd1b169908f554f18988/quark_engine-24.12.1.tar.gz",
"platform": null,
"description": "<p align=\"center\">\n <a href=\"https://www.blackhat.com/asia-24/arsenal/schedule/index.html#quark-script---dig-vulnerabilities-in-the-blackbox-37549\">\n <img alt=\"Black Hat Arsenal\" src=\"https://img.shields.io/badge/Black%20Hat%20Arsenal-Asia%202024-blue\">\n </a>\n <a href=\"https://www.blackhat.com/asia-21/arsenal/schedule/index.html#quark-engine-storyteller-of-android-malware-22458\">\n <img alt=\"Black Hat Arsenal\" src=\"https://img.shields.io/badge/Black%20Hat%20Arsenal-Asia%202021-blue\">\n </a>\n <a href=\"https://conference.hitb.org/hitb-lockdown002/sessions/quark-engine-an-obfuscation-neglect-android-malware-scoring-system/\">\n <img alt=\"HITB\" src=\"https://img.shields.io/badge/HITB-Lockdown%20002-red\">\n </a>\n <a href=\"https://www.youtube.com/watch?v=XK-yqHPnsvc&ab_channel=DEFCONConference\">\n <img alt=\"defcon\" src=\"https://img.shields.io/badge/DEFCON%2028-BTV-blue\">\n </a><br>\n <a href=\"https://github.com/quark-engine/quark-engine/actions/workflows/pytest.yml\">\n <img alt=\"build status\" src=\"https://github.com/quark-engine/quark-engine/actions/workflows/pytest.yml/badge.svg\">\n </a>\n <a href=\"https://codecov.io/gh/quark-engine/quark-engine\">\n <img alt=\"codecov\" src=\"https://codecov.io/gh/quark-engine/quark-engine/branch/master/graph/badge.svg\">\n </a>\n <a href=\"https://github.com/18z/quark-rules/blob/master/LICENSE\">\n <img alt=\"license\" src=\"https://img.shields.io/badge/License-GPLv3-blue.svg\">\n </a>\n <a href=\"https://www.python.org/downloads/release/python-31015/\">\n <img alt=\"python version\" src=\"https://img.shields.io/badge/python-3.10-blue.svg\">\n </a>\n <a href=\"https://pypi.org/project/quark-engine/\">\n <img alt=\"PyPi Download\" src=\"https://pepy.tech/badge/quark-engine\">\n </a><br>\n <a href=\"https://twitter.com/quarkengine\">\n <img alt=\"Twitter\" src=\"https://img.shields.io/twitter/follow/quarkengine?style=social\">\n </a><br>\n <img src=\"https://i.imgur.com/8GwkWei.png\"/>\n</p>\n\n# New Features Coming Soon to Quark Agent\n\n\n\n\n\n\n<img width=\"1507\" alt=\"Screenshot 2024-09-26 at 2 41 52\u202fPM\" src=\"https://github.com/user-attachments/assets/b6c3c1bf-aa6a-40e3-aebb-7f1ec375d3d5\">\n\nWe are currently focused on:\n\n- The next step of the detection process for auto-suggestion.\n- Effortlessly create detection workflows with natural language\u2014no coding required.\n- Easily adjust and refine workflows through an intuitive drag-and-drop interface.\n- Instantly update and integrate changes as Quark Agent understands and adapts to workflow modifications.\n\nWe are committed to providing an intuitive and user-friendly experience, enabling users to design detection workflows seamlessly through both textual and visual methods. \n\nMany features are still under development and fine-tuning, and we will roll them out step by step as they become ready.\n\nIf you have any suggestions, please don\u2019t hesitate to share them with us!\n\nTo stay updated with the latest news, make sure to watch our GitHub repository and follow us on [X (Twitter)](https://twitter.com/quarkengine).\n\n# Quark Agent - Your AI-powered Android APK Analyst\n\n\n\nWith Quark Agent, you can perform analyses using only natural language. It creates Quark Script code following your ideas and adjusts the code promptly as you provide feedback.\n\n# Showcase:\n\nHere\u2019s a demonstration of using Quark Agent to detect the CWE-798 vulnerability in the ovaa.apk file.\n\n### Step 1: Environments Requirements\n\n* Make sure your Python version is 3.10 or above.\n\n### Step 2: Install Quark Agent\n\n* Install Quark Agent by running:\n\n```bash\ngit clone https://github.com/quark-engine/quark-engine.git && cd quark-engine\npip install .[QuarkAgent]\n```\n\n### Step 3: Prepare the Detection Rule and the Sample File\n\n```bash\n.\n\u251c\u2500\u2500 ...\n\u251c\u2500\u2500 quark \n \u251c\u2500\u2500 ... \n \u251c\u2500\u2500 agent # Put rule file and sample file here\n \u251c\u2500\u2500 ... \n```\n\nYou can download the **rule file** [here](https://github.com/quark-engine/quark-script/blob/main/constructCryptoGraphicKey.json) and the **sample file** [here](https://github.com/oversecured/ovaa).\n\n### Step 4: Add your OpenAI API key\n\nAdd your OpenAI API key in `quarkAgentWeb.py`\n\n```python\nos.environ[\"OPENAI_API_KEY\"] = 'your-api-key-here'\n```\n\n### Step 5: Run Quark Agent\n\n```bash\n$ cd quark/agent\n$ python3 quarkAgentWeb.py\n\n# You can now chat with Quark Agent in your browser. \n# The default URL is http://127.0.0.1:5000\n```\n\nOpen a browser and navigate to `127.0.0.1:5000` to start using Quark Agent\n\nSee more CWE detections using [quark scripts](https://quark-engine.readthedocs.io/en/latest/quark_script.html) and play them with Quark Agent !\n\n# Acknowledgments\n\n### The Honeynet Project\n\n<a href=\"https://www.honeynet.org\"> <img style=\"border: 0.2px solid black\" width=115 height=150 src=\"https://i.imgur.com/znu7cMJ.png\" alt=\"Honeynet.org logo\"> </a>\n\n### Google Summer Of Code\n\nQuark-Engine has been participating in the GSoC under the Honeynet Project!\n\n* 2021:\n * [YuShiang Dang](https://twitter.com/YushianhD): [New Rule Generation Technique & Make Quark Everywhere Among Security Open Source Projects](https://quark-engine.github.io/2021/08/17/GSoC-2021-YuShiangDang/)\n * [Sheng-Feng Lu](https://twitter.com/haeter525): [Replace the core library of Quark-Engine](https://quark-engine.github.io/2021/08/17/GSoC-2021-ShengFengLu/)\n\nStay tuned for the upcoming GSoC! Join the [Honeynet Slack chat](https://gsoc-slack.honeynet.org/) for more info.\n\n# Core Values of Quark Engine Team\n\n* We love **battle fields**. We embrace **uncertainties**. We challenge **impossibles**. We **rethink** everything. We change the way people think. And the most important of all, we benefit ourselves by benefit others **first**.\n",
"bugtrack_url": null,
"license": null,
"summary": "An Obfuscation-Neglect Android Malware Scoring System",
"version": "24.12.1",
"project_urls": {
"Homepage": "https://github.com/quark-engine/quark-engine"
},
"split_keywords": [],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "97461ad1b6e9f6dc7b454f12f2edbcb64986e89fb454b3fffd887cca0787e566",
"md5": "e1f6af7b91b3a1c4ba2f7ce71ab93080",
"sha256": "c3842a31693690b49352804223914da453ecd5442928c0ea495893ce83138073"
},
"downloads": -1,
"filename": "quark_engine-24.12.1-py3-none-any.whl",
"has_sig": false,
"md5_digest": "e1f6af7b91b3a1c4ba2f7ce71ab93080",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.10",
"size": 109495,
"upload_time": "2024-12-03T05:22:20",
"upload_time_iso_8601": "2024-12-03T05:22:20.211550Z",
"url": "https://files.pythonhosted.org/packages/97/46/1ad1b6e9f6dc7b454f12f2edbcb64986e89fb454b3fffd887cca0787e566/quark_engine-24.12.1-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "f07b4ce65cc69380f0e49c9790f280872404543296f4bd1b169908f554f18988",
"md5": "4db10aef2455624b69556635dceeed9d",
"sha256": "0fd6d9883cf6f8e0557ff6041999cf8d7e861d895abb6c6e06d4598ec6aca75d"
},
"downloads": -1,
"filename": "quark_engine-24.12.1.tar.gz",
"has_sig": false,
"md5_digest": "4db10aef2455624b69556635dceeed9d",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.10",
"size": 90172,
"upload_time": "2024-12-03T05:22:21",
"upload_time_iso_8601": "2024-12-03T05:22:21.992775Z",
"url": "https://files.pythonhosted.org/packages/f0/7b/4ce65cc69380f0e49c9790f280872404543296f4bd1b169908f554f18988/quark_engine-24.12.1.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-12-03 05:22:21",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "quark-engine",
"github_project": "quark-engine",
"travis_ci": true,
"coveralls": false,
"github_actions": true,
"lcname": "quark-engine"
}
JSON
