Customization

This chapter explains how to customize CAPE. CAPE is written in a modular architecture built to be as customizable as it can, to fit the needs of all users.

• Auxiliary Modules
  • Auxiliary Module Configuration
    • Private Auxiliary Module Configuration
• Machinery Modules
  • Configuration
  • LibVirt
• Analysis Packages
  • Getting started
    • start()
    • check()
    • execute()
    • finish()
  • Options
  • Package Configuration
    • Public Package Configuration
    • Private Package Configuration
  • Process API
    • Methods
      • Process.open()
      • Process.exit_code()
      • Process.is_alive()
      • Process.get_parent_pid()
      • Process.execute()
      • Process.resume()
      • Process.terminate()
      • Process.inject()
      • Process.dump_memory()
• Processing Modules
  • Global Container
  • Getting started
• Signatures
  • Getting Started
  • Creating your new signature
  • Evented Signatures
  • Matches
    • Signature.add_match()
    • Signature.has_matches()
  • Helpers
    • Signature.check_file()
    • Signature.check_key()
    • Signature.check_mutex()
    • Signature.check_api()
    • Signature.check_argument()
    • Signature.check_ip()
    • Signature.check_domain()
    • Signature.check_url()
  • Categories
  • Troubleshooting
    • No signatures
    • Errors/warnings in the logs
• Reporting Modules
  • Getting Started