Installation ============ The installation process for most operating systems follows the same set of steps for the most part. I prefer to keep things maintained in a python virtual environment. These install steps will guide you through setting up a virtual environment for each OS which you may skip if you don't want. OS X ----- Virtualenv Setup ^^^^^^^^^^^^^^^^ Before You Begin ++++++++++++++++ First up, you'll need Xcode. You can find it in the app store, but it's huge (like 4GB) so it'll take a while to download. Once you have it, install the command line tools with :: xcode-select --install Once Xcode is all taken care of, get homebrew :: ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)" You should already have python, but if you'd like a different version, you may install one from brew. Setting up the Virtualenv +++++++++++++++++++++++++ :: pip install virtualenv pip install virtualenvwrapper echo 'export WORKON_HOME="$HOME/.virtualenvs"' >> ~/.bash_profile echo 'source $(which virtualenvwrapper.sh)' >> ~/.bash_profile source ~/.bash_profile Now you will have a bunch of bash helper functions for using/managing virtual environments. The one's you will use most are: :: mkvirtualenv # creates a new virtual env rmvirtualenv # deletes a virtual env mktmpenv # creates a virtual env that is deleted when `deactivate` is run workon # sets the current virtual env deactivate # unsets the current virtual env Setting up ThreatShell ++++++++++++++++++++++ Installing the requirements for ThreatShell is as simple as :: python setup.py install You can run tests with :: python setup.py test # or with coverage included like so python setup.py test --pytest-args="--cov=threatshell" To begin using it :: python threatshell.py Running ThreatShell for the first time will trigger some setup/configuration prompts. Just follow along and you'll be hunting in no time. Readline Caveat! ++++++++++++++++ OS X doesn't ship with libreadline. Instead, you get libedit which kinda sucks. The main issue with libedit is that it doesn't honor the libreadline escape characters, therefore, it will fail to properly read the shell line with its color sequences, and scrolling through history causes buggy command display issues. This can be solved by simply using `easy_install` to install readline, or by using brew to install the GNU readline and force linking it in. I recommend just using the `easy_install readline`. You will know when you have the right readline library working because Threatshell won't complain about libedit being detected ;)