Pre-requisites

The below requirements are needed in order to use the tool

Since this tool deals with malware files, it is strongly recommended to use a virtual machine. After installation of the tool, make sure to disconnect from the network.

Setting up your Environment

• Install and set up Python 3.6

• Clone the repository and change into the directory :

  git clone https://github.com/CyberForce/Pesidious
  cd Pesidious

• Set up and activate a virtual environment

It is recommended to use a virtual environment to avoid conflicts between packages used by different applications

• Make sure that you have pip 8.1.1 installed and set up:

  pip install pip==8.1.1

• Install the required python packages:

  pip install -r pip_requirements/requirements.txt

Now that you have set up the environment, you can either proceed with either of the following:

• Mutate Malware with sample classifier

• Download training dataset to train the models

• Setup local/remote models to use as the classifier in the tool

Get Training Dataset

The GAN and RL trained models are already available in the tool. But if you want to train your own models, you will need your own malware and benign samples.

• Malware samples can be downloaded from various sources. VirusTotal's database of malicious samples is a good source.

• Benign samples can be scraped from a clean windows environment.

Download the malware and benign samples in the following directories (Delete the existing empty files to avoid errors while training)

Data/malware #Malicious files
Data/benign #Benign Files

Make sure malware and benign samples are 32 bit PE files. Providing dataset of any other format will cause issues when running the program.

Local / Remote AI model

There is a default classifier already available in the tool that will be tested against mutated malware. If you want to test your own AI model you will need either of the following:

• File path to the local AI classifier

• URL, Username/Password, API for the remote AI classifier