gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2026-01-08 03:11:05 -08:00
Code Issues Packages Projects Releases Wiki Activity

add explanation to documentation about bypassing gatekeeper

Browse Source
This commit is contained in:
Jordan Wiens
2020-07-17 14:41:17 -04:00
parent bd2303d3a7
commit 2a7d4e7fca
2 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
doc/img/approve.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 103 KiB

6
doc/installation.md
View File

@@ -8,6 +8,12 @@ We use PyInstaller to create these packages.
The capa [README](../README.md#download) also links to nightly builds of standalone binaries from the latest development branch.
### MacOS Standalone installation
By default, on MacOS Catalina or greater, Gatekeeper will block execution of the standalone binary. To resolve this, simply try to execute it once on the command-line and then go to `System Preferences` / `Security & Privacy` / `General` and approve the application:
![approve dialog](img/approve.png)
## Method 2: Using capa as a Python library
To install capa as a Python library, you'll need to install a few dependencies, and then use `pip` to fetch the capa module.
Note: this technique doesn't pull the default rule set, so you should check it out separately from [capa-rules](https://github.com/fireeye/capa-rules/) and pass the directory to the entrypoint using `-r`.