Dyana is a sandbox environment using Docker and Tracee for loading, running and profiling a wide range of files, including machine learning models, ELF executables, Pickle serialized files, Javascripts and more. It provides detailed insights into GPU memory usage, filesystem interactions, network requests, and security related events.
- Python 3.10+ with PIP.
- Docker
- Optional: a GNU/Linux machine with CUDA and the nvidia-ctk runtime for GPU memory profiling support.
Install with:
pip install dyanaTo upgrade to the latest version, run:
pip install --upgrade dyanaTo uninstall, run:
pip uninstall dyanaShow a list of available loaders with:
dyana loadersShow the help menu for a specific loader with:
dyana help automodelCreate a trace file for a given loader with:
dyana trace --loader automodel ... --output trace.jsonTo save artifacts from the container, you can pass the --save flag:
dyana trace --loader pip --package botocore --save /usr/local/bin/jp.py --save-to ./artifactsIt is possible to override the default events that Dyana will trace by passing a custom policy to the tracer with:
dyana trace --loader automodel ... --policy examples/network_only_policy.ymlShow a summary of the trace file with:
dyana summary --trace-path trace.jsonDyana does not allow network access by default to the loader container. If you need to allow it, you can pass the --allow-network flag:
dyana trace ... --allow-networkDyana uses a shared volume to pass your files to the loader and by default it does not allow writing to it. If you need to allow it, you can pass the --allow-volume-write flag:
dyana trace ... --allow-volume-writeDyana provides a set of loaders for different types of files, each loader has a dedicated set of arguments and will be executed in an isolated, offline by default container. Refer to the documentation for more information.
Dyana is released under the MIT license. Tracee is released under the Apache 2.0 license.
