Get up and running in 5 minutes.
- Docker and Docker Compose installed
- 1GB free disk space
- Port 8080 available
cd ~/tools/capa-server
# Start the service
docker-compose up -d
# Watch it start
docker-compose logs -fWait for: Application startup complete
Open your browser: http://localhost:8080
- Drag and drop a PE/ELF file onto the upload area
- Watch the "Recent Analyses" section for status
- When status changes to "completed", click "View Results"
- Download JSON for use in capa Explorer Web
# Download a test sample (benign calc.exe)
curl -L https://github.com/mandiant/capa/raw/master/tests/data/Practical%20Malware%20Analysis%20Lab%2001-01.dll_ -o test.dll
# Upload it
curl -X POST -F "file=@test.dll" http://localhost:8080/api/analyze
# Check results
./test-api.shContainer won't start?
docker-compose down
docker-compose up --buildPort 8080 in use?
# Edit docker-compose.yml
ports:
- "9000:8080" # Use port 9000 insteadAnalysis fails?
- Check file is a valid PE/ELF/shellcode
- Check logs:
docker-compose logs -f - File might be too large (default limit: 100MB)
- Read USAGE.md for API details
- Read NEXT_STEPS.md for development info
- Check PROJECT_SUMMARY.md for architecture overview
docker-compose down
# Remove data too
docker-compose down -vThat's it! You're running capa as a service.