Skip to content

hashlookup-forensic-analyser version 0.6 released including various bugs fixed and improved logging
Compare
Choose a tag to compare
@adulau adulau released this 24 Dec 10:22
· 50 commits to main since this release
v0.6
This tag was signed with the committer’s verified signature.
adulau Alexandre Dulaunoy
GPG key ID: 09E2CD4944E6CBCD
Learn about vigilant mode.
d6ce542
This commit was signed with the committer’s verified signature.
adulau Alexandre Dulaunoy
GPG key ID: 09E2CD4944E6CBCD
Learn about vigilant mode.

hashlookup-forensic-analyser version 0.6 released including various bugs fixed and improved logging

usage: hashlookup-analyser.py [-h] [-v] [--extended-debug] [--progress] [-d DIR] [--print-all] [--print-unknown] [--include-stats] [--format FORMAT] [--cache] [--bloomfilter BLOOMFILTER]

Analyse a forensic target to find and report files found and not found in hashlookup CIRCL public service.

optional arguments:
  -h, --help            show this help message and exit
  -v, --verbose         Verbose output
  --extended-debug      Debug file processed along with the mode and type.
  --progress            Pring progress of the file lookup on stderr.
  -d DIR, --dir DIR     Directory to analyse
  --print-all           Print all files result including known and unknown
  --print-unknown       Print all files unknown to hashlookup service
  --include-stats       Include statistics in the CSV export
  --format FORMAT       Output format (default is CSV)
  --cache               Enable local cache of known and unknown hashes in /tmp/hashlookup-forensic-analyser
  --bloomfilter BLOOMFILTER
                        Specify filename of a bloomfilter in DCSO bloomfilter format

New

  • [hashlookup] --progress option to display the number of files analysed, excluded, unknown and found in hashlookup. [Alexandre Dulaunoy]

    and a completely useless spinner added too.

    This fixes #7

Changes

  • [hashlookup] enable the spinner by default and log on stderr. [Alexandre Dulaunoy]

  • [doc] README updated with new options. [Alexandre Dulaunoy]

  • [bin] requests missing. [Alexandre Dulaunoy]

  • [import] order is important. [Alexandre Dulaunoy]

  • [workflow] long lines again. [Alexandre Dulaunoy]

  • [formatting] black -S --target-version py38 [Alexandre Dulaunoy]

  • [hashlookup] --extended-debug option added to output the filetype. [Alexandre Dulaunoy]

    only useful for debugging

  • [LICENSE] added. [Alexandre Dulaunoy]

Fix

  • [bin] typo fixed. [Alexandre Dulaunoy]

  • [hashlookup] exclude char and block device - catch incorrect fstat on size. [Alexandre Dulaunoy]

  • [chg] excluded named pipe - FIFO. [Alexandre Dulaunoy]

Assets 2
Loading