hybridanalysis

package

v0.0.0-...-53824ec Latest Latest Go to latest Published: Mar 14, 2022 License: Apache-2.0 Imports: 16 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/mpkondrashin/mstream

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func FileSHA256(filePath string) (string, error)
func GuessFileName(data *ListLatestData) string
func Sha256(filePath string) (string, error)
func Sha256ForData(data []byte) string
type Client
- func New(APIKey string) *Client
type DownloadSamples
- func NewDownloadSamples(ha *Client) *DownloadSamples
type ListLatest
type ListLatestData
type Samples
- func NewSamples(ha *Client) *Samples
type SamplesStream
- func NewSamplesStream(client *Client, sleeper *sleeper.Sleeper) *SamplesStream
- func (s *SamplesStream) GetSample() (*ListLatestData, error)
- func (s *SamplesStream) UpdateSamples() error

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	//	ErrTooBigFile    = errors.New("too big file size")
	ErrResponseError = errors.New("response error")
)

Functions ¶

func FileSHA256 ¶

func FileSHA256(filePath string) (string, error)

func GuessFileName ¶

func GuessFileName(data *ListLatestData) string

func Sha256 ¶

func Sha256(filePath string) (string, error)

func Sha256ForData ¶

func Sha256ForData(data []byte) string

Types ¶

type Client ¶

type Client struct {
	APIKey string
	// contains filtered or unexported fields
}

func New ¶

func New(APIKey string) *Client

func (*Client) DownloadGzipSample ¶

func (c *Client) DownloadGzipSample(id string) (io.ReadCloser, error)

func (*Client) DownloadSample ¶

func (c *Client) DownloadSample(id string) (io.Reader, io.Closer, error)

func (*Client) IterateFiles ¶

func (c *Client) IterateFiles(
	callback func(data *ListLatestData, path string) error,
	filter func(data *ListLatestData) bool) error

func (*Client) IterateReader ¶

func (c *Client) IterateReader(callback func(data *ListLatestData, r io.Reader) error,
	filter func(data *ListLatestData) bool) error

func (*Client) ListLatestSamples ¶

func (c *Client) ListLatestSamples() (*ListLatest, error)

func (*Client) Report ¶

func (c *Client) Report(jobID, reportType string) ([]byte, error)

func (*Client) SetUserAgent ¶

func (c *Client) SetUserAgent(userAgent string) *Client

type DownloadSamples ¶

type DownloadSamples struct {
	// contains filtered or unexported fields
}

func NewDownloadSamples ¶

func NewDownloadSamples(ha *Client) *DownloadSamples

func (*DownloadSamples) Download ¶

func (ds *DownloadSamples) Download(targetFolder string) error

func (*DownloadSamples) MatchExtension ¶

func (ds *DownloadSamples) MatchExtension(fileName string) bool

func (*DownloadSamples) SetExtension ¶

func (ds *DownloadSamples) SetExtension(keyword string) *DownloadSamples

func (*DownloadSamples) SetInclude ¶

func (ds *DownloadSamples) SetInclude(keyword string) *DownloadSamples

func (*DownloadSamples) SetSkip ¶

func (ds *DownloadSamples) SetSkip(keyword string) *DownloadSamples

func (*DownloadSamples) SetThreatLevelThreshold ¶

func (ds *DownloadSamples) SetThreatLevelThreshold(threatLevelThreshold int) *DownloadSamples

type ListLatest ¶

type ListLatest struct {
	Count  int              `json:"count"`
	Status string           `json:"status"`
	Data   []ListLatestData `json:"data"`
}

func Unbackslash(s string) string {
	var sb strings.Builder
	backslash := false
	for _, r := range s {
		if backslash {
			switch r {
			case 'a':
				sb.WriteRune('\a')
			case 'b':
				sb.WriteRune('\b')
			case '\\':
				sb.WriteRune('\\')
			case 't':
				sb.WriteRune('\t')
			case 'n':
				sb.WriteRune('\n')
			case 'f':
				sb.WriteRune('\f')
			case 'r':
				sb.WriteRune('\r')
			case 'v':
				sb.WriteRune('\v')
			case '\'':
				sb.WriteRune('\'')
			case '"':
				sb.WriteRune('"')
			}
			backslash = false
		} else {
			if r == '\\' {
				backslash = true
			} else {
				sb.WriteRune(r)
			}
		}
	}
	return sb.String()
}

type ListLatestData ¶

type ListLatestData struct {
	JobID             string   `json:"job_id"`
	Md5               string   `json:"md5"`
	Sha1              string   `json:"sha1"`
	Sha256            string   `json:"sha256"`
	Interesting       bool     `json:"interesting"`
	AnalysisStartTime string   `json:"analysis_start_time"`
	ThreatScore       int      `json:"threat_score"`
	ThreatLevel       int      `json:"threat_level"`
	ThreatLevelHuman  string   `json:"threat_level_human"`
	Unknown           bool     `json:"unknown"`
	Domains           []string `json:"domains"`
	Hosts             []string `json:"hosts"`
	HostsGeolocation  []struct {
		IP        string `json:"ip"`
		Latitude  string `json:"latitude"`
		Longitude string `json:"longitude"`
		Country   string `json:"country"`
	} `json:"hosts_geolocation"`
	EnvironmentID          int    `json:"environment_id"`
	EnvironmentDescription string `json:"environment_description"`
	SharedAnalysis         bool   `json:"shared_analysis"`
	Reliable               bool   `json:"reliable"`
	ReportURL              string `json:"report_url"`
	Processes              []struct {
		UID            string `json:"uid"`
		Name           string `json:"name"`
		NormalizedPath string `json:"normalized_path"`
		CommandLine    string `json:"command_line"`
		Sha256         string `json:"sha256"`
		Parentuid      string `json:"parentuid,omitempty"`
	} `json:"processes"`
	ExtractedFiles []struct {
		Name                    string   `json:"name"`
		FileSize                int      `json:"file_size"`
		Sha1                    string   `json:"sha1"`
		Sha256                  string   `json:"sha256"`
		Md5                     string   `json:"md5"`
		TypeTags                []string `json:"type_tags,omitempty"`
		Description             string   `json:"description"`
		RuntimeProcess          string   `json:"runtime_process"`
		ThreatLevel             int      `json:"threat_level"`
		ThreatLevelReadable     string   `json:"threat_level_readable"`
		AvMatched               int      `json:"av_matched,omitempty"`
		AvTotal                 int      `json:"av_total,omitempty"`
		FileAvailableToDownload bool     `json:"file_available_to_download"`
		FilePath                string   `json:"file_path,omitempty"`
	} `json:"extracted_files"`
	Ssdeep string `json:"ssdeep"`
}

type Samples ¶

type Samples struct {
	// contains filtered or unexported fields
}

func NewSamples ¶

func NewSamples(ha *Client) *Samples

func (*Samples) Download ¶

func (s *Samples) Download(targetFolder string, pathChan chan string) error

func (*Samples) MatchExtension ¶

func (s *Samples) MatchExtension(fileName string) bool

func (*Samples) SetExtension ¶

func (s *Samples) SetExtension(keyword string) *Samples

func (*Samples) SetInclude ¶

func (s *Samples) SetInclude(keyword string) *Samples

func (*Samples) SetSkip ¶

func (s *Samples) SetSkip(keyword string) *Samples

func (*Samples) SetThreatLevelThreshold ¶

func (s *Samples) SetThreatLevelThreshold(threatLevelThreshold int) *Samples

type SamplesStream ¶

type SamplesStream struct {
	// contains filtered or unexported fields
}

func NewSamplesStream ¶

func NewSamplesStream(client *Client, sleeper *sleeper.Sleeper) *SamplesStream

func (*SamplesStream) GetSample ¶

func (s *SamplesStream) GetSample() (*ListLatestData, error)

func (*SamplesStream) UpdateSamples ¶

func (s *SamplesStream) UpdateSamples() error

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL