vxcage-jobs

Asyncronious workers for vxcage (mongodb-flavour) that performs metadata extraction and analysis.

job-basename.py Removes all path information for the sample name.

job-exif.py Extracts EXIF-data from the file using the exiftool.

job-filemagic.py Extracts the file magic identifyers.

job-hashes.py Hashes the file into several popular hash formats (sha1, sha256, sha512, ssdeep). MD5 hashing is naitive to MongoDB/GridFS. pydeep is installed seperatly.

job-pdf.py Extract PDF metadata from PDF-files. Uses PDFiD by Didier Stevens.

job-pe.py Extracts PE header information from executables, including PEiD. Uses PEFile / PEUtils from Ero Carrera (included).

job-strings.py Extracts all (unique) strings from a binary.

job-virustotal.py Performs a VirusTotal lookup of the analyzed sample. Uses the requests library (installed seperatly)

job-yara.py Analyze the sample using YARA (http://plusvic.github.io/yara/). Yara and yara-python is installed seperatly.

Name		Name	Last commit message	Last commit date
Latest commit History 14 Commits
ordlookup		ordlookup
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
job-basename.py		job-basename.py
job-exif.py		job-exif.py
job-filemagic.py		job-filemagic.py
job-hashes.py		job-hashes.py
job-pdf.py		job-pdf.py
job-pe.py		job-pe.py
job-strings.py		job-strings.py
job-virustotal.py		job-virustotal.py
job-yara.py		job-yara.py
pdfid.py		pdfid.py
pefile.py		pefile.py
peutils.py		peutils.py
userdb.txt		userdb.txt
utils.py		utils.py
vxcage.conf.sample		vxcage.conf.sample

License

acochenour/vxcage-jobs

Folders and files

Latest commit

History

Repository files navigation

vxcage-jobs

About

Resources

License

Stars

Watchers

Forks

Languages