def report_markdown(self, json):
output = md.h4('General')
output += md.paragraph(md.bold('Score: ') + str(json['score']))
output += md.cr()
output += md.paragraph(md.bold('Platform: ') + json['platform'])
output += md.h4('Analysis')
output += md.table_header(('Category', 'Started', 'Ended', 'Duration'))
output += md.table_row(
(json['analysis']['category'], str(json['analysis']['started']),
str(json['analysis']['ended']),
str(json['analysis']['duration'])))
output += md.h4('Machines')
output += md.table_header(('Name', 'Manager'))
output += md.table_row(
(json['machine']['name'], json['machine']['manager']))
output += md.h4('Signatures')
output += md.table_header(('Severity', 'Description'))
for s in json['signatures']:
if s['severity'] > 2:
output += md.table_row(
('%red ' + str(s['severity']) + ' %', s['description']))
elif s['severity'] > 1:
output += md.table_row(
('%orange ' + str(s['severity']) + ' %', s['description']))
else:
output += md.table_row(
('%blue ' + str(s['severity']) + ' %', s['description']))
return output
def fuzzy_search_markdown(json):
output = md.table_header(('File Name', 'SHA256', 'Match (%)'))
count = 0
for j in json:
output += md.table_row(
(md.url(str(j[0]),
'samples/' + str(j[1])), str(j[1]), str(j[3])))
count += 1
if count:
output += md.paragraph(md.bold('Hits:') + str(count))
else:
output += md.table_row(('-', '-', '-'))
output += md.paragraph(md.bold('Hits:') + '0')
return output
def test_bold():
"""
Test bold function
"""
output = md.bold('abcd')
assert output == '** abcd **'
def functions_markdown(self, json):
output = md.h3('Exports')
output += md.table_header(('Virtual Address', 'Size', 'Type', 'Name'))
if not json['exports']:
output += md.table_row(('-', '-', '-', '-'))
else:
for row in json['exports']:
output += md.table_row(
('0x%08x' % row['vaddr'], '%u' % row['size'], row['type'],
md.bold(row['name'])))
output += md.newline()
output += md.h3('Functions')
output += md.table_header(('Address Range', 'Offset', 'Size', 'Name'))
if not json['functions']:
output += md.table_row(('-', '-', '-'))
else:
for row in json['functions']:
output += md.table_row(
(md.bold(row['address_range']), '0x%08x' % row['offset'],
'%u' % row['size'], row['name']))
return output
def scan_markdown(self, json):
output = md.table_header(
['File', 'Rule', 'String', 'Offset', 'Description', 'Author'])
for r in json: # pylint: disable=invalid-name
output += md.table_row([
md.sanitize(r['file']),
md.bold(md.sanitize(r['rule'])),
md.code(md.sanitize(r['hits'][0]['hit']), inline=True)
if r['hits'] else '',
md.code(md.sanitize(r['hits'][0]['offset']), inline=True)
if r['hits'] else '',
md.sanitize(r['description']),
md.sanitize(r['author'])
])
for hit in r['hits'][1:]:
output += md.table_row(
('', '', md.code(md.sanitize(hit['hit']), inline=True),
md.code(md.sanitize(hit['offset']), inline=True), '', ''))
if not json:
output += md.table_row(('-', '-', '-', '-', '-'))
return output