def report_markdown(self, json):
output = md.h4('General')
output += md.paragraph(md.bold('Score: ') + str(json['score']))
output += md.cr()
output += md.paragraph(md.bold('Platform: ') + json['platform'])
output += md.h4('Analysis')
output += md.table_header(('Category', 'Started', 'Ended', 'Duration'))
output += md.table_row(
(json['analysis']['category'], str(json['analysis']['started']),
str(json['analysis']['ended']),
str(json['analysis']['duration'])))
output += md.h4('Machines')
output += md.table_header(('Name', 'Manager'))
output += md.table_row(
(json['machine']['name'], json['machine']['manager']))
output += md.h4('Signatures')
output += md.table_header(('Severity', 'Description'))
for s in json['signatures']:
if s['severity'] > 2:
output += md.table_row(
('%red ' + str(s['severity']) + ' %', s['description']))
elif s['severity'] > 1:
output += md.table_row(
('%orange ' + str(s['severity']) + ' %', s['description']))
else:
output += md.table_row(
('%blue ' + str(s['severity']) + ' %', s['description']))
return output
def fuzzy_search_markdown(json):
output = md.table_header(('File Name', 'SHA256', 'Match (%)'))
count = 0
for j in json:
output += md.table_row(
(md.url(str(j[0]),
'samples/' + str(j[1])), str(j[1]), str(j[3])))
count += 1
if count:
output += md.paragraph(md.bold('Hits:') + str(count))
else:
output += md.table_row(('-', '-', '-'))
output += md.paragraph(md.bold('Hits:') + '0')
return output
def test_paragraph():
"""
Test paragraph function
"""
output = md.paragraph('abcd')
assert output == 'abcd\r\n'
def results_markdown(self, json):
"""
Convert the JSON result data to Markdown.
"""
output = md.h2('General Information')
output += md.paragraph('SHA256 hash: ' + str(json['sha256_hash']))
output += md.paragraph('SHA1 hash: ' + str(json['sha1_hash']))
output += md.paragraph('MD5 hash: ' + str(json['md5_hash']))
output += md.paragraph('File name: ' + str(json['file_name']))
output += md.paragraph('Signature: ' + str(json['signature']))
output += md.paragraph('File size: ' + str(json['file_size']) +
" bytes")
output += md.paragraph('First seen: ' + str(json['first_seen']))
output += md.paragraph('Last seen: ' + str(json['last_seen']))
output += md.paragraph('File type: ' + str(json['file_type']))
output += md.paragraph('MIME type: ' + str(json['file_type_mime']))
output += md.paragraph('imphash: ' + str(json['imphash']))
output += md.paragraph('ssdeep: ' + str(json['ssdeep']))
output += md.paragraph('Delivery Method: ' +
str(json['delivery_method']))
if str(json['reporter']) == "anonymous":
reporter = "*Anonymous*"
else:
reporter = "[@"
reporter += str(json['reporter'])
reporter += "](https://twitter.com/"
reporter += str(json['reporter'])
reporter += ")"
output += md.paragraph('Reporter: ' + reporter)
output += md.h2('Intelligence')
output += md.paragraph('ClamAV: ' +
str(json['intelligence']['clamav']))
output += md.paragraph('Number of downloads: ' +
str(json['intelligence']['downloads']))
output += md.paragraph('Number of uploads: ' +
str(json['intelligence']['uploads']))
output += md.paragraph('Mail intelligence: ' +
str(json['intelligence']['mail']))
output += md.h2('File Information')
if json['file_information']:
for fileinfo in json['file_information']:
output += md.paragraph('Contect: ' + str(fileinfo['context']))
output += md.paragraph('Value: ' + str(fileinfo['value']))
comment = str(json['comment']).replace('\r', '').replace('\n', '<br>')
output += md.paragraph('Comment: ')
output += md.paragraph(comment)
taglist = ''
if not json['tags']:
taglist = 'None '
else:
for tag in json['tags']:
taglist += tag + ','
output += md.paragraph('Tags: ' + taglist[:-1])
return output