GRREAT

GRREAT is a tool written in Python that will integrate with Google GRR. It will allow the user to hash the contents of a box with a piecewise algorithm and store the hashes. The user could later hash the contents again to determine what has been changed and the extent of those changes.

The discussion for the integration of this feature in GRR is on the dev forum.

Using GRREAT

In order to utilize this tool, the user will need to download and install a few dependancies:

GRR

GRR (for GRR Rapid Response) is an incident response framework focused on remote live forensics. The AsciiDoc documentation is hosted in a separate repository. GRR uses the Google Python Style conventions.

Piecewise hashing in Python

Two Python wrappers for ssdeep already exist -- used for reference:

python-ssdeep - LGPLv3
pyssdeep - BSD New

Contributors

Paul Chaignon <paul.chaignon@gmail.com>
Kirstie Failey <klf9481@rit.edu>
Andrea Siebert <ans9281@rit.edu>

Name		Name	Last commit message	Last commit date
Latest commit History 35 Commits
GRREAT		GRREAT
artifacts		artifacts
binaries		binaries
client		client
config		config
docs		docs
endtoend_tests		endtoend_tests
executables		executables
gui		gui
keys/test		keys/test
lib		lib
parsers		parsers
proto		proto
scripts		scripts
server		server
test_data		test_data
tools		tools
worker		worker
ACKNOWLEDGEMENTS		ACKNOWLEDGEMENTS
AUTHORS		AUTHORS
LICENSE		LICENSE
README		README
README.md		README.md
__init__.py		__init__.py
run_tests.py		run_tests.py
setup.py		setup.py
setup_test.py		setup_test.py

License

ForensicTools/GRREAT-475_2141-Chaigon-Failey-Siebert

Folders and files

Latest commit

History

Repository files navigation

GRREAT

Using GRREAT

GRR

Piecewise hashing in Python

Contributors

About

Resources

License

Stars

Watchers

Forks

Languages