GRREAT is a tool written in Python that will integrate with Google GRR. It will allow the user to hash the contents of a box with a piecewise algorithm and store the hashes. The user could later hash the contents again to determine what has been changed and the extent of those changes.
The discussion for the integration of this feature in GRR is on the dev forum.
In order to utilize this tool, the user will need to download and install a few dependancies:
GRR (for GRR Rapid Response) is an incident response framework focused on remote live forensics. The AsciiDoc documentation is hosted in a separate repository. GRR uses the Google Python Style conventions.
Two Python wrappers for ssdeep already exist -- used for reference:
- python-ssdeep - LGPLv3
- pyssdeep - BSD New
- Paul Chaignon <paul.chaignon@gmail.com>
- Kirstie Failey <klf9481@rit.edu>
- Andrea Siebert <ans9281@rit.edu>