Documentation ¶
Index ¶
- func CleanHash(hash string) string
- func Generate(csvPath string, gobPath string, force bool) error
- func LoadGOB(gobPath string) (*vptree.VPTree, error)
- func RunInteractive(gobPath string, radius uint16, outFormat string) error
- func RunOnce(gobPath string, hashInput string, radius uint16, outFormat string) error
- type Malware
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CleanHash ¶ added in v0.1.0
CleanHash removes the first two characters if the string starts with T and removes the newline character
func Generate ¶
Generate gets a csv path and spits out a tree gob file. force is used to overwrite the existing file
Types ¶
type Malware ¶
type Malware struct { tlsh.TLSH `gob:"-"` // this is a custom type, so we need to ignore it FirstSeen string SHA256 string MD5 string SHA1 string Reporter string FileName string FileTypeGuess string MIMEType string Signature string ClamAV string VTPercent string ImpHash string SSDeep string TLSHRaw string DistanceValue float64 // This is purely used to fill out the table/JSON when printing a Malware sample against a TLSH }
Malware is the representation of each sample as per the abuse.ch CSV file
func (Malware) Distance ¶
Distance is a required function for Malware struct to make it a vptree interface
func (Malware) GobEncode ¶
GobEncode provides a standard GOB encoding TODO: embed the default gob encoding and ignore the TLSH field
Click to show internal directories.
Click to hide internal directories.