Documentation
¶
Index ¶
- func CleanHash(hash string) string
- func Generate(csvPath string, gobPath string, force bool) error
- func LoadGOB(gobPath string) (*vptree.VPTree, error)
- func RunInteractive(gobPath string, radius uint16, outFormat string) error
- func RunOnce(gobPath string, hashInput string, radius uint16, outFormat string) error
- type Malware
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CleanHash ¶ added in v0.1.0
CleanHash removes the first two characters if the string starts with T and removes the newline character
func Generate ¶
Generate gets a csv path and spits out a tree gob file. force is used to overwrite the existing file
Types ¶
type Malware ¶
type Malware struct {
tlsh.TLSH `gob:"-"` // this is a custom type, so we need to ignore it
FirstSeen string
SHA256 string
MD5 string
SHA1 string
Reporter string
FileName string
FileTypeGuess string
MIMEType string
Signature string
ClamAV string
VTPercent string
ImpHash string
SSDeep string
TLSHRaw string
DistanceValue float64 // This is purely used to fill out the table/JSON when printing a Malware sample against a TLSH
}
Malware is the representation of each sample as per the abuse.ch CSV file
func (Malware) Distance ¶
Distance is a required function for Malware struct to make it a vptree interface
func (Malware) GobEncode ¶
GobEncode provides a standard GOB encoding TODO: embed the default gob encoding and ignore the TLSH field
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.