Reference#
defensive_file_scanner.create_file#
Generate a test file with dummy bytes and optional bloat to simulate malware.
main(filepath, start=1000, bloat=1000, end=0)
#
Write a file with random bits as the 'program' and optional bloat.
Source code in defensive_file_scanner/create_file.py
random_bytes(length=1000)
#
Generate random bytes in hex format.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
length |
int
|
Length of random hex digits. |
1000
|
Returns:
Name | Type | Description |
---|---|---|
bytes |
bytes
|
A byte string of hex digits of a given length. |
Source code in defensive_file_scanner/create_file.py
repeat_function(func, *args, repeats=1000, **kwargs)
#
Run a function n times with given argument and keyword arguments.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
func |
Callable[[...], ...]
|
Function to run. |
required |
*args |
Any
|
Positional arguments for the function. |
()
|
repeats |
int
|
Number of times to repeat the function call. |
1000
|
**kwargs |
Any
|
Keyword arguments for the function. |
{}
|
Returns:
Name | Type | Description |
---|---|---|
Generator |
Generator
|
With for the function to be called n number of times. |
Yields:
Name | Type | Description |
---|---|---|
Any |
Generator
|
Result from the function call. |
Source code in defensive_file_scanner/create_file.py
write_file(path, program_start=100000, bloat=100000, program_end=0)
#
Writes the hex code for a test file.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
path |
Path
|
A file path for the file. |
required |
program_start |
int
|
Length of the "program" code at start of file. |
100000
|
bloat |
int
|
Length of bloat or no operation bytes ' ' in the file. |
100000
|
program_end |
int
|
Length of the "program" code at end of file. |
0
|
Returns:
Type | Description |
---|---|
None
|
None |
Source code in defensive_file_scanner/create_file.py
defensive_file_scanner.scan#
Malware
#
Malware Object
Source code in defensive_file_scanner/scan.py
most_common: tuple[str, int]
property
#
The most come hex bit and frequency.
ratio
property
#
Ratio between most common count and total count.
total_bits: int
property
#
The total number if hex bits.
__init__(file)
#
Initialise a suspected Malware Object.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
file |
PurePath | str
|
Path of the file to scan. |
required |
Source code in defensive_file_scanner/scan.py
test_whole_file()
#
Scans the whole file and counts the hexbits.
Returns:
Type | Description |
---|---|
list[tuple[str, int]]
|
The count of the hex in the byte code ordered from most |
list[tuple[str, int]]
|
to least common. |
Todo
- Add tqdm loading bar.
Source code in defensive_file_scanner/scan.py
Created: April 1, 2023