hashlookup-forensic-analyser icon indicating copy to clipboard operation
hashlookup-forensic-analyser copied to clipboard

Published 20 hours ago verified publisher icon hashlookup

Metadata

Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https://circl.lu/services/hashlookup/

Results 4 hashlookup-forensic-analyser issues
Sort by recently updated
recently updated
newest added

[Idea] Option to unarchive

5 comment

This is not an easy suggestion and it may also introduce risks but having an option to get archived files to get extracted recursively & hashed, I thought could also...

Maijin avatar Maijin

enhancement

Configuration of directories and filetype inclusion/exclusion to be analysed

2 comment

Configuration of directories and filetype inclusion/exclusion to be analysed. Idea from @wachizungu.

adulau avatar adulau

enhancement

Add option to list files that have known hash, but for which the filename doesn't match any of the known filenames for that hash

Some attack techniques replace a 'known' file by another 'known' file, allowing them to exploit some processing flow that triggers the binary at the target location This kind of scenario...

Wachizungu avatar Wachizungu

enhancement

False reports of unknown files due to mismatch with CIRCL hashlookup output

Every file is being reported as unknown, even if it actually was found. I believe this is because the default `args.bloomfield_algorithm` is `"sha1"` but the key returned by CIRCL is...

lukenormile avatar lukenormile

Metadata

117
Stars
12
Forks
Watchers

Owner

verified publisher icon hashlookup

Metadata

Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https://circl.lu/services/hashlookup/

Back