Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/cybercentrecanada/assemblyline-service-characterize
Assemblyline 4 metadata extraction and entropy calculation plugin
https://github.com/cybercentrecanada/assemblyline-service-characterize
assemblyline entropy lnk malware-analysis metadata-extraction shortcuts
Last synced: about 1 month ago
JSON representation
Assemblyline 4 metadata extraction and entropy calculation plugin
- Host: GitHub
- URL: https://github.com/cybercentrecanada/assemblyline-service-characterize
- Owner: CybercentreCanada
- License: mit
- Created: 2020-04-07T23:43:59.000Z (over 4 years ago)
- Default Branch: master
- Last Pushed: 2024-09-17T19:36:43.000Z (3 months ago)
- Last Synced: 2024-09-18T00:12:58.681Z (3 months ago)
- Topics: assemblyline, entropy, lnk, malware-analysis, metadata-extraction, shortcuts
- Language: Python
- Homepage: https://cybercentrecanada.github.io/assemblyline4_docs/
- Size: 1.21 MB
- Stars: 1
- Watchers: 2
- Forks: 2
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
Awesome Lists containing this project
README
# Characterize Service
This Assemblyline service extract information about the file:
* It partitions the file and calculates visual entropy for each partition.
* It runs the hachoir-metadata and exiftool commands to extract metadata information about the file.
* If the file is a Windows Shortcut, this service runs a forked version of the
[LnkParse3](https://github.com/gdesmar/LnkParse3) tool to pull out metadata information.
* If the file is a Web Shortcut, this service will parse the configuration accordingly.
**NOTE**: This service does not require you to buy any licence and is preinstalled and working after a default installation