Skip to content
/ EntropyAnalysis Public

This package analyzes file entropy (shannon entropy) for forensic and malware analysis.

License

GPL-3.0 license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

mauricelambert/EntropyAnalysis

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits

EntropyAnalysis.egg-info

EntropyAnalysis.egg-info

 
 

EntropyAnalysis.py

EntropyAnalysis.py

 
 

LICENSE.txt

LICENSE.txt

 
 

MANIFEST.in

MANIFEST.in

 
 

PKG-INFO

PKG-INFO

 
 

README.md

README.md

 
 

pyproject.toml

pyproject.toml

 
 

setup.cfg

setup.cfg

 
 

setup.py

setup.py

 
 

Repository files navigation

EntropyAnalysis

EntropyAnalysis

Description

This package analyzes file entropy (shannon entropy) for forensic or malware analysis

Requirements

This package require:

  • python3
  • python3 Standard Library

Optional:

  • matplotlib (matplotlib is not installed by EntropyAnalysis, if you want GUI charts you should install it.)

Installation

python3 -m pip install EntropyAnalysis

# The following line is optional (requirements for GUI charts)
python3 -m pip install matplotlib
git clone "https://github.com/mauricelambert/EntropyAnalysis.git"
cd "EntropyAnalysis"
python3 -m pip install .

Usages

Command line

EntropyAnalysis              # Using CLI package executable
python3 -m EntropyAnalysis   # Using python module
python3 EntropyAnalysis.pyz  # Using python executable
EntropyAnalysis.exe          # Using python Windows executable

EntropyAnalysis packed.exe
EntropyAnalysis -c packed.exe
EntropyAnalysis --all-characters packed.exe
EntropyAnalysis -f -C packed.exe
EntropyAnalysis -p 1024 packed.exe
EntropyAnalysis -o -k 4096 packed.exe
EntropyAnalysis -k 4096 -p 1024 packed.exe
EntropyAnalysis -u https://github.com/mauricelambert/FastRC4/releases/download/v0.0.1/librc4.so

Python script

from EntropyAnalysis import *
from urllib.request import urlopen

get_full_file_entropy(open('packed.exe', 'rb'))

charts_chunks_file_entropy(open('packed.exe', 'rb'))
charts_chunks_file_entropy(urlopen('https://github.com/mauricelambert/FastRC4/releases/download/v0.0.1/librc4.dll'), chunk_size=2048, part_size=512)

for score in get_chunks_file_entropy(open('packed.exe', 'rb')):
    print(score)

for score in get_chunks_file_entropy(urlopen('https://github.com/mauricelambert/FastRC4/releases/download/v0.0.1/librc4.dll'), chunk_size=2048):
    print(score)

print_chunks_file_entropy(open('packed.exe', 'rb'))
print_parts_chunks_file_entropy(open('packed.exe', 'rb'))

print_chunks_file_entropy(urlopen('https://github.com/mauricelambert/FastRC4/releases/download/v0.0.1/librc4.dll'), chunk_size=2048, colors=True)
print_parts_chunks_file_entropy(urlopen('https://github.com/mauricelambert/FastRC4/releases/download/v0.0.1/librc4.dll'), chunk_size=2048, part_size=512, colors=True)

Links

License

Licensed under the GPL, version 3.

About

This package analyzes file entropy (shannon entropy) for forensic and malware analysis.

Topics

security entropy cybersecurity malware-analysis file-analysis forensic disk-analysis entropy-analysis

Resources

Readme

License

GPL-3.0 license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages