Skip to content
/ EntropyAnalysis Public

This package analyzes file entropy (shannon entropy) for forensic and malware analysis.

License

GPL-3.0 license
2 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

mauricelambert/EntropyAnalysis

BranchesTags

Repository files navigation

EntropyAnalysis

EntropyAnalysis

Description

This package analyzes file entropy (shannon entropy) for forensic or malware analysis

Requirements

This package require:

  • python3
  • python3 Standard Library

Optional:

  • matplotlib (matplotlib is not installed by EntropyAnalysis, if you want GUI charts you should install it.)

Installation

python3 -m pip install EntropyAnalysis

# The following line is optional (requirements for GUI charts)
python3 -m pip install matplotlib
git clone "https://github.com/mauricelambert/EntropyAnalysis.git"
cd "EntropyAnalysis"
python3 -m pip install .

Usages

Command line

EntropyAnalysis              # Using CLI package executable
python3 -m EntropyAnalysis   # Using python module
python3 EntropyAnalysis.pyz  # Using python executable
EntropyAnalysis.exe          # Using python Windows executable

EntropyAnalysis packed.exe
EntropyAnalysis -c packed.exe
EntropyAnalysis --all-characters packed.exe
EntropyAnalysis -f -C packed.exe
EntropyAnalysis -p 1024 packed.exe
EntropyAnalysis -o -k 4096 packed.exe
EntropyAnalysis -k 4096 -p 1024 packed.exe
EntropyAnalysis -u https://github.com/mauricelambert/FastRC4/releases/download/v0.0.1/librc4.so

Python script

from EntropyAnalysis import *
from urllib.request import urlopen

get_full_file_entropy(open('packed.exe', 'rb'))

charts_chunks_file_entropy(open('packed.exe', 'rb'))
charts_chunks_file_entropy(urlopen('https://github.com/mauricelambert/FastRC4/releases/download/v0.0.1/librc4.dll'), chunk_size=2048, part_size=512)

for score in get_chunks_file_entropy(open('packed.exe', 'rb')):
    print(score)

for score in get_chunks_file_entropy(urlopen('https://github.com/mauricelambert/FastRC4/releases/download/v0.0.1/librc4.dll'), chunk_size=2048):
    print(score)

print_chunks_file_entropy(open('packed.exe', 'rb'))
print_parts_chunks_file_entropy(open('packed.exe', 'rb'))

print_chunks_file_entropy(urlopen('https://github.com/mauricelambert/FastRC4/releases/download/v0.0.1/librc4.dll'), chunk_size=2048, colors=True)
print_parts_chunks_file_entropy(urlopen('https://github.com/mauricelambert/FastRC4/releases/download/v0.0.1/librc4.dll'), chunk_size=2048, part_size=512, colors=True)

Links

License

Licensed under the GPL, version 3.

About

This package analyzes file entropy (shannon entropy) for forensic and malware analysis.

Topics

security entropy cybersecurity malware-analysis file-analysis forensic disk-analysis entropy-analysis

Resources

Readme

License

GPL-3.0 license
Activity

Stars

2 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages