-
Notifications
You must be signed in to change notification settings - Fork 1
/
fetcher.py
executable file
·103 lines (75 loc) · 2.71 KB
/
fetcher.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
#!/usr/bin/env python3
import os
import time
from mods.extras.colors import *
from mods.extras.args import *
def file_analysis():
import mods.analysis.generic as gen
# puremagic
pm(file)
# oletools
oleid(file)
if "Rich Text Format" in gen.uncompressed_pm_type or "rtf" in gen.pm_mime_type:
# rtfobj
rtf(file)
# VirusTotal
vt(file)
# HybridAnalysis
ha(file)
# android
if "Android" in gen.uncompressed_pm_type:
# apkinfo
apkinfo(file)
# quark-engine
Quark_Android(file)
# yara android
print(color.PURPLE+"[~] YARA Analysis:\n"+color.CWHITE)
yara_matching(file, 'android')
else:
print(color.PURPLE+"[~] YARA Analysis:\n"+color.CWHITE)
# yara windows
yara_matching(file, 'windows')
# yara linux
yara_matching(file, 'linux')
# yara os
yara_matching(file, 'macOS')
print(color.PURPLE+"[~] Strings Analysis:\n"+color.CWHITE)
# strings windows
StringAnalyzer(file, 'windows')
# strings linux
StringAnalyzer(file, 'linux')
# strings os
StringAnalyzer(file, 'macOS')
if args.file == None and args.url == None and args.directory == None:
parser.error("At least a file or a url should be provided")
else:
banner()
if args.file != None and args.directory == None and args.url == None:
print(color.YELLOW+"[*] Running analysis on file "+color.CYAN+file.split("/")[-1]+color.YELLOW+" ...\n"+color.CWHITE)
from mods.analysis.generic import *
file_analysis()
elif args.file == None and args.directory == None and args.url != None:
print(color.YELLOW+"[*] Running analysis on url "+color.CYAN+url+color.YELLOW+" ...\n")
from mods.analysis.url import *
# urlscan
urlscan()
elif args.file == None and args.directory != None and args.url == None:
i=0
c=0
second_iteration = False
print(color.YELLOW+"[*] Running analysis on directory "+color.CYAN+directory.split("/")[-2]+color.YELLOW+" ...\n"+color.CWHITE)
from mods.analysis.generic import *
for subdir, dirs, files in os.walk(directory):
for file in files:
i+=1
for subdir, dirs, files in os.walk(directory):
for file in files:
file = os.path.join(subdir, file)
print(color.YELLOW+"[*] Running analysis on file "+color.CYAN+file.split("/")[-1]+color.YELLOW+" ...\n")
if c != i and second_iteration:
time.sleep(15)
second_iteration = True
file_analysis()
c+=1
print(color.BLUE+"[+] "+str(i)+" files were analyzed \n"+color.CWHITE)
print(color.GREEN+"[**] Analysis complete"+color.CWHITE)