matthew/Hunt-AI
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Delete TTPs/Analysis/analysis_filehash.py

Browse Source
This commit is contained in:
Matthew Iverson
2024-11-28 00:54:28 -05:00
parent 7e7ae61ff2
commit a5f13865b4
1 changed files with 0 additions and 58 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
TTPs/Analysis/analysis_filehash.py
View File

@ -1,58 +0,0 @@
import os
import subprocess
import webbrowser
from Modules.submenu import build_submenu
def analysis_filehash_submenu():
"""
Submenu for file hash analysis tools and methods.
"""
actions = {
"1": {"description": "Get File Hash (MD5)", "function": get_file_hash_md5},
"2": {"description": "Check File Hash on VirusTotal", "function": check_virustotal},
"3": {"description": "Other Hash Algorithms (SHA1/SHA256)", "function": get_file_hash_other},
}
build_submenu("File Hash Analysis", actions)
# Functions for file hash analysis
def get_file_hash_md5():
"""
Run a PowerShell command to get the MD5 hash of a file.
"""
file_path = input("Enter the full file path: ").strip()
try:
if os.name == 'nt': # Check if running on Windows
command = f'powershell.exe Get-FileHash -Algorithm MD5 "{file_path}"'
subprocess.run(command, shell=True)
else:
print("This command is only available on Windows with PowerShell.")
except Exception as e:
print(f"Error running PowerShell command: {e}")
def check_virustotal():
"""
Open VirusTotal to check the file hash.
"""
file_hash = input("Enter the file hash (MD5, SHA1, or SHA256): ").strip()
url = f"https://www.virustotal.com/gui/search/{file_hash}"
webbrowser.open(url)
print(f"Opening VirusTotal for hash: {file_hash}")
def get_file_hash_other():
"""
Run a PowerShell command to get SHA1 or SHA256 hash of a file.
"""
file_path = input("Enter the full file path: ").strip()
algorithm = input("Enter the hash algorithm (SHA1 or SHA256): ").strip().upper()
if algorithm not in ["SHA1", "SHA256"]:
print("Invalid algorithm. Please choose SHA1 or SHA256.")
return
try:
if os.name == 'nt': # Check if running on Windows
command = f'powershell.exe Get-FileHash -Algorithm {algorithm} "{file_path}"'
subprocess.run(command, shell=True)
else:
print("This command is only available on Windows with PowerShell.")
except Exception as e:
print(f"Error running PowerShell command: {e}")