{
    "info": {
        "author": "James Pleger",
        "author_email": "jpleger@gmail.com",
        "bugtrack_url": null,
        "classifiers": [
            "Development Status :: 4 - Beta",
            "Intended Audience :: Information Technology",
            "License :: OSI Approved :: ISC License (ISCL)",
            "Operating System :: POSIX",
            "Programming Language :: Python :: 2 :: Only",
            "Topic :: Security"
        ],
        "description": "atklite\n=======\n\natklite is a library intended to help easily determine identifiable attributes \nabout files under investigation. With a simple usage syntax, the following \ninformation can be determined by calling applications:\n\n- MD5 hash\n- SHA-1 hash\n- SHA-256 hash\n- CRC32 checksum\n- File size\n- File type (from magic bytes)\n- Fuzzy hash (CTPH) via ssdeep\n\natklite is primarily intended for use in analyzing malware samples but may be\nuseful for anyone looking for a simple API for analyzing files.\n\nAdditionally, atklite can be used as a binary storage system, utilizing a standard\nfilesystem to store the files in a sharded manner using the first n bytes of the\nhash that a user chooses to use (md5, sha1, sha256 or sha512).\n\nSetup\n=====\n\nRequirements\n------------\n\n- Python (tested with Python 2.7)\n- python-magic_. On most systems this requires the libmagic library to be\n  installed.\n- Python ssdeep wrapper, one of either:\n\n  - python-ssdeep_\n  - pydeep_\n\n.. _python-magic: https://pypi.python.org/pypi/python-magic/\n.. _python-ssdeep: http://github.com/DinoTools/python-ssdeep\n.. _pydeep: https://github.com/kbandla/pydeep\n\n\nInstalling Prerequisites\n------------------------\n\nInstalling the prerequisites on an ubuntu system is fairly easy.\n\nFirst we must install the prerequisites for python-ssdeep::\n    $ apt-get install cython ssdeep python-dev\n\n\nInstallation\n------------\n\nInstallation with pip is simple::\n\n    $ pip install atklite\n\nIf installing from source, unpack the distribution tarball and then install as\nfollows::\n\n    $ python setup.py build\n    $ python setup.py install\n\n\nConfiguration and use\n---------------------\n\nUsage::\n\n    From the cli using atk-info:\n    jpleger@jupiter:~$ atk-info ~/glyphicons-halflings-white.png\n    [-] Using binary store at: /home/jpleger/binary_store\n    -- glyphicons-halflings-white.png ----------------------------------------------\n      Analyze time: Mon Jul 29 18:23:10 2013\n      File name:    glyphicons-halflings-white.png\n      File size:    8777\n      File type:    PNG image data, 469 x 159, 8-bit colormap, non-interlaced\n      CRC-32:       43808ba4\n      MD5 hash:     9bbc6e9602998a385c2ea13df56470fd\n      SHA1 hash:    a25c4705320fd63c33790e666872910e702b9bf6\n      SHA256 hash:  f0e0d95a9c8abcdfabf46348e2d4285829bb0491f5f6af0e05af52bffb6324c4\n      Fuzzy hash:   192:41MFu/STZChMGLw/LtI30ukSCeQm9F+xZdqdfQpTTTIyQY7thi7uWB:iMdZ/GLILBmWEiTTTIyQY5hi71\n      Stored File:  /home/jpleger/binary_store/9/b/b/9bbc6e9602998a385c2ea13df56470fd\n    jpleger@jupiter:~$\n\n    From the python interpreter:\n    >>> import atklite\n    >>> file_analysis = atklite.FileAnalysis(filename='9ba57b128089f0a5a07b262511307f9c.exe')\n    >>> print file_analysis.dump()\n    sha1: 63738713f1e22425e06dd1f20e5cd22c630fd7d3\n    analyzetime: Sat Mar  2 00:57:50 2013\n    ftype: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows\n    crc32: 9083b5e6\n    ttime: 1362211070.21\n    sha256: 04a191e1d7526025ee911f8a55d5c329af456cbd48d507dc2040b4ead1e4a525\n    ssdeep: 1536:o+I6XtaJU0ikjlcCGXM6ds6GGA2P+ly+Hmuh81HSR:o+fXtBYcCiX1xP0Hmk8s\n    md5: 9ba57b128089f0a5a07b262511307f9c\n    size: 77824\n\n    >>> analysis = file_analysis.return_analysis()\n    >>> analysis['analyzetime']\n    'Sat Mar  2 00:57:50 2013'\n    >>> print analysis['md5']\n    9ba57b128089f0a5a07b262511307f9c\n    >>> print analysis['sha1']\n    63738713f1e22425e06dd1f20e5cd22c630fd7d3\n    >>> print analysis['sha256']\n    04a191e1d7526025ee911f8a55d5c329af456cbd48d507dc2040b4ead1e4a525\n    >>> print analysis['size']\n    77824\n    >>> print analysis['crc32']\n    9083b5e6\n    >>> print analysis['ftype']\n    PE32 executable (DLL) (GUI) Intel 80386, for MS Windows\n    >>> print analysis['ssdeep']\n    1536:o+I6XtaJU0ikjlcCGXM6ds6GGA2P+ly+Hmuh81HSR:o+fXtBYcCiX1xP0Hmk8s\n\n\nTo Do\n=====\n\nNice to Have\n------------\n * Storing the reports with the files\n * Tagging within the saved reports",
        "description_content_type": null,
        "docs_url": null,
        "download_url": "UNKNOWN",
        "downloads": {
            "last_day": -1,
            "last_month": -1,
            "last_week": -1
        },
        "home_page": "https://bitbucket.org/jpleger/atk/",
        "keywords": null,
        "license": "ISC",
        "maintainer": null,
        "maintainer_email": null,
        "name": "atklite",
        "package_url": "https://pypi.org/project/atklite/",
        "platform": "UNKNOWN",
        "project_url": "https://pypi.org/project/atklite/",
        "project_urls": {
            "Download": "UNKNOWN",
            "Homepage": "https://bitbucket.org/jpleger/atk/"
        },
        "release_url": "https://pypi.org/project/atklite/1.1-release/",
        "requires_dist": null,
        "requires_python": null,
        "summary": "Library to simplify process of gathering identifiable attributes about files",
        "version": "1.1-release"
    },
    "last_serial": 852700,
    "releases": {
        "1.0-release": [
            {
                "comment_text": "",
                "digests": {
                    "md5": "d8639a4b59f11703f7883886c7e73892",
                    "sha256": "3c34c739dd5052ed7c229c2adc0c60fd7c0ad651934280412fc0a110bf6698ff"
                },
                "downloads": -1,
                "filename": "atklite-1.0-release.tar.gz",
                "has_sig": false,
                "md5_digest": "d8639a4b59f11703f7883886c7e73892",
                "packagetype": "sdist",
                "python_version": "source",
                "requires_python": null,
                "size": 11011,
                "upload_time": "2013-07-31T20:27:19",
                "url": "https://files.pythonhosted.org/packages/ac/e7/b2c7e99640f821e0fe336a4b80d91c2dfb7f23bc61be5344f8617a902277/atklite-1.0-release.tar.gz"
            }
        ],
        "1.1-release": [
            {
                "comment_text": "",
                "digests": {
                    "md5": "cbc18dde252325a36f5eae9795a2e743",
                    "sha256": "4f9c73bf7234c368027016d51720bbe2b4c53f9be3d9d612e6551d2747a806ee"
                },
                "downloads": -1,
                "filename": "atklite-1.1-release.tar.gz",
                "has_sig": false,
                "md5_digest": "cbc18dde252325a36f5eae9795a2e743",
                "packagetype": "sdist",
                "python_version": "source",
                "requires_python": null,
                "size": 11001,
                "upload_time": "2013-08-30T00:59:56",
                "url": "https://files.pythonhosted.org/packages/4a/8f/35e32231050496dd04b89f0ff7af4f04791d4463df2b1d2802ed8f63071f/atklite-1.1-release.tar.gz"
            }
        ]
    },
    "urls": [
        {
            "comment_text": "",
            "digests": {
                "md5": "cbc18dde252325a36f5eae9795a2e743",
                "sha256": "4f9c73bf7234c368027016d51720bbe2b4c53f9be3d9d612e6551d2747a806ee"
            },
            "downloads": -1,
            "filename": "atklite-1.1-release.tar.gz",
            "has_sig": false,
            "md5_digest": "cbc18dde252325a36f5eae9795a2e743",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": null,
            "size": 11001,
            "upload_time": "2013-08-30T00:59:56",
            "url": "https://files.pythonhosted.org/packages/4a/8f/35e32231050496dd04b89f0ff7af4f04791d4463df2b1d2802ed8f63071f/atklite-1.1-release.tar.gz"
        }
    ]
}