geekscrapy / bingraph Goto Github PK

View Code? Open in Web Editor NEW

58.0 58.0 11.0 11.65 MB

Simple tool to graph files for quick analysis

License: GNU Affero General Public License v3.0

Python 100.00%

entropy graph histogram json malware matplotlib visualization

bingraph's People

Contributors

Stargazers

Watchers

Forkers

0ki kevoreilly raystyle minkione ryanbekabe hollow667 capesandbox alx1m1k c-fire stock81615

bingraph's Issues

Add Macho filetype parsing to ent graph.py

To start:

ELF - using lief - already started in #1
Macho - using lief

Return graph data for further analysis

Return an object which contains all the points making the graph which will enable use of the output of this tool in other tools as data, rather than just an image

Adjust watermark positioning

The watermark placement is currently buggy, it can sometimes obscure graph labels.

rename to binPlot

The word graph creates incorrect impression that it generates graphs with vertices and edges.

Multiple Files on Same Graph

I would like to compare two files by plotting their entropies on the same graph rather than generating two different ones

LICENSE of binGraph

binGraph is really nifty and I would like to integrate it as a misp-modules. I cannot find the license file. What's the open source license of binGraph? Thank you very much.

Refactor/tidy main to feed properly into generate_graphs()

There is some code overlap in the main section that should be included in generate_graphs() - most functionality should be in generate_graphs() anyway.

This will be a fairly mixed commit, so please can contributors hold off pull requests for the main and generate_graphs() until I have refactored the code.

Thanks!

percentages are returned in args_dict['ibytes']

Once generate_graphs() is called on graph ent, 'percentages' values are appended to the ibytes list.

To replicate:

Import and submit graph to generate_graphs(args_dict)
print args_dict - it shouldn't contain the 'percentages' list

I believe this is due to not copying the dictionary, but using the deepcopy.

Shouldn't it be a part of binwalk?

I have a file 340s.exe but when I run the file it gives me this

I have a file 340s.exe but when I run the file it gives me this
python binGraph.py -f 340s.exe --out "/home/marshall/Downloads/clg project2/toGraph" --json --graphtitle "340s.exe" --showplt --format png --figsize 8 8 --dpi 100 --blob -v 'ent' agg matplotlib backend in use. This graph generation was tested with "TkAgg", bugs may lie ahead... Parsing file as blob (as requested) /home/marshall/Downloads/clg project2/binGraph-master/binGraph/binGraph.py:230: UserWarning: Matplotlib is currently using agg, which is a non-GUI backend, so cannot show the figure. plt.show()
What to do now?

Originally posted by @Concept606 in #4 (comment)

Make section names not overlap - ent graph

Currently, section names can overlap if they are close to each other. The idea for this issue is to have them not overlap so each can be seen clearly