-
Notifications
You must be signed in to change notification settings - Fork 1
/
main.py
87 lines (74 loc) · 3.5 KB
/
main.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
import argparse
from analyzers.docx_analyzer import DOCXAnalyzer
from analyzers.pdf_analyzer import PDFAnalyzer
from analyzers.pe_analyzer import PEAnalyzer
from analyzers.xlsx_analyzer import XLSXAnalyzer
from analyzers.pptx_analyzer import PPTXAnalyzer
from reputation.virustotal import VirusTotal
from reputation.hybrid_analysis import HybridAnalysis
from reputation.metadefender import Metadefender
from reputation.malwarebazaar import MalwareBazaar
from reputation.reputation_manager import ReputationManager
from jinja2 import Environment, FileSystemLoader
from reputation.api.config_loader import load_config
def main():
config = load_config()
parser = argparse.ArgumentParser(description='Analyze various file types.')
parser.add_argument('file_path', help='Path to the file to analyze')
args = parser.parse_args()
file_path = args.file_path
file_extension = file_path.split('.')[-1].lower()
analyzers = {
'exe': PEAnalyzer,
'docx': DOCXAnalyzer,
'xlsx': XLSXAnalyzer,
'pptx': PPTXAnalyzer,
'pdf': PDFAnalyzer,
}
analysis_result = {'file_path': file_path, 'analyzers': {}, 'reputation': {}}
analyzer_class = analyzers.get(file_extension)
if analyzer_class:
analyzer = analyzer_class(file_path)
analysis_result['analyzers'][analyzer_class.__name__] = analyzer.analyze()
else:
analysis_result['error'] = f"Unsupported file type: {file_extension}"
# Reputation analysis
reputation_manager = ReputationManager()
reputation_manager.add_analyzer(VirusTotal())
reputation_manager.add_analyzer(HybridAnalysis())
reputation_manager.add_analyzer(Metadefender())
reputation_manager.add_analyzer(MalwareBazaar())
file_hash = analysis_result['analyzers'].get(analyzer_class.__name__, {}).get('file_hash')
if file_hash:
reputation_result = reputation_manager.get_reputation(file_hash)
analysis_result['reputation'] = reputation_result
# Generate HTML report
generate_html_report(analysis_result)
def generate_html_report(data, template_path='report_template.html', output_path='Malware_Report.html'):
env = Environment(loader=FileSystemLoader(searchpath="./"))
template = env.get_template(template_path)
analyzer_results = data.get('analyzers', {})
analyzer_name = next(iter(analyzer_results), None) # Get the first analyzer name
analyzer_data = analyzer_results.get(analyzer_name, {}) if analyzer_name else {}
html_content = template.render(
file_path=data.get('file_path'),
file_hash=analyzer_data.get('file_hash', ''),
metadata=analyzer_data.get('metadata', {}),
docx_paragraphs=analyzer_data.get('docx_paragraphs', []),
oleid_output=analyzer_data.get('oleid_output', ''),
olevba_output=analyzer_data.get('olevba_output', ''),
mraptor_output=analyzer_data.get('mraptor_output', ''),
run_pdf_parser=analyzer_data.get('run_pdf_parser'),
list_all_structured_data=analyzer_data.get('list_all_structured_data'),
pdfid_output=analyzer_data.get('pdfid_output'),
first_pdf_paragraph=analyzer_data.get('first_pdf_paragraph'),
imports=analyzer_data.get('imports'),
exports=analyzer_data.get('exports'),
sections=analyzer_data.get('sections'),
extracted_strings=analyzer_data.get('extracted_strings'),
reputation=data.get('reputation', {})
)
with open(output_path, 'w') as file:
file.write(html_content)
if __name__ == "__main__":
main()