How to use the pyhindsight.__version__ function in pyhindsight

To help you get started, we’ve selected a few pyhindsight examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github obsidianforensics / hindsight / hindsight_gui.py View on Github external
analysis_session.input_path = bottle.request.forms.get('profile_path')  # TODO: refactor bottle name
    analysis_session.cache_path = bottle.request.forms.get('cache_path')
    analysis_session.browser_type = bottle.request.forms.get('browser_type')
    analysis_session.timezone = bottle.request.forms.get('timezone')
    analysis_session.log_path = bottle.request.forms.get('log_path')

    # Set up logging
    logging.basicConfig(filename=analysis_session.log_path, level=logging.DEBUG,
                        format='%(asctime)s.%(msecs).03d | %(levelname).01s | %(message)s',
                        datefmt='%Y-%m-%d %H:%M:%S')
    log = logging.getLogger(__name__)

    # Hindsight version info
    log.info(
        '\n' + '#' * 80 + '\n###    Hindsight v{} (https://github.com/obsidianforensics/hindsight)    ###\n'
        .format(pyhindsight.__version__) + '#' * 80)

    if 'windows' in ui_selected_decrypts:
        analysis_session.available_decrypts['windows'] = 1
    else:
        analysis_session.available_decrypts['windows'] = 0

    if 'mac' in ui_selected_decrypts:
        analysis_session.available_decrypts['mac'] = 1
    else:
        analysis_session.available_decrypts['mac'] = 0

    if 'linux' in ui_selected_decrypts:
        analysis_session.available_decrypts['linux'] = 1
    else:
        analysis_session.available_decrypts['linux'] = 0
github obsidianforensics / hindsight / pyhindsight / analysis.py View on Github external
    @staticmethod
    def base_encoder(history_item):
        item = {'source_short': 'WEBHIST', 'source_long': 'Chrome History',
                'parser': 'hindsight/{}'.format(__version__)}
        for key, value in history_item.__dict__.items():
            # Drop any keys that have None as value
            if value is None:
                continue

            if isinstance(value, datetime.datetime):
                value = value.isoformat()

            # JSONL requires utf-8 encoding
            if isinstance(value, str):
                value = value.decode('utf-8', errors='replace')

            item[key] = value

        item['datetime'] = item['timestamp']
        del(item['timestamp'])
github obsidianforensics / hindsight / pyhindsight / utils.py View on Github external
banner = '''
################################################################################

                   _     _           _     _       _     _
                  | |   (_)         | |   (_)     | |   | |
                  | |__  _ _ __   __| |___ _  __ _| |__ | |_
                  | '_ \| | '_ \ / _` / __| |/ _` | '_ \| __|
                  | | | | | | | | (_| \__ \ | (_| | | | | |_
                  |_| |_|_|_| |_|\__,_|___/_|\__, |_| |_|\__|
                                              __/ |
                        by @_RyanBenson      |___/   v{}

################################################################################
'''.format(__version__)
github obsidianforensics / hindsight / hindsight.py View on Github external
analysis_session.timezone = args.timezone

    if args.log == 'hindsight.log':
        args.log = os.path.join(real_path, args.log)
    analysis_session.log_path = args.log

    # Set up logging
    logging.basicConfig(filename=analysis_session.log_path, level=logging.DEBUG,
                        format='%(asctime)s.%(msecs).03d | %(levelname).01s | %(message)s',
                        datefmt='%Y-%m-%d %H:%M:%S')
    log = logging.getLogger(__name__)

    # Hindsight version info
    log.info(
        '\n' + '#' * 80 + '\n###    Hindsight v{} (https://github.com/obsidianforensics/hindsight)    ###\n'
        .format(pyhindsight.__version__) + '#' * 80)

    # Analysis start time
    print(format_meta_output("Start time", str(datetime.datetime.now())[:-3]))

    # Read the input directory
    analysis_session.input_path = args.input
    print(format_meta_output("Input directory", args.input))
    log.info("Reading files from %s" % args.input)
    input_listing = os.listdir(args.input)
    log.debug("Input directory contents: " + str(input_listing))

    # Search input directory for browser profiles to analyze
    input_profiles = analysis_session.find_browser_profiles(args.input)
    log.info(" - Found {} browser profile(s): {}".format(len(input_profiles), input_profiles))
    analysis_session.profile_paths = input_profiles
github obsidianforensics / hindsight / pyhindsight / analysis.py View on Github external
red_url_format = workbook.add_format({'font_color': 'red', 'align': 'left'})
        red_field_format = workbook.add_format({'font_color': 'red', 'align': 'right'})
        red_value_format = workbook.add_format({'font_color': 'red', 'align': 'left', 'num_format': '0'})
        green_type_format = workbook.add_format({'font_color': 'green', 'align': 'left'})
        green_date_format = workbook.add_format({'font_color': 'green', 'num_format': 'yyyy-mm-dd hh:mm:ss.000'})
        green_url_format = workbook.add_format({'font_color': 'green', 'align': 'left'})
        green_field_format = workbook.add_format({'font_color': 'green', 'align': 'left'})
        green_value_format = workbook.add_format({'font_color': 'green', 'align': 'left'})
        blue_type_format = workbook.add_format({'font_color': 'blue', 'align': 'left'})
        blue_date_format = workbook.add_format({'font_color': 'blue', 'num_format': 'yyyy-mm-dd hh:mm:ss.000'})
        blue_url_format = workbook.add_format({'font_color': 'blue', 'align': 'left'})
        blue_field_format = workbook.add_format({'font_color': 'blue', 'align': 'left'})
        blue_value_format = workbook.add_format({'font_color': 'blue', 'align': 'left'})

        # Title bar
        w.merge_range('A1:H1', u'Hindsight Internet History Forensics (v%s)' % __version__, title_header_format)
        w.merge_range('I1:M1', u'URL Specific', center_header_format)
        w.merge_range('N1:P1', u'Download Specific', center_header_format)
        w.merge_range('Q1:R1', u'', center_header_format)
        w.merge_range('S1:U1', u'Cache Specific', center_header_format)

        # Write column headers
        w.write(1, 0, u'Type', header_format)
        w.write(1, 1, u'Timestamp ({})'.format(self.timezone), header_format)
        w.write(1, 2, u'URL', header_format)
        w.write(1, 3, u'Title / Name / Status', header_format)
        w.write(1, 4, u'Data / Value / Path', header_format)
        w.write(1, 5, u'Interpretation', header_format)
        w.write(1, 6, u'Profile', header_format)
        w.write(1, 7, u'Source', header_format)
        w.write(1, 8, u'Duration', header_format)
        w.write(1, 9, u'Visit Count', header_format)
github obsidianforensics / hindsight / pyhindsight / analysis.py View on Github external
self.artifacts_counts = {}

        if self.available_output_formats is None:
            self.available_output_formats = ['sqlite', 'jsonl']

        if self.available_decrypts is None:
            self.available_decrypts = {'windows': 0, 'mac': 0, 'linux': 0}

        if self.plugin_results is None:
            self.plugin_results = {}

        if self.preferences is None:
            self.preferences = []

        if __version__:
            self.hindsight_version = __version__

        # Try to import modules for different output formats, adding to self.available_output_format array if successful
        try:
            import xlsxwriter
            self.available_output_formats.append('xlsx')
        except ImportError:
            log.warning("Couldn't import module 'xlsxwriter'; XLSX output disabled.")

        # Set output name to default if not set by user
        if self.output_name is None:
            self.output_name = "Hindsight Report ({})".format(time.strftime('%Y-%m-%dT%H-%M-%S'))

        # Try to import modules for cookie decryption on different OSes.
        # Windows
        try:
            import win32crypt