How to use the pyhindsight.utils.format_plugin_output function in pyhindsight
To help you get started, we’ve selected a few pyhindsight examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
obsidianforensics / hindsight / pyhindsight / analysis.py View on Github 
log.debug(" - Loading '{}' [custom plugin]".format(plugin))
try:
module = __import__(plugin)
except ImportError, e:
log.error(" - Error: {}".format(e))
print format_plugin_output(plugin, "-unknown", 'import failed (see log)')
continue
try:
log.info(" - Running '{}' plugin".format(module.friendlyName))
parsed_items = module.plugin(self)
print format_plugin_output(module.friendlyName, module.version, parsed_items)
self.plugin_results[plugin] = [module.friendlyName, module.version, parsed_items]
log.info(" - Completed; {}".format(parsed_items))
completed_plugins.append(plugin)
except Exception, e:
print format_plugin_output(module.friendlyName, module.version, 'failed')
self.plugin_results[plugin] = [module.friendlyName, module.version, 'failed']
log.info(" - Failed; {}".format(e))
except Exception as e:
log.debug(' - Error loading plugins ({})'.format(e))
print ' - Error loading plugins'
finally:
# Remove the current plugin location from the system path, so we don't loop over it again
sys.path.remove(potential_plugin_path)# Check to see if we've already run this plugin (likely from a different path)
if plugin in completed_plugins:
log.info(" - Skipping '{}'; a plugin with that name has run already".format(plugin))
continue
log.info(" - Loading '{}' [standard plugin]".format(plugin))
try:
module = importlib.import_module("pyhindsight.plugins.{}".format(plugin))
except ImportError, e:
log.error(" - Error: {}".format(e))
print format_plugin_output(plugin, "-unknown", 'import failed (see log)')
continue
try:
log.info(" - Running '{}' plugin".format(module.friendlyName))
parsed_items = module.plugin(self)
print format_plugin_output(module.friendlyName, module.version, parsed_items)
self.plugin_results[plugin] = [module.friendlyName, module.version, parsed_items]
log.info(" - Completed; {}".format(parsed_items))
completed_plugins.append(plugin)
break
except Exception, e:
print format_plugin_output(module.friendlyName, module.version, 'failed')
self.plugin_results[plugin] = [module.friendlyName, module.version, 'failed']
log.info(" - Failed; {}".format(e))
for potential_path in sys.path:
# If a subdirectory exists called 'plugins' at the current path, continue on
potential_plugin_path = os.path.join(potential_path, 'plugins')
if os.path.isdir(potential_plugin_path):
try:
# Insert the current plugin location to the system path, so we can import plugin modules by name
sys.path.insert(0, potential_plugin_path)log.info("Plugins:")
completed_plugins = []
# First run built-in plugins that ship with Hindsight
log.info(" Built-in Plugins:")
for plugin in pyhindsight.plugins.__all__:
# Check to see if we've already run this plugin (likely from a different path)
if plugin in completed_plugins:
continue
log.debug(" - Loading '{}'".format(plugin))
try:
module = importlib.import_module("pyhindsight.plugins.{}".format(plugin))
except ImportError, e:
log.error(" - Error: {}".format(e))
print(format_plugin_output(plugin, "-unknown", 'import failed (see log)'))
continue
try:
log.info(" - Running '{}' plugin".format(module.friendlyName))
parsed_items = module.plugin(analysis_session)
print(format_plugin_output(module.friendlyName, module.version, parsed_items))
log.info(" - Completed; {}".format(parsed_items))
completed_plugins.append(plugin)
except Exception, e:
print(format_plugin_output(module.friendlyName, module.version, 'failed'))
log.info(" - Failed; {}".format(e))
# Then look for any custom user-provided plugins in a 'plugins' directory
log.info(" Custom Plugins:")
if real_path not in sys.path:
sys.path.insert(0, real_path)log.debug(" - Loading '{}'".format(plugin))
try:
module = importlib.import_module("pyhindsight.plugins.{}".format(plugin))
except ImportError, e:
log.error(" - Error: {}".format(e))
print(format_plugin_output(plugin, "-unknown", 'import failed (see log)'))
continue
try:
log.info(" - Running '{}' plugin".format(module.friendlyName))
parsed_items = module.plugin(analysis_session)
print(format_plugin_output(module.friendlyName, module.version, parsed_items))
log.info(" - Completed; {}".format(parsed_items))
completed_plugins.append(plugin)
except Exception, e:
print(format_plugin_output(module.friendlyName, module.version, 'failed'))
log.info(" - Failed; {}".format(e))
# Then look for any custom user-provided plugins in a 'plugins' directory
log.info(" Custom Plugins:")
if real_path not in sys.path:
sys.path.insert(0, real_path)
# Loop through all paths, to pick up all potential locations for custom plugins
for potential_path in sys.path:
# If a subdirectory exists called 'plugins' or 'pyhindsight/plugins' at the current path, continue on
for potential_plugin_path in [os.path.join(potential_path, 'plugins'), os.path.join(potential_path, 'pyhindsight', 'plugins')]:
if os.path.isdir(potential_plugin_path):
log.info(" Found custom plugin directory {}:".format(potential_plugin_path))
try:
# Insert the current plugin location to the system path, so we can import plugin modules by namelog.debug(" - Loading '{}'".format(plugin))
try:
module = __import__(plugin)
except ImportError, e:
log.error(" - Error: {}".format(e))
print(format_plugin_output(plugin, "-unknown", 'import failed (see log)'))
continue
try:
log.info(" - Running '{}' plugin".format(module.friendlyName))
parsed_items = module.plugin(analysis_session)
print(format_plugin_output(module.friendlyName, module.version, parsed_items))
log.info(" - Completed; {}".format(parsed_items))
completed_plugins.append(plugin)
except Exception, e:
print(format_plugin_output(module.friendlyName, module.version, 'failed'))
log.info(" - Failed; {}".format(e))
except Exception as e:
log.debug(' - Error loading plugins ({})'.format(e))
print(' - Error loading plugins')
finally:
# Remove the current plugin location from the system path, so we don't loop over it again
sys.path.remove(potential_plugin_path)
# Check if output directory exists; attempt to create if it doesn't
if os.path.dirname(analysis_session.output_name) != "" and not os.path.exists(os.path.dirname(analysis_session.output_name)):
os.makedirs(os.path.dirname(analysis_session.output_name))
# Get desired output type form args.format and call the correct output creation function
if analysis_session.selected_output_format == 'xlsx':
log.info("Writing output; XLSX format selected")
try:log.debug(" - Contents of plugin folder: " + str(plugin_listing))
for plugin in plugin_listing:
if plugin[-3:] == ".py" and plugin[0] != '_':
plugin = plugin.replace(".py", "")
# Check to see if we've already run this plugin (likely from a different path)
if plugin in completed_plugins:
log.debug(" - Skipping '{}'; a plugin with that name has run already".format(plugin))
continue
log.debug(" - Loading '{}'".format(plugin))
try:
module = __import__(plugin)
except ImportError, e:
log.error(" - Error: {}".format(e))
print(format_plugin_output(plugin, "-unknown", 'import failed (see log)'))
continue
try:
log.info(" - Running '{}' plugin".format(module.friendlyName))
parsed_items = module.plugin(analysis_session)
print(format_plugin_output(module.friendlyName, module.version, parsed_items))
log.info(" - Completed; {}".format(parsed_items))
completed_plugins.append(plugin)
except Exception, e:
print(format_plugin_output(module.friendlyName, module.version, 'failed'))
log.info(" - Failed; {}".format(e))
except Exception as e:
log.debug(' - Error loading plugins ({})'.format(e))
print(' - Error loading plugins')
finally:
# Remove the current plugin location from the system path, so we don't loop over it again
sys.path.remove(potential_plugin_path)# Check to see if we've already run this plugin (likely from a different path)
if plugin in completed_plugins:
log.debug(" - Skipping '{}'; a plugin with that name has run already".format(plugin))
continue
log.debug(" - Loading '{}'".format(plugin))
try:
module = __import__(plugin)
except ImportError, e:
log.error(" - Error: {}".format(e))
print(format_plugin_output(plugin, "-unknown", 'import failed (see log)'))
continue
try:
log.info(" - Running '{}' plugin".format(module.friendlyName))
parsed_items = module.plugin(analysis_session)
print(format_plugin_output(module.friendlyName, module.version, parsed_items))
log.info(" - Completed; {}".format(parsed_items))
completed_plugins.append(plugin)
except Exception, e:
print(format_plugin_output(module.friendlyName, module.version, 'failed'))
log.info(" - Failed; {}".format(e))
except Exception as e:
log.debug(' - Error loading plugins ({})'.format(e))
print(' - Error loading plugins')
finally:
# Remove the current plugin location from the system path, so we don't loop over it again
sys.path.remove(potential_plugin_path)
# Check if output directory exists; attempt to create if it doesn't
if os.path.dirname(analysis_session.output_name) != "" and not os.path.exists(os.path.dirname(analysis_session.output_name)):
os.makedirs(os.path.dirname(analysis_session.output_name))# First check built-in plugins that ship with Hindsight
# log.info(" Built-in Plugins:")
for standard_plugin in pyhindsight.plugins.__all__:
# Check if the standard plugin is the selected_plugin we're looking for
if standard_plugin == plugin:
# Check to see if we've already run this plugin (likely from a different path)
if plugin in completed_plugins:
log.info(" - Skipping '{}'; a plugin with that name has run already".format(plugin))
continue
log.info(" - Loading '{}' [standard plugin]".format(plugin))
try:
module = importlib.import_module("pyhindsight.plugins.{}".format(plugin))
except ImportError, e:
log.error(" - Error: {}".format(e))
print format_plugin_output(plugin, "-unknown", 'import failed (see log)')
continue
try:
log.info(" - Running '{}' plugin".format(module.friendlyName))
parsed_items = module.plugin(self)
print format_plugin_output(module.friendlyName, module.version, parsed_items)
self.plugin_results[plugin] = [module.friendlyName, module.version, parsed_items]
log.info(" - Completed; {}".format(parsed_items))
completed_plugins.append(plugin)
break
except Exception, e:
print format_plugin_output(module.friendlyName, module.version, 'failed')
self.plugin_results[plugin] = [module.friendlyName, module.version, 'failed']
log.info(" - Failed; {}".format(e))
for potential_path in sys.path:
# If a subdirectory exists called 'plugins' at the current path, continue onpyhindsight
Browser forensics for Google Chrome/Chromium
Package Health Score
75 / 100Popular pyhindsight functions
- pyhindsight.__file__
- pyhindsight.__version__
- pyhindsight.analysis.AnalysisSession
- pyhindsight.analysis.HindsightEncoder
- pyhindsight.analysis.HindsightEncoder.base_encoder
- pyhindsight.browsers.brave.Brave
- pyhindsight.browsers.chrome.CacheEntry
- pyhindsight.browsers.chrome.Chrome
- pyhindsight.browsers.chrome.Chrome.__init__
- pyhindsight.browsers.chrome.Chrome.AutofillItem
- pyhindsight.browsers.chrome.Chrome.BookmarkFolderItem
- pyhindsight.browsers.chrome.Chrome.BookmarkItem
- pyhindsight.browsers.webbrowser.WebBrowser
- pyhindsight.plugins.__all__
- pyhindsight.utils.format_meta_output
- pyhindsight.utils.format_plugin_output
- pyhindsight.utils.friendly_date
- pyhindsight.utils.to_datetime