1. Advisor
  2. turbinia
  3. functions
  4. turbinia.lib.text_formatter.heading4
View all turbinia analysis

How to use the turbinia.lib.text_formatter.heading4 function in turbinia

To help you get started, we’ve selected a few turbinia examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github google / turbinia / turbinia / workers / analysis / wordpress.py View on Github external
self._get_timestamp(log_line))
        report.append(fmt.bullet(line))
        findings_summary.add('install')

      match = self.theme_editor_regex.search(log_line)
      if match:
        line = '{0:s}: Wordpress theme editor edited file ({1:s})'.format(
            self._get_timestamp(log_line), match.group('edited_file'))
        report.append(fmt.bullet(line))
        findings_summary.add('theme_edit')

    if report:
      findings_summary = ', '.join(sorted(list(findings_summary)))
      summary = 'Wordpress access logs found ({0:s})'.format(findings_summary)

      report.insert(0, fmt.heading4(fmt.bold(summary)))
      report_text = '\n'.join(report)
      return (report_text, Priority.HIGH, summary)

    report_text = 'No Wordpress install or theme editing found in access logs'
    return (fmt.heading4(report_text), Priority.LOW, report_text)
github google / turbinia / turbinia / workers / analysis / jenkins.py View on Github external
if weak_passwords:
      priority = Priority.CRITICAL
      summary = 'Jenkins analysis found potential issues'
      report.insert(0, fmt.heading4(fmt.bold(summary)))
      line = '{0:n} weak password(s) found:'.format(len(weak_passwords))
      report.append(fmt.bullet(fmt.bold(line)))
      for password_hash, plaintext in weak_passwords:
        line = 'User "{0:s}" with password "{1:s}"'.format(
            credentials_registry.get(password_hash), plaintext)
        report.append(fmt.bullet(line, level=2))
    elif credentials_registry or version != 'Unknown':
      summary = (
          'Jenkins version {0:s} found with {1:d} credentials, but no issues '
          'detected'.format(version, len(credentials_registry)))
      report.insert(0, fmt.heading4(summary))
      priority = Priority.MEDIUM
    else:
      summary = 'No Jenkins instance found'
      report.insert(0, fmt.heading4(summary))

    report = '\n'.join(report)
    return (report, priority, summary)
github google / turbinia / turbinia / workers / hadoop.py View on Github external
command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
      strings_output, _ = proc.communicate()
      strings_output = codecs.decode(strings_output, 'utf-8')
      for line in strings_output.splitlines():
        strings_count += 1
        if (line.find('curl') >= 0) or (line.find('wget') >= 0):
          evil_commands.append((relpath, line))

    if evil_commands:
      msg = 'Found suspicious commands!'
      report.append(fmt.heading4(fmt.bold(msg)))
      summary = msg
      priority = Priority.CRITICAL
    else:
      msg = 'Did not find any suspicious commands.'
      report.append(fmt.heading4(msg))
      summary = msg

    for filepath, command in evil_commands:
      report.append(fmt.bullet(fmt.bold('Command:')))
      report.append(fmt.code(command))
      report.append('Found in file:')
      report.append(fmt.code(filepath))

    msg = 'Extracted {0:d} strings from {1:d} file(s)'.format(
        strings_count, len(collected_artifacts))
    report.append(fmt.bullet(msg))

    return (report, priority, summary)

turbinia

Automation and Scaling of Digital Forensics Tools

GitHub
Apache-2.0
Latest version published 15 days ago

Package Health Score

84 / 100
Full package analysis

Popular turbinia functions

Similar packages