Closed marcurdy closed 7 years ago
Thanks for bringing this up.
Is this for hosts? Or for files? I don't recall hosts having any type of hash. hostintel should fail on any type of hash. I think you might want to file this under the fileintel tool I wrote? Fileintel only supports MD5 and SHA hashes at the moment. I don't know the answer if I can add support or not to fileintel. Can you provide some samples or something for me to work towards? If so, you can file an issue on fileintel with what the functionality should look like. I will also happily look at pull requests. Since this is not functionality I personally need soon and I'm kind of swamped, this is something that might not get done quickly.
https://github.com/keithjjones/fileintel/ is the other tool.
Yes, fileintel. Outside of just mda5 and sha, I don't see much love out there in general, but it's a vast world.
I work with a friend of yours I believe. Josh Dalman.
Cheers.
On Thu, Oct 20, 2016 at 1:13 PM, keithjjones notifications@github.com wrote:
Thanks for bringing this up.
Is this for hosts? Or for files? I don't recall hosts having any type of hash. hostintel should fail on any type of hash. I think you might want to file this under the fileintel tool I wrote? Fileintel only supports MD5 and SHA hashes at the moment. I don't know the answer if I can add support or not to fileintel. Can you provide some samples or something for me to work towards? If so, you can file an issue on fileintel with what the functionality should look like. I will also happily look at pull requests. Since this is not functionality I personally need soon and I'm kind of swamped, this is something that might not get done quickly.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/keithjjones/hostintel/issues/6#issuecomment-255184573, or mute the thread https://github.com/notifications/unsubscribe-auth/AFfdRPvh6qrPz5niL0L_hXgQuMLwr-FUks5q1687gaJpZM4KcYFE .
Ok, if you want a feature added to fileintel, please put it on that project's issues. I'm going to close this issue since it doesn't apply to hostintel. Check out my suggestion above about how to help get this into fileintel if you would like to see that functionality.
Yes, Josh and I go way back!
Can you add support for ssdeep and imphashes? VT specifically i've tried.