Open aaronatp opened 6 months ago
aaronatp
commented
6 months ago Hey @VascoSch92 looks like most of these tests are passing but GitHub is saying it's missing a code license agreement from you - do you think you could check about that? Would love to commit this code together :)
VascoSch92
commented
6 months ago Hey @VascoSch92 looks like most of these tests are passing but GitHub is saying it's missing a code license agreement from you - do you think you could check about that? Would love to commit this code together :)
Done!
Let me know if there are still problems ;)
You should probably trigger the cla/google tests. I can not do that
This PR partially resolves #1907. It extracts web domains and IP addresses, and implements rendering functions and tests.
These changes likely don't require updates to the documentation, but if some users want to, they should be able to repurpose many of the extraction functions fairly easily.
In (-d) mode, this pull request extracts web domains and IP addresses from files and sandbox traces and presents them to the user. In (-v) and (-vv) modes, this pull request also tells the user how many times each web domain and IP address occur, and tries to identify a WinAPI networking function acting on a web domain and IP address for every time they occur. (-v) and (-vv) modes are currently the same.
This PR also implements tests for the part of the code that checks valid web domains, valid IP addresses, and potential WinAPI networking functions.
Example output:
Default (-d) output
Default (-d) output when there are no domains found
Verbose (-v) output
Very verbose (-vv) output
Checklist