yolothreat / utilitybelt

A Python library for being a CND Batman....
MIT License
35 stars 12 forks source link

VT API additions #53

Closed krmaxwell closed 9 years ago

krmaxwell commented 9 years ago
krmaxwell commented 9 years ago

Hrm, we might actually have an issue with re_ssdeep because I grabbed the test case directly from http://ssdeep.sourceforge.net/usage.html

krmaxwell commented 9 years ago

Derp, no. I found the problem with the test.

sroberts commented 9 years ago

Figured it out?

krmaxwell commented 9 years ago

Yes, re_ssdeep is fine (I had forgotten to include the block size in the string passed to is_hash(). Testing will take longer now because we wait 15 seconds after each test that calls the VirusTotal API (since there's a limit on calls to the public API). However, we also have a test to check for that rate limiting.

Are you happy with the design of is_hash(), where it just returns True if the string matches any of the hash regexes? I feel like a user can always just use the specific regex if they want to test for a particular type.

krmaxwell commented 9 years ago

Any :+1: / :-1: on this?

sroberts commented 9 years ago

This looks killer.