workbench.clients package

Submodules

workbench.clients.client_helper module

This encapsulates some boilerplate workbench client code.

workbench.clients.client_helper.grab_server_args()[source]

Grab server info from configuration file

workbench.clients.customer_report module

This client generates customer reports on all the samples in workbench.

workbench.clients.customer_report.run()[source]

This client generates customer reports on all the samples in workbench.

workbench.clients.customer_report.test()[source]

Executes test for customer_report.

workbench.clients.help_client module

This client calls a bunch of help commands from workbench

workbench.clients.help_client.run()[source]

This client calls a bunch of help commands from workbench

workbench.clients.help_client.test()[source]

help_client test

workbench.clients.log_meta_stream module

This client gets metadata about log files.

workbench.clients.log_meta_stream.run()[source]

This client gets metadata about log files.

workbench.clients.log_meta_stream.test()[source]

Executes log_meta_stream test.

workbench.clients.pcap_bro_indexer module

This client pushes PCAPs -> Bro -> ELS Indexer.

workbench.clients.pcap_bro_indexer.run()[source]

This client pushes PCAPs -> Bro -> ELS Indexer.

workbench.clients.pcap_bro_indexer.test()[source]

Executes pcap_bro_indexer test.

workbench.clients.pcap_bro_raw module

This client gets the raw bro logs from PCAP files.

workbench.clients.pcap_bro_raw.run()[source]

This client gets the raw bro logs from PCAP files.

workbench.clients.pcap_bro_raw.test()[source]

Executes pcap_bro_raw test.

workbench.clients.pcap_bro_urls module

This client gets extracts URLs from PCAP files (via Bro logs).

workbench.clients.pcap_bro_urls.run()[source]

This client gets extracts URLs from PCAP files (via Bro logs).

workbench.clients.pcap_bro_urls.test()[source]

Exexutes pcap_bro_urls test.

workbench.clients.pcap_bro_view module

This client pulls PCAP ‘views’ (view summarize what’s in a sample).

workbench.clients.pcap_bro_view.run()[source]

This client pulls PCAP ‘views’ (view summarize what’s in a sample).

workbench.clients.pcap_bro_view.test()[source]

pcap_bro_view test

workbench.clients.pcap_meta module

This client pulls PCAP meta data.

workbench.clients.pcap_meta.run()[source]

This client pulls PCAP meta data.

workbench.clients.pcap_meta.test()[source]

Executes pcap_meta test.

workbench.clients.pcap_meta_indexer module

This client pushes PCAPs -> MetaDaa -> ELS Indexer.

workbench.clients.pcap_meta_indexer.run()[source]

This client pushes PCAPs -> MetaDaa -> ELS Indexer.

workbench.clients.pcap_meta_indexer.test()[source]

Executes pcap_meta_indexer test.

workbench.clients.pcap_report module

workbench.clients.pe_indexer module

This client pushes PE Files -> ELS Indexer.

workbench.clients.pe_indexer.run()[source]

This client pushes PE Files -> ELS Indexer.

workbench.clients.pe_indexer.test()[source]

Executes pe_strings_indexer test.

workbench.clients.pe_peid module

This client looks for PEid signatures in PE Files.

workbench.clients.pe_peid.run()[source]

This client looks for PEid signatures in PE Files.

workbench.clients.pe_peid.test()[source]

Executes pe_peid test.

workbench.clients.pe_sim_graph module

This client generates a similarity graph from features in PE Files.

workbench.clients.pe_sim_graph.add_it(workbench, file_list, labels)[source]

Add the given file_list to workbench as samples, also add them as nodes.

Parameters:
  • workbench – Instance of Workbench Client.
  • file_list – list of files.
  • labels – labels for the nodes.
Returns:

A list of md5s.

workbench.clients.pe_sim_graph.jaccard_sims(feature_list)[source]

Compute Jaccard similarities between all the observations in the feature list.

Parameters:feature_list – a list of dictionaries, each having structure as { ‘md5’ : String, ‘features’: list of Strings }
Returns:list of dictionaries with structure as {‘source’: md5 String, ‘target’: md5 String, ‘sim’: Jaccard similarity Number}
workbench.clients.pe_sim_graph.jaccard_sim(features1, features2)[source]

Compute similarity between two sets using Jaccard similarity.

Parameters:
  • features1 – list of PE Symbols.
  • features2 – list of PE Symbols.
Returns:

Returns an int.

workbench.clients.pe_sim_graph.run()[source]

This client generates a similarity graph from features in PE Files.

workbench.clients.short_md5s module

This client tests workbench support for short md5s

workbench.clients.short_md5s.run()[source]

This client tests workbench support for short md5s

workbench.clients.upload_dir module

This client pushes a big directory of different files into Workbench.

workbench.clients.upload_dir.all_files_in_directory(path)[source]

Recursively ist all files under a directory

workbench.clients.upload_dir.run()[source]

This client pushes a big directory of different files into Workbench.

workbench.clients.upload_dir.test()[source]

Executes file_upload test.

workbench.clients.upload_file module

This client pushes a file into Workbench.

workbench.clients.upload_file.run()[source]

This client pushes a file into Workbench.

workbench.clients.upload_file.test()[source]

Executes file_upload test.

workbench.clients.upload_file_chunks module

This client pushes a file into Workbench.

workbench.clients.upload_file_chunks.chunks(data, chunk_size)[source]

Yield chunk_size chunks from data.

workbench.clients.upload_file_chunks.run()[source]

This client pushes a file into Workbench.

workbench.clients.upload_file_chunks.test()[source]

Executes file_upload test.

workbench.clients.zip_file_extraction module

This client shows workbench extacting files from a zip file.

workbench.clients.zip_file_extraction.run()[source]

This client shows workbench extacting files from a zip file.

workbench.clients.zip_file_extraction.test()[source]

Executes simple_client_helper test.

Module contents

Workbench Clients