Index

_

__del__() (workbench.workers.mem_procdump.MemoryImageProcDump method) (workbench.workers.pcap_bro.PcapBro method) (workbench.workers.pcap_graph.PcapGraph method) (workbench.workers.pcap_http_graph.PcapHTTPGraph method) (workbench.workers.pe_deep_sim.PEDeepSim method) (workbench.workers.unzip.Unzip method) (workbench.workers.view.View method) (workbench.workers.view_pcap.ViewPcap method) (workbench.workers.view_pcap_details.ViewPcapDetails method) (workbench.workers.view_zip.ViewZip method)

A

add_it() (in module workbench.clients.pe_sim_graph) add_node() (workbench.server.neo_db.NeoDB method) (workbench.server.neo_db.NeoDBStub method) (workbench.server.workbench.WorkBench method) (workbench.workers.pcap_graph.PcapGraph method) (workbench.workers.pcap_http_graph.PcapHTTPGraph method)

add_rel() (workbench.server.neo_db.NeoDB method) (workbench.server.neo_db.NeoDBStub method) (workbench.server.workbench.WorkBench method) (workbench.workers.pcap_graph.PcapGraph method) (workbench.workers.pcap_http_graph.PcapHTTPGraph method) all_sample_md5s() (workbench.server.data_store.DataStore method)

B

batch_work_request (workbench.server.workbench.WorkBench attribute)

BroLogReader (class in workbench.server.bro.bro_log_reader)

C

check_anti_debug_imports() (workbench.workers.pe_indicators.PEIndicators method) check_checksum_is_zero() (workbench.workers.pe_indicators.PEIndicators method) check_checksum_mismatch() (workbench.workers.pe_indicators.PEIndicators method) check_com_service_imports() (workbench.workers.pe_indicators.PEIndicators method) check_communication_imports() (workbench.workers.pe_indicators.PEIndicators method) check_corrupted_imports() (workbench.workers.pe_indicators.PEIndicators method) check_crypto_imports() (workbench.workers.pe_indicators.PEIndicators method) check_dll_with_no_exports() (workbench.workers.pe_indicators.PEIndicators method) check_elevating_privs_imports() (workbench.workers.pe_indicators.PEIndicators method) check_empty_section_name() (workbench.workers.pe_indicators.PEIndicators method) check_exports() (workbench.workers.pe_indicators.PEIndicators method) check_image_size_incorrect() (workbench.workers.pe_indicators.PEIndicators method) check_invalid_entry_point() (workbench.workers.pe_indicators.PEIndicators method) check_keylogging_imports() (workbench.workers.pe_indicators.PEIndicators method) check_nonstandard_section_name() (workbench.workers.pe_indicators.PEIndicators method) check_overlapping_headers() (workbench.workers.pe_indicators.PEIndicators method)

check_process_manipulation() (workbench.workers.pe_indicators.PEIndicators method) check_process_spawn() (workbench.workers.pe_indicators.PEIndicators method) check_section_oversized() (workbench.workers.pe_indicators.PEIndicators method) check_section_unaligned() (workbench.workers.pe_indicators.PEIndicators method) check_stealth_load() (workbench.workers.pe_indicators.PEIndicators method) check_system_integrity_imports() (workbench.workers.pe_indicators.PEIndicators method) check_system_probe_imports() (workbench.workers.pe_indicators.PEIndicators method) check_system_state_imports() (workbench.workers.pe_indicators.PEIndicators method) clean_for_serialization() (workbench.server.data_store.DataStore method) clean_for_storage() (workbench.server.data_store.DataStore method) clear_db() (workbench.server.data_store.DataStore method) (workbench.server.neo_db.NeoDB method) (workbench.server.neo_db.NeoDBStub method) (workbench.server.workbench.WorkBench method) clear_graph_db() (workbench.server.workbench.WorkBench method) conn_log_graph() (workbench.workers.pcap_graph.PcapGraph method) convert_to_ascii_null_term() (in module workbench.workers.pe_features) (in module workbench.workers.pe_indicators) convert_to_utf8() (in module workbench.workers.pe_features)

D

data_to_unicode() (workbench.server.data_store.DataStore method) DataStore (class in workbench.server.data_store)

dependencies (workbench.workers.json_meta.JSONMetaData attribute) (workbench.workers.log_meta.LogMetaData attribute) (workbench.workers.mem_base.MemoryImageBase attribute) (workbench.workers.mem_connscan.MemoryImageConnScan attribute) (workbench.workers.mem_dlllist.MemoryImageDllList attribute) (workbench.workers.mem_meta.MemoryImageMeta attribute) (workbench.workers.mem_procdump.MemoryImageProcDump attribute) (workbench.workers.mem_pslist.MemoryImagePSList attribute) (workbench.workers.meta.MetaData attribute) (workbench.workers.meta_deep.MetaDeepData attribute) (workbench.workers.pcap_bro.PcapBro attribute) (workbench.workers.pcap_graph.PcapGraph attribute) (workbench.workers.pcap_http_graph.PcapHTTPGraph attribute) (workbench.workers.pe_classifier.PEFileClassify attribute) (workbench.workers.pe_deep_sim.PEDeepSim attribute) (workbench.workers.pe_features.PEFileWorker attribute) (workbench.workers.pe_indicators.PEIndicators attribute) (workbench.workers.pe_peid.PEIDWorker attribute) (workbench.workers.strings.Strings attribute) (workbench.workers.swf_meta.SWFMeta attribute) (workbench.workers.unzip.Unzip attribute) (workbench.workers.url.URLS attribute) (workbench.workers.view.View attribute) (workbench.workers.view_customer.ViewCustomer attribute) (workbench.workers.view_log_meta.ViewLogMeta attribute) (workbench.workers.view_memory.ViewMemory attribute) (workbench.workers.view_meta.ViewMetaData attribute) (workbench.workers.view_pcap.ViewPcap attribute) (workbench.workers.view_pcap_details.ViewPcapDetails attribute) (workbench.workers.view_pdf.ViewPDFFile attribute) (workbench.workers.view_pe.ViewPEFile attribute) (workbench.workers.view_zip.ViewZip attribute) (workbench.workers.vt_query.VTQuery attribute) (workbench.workers.yara_sigs.YaraSigs attribute) dns_log_graph() (workbench.workers.pcap_graph.PcapGraph method)

E

ELSIndexer (class in workbench.server.els_indexer) ELSStubIndexer (class in workbench.server.els_indexer) execute() (workbench.workers.json_meta.JSONMetaData method) (workbench.workers.log_meta.LogMetaData method) (workbench.workers.mem_base.MemoryImageBase method) (workbench.workers.mem_connscan.MemoryImageConnScan method) (workbench.workers.mem_dlllist.MemoryImageDllList method) (workbench.workers.mem_meta.MemoryImageMeta method) (workbench.workers.mem_procdump.MemoryImageProcDump method) (workbench.workers.mem_pslist.MemoryImagePSList method) (workbench.workers.meta.MetaData method) (workbench.workers.meta_deep.MetaDeepData method) (workbench.workers.pcap_bro.PcapBro method) (workbench.workers.pcap_graph.PcapGraph method) (workbench.workers.pcap_http_graph.PcapHTTPGraph method) (workbench.workers.pe_classifier.PEFileClassify method) (workbench.workers.pe_deep_sim.PEDeepSim method) (workbench.workers.pe_features.PEFileWorker method) (workbench.workers.pe_indicators.PEIndicators method) (workbench.workers.pe_peid.PEIDWorker method) (workbench.workers.strings.Strings method) (workbench.workers.swf_meta.SWFMeta method) (workbench.workers.unzip.Unzip method) (workbench.workers.url.URLS method) (workbench.workers.view.View method) (workbench.workers.view_customer.ViewCustomer method) (workbench.workers.view_log_meta.ViewLogMeta method) (workbench.workers.view_memory.ViewMemory method) (workbench.workers.view_meta.ViewMetaData method) (workbench.workers.view_pcap.ViewPcap method) (workbench.workers.view_pcap_details.ViewPcapDetails method) (workbench.workers.view_pdf.ViewPDFFile method) (workbench.workers.view_pe.ViewPEFile method) (workbench.workers.view_zip.ViewZip method) (workbench.workers.vt_query.VTQuery method) (workbench.workers.yara_sigs.YaraSigs method)

expire_data() (workbench.server.data_store.DataStore method) extract_features_using_pefile() (workbench.workers.pe_features.PEFileWorker method)

F

files_log_graph() (workbench.workers.pcap_graph.PcapGraph method) (workbench.workers.pcap_http_graph.PcapHTTPGraph method)

G

get_bro_script_path() (workbench.workers.pcap_bro.PcapBro method) get_datastore_uri() (workbench.server.workbench.WorkBench method) get_dense_features() (workbench.workers.pe_features.PEFileWorker method) get_renderer() (workbench.workers.rekall_adapter.rekall_adapter.RekallAdapter method) get_sample() (workbench.server.data_store.DataStore method) (workbench.server.workbench.WorkBench method) get_sample_set() (workbench.server.workbench.WorkBench method) get_sample_window() (workbench.server.data_store.DataStore method) (workbench.server.workbench.WorkBench method) get_session() (workbench.workers.rekall_adapter.rekall_adapter.MemSession method) (workbench.workers.rekall_adapter.rekall_adapter.RekallAdapter method)

get_sparse_features() (workbench.workers.pe_features.PEFileWorker method) get_uri() (workbench.server.data_store.DataStore method) get_work_results() (workbench.server.data_store.DataStore method) get_yara_rules() (workbench.workers.yara_sigs.YaraSigs method) grab_server_args() (in module workbench.clients.workbench_client) gsleep() (in module workbench.workers.rekall_adapter.rekall_adapter) guess_type_tag() (workbench.server.workbench.WorkBench method)

H

has_node() (workbench.server.neo_db.NeoDB method) (workbench.server.neo_db.NeoDBStub method) (workbench.server.workbench.WorkBench method) has_sample() (workbench.server.data_store.DataStore method) (workbench.server.workbench.WorkBench method) help() (workbench.server.workbench.WorkBench method) help_advanced() (workbench.server.workbench.WorkBench method) help_basic() (workbench.server.workbench.WorkBench method) help_command() (workbench.server.workbench.WorkBench method)

help_commands() (workbench.server.workbench.WorkBench method) help_everything() (workbench.server.workbench.WorkBench method) help_worker() (workbench.server.workbench.WorkBench method) help_workers() (workbench.server.workbench.WorkBench method) http_log_graph() (workbench.workers.pcap_graph.PcapGraph method) (workbench.workers.pcap_http_graph.PcapHTTPGraph method)

I

index_data() (workbench.server.els_indexer.ELSIndexer method) (workbench.server.els_indexer.ELSStubIndexer method) index_sample() (workbench.server.workbench.WorkBench method)

index_worker_output() (workbench.server.workbench.WorkBench method)

J

jaccard_sim() (in module workbench.clients.pe_sim_graph) jaccard_sims() (in module workbench.clients.pe_sim_graph)

JSONMetaData (class in workbench.workers.json_meta)

L

list_all_commands() (workbench.server.workbench.WorkBench method) list_all_workers() (workbench.server.workbench.WorkBench method)

list_samples() (workbench.server.data_store.DataStore method) (workbench.server.workbench.WorkBench method) LogMetaData (class in workbench.workers.log_meta)

M

make_temp_directory() (workbench.workers.mem_procdump.MemoryImageProcDump method) (workbench.workers.pcap_bro.PcapBro method) MemoryImageBase (class in workbench.workers.mem_base) MemoryImageConnScan (class in workbench.workers.mem_connscan) MemoryImageDllList (class in workbench.workers.mem_dlllist) MemoryImageMeta (class in workbench.workers.mem_meta)

MemoryImageProcDump (class in workbench.workers.mem_procdump) MemoryImagePSList (class in workbench.workers.mem_pslist) MemSession (class in workbench.workers.rekall_adapter.rekall_adapter) MetaData (class in workbench.workers.meta) MetaDeepData (class in workbench.workers.meta_deep)

N

NeoDB (class in workbench.server.neo_db)

NeoDBStub (class in workbench.server.neo_db)

O

open_using_pefile() (workbench.workers.pe_features.PEFileWorker static method)

P

PcapBro (class in workbench.workers.pcap_bro) PcapGraph (class in workbench.workers.pcap_graph) PcapHTTPGraph (class in workbench.workers.pcap_http_graph) PEDeepSim (class in workbench.workers.pe_deep_sim) PEFileClassify (class in workbench.workers.pe_classifier)

PEFileWorker (class in workbench.workers.pe_features) peid_features() (workbench.workers.pe_peid.PEIDWorker method) PEIDWorker (class in workbench.workers.pe_peid) PEIndicators (class in workbench.workers.pe_indicators) periodic_ops() (workbench.server.data_store.DataStore method)

R

read_log() (workbench.server.bro.bro_log_reader.BroLogReader method) RekallAdapter (class in workbench.workers.rekall_adapter.rekall_adapter)

run() (in module workbench.clients.customer_report) (in module workbench.clients.help_client) (in module workbench.clients.log_meta_stream) (in module workbench.clients.pcap_bro_indexer) (in module workbench.clients.pcap_bro_raw) (in module workbench.clients.pcap_bro_urls) (in module workbench.clients.pcap_bro_view) (in module workbench.clients.pcap_meta) (in module workbench.clients.pcap_meta_indexer) (in module workbench.clients.pe_indexer) (in module workbench.clients.pe_peid) (in module workbench.clients.pe_sim_graph) (in module workbench.clients.upload_dir) (in module workbench.clients.upload_file) (in module workbench.clients.zip_file_extraction) (in module workbench.server.workbench)

S

safe_get() (workbench.workers.view_pe.ViewPEFile static method) safe_key() (workbench.workers.mem_dlllist.MemoryImageDllList static method) sample_storage_size() (workbench.server.data_store.DataStore method) search() (workbench.server.els_indexer.ELSIndexer method) (workbench.server.els_indexer.ELSStubIndexer method) (workbench.server.workbench.WorkBench method) set_dense_features() (workbench.workers.pe_features.PEFileWorker method) set_plugin_name() (workbench.workers.mem_base.MemoryImageBase method) set_sparse_features() (workbench.workers.pe_features.PEFileWorker method) setup_pcap_inputs() (workbench.workers.pcap_bro.PcapBro method)

store_sample() (workbench.server.data_store.DataStore method) (workbench.server.workbench.WorkBench method) store_sample_set() (workbench.server.workbench.WorkBench method) store_work_results() (workbench.server.data_store.DataStore method) stream_sample (workbench.server.workbench.WorkBench attribute) stream_sample_set (workbench.server.workbench.WorkBench attribute) Strings (class in workbench.workers.strings) subprocess_manager() (workbench.workers.pcap_bro.PcapBro method) SWFMeta (class in workbench.workers.swf_meta)

T

test() (in module workbench.clients.customer_report) (in module workbench.clients.help_client) (in module workbench.clients.log_meta_stream) (in module workbench.clients.pcap_bro_indexer) (in module workbench.clients.pcap_bro_raw) (in module workbench.clients.pcap_bro_urls) (in module workbench.clients.pcap_bro_view) (in module workbench.clients.pcap_meta) (in module workbench.clients.pcap_meta_indexer) (in module workbench.clients.pe_indexer) (in module workbench.clients.pe_peid) (in module workbench.clients.upload_dir) (in module workbench.clients.upload_file) (in module workbench.clients.zip_file_extraction) (in module workbench.server.plugin_manager) (in module workbench.server.workbench) (in module workbench.workers.json_meta) (in module workbench.workers.log_meta) (in module workbench.workers.mem_base) (in module workbench.workers.meta) (in module workbench.workers.meta_deep) (in module workbench.workers.pcap_bro) (in module workbench.workers.pcap_graph) (in module workbench.workers.pcap_http_graph) (in module workbench.workers.pe_classifier) (in module workbench.workers.pe_deep_sim) (in module workbench.workers.pe_features) (in module workbench.workers.pe_indicators) (in module workbench.workers.pe_peid) (in module workbench.workers.rekall_adapter.rekall_adapter) (in module workbench.workers.strings) (in module workbench.workers.swf_meta) (in module workbench.workers.unzip) (in module workbench.workers.url) (in module workbench.workers.view) (in module workbench.workers.view_customer) (in module workbench.workers.view_log_meta) (in module workbench.workers.view_memory) (in module workbench.workers.view_meta) (in module workbench.workers.view_pcap) (in module workbench.workers.view_pcap_details) (in module workbench.workers.view_pdf) (in module workbench.workers.view_pe) (in module workbench.workers.view_zip) (in module workbench.workers.vt_query) (in module workbench.workers.yara_sigs) test_worker() (workbench.server.workbench.WorkBench method)

to_unicode() (workbench.server.data_store.DataStore method)

U

Unzip (class in workbench.workers.unzip)

URLS (class in workbench.workers.url)

V

View (class in workbench.workers.view) ViewCustomer (class in workbench.workers.view_customer) ViewLogMeta (class in workbench.workers.view_log_meta) ViewMemory (class in workbench.workers.view_memory) ViewMetaData (class in workbench.workers.view_meta) ViewPcap (class in workbench.workers.view_pcap)

ViewPcapDetails (class in workbench.workers.view_pcap_details) ViewPDFFile (class in workbench.workers.view_pdf) ViewPEFile (class in workbench.workers.view_pe) ViewZip (class in workbench.workers.view_zip) VTQuery (class in workbench.workers.vt_query)

W

weird_log_graph() (workbench.workers.pcap_graph.PcapGraph method) (workbench.workers.pcap_http_graph.PcapHTTPGraph method) work_request() (workbench.server.workbench.WorkBench method) WorkBench (class in workbench.server.workbench) workbench (module) workbench.clients (module) workbench.clients.customer_report (module) workbench.clients.help_client (module) workbench.clients.log_meta_stream (module) workbench.clients.pcap_bro_indexer (module) workbench.clients.pcap_bro_raw (module) workbench.clients.pcap_bro_urls (module) workbench.clients.pcap_bro_view (module) workbench.clients.pcap_meta (module) workbench.clients.pcap_meta_indexer (module) workbench.clients.pe_indexer (module) workbench.clients.pe_peid (module) workbench.clients.pe_sim_graph (module) workbench.clients.upload_dir (module) workbench.clients.upload_file (module) workbench.clients.workbench_client (module) workbench.clients.zip_file_extraction (module) workbench.server (module) workbench.server.bro (module) workbench.server.bro.bro_log_reader (module) workbench.server.data_store (module) workbench.server.els_indexer (module) workbench.server.neo_db (module) workbench.server.plugin_manager (module) workbench.server.workbench (module) workbench.workers (module) workbench.workers.json_meta (module) workbench.workers.log_meta (module) workbench.workers.mem_base (module) workbench.workers.mem_connscan (module)

workbench.workers.mem_dlllist (module) workbench.workers.mem_meta (module) workbench.workers.mem_procdump (module) workbench.workers.mem_pslist (module) workbench.workers.meta (module) workbench.workers.meta_deep (module) workbench.workers.pcap_bro (module) workbench.workers.pcap_graph (module) workbench.workers.pcap_http_graph (module) workbench.workers.pe_classifier (module) workbench.workers.pe_deep_sim (module) workbench.workers.pe_features (module) workbench.workers.pe_indicators (module) workbench.workers.pe_peid (module) workbench.workers.rekall_adapter (module) workbench.workers.rekall_adapter.rekall_adapter (module) workbench.workers.strings (module) workbench.workers.swf_meta (module) workbench.workers.unzip (module) workbench.workers.url (module) workbench.workers.view (module) workbench.workers.view_customer (module) workbench.workers.view_log_meta (module) workbench.workers.view_memory (module) workbench.workers.view_meta (module) workbench.workers.view_pcap (module) workbench.workers.view_pcap_details (module) workbench.workers.view_pdf (module) workbench.workers.view_pe (module) workbench.workers.view_zip (module) workbench.workers.vt_query (module) workbench.workers.yara_sigs (module) worker_info() (workbench.server.workbench.WorkBench method)

Y

YaraSigs (class in workbench.workers.yara_sigs)