August 21, 2017, 08:38:53 PM
Welcome, Guest. Please login or register.

telnet towel.blinkenlights.nl

Author Topic: a little forensic tool - entropy  (Read 625 times)

Offline kinchan

  • Experienced
  • ***
  • Posts: 182
  • Internets: +17/-0
  • Love My Pi and my N900
a little forensic tool - entropy
« on: May 14, 2017, 02:33:46 PM »
Hi guys,

This tool give the entropy of a file or a disk, and show an histogram. Usefull for raw file analysis and encrypted container discovering.


Code: [Select]
Usage: entropy [options] [args]

-h, Print this help
-v, Print version and exit
-i, Enable interactive mode
-F, Select a file
-D, Select a disk
-B, Choose the number of bloc to skip (512K * blocs)
If not selected, set auto mode.

example:

entropy -F /full/path/to/file -B 12
entropy -D /path/to/disk
entropy -i



Depends: bash, python2.7, python-matplotlib, python-numpy

Link : http://kinproject.no-ip.org/entropy-cli-0.2.deb

Tested and working on debian / Kali. But surely OK on many OS.
« Last Edit: May 14, 2017, 11:51:41 PM by kinchan »
"Give a man a fish and you feed him for a day. Teach a man to fish and you feed him for a lifetime."
##### Current project >> otto-gui ##### website #####

Offline Amonsec

  • Top Hat Member
  • Prospect
  • ********
  • Posts: 48
  • Internets: +36/-0
  • 1336 working to become 1337
Re: a little forensic tool - entropy
« Reply #1 on: May 14, 2017, 03:30:24 PM »
Ouuuh nice one, thanks for the share.
"A computer is only as good as it's user" - R4V3N
OSCP (2017)