Crate threatflux_string_analysis

Expand description

§ThreatFlux String Analysis

A comprehensive string analysis library for security applications, providing advanced categorization, entropy analysis, and pattern detection capabilities.

§Features

String Tracking: Track string occurrences across multiple files with context
Automatic Categorization: Identify URLs, paths, commands, registry keys, etc.
Entropy Analysis: Detect potentially encoded or encrypted strings
Suspicious Pattern Detection: Built-in patterns for malware and threat indicators
Statistical Analysis: Generate insights about string distributions and relationships
Extensible Architecture: Add custom patterns and categorization rules

§Quick Start

use threatflux_string_analysis::{StringTracker, StringContext};

let tracker = StringTracker::new();

// Track a string
tracker.track_string(
    "http://suspicious.com/malware.exe",
    "/path/to/file.bin",
    "file_hash_123",
    "my_scanner",
    StringContext::FileString { offset: Some(1024) }
)?;

// Get statistics
let stats = tracker.get_statistics(None);
println!("Suspicious strings found: {}", stats.suspicious_strings.len());

Structs§

AnalysisConfig: Configuration for the string analysis system
CategoryRule: Rule for categorizing strings
DefaultCategorizer: Default categorizer implementation
DefaultPatternProvider: Default pattern provider with built-in security patterns
DefaultStringAnalyzer: Default implementation of StringAnalyzer
Pattern: Represents a pattern used for string matching and categorization
PatternDef: Serializable pattern definition
StringAnalysis: Result of analyzing a string
StringCategory: Represents a category that strings can belong to
StringEntry: Complete information about a tracked string
StringFilter: Filter criteria for string queries
StringOccurrence: Record of a single string occurrence
StringStatistics: Statistics about tracked strings
StringTracker: Main string tracking system
SuspiciousIndicator: Represents a suspicious indicator found in a string

Enums§

StringContext: Context in which a string was found

Constants§

VERSION: Library version string

Traits§

Categorizer: Trait for categorizing strings
PatternProvider: Trait for providing patterns
StringAnalyzer: Trait for analyzing strings

Type Aliases§

AnalysisResult: Result type for string analysis operations
StringMetadata: Metadata that can be attached to strings

Crate threatflux_string_analysisCopy item path

§ThreatFlux String Analysis

§Features

§Quick Start

Structs§

Enums§

Constants§

Traits§

Type Aliases§

Crate threatflux_string_analysis