kp-ssf-tools


Namekp-ssf-tools JSON
Version 0.2.0 PyPI version JSON
download
home_pageNone
SummarySSF Tools - Forensic Analysis Toolkit for cybersecurity professionals
upload_time2025-09-05 20:28:39
maintainerNone
docs_urlNone
authorNone
requires_python>=3.13
licenseNone
keywords forensics cybersecurity volatility memory-analysis
VCS
bugtrack_url
requirements No requirements were recorded.
Travis-CI No Travis.
coveralls test coverage No coveralls. 
            # SSF Tools - Forensic Analysis Toolkit

A forensic analysis toolkit for cybersecurity professionals performing PCI Secure Software Framework assessments and general forensic analysis.

Full documentation on [ReadtheDocs]

## Features

- **Volatility Integration**: Automated memory analysis workflows using Volatility 3
- **Rich CLI Interface**: Beautiful, user-friendly command-line interface with colored output
- **Intelligent Process Matching**: Handles process name truncation and partial extension matching
- **File Collision Management**: Smart handling of existing files with user-controlled resolution
- **Cross-Platform Support**: Works on Windows, macOS, and Linux

## Installation

### Prerequisites

1. **Python 3.13+** - Required for the SSF Tools CLI
2. **Volatility 3** - Required for memory analysis (installed automatically)
3. **Detect Secrets** -- Required for credential detection (installed automatically)

### Install SSF Tools
These instructions assume you'll use [PyPI's PIPX](https://pipx.pypa.io/latest/installation/) to manage the behind-the-scenese Python virtual environment.

**On Windows**
```powershell
# Install PIPX (recommended)
py -m pip install --user pipx
pipx ensurepath

# Restart your terminal

# Install SSF Tools
pipx install kp-ssf-tools
```

**On MacOS**
```bash
# Install PIPX
brew install pipx
pipx ensurepath

# Restart your terminal

# Install SSF Tools
pipx install kp-ssf-tools
```

**On Linux**
```bash
# Install PIPX (use your distro's package manager)
sudo apt update; sudo apt install pipx
pipx ensurepath

# Restart your terminal

# Install SSF Tools
pipx install kp-ssf-tools
```

## Usage

### Volatility Memory Analysis

The `volatility` sub-command automates extracting useful information from RAM images:

```bash
# Help page
ssf_tools volatility --help

# Basic usage
ssf_tools volatility memory-dump.raw windows interesting-processes.txt
```

### Entropy Analysis

The `analyze entropy` command will compute Shannon entropy using a sliding window over each file.  Results will be stored in `analyze-credentials-<timestamp>.xlsx`.

```bash
# Help page
ssf_tools analyze entropy --help

# Basic usage
ssf_tools analyze entropy src/
```

### Credential Detection

The `analyze credentials` command uses the `detect-secrets` package to identify API keys, credentials, Base64-encoded secrets and other potential secrets.  Results will be stored in `analyze-credentials-<timestamp>.xlsx`.

```bash
# Help page
ssf_tools analyze credentials --help

# Basic usage
ssf_tools analyze credentials src/
```

## Development

```bash
# Install development dependencies
uv sync --dev --extra docs

# Run tests
uv run pytest

# Run linting
uv run ruff check .

# Format code
uv run ruff format .
```

## Contributing

1. Fork the repository
2. Create a feature branch
3. Make your changes
4. Add tests
5. Submit a pull request

## License

MIT License - see LICENSE file for details.

Raw data

            {
    "_id": null,
    "home_page": null,
    "name": "kp-ssf-tools",
    "maintainer": null,
    "docs_url": null,
    "requires_python": ">=3.13",
    "maintainer_email": null,
    "keywords": "forensics, cybersecurity, volatility, memory-analysis",
    "author": null,
    "author_email": "KirkpatrickPrice <info@kirkpatrickprice.com>",
    "download_url": "https://files.pythonhosted.org/packages/34/a4/281557e441ee7fdc473319fa0bdd1049e462dd2199031bacca6834103b64/kp_ssf_tools-0.2.0.tar.gz",
    "platform": null,
    "description": "# SSF Tools - Forensic Analysis Toolkit\r\n\r\nA forensic analysis toolkit for cybersecurity professionals performing PCI Secure Software Framework assessments and general forensic analysis.\r\n\r\nFull documentation on [ReadtheDocs]\r\n\r\n## Features\r\n\r\n- **Volatility Integration**: Automated memory analysis workflows using Volatility 3\r\n- **Rich CLI Interface**: Beautiful, user-friendly command-line interface with colored output\r\n- **Intelligent Process Matching**: Handles process name truncation and partial extension matching\r\n- **File Collision Management**: Smart handling of existing files with user-controlled resolution\r\n- **Cross-Platform Support**: Works on Windows, macOS, and Linux\r\n\r\n## Installation\r\n\r\n### Prerequisites\r\n\r\n1. **Python 3.13+** - Required for the SSF Tools CLI\r\n2. **Volatility 3** - Required for memory analysis (installed automatically)\r\n3. **Detect Secrets** -- Required for credential detection (installed automatically)\r\n\r\n### Install SSF Tools\r\nThese instructions assume you'll use [PyPI's PIPX](https://pipx.pypa.io/latest/installation/) to manage the behind-the-scenese Python virtual environment.\r\n\r\n**On Windows**\r\n```powershell\r\n# Install PIPX (recommended)\r\npy -m pip install --user pipx\r\npipx ensurepath\r\n\r\n# Restart your terminal\r\n\r\n# Install SSF Tools\r\npipx install kp-ssf-tools\r\n```\r\n\r\n**On MacOS**\r\n```bash\r\n# Install PIPX\r\nbrew install pipx\r\npipx ensurepath\r\n\r\n# Restart your terminal\r\n\r\n# Install SSF Tools\r\npipx install kp-ssf-tools\r\n```\r\n\r\n**On Linux**\r\n```bash\r\n# Install PIPX (use your distro's package manager)\r\nsudo apt update; sudo apt install pipx\r\npipx ensurepath\r\n\r\n# Restart your terminal\r\n\r\n# Install SSF Tools\r\npipx install kp-ssf-tools\r\n```\r\n\r\n## Usage\r\n\r\n### Volatility Memory Analysis\r\n\r\nThe `volatility` sub-command automates extracting useful information from RAM images:\r\n\r\n```bash\r\n# Help page\r\nssf_tools volatility --help\r\n\r\n# Basic usage\r\nssf_tools volatility memory-dump.raw windows interesting-processes.txt\r\n```\r\n\r\n### Entropy Analysis\r\n\r\nThe `analyze entropy` command will compute Shannon entropy using a sliding window over each file.  Results will be stored in `analyze-credentials-<timestamp>.xlsx`.\r\n\r\n```bash\r\n# Help page\r\nssf_tools analyze entropy --help\r\n\r\n# Basic usage\r\nssf_tools analyze entropy src/\r\n```\r\n\r\n### Credential Detection\r\n\r\nThe `analyze credentials` command uses the `detect-secrets` package to identify API keys, credentials, Base64-encoded secrets and other potential secrets.  Results will be stored in `analyze-credentials-<timestamp>.xlsx`.\r\n\r\n```bash\r\n# Help page\r\nssf_tools analyze credentials --help\r\n\r\n# Basic usage\r\nssf_tools analyze credentials src/\r\n```\r\n\r\n## Development\r\n\r\n```bash\r\n# Install development dependencies\r\nuv sync --dev --extra docs\r\n\r\n# Run tests\r\nuv run pytest\r\n\r\n# Run linting\r\nuv run ruff check .\r\n\r\n# Format code\r\nuv run ruff format .\r\n```\r\n\r\n## Contributing\r\n\r\n1. Fork the repository\r\n2. Create a feature branch\r\n3. Make your changes\r\n4. Add tests\r\n5. Submit a pull request\r\n\r\n## License\r\n\r\nMIT License - see LICENSE file for details.\r\n",
    "bugtrack_url": null,
    "license": null,
    "summary": "SSF Tools - Forensic Analysis Toolkit for cybersecurity professionals",
    "version": "0.2.0",
    "project_urls": {
        "Homepage": "https://github.com/kirkpatrickprice/ssf-tools",
        "Issues": "https://github.com/kirkpatrickprice/ssf-tools/issues",
        "Repository": "https://github.com/kirkpatrickprice/ssf-tools"
    },
    "split_keywords": [
        "forensics",
        " cybersecurity",
        " volatility",
        " memory-analysis"
    ],
    "urls": [
        {
            "comment_text": null,
            "digests": {
                "blake2b_256": "dfc1f5e8724850f525d1cc97b1179ad3fa469820787da3e218b999b82574df85",
                "md5": "63e2761764b40edab801910bc850043b",
                "sha256": "ab1c8bdbcc45dba82986e2efab857237a8a38864551c6b79a6f7c66f283f1290"
            },
            "downloads": -1,
            "filename": "kp_ssf_tools-0.2.0-py3-none-any.whl",
            "has_sig": false,
            "md5_digest": "63e2761764b40edab801910bc850043b",
            "packagetype": "bdist_wheel",
            "python_version": "py3",
            "requires_python": ">=3.13",
            "size": 136726,
            "upload_time": "2025-09-05T20:28:38",
            "upload_time_iso_8601": "2025-09-05T20:28:38.559792Z",
            "url": "https://files.pythonhosted.org/packages/df/c1/f5e8724850f525d1cc97b1179ad3fa469820787da3e218b999b82574df85/kp_ssf_tools-0.2.0-py3-none-any.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": null,
            "digests": {
                "blake2b_256": "34a4281557e441ee7fdc473319fa0bdd1049e462dd2199031bacca6834103b64",
                "md5": "4ef92fb3002d0ac595168da4b7e38b3d",
                "sha256": "9c4042787ae69fed97118b021e9b54bd718140f04bf907e2ff55eeaafde147f7"
            },
            "downloads": -1,
            "filename": "kp_ssf_tools-0.2.0.tar.gz",
            "has_sig": false,
            "md5_digest": "4ef92fb3002d0ac595168da4b7e38b3d",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": ">=3.13",
            "size": 100779,
            "upload_time": "2025-09-05T20:28:39",
            "upload_time_iso_8601": "2025-09-05T20:28:39.579784Z",
            "url": "https://files.pythonhosted.org/packages/34/a4/281557e441ee7fdc473319fa0bdd1049e462dd2199031bacca6834103b64/kp_ssf_tools-0.2.0.tar.gz",
            "yanked": false,
            "yanked_reason": null
        }
    ],
    "upload_time": "2025-09-05 20:28:39",
    "github": true,
    "gitlab": false,
    "bitbucket": false,
    "codeberg": false,
    "github_user": "kirkpatrickprice",
    "github_project": "ssf-tools",
    "github_not_found": true,
    "lcname": "kp-ssf-tools"
}
None
Elapsed time: 1.15578s