Skip to content
This repository was archived by the owner on Jul 22, 2020. It is now read-only.

Doc fixes #1

Open
tpltnt wants to merge 7 commits into
base: master
Choose a base branch
from
Open

Doc fixes #1

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
c403612
more docs on entropy()
Apr 10, 2018
bd13bf3
more docs on count_consonants()
Apr 10, 2018
50967c7
docs for read_file()
Apr 10, 2018
46de94d
docs for domain_check()
Apr 10, 2018
93473f1
more pythonic call of main routine
Apr 10, 2018
62e8de9
added interpreter shebang
Apr 10, 2018
46ba943
made dga_detector.py executable
Apr 10, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 17 additions & 2 deletions dga_detector.py
100644 → 100755
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
#!/usr/bin/env python3
import pickle
from gib import gib_detect_train
from dga_routines import count_consonants, entropy
Expand All @@ -7,12 +8,27 @@


def read_file(filename):
"""
Read each line from a file (with newline removed).

:param filename: file name/path to read from
:type filename: str
:returns: generator of str
"""
with open(filename) as f:
for line in f:
yield line.strip("\n")


def domain_check(domain):
"""
Check a given domain. This function operates on the second level domain, e.g. on 'example' of 'example.net'.

:param domain: domain to check
:type domain: str
:returns: tuple (second level domain - str, entropy - float, number of consonants - int, length - int), may be empty
:note: Domains shorter than six characters, localized domains (i.e. 'xn-') and onion services (i.e. '.onion') are not processed.
"""
# skip tor domains
if domain.endswith(".onion"):
print("Tor domains is ignored...")
Expand All @@ -33,7 +49,7 @@ def domain_check(domain):
return domain_without_sub, domain_entropy, domain_consonants, domain_length


def main():
if __name__ == "__main__":
parser = argparse.ArgumentParser(description="DGA domain detection")
parser.add_argument("-d", "--domain", help="Domain to check")
parser.add_argument("-f", "--file", help="File with domains. One per line")
Expand Down Expand Up @@ -93,4 +109,3 @@ def main():
/_____/ \____/ /_/ |_| /_____/ \___/\__/ \___/\___/ \__/ \____//_/
''')
parser.print_help()
main()
12 changes: 10 additions & 2 deletions dga_routines.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,11 @@

def entropy(string):
"""
Calculates the Shannon entropy of a string
Calculates the Shannon entropy of a string.

:param string: input string
:type string: str
:returns: float
"""

# get probability of chars in string
Expand All @@ -19,7 +23,11 @@ def entropy(string):

def count_consonants(string):
"""
Counting consonants in a string
Counting consonants in a string.

:param string: input string
:type string: str
:retuns: int (number of consonants)
"""
consonants = re.compile("[bcdfghjklmnpqrstvwxyz]")
count = consonants.findall(string)
Expand Down