GitHub - Xtrato/pyBaseline: Used during malware analysis. This script takes a baseline of files and folders present on the system. Once the malware is executed this can be used to compare any changes made to and files or folders.

This scripts has been created to be used during malware analysis. It takes a baseline of files and folders present on the system. Once the malware is executed it can be used to compare any changes made to the system.

Usage usage: pyBaseline.py [-h] [-c COMPARE] [-r ROOT] [-b BASELINE]

optional arguments:
  -h, --help            show this help message and exit
  -c COMPARE, --compare COMPARE
                        Compares to the baseline Argument must be the baseline
                        file to be compared to.
  -r ROOT, --root ROOT  Specifies the starting directory when taking a baseline. Default is the root directory
  -b BASELINE, --baseline BASELINE
                        Sets to record a baseline. The argument is the output file name.

Examples:

To take a baseline of the system and save the results to the file baseline.txt

    pyBaseline.py -b baseline.txt

To specify a starting directory use the -r tag. By default it scans the whole drive.

    pyBaseline.py -r C:\Users\Name -b baseline.txt

To compare the current system with the previously recorded results stored in baseline.txt.

    pyBaseline.py -c baseline.txt

Name		Name	Last commit message	Last commit date
Latest commit History 9 Commits
colorama		colorama
README.md		README.md
pyBaseline.py		pyBaseline.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

About

Releases

Packages

Languages

Xtrato/pyBaseline

Folders and files

Latest commit

History

Repository files navigation

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages