Skip to content
/ sleuthpy Public

SleuthPy is a Python utility designed to decode obscured content within files. Utilising regex pattern recognition techniques, it scans through a file to identify strings potentially encoded. Support for multiple encoding methods and output file types.

twitter.com/lewsecurity

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

lewiswigmore/sleuthpy

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
example.txt
example.txt
 
 
sleuth.py
sleuth.py
 
 

Repository files navigation

 __ _            _   _       ___       
/ _\ | ___ _   _| |_| |__   / _ \_   _ 
\ \| |/ _ \ | | | __| '_ \ / /_)/ | | |
_\ \ |  __/ |_| | |_| | | / ___/| |_| |
\__/_|\___|\__,_|\__|_| |_\/     \__, |
                                 |___/

SleuthPy is a Python utility designed to decode obfuscated content within files. Utilising regex pattern recognition techniques, it scans through a file to identify strings potentially encoded using Base64, Hexadecimal, URL and binary encoding methods. Current support for multiple encoding methods and output file formats, expanding with future development.

Table of Contents

Getting Started

Requirements

  • Python 3.10.4 or higher
  • Libraries: tqdm

Installation

Clone the repository:

git clone https://github.com/lewiswigmore/sleuthpy.git

Ensure Python 3 is installed on your system. Install the required libraries using pip:

pip install tqdm

Usage

Getting started and usage guide:

python sleuth.py

Run SleuthPy using the following command:

python sleuth.py --input INPUT_FILE --output OUTPUT_FILE [-e ENCODING]
  • --input INPUT_FILE: Specify the path to the file containing the encoded strings.
  • --output OUTPUT_FILE: Define the path to the file where the decoded data will be written. The output file must have a valid extension (.csv or .json).
  • -e, --encoding ENCODING (optional): Choose the encoding method to detect ("Base64", "Hexadecimal", "URL Encoding", "Binary"). If this option is omitted, all encoding methods are used.

Examples

Detecting All Encodings

python sleuth.py --input example.txt --output results.csv

This command scans example.txt for all supported encoding types and outputs the decoded data in results.csv.

Specific Encoding Detection

python sleuth.py --input example.txt --output results.json -e Base64

In this example, sleuth.py will only look for Base64 encoded strings in example.txt and save the decoded results in results.json.

Functionality

  • Detect and Decode Various Encoded Strings: Identifies and accurately decodes potential Base64, Hexadecimal, URL-encoded, and Binary strings.
  • Selective Decoding: Allows specifying the encoding method, providing flexibility to focus on specific types of encoded strings.
  • Output Formats: Supports CSV or JSON for output, catering to different user needs.
  • Efficient Decoding: Avoids duplicate decoding of strings valid in multiple formats.

License

Distributed under the MIT License. See LICENSE for more information.

About

SleuthPy is a Python utility designed to decode obscured content within files. Utilising regex pattern recognition techniques, it scans through a file to identify strings potentially encoded. Support for multiple encoding methods and output file types.

twitter.com/LewSecurity

Topics

python decoding cybersecurity infosec deobfuscate security-tools

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages