From 9b275deac7573c8500ba1df45c0aa4d01bacd14c Mon Sep 17 00:00:00 2001 From: JohnE Date: Mon, 5 Aug 2019 01:07:50 -0700 Subject: [PATCH] MOD: updated readme to rst format --- .gitignore | 5 ++- README.rst | 110 ++++++++++++++++++++++++++++++++++++++++++++++++++++ docs/README | 108 --------------------------------------------------- 3 files changed, 114 insertions(+), 109 deletions(-) create mode 100644 README.rst delete mode 100644 docs/README diff --git a/.gitignore b/.gitignore index 087029a..040ca56 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,7 @@ +# project excludes +tests/ +var/ + # Byte-compiled / optimized / DLL files __pycache__/ *.py[cod] @@ -16,7 +20,6 @@ lib/ lib64/ parts/ sdist/ -var/ *.egg-info/ .installed.cfg *.egg diff --git a/README.rst b/README.rst new file mode 100644 index 0000000..868cfe9 --- /dev/null +++ b/README.rst @@ -0,0 +1,110 @@ +============== +DB Fingerprint +============== + + +------------- + INTRO +------------- +:: + + [D]ata[B]ase [F]inger[P]rint + + dbfp is a tool that will scan a sqlite database and generate a fingerprint. + The fingerprint will uniquely identify the database. + The fingerprint consists of the database schema, the sql table create statements, + md5 calculations, and file meta-data. + The fingerprint is stored to disk in JSON format. + + The fingerprint can be used to identify unknown databases from random paths or recovered from deleted space. + The fingerprint can be used for historical comparisons to see what has changed in a new version of an application. + + +------------- + FEATURES +------------- +* Generate a fingerprint in JSON format. +* Compare a sqlite database with a fingerprint. +* Rip all apps from an Android phone and create fingerprints for all SQLite databases +* Lightning fast fingerprint comparison + - creates an index of fingerprints + - query the index for quick fingerprint comparison + + + +USAGE +----- +:: + + Create fingerprings from given path + find -exec python dbfp.py -db {} \; + + Attempt to fingerprint all files with *.db + find . -type f -name "*.db" -exec python dbfp.py -db {} \; + + Attempt to fingerprint all files, recursively, from this path (no error if file not database) + find . -type f -exec python dbfp.py -db {} \; + + + ***** ***** ***** ***** + DB Fingerprint + ***** ***** ***** ***** + + Create fingerprint: + dbfp.py -db + + Create fingerprint index: + dbfp.py -fd -idx + + Add fingerprint to index: + dbfp.py -fp -idx (-db | -fp ) + + Compare fingerprint to a database file: + dbfp.py -fp -db + + Lookup fingerprint from index: + dbfp.py -fd -fp ) + + Lookup database from index: + dbfp.py -fd -db + + Lookup MD5 hash from index: + dbfp.py -fd -md5 + + Android App pull and fingerprint: + dbfp.py -android_pull + + ***** ***** ***** ***** + + usage: dbfp.py [-h] [-db DATABASE] [-fd FPDIR] [-fp FINGERPRINT] + [-ad ANDROID_DIR] [-dd DATA_DIR] [-an APP_NAME] + [-av APP_VERSION] [-n NOTES] [-idx] [-md5 MD5] [-android_pull] + [-v] [-vv] [-l] + + Fingerprint a sqlite database based on its schema + + optional arguments: + -h, --help show this help message and exit + -db DATABASE, --database DATABASE + path to file to be fingerprinted + -fd FPDIR, --fpdir FPDIR + path to directory of fingerprint files, compare each + file + -fp FINGERPRINT, --fingerprint FINGERPRINT + fingerprint file to use in comparison + -ad ANDROID_DIR, --android_dir ANDROID_DIR + path to a directory with android folder structure + sqlite files + -dd DATA_DIR, --data_dir DATA_DIR + path to a directory to search for sqlite files + -an APP_NAME, --app_name APP_NAME + -av APP_VERSION, --app_version APP_VERSION + -n NOTES, --notes NOTES + -idx add a fingerprint to the index + -md5 MD5 md5 hash to query the index` + -android_pull automated pull of applications from a physical android + phone + -v, --verbose will set logging level to INFO + -vv, --vverbose will set logging level to DEBUG + -l, --logging will supercede the -v option and send all logging to a + file, logging.DEBUG \ No newline at end of file diff --git a/docs/README b/docs/README deleted file mode 100644 index 3795a11..0000000 --- a/docs/README +++ /dev/null @@ -1,108 +0,0 @@ - ================== - DB Fingerprint - ================== - - -------------- - INTRO -------------- -[D]ata[B]ase [F]inger[P]rint - -dbfp is a tool that will scan a sqlite database and generate a fingerprint. -The fingerprint will uniquely identify the database. -The fingerprint consists of the database schema, the sql table create statements, - md5 calculations, and file meta-data. -The fingerprint is stored to disk in JSON format. - -The fingerprint can be used to identify unknown databases from random paths or recovered from deleted space. -The fingerprint can be used for historical comparisons to see what has changed in a new version of an application. - - -------------- - FEATURES -------------- -1. Generate a fingerprint in JSON format. -2. Compare a sqlite database with a fingerprint. -3. Rip all apps from an Android phone and create fingerprints for all SQLite databases -4. Lightning fast fingerprint comparison - a. creates an index of fingerprints - b. query the index for quick fingerprint comparison - - -------------- - USAGE -------------- - -Create fingerprings from given path -find -exec python dbfp.py -db {} \; - -Attempt to fingerprint all files with *.db -find . -type f -name "*.db" -exec python dbfp.py -db {} \; - -Attempt to fingerprint all files, recursively, from this path (no error if file not database) -find . -type f -exec python dbfp.py -db {} \; - - - -***** ***** ***** ***** - DB Fingerprint -***** ***** ***** ***** - -Create fingerprint: - dbfp.py -db - -Create fingerprint index: - dbfp.py -fd -idx - -Add fingerprint to index: - dbfp.py -fp -idx (-db | -fp ) - -Compare fingerprint to a database file: - dbfp.py -fp -db - -Lookup fingerprint from index: - dbfp.py -fd -fp ) - -Lookup database from index: - dbfp.py -fd -db - -Lookup MD5 hash from index: - dbfp.py -fd -md5 - -Android App pull and fingerprint: - dbfp.py -android_pull - -***** ***** ***** ***** - -usage: dbfp.py [-h] [-db DATABASE] [-fd FPDIR] [-fp FINGERPRINT] - [-ad ANDROID_DIR] [-dd DATA_DIR] [-an APP_NAME] - [-av APP_VERSION] [-n NOTES] [-idx] [-md5 MD5] [-android_pull] - [-v] [-vv] [-l] - -Fingerprint a sqlite database based on its schema - -optional arguments: - -h, --help show this help message and exit - -db DATABASE, --database DATABASE - path to file to be fingerprinted - -fd FPDIR, --fpdir FPDIR - path to directory of fingerprint files, compare each - file - -fp FINGERPRINT, --fingerprint FINGERPRINT - fingerprint file to use in comparison - -ad ANDROID_DIR, --android_dir ANDROID_DIR - path to a directory with android folder structure - sqlite files - -dd DATA_DIR, --data_dir DATA_DIR - path to a directory to search for sqlite files - -an APP_NAME, --app_name APP_NAME - -av APP_VERSION, --app_version APP_VERSION - -n NOTES, --notes NOTES - -idx add a fingerprint to the index - -md5 MD5 md5 hash to query the index` - -android_pull automated pull of applications from a physical android - phone - -v, --verbose will set logging level to INFO - -vv, --vverbose will set logging level to DEBUG - -l, --logging will supercede the -v option and send all logging to a - file, logging.DEBUG \ No newline at end of file