public static void DisplaySSNs(List <string> foundStrings)
{
List <Match> foundSSNs = FAStrings.ParsePhoneNumbers(foundStrings);
Console.WriteLine("\n\n++++++++Found Social Security Numbers++++++++");
foreach (var s in foundSSNs)
{
Console.WriteLine("\t" + s.Value);
}
if (foundSSNs.Count == 0)
{
Console.WriteLine("\tNo SSNs found.");
}
}
public static void DisplayErrors(List <string> foundStrings)
{
List <Match> foundErrors = FAStrings.ParseErrors(foundStrings);
Console.WriteLine("\n\n++++++++Found Error Strings++++++++");
foreach (var s in foundErrors)
{
Console.WriteLine("\t" + s.Value);
}
if (foundErrors.Count == 0)
{
Console.WriteLine("\tNo Error strings found.");
}
}
public static void DisplayWebsites(List <string> foundStrings)
{
List <Match> foundWebsites = FAStrings.ParseWebsites(foundStrings);
Console.WriteLine("\n\n++++++++Found Websites++++++++");
foreach (var s in foundWebsites)
{
Console.WriteLine("\t" + s.Value);
}
if (foundWebsites.Count == 0)
{
Console.WriteLine("\tNo websites found.");
}
}
public static void DisplayEmails(List <string> foundStrings)
{
List <Match> foundEmails = FAStrings.ParseEmails(foundStrings);
Console.WriteLine("\n\n++++++++Found Email Addresses++++++++");
foreach (var s in foundEmails)
{
Console.WriteLine("\t" + s.Value);
}
if (foundEmails.Count == 0)
{
Console.WriteLine("\tNo email addresses found.");
}
}
//todo maybe refactor this into a display method with a title parameter and not found string
public static void DisplayIPv4s(List <string> foundStrings)
{
List <Match> foundIPs = FAStrings.ParseIPv4(foundStrings);
Console.WriteLine("\n\n++++++++Found IPs++++++++");
foreach (var s in foundIPs)
{
//Console.WriteLine("\t" + s.Value);
Console.WriteLine(PythonScript.GeoipCheck(s.Value));
}
if (foundIPs.Count == 0)
{
Console.WriteLine("\tNo IPv4 addresses found.");
}
}
/// <summary>
/// Main handles for scanning a file. Takes in the configurations bools to handle what to execute on file.
/// </summary>
/// <param name="filename">file name</param>
/// <param name="yaraScan">yara scan file</param>
/// <param name="stringSearch">search for strings</param>
/// <param name="guessFile">attempt to identify file</param>
/// <param name="pii">search for pii</param>
public static void ScanFile(string filename, bool yaraScan, bool stringSearch, bool guessFile, bool pii)
{
if (File.Exists(filename))
{
FileInfo fInfo = new FileInfo(filename);
FAFileInfo.PrintFileInfo(fInfo);
FAFileInfo.DisplayHashes(filename);
if (guessFile)
{
GuessFileFormat.Guess(filename);
}
List <string> foundStrings = new List <string>();
if (stringSearch)
{
FAStrings.GetStrings(filename, STRING_THRESHOLD, ref foundStrings);
FAStrings.DisplayDLLs(foundStrings);
FAStrings.DisplayIPv4s(foundStrings);
FAStrings.DisplayWebsites(foundStrings);
FAStrings.DisplayErrors(foundStrings);
}
if (pii)
{
if (foundStrings.Count == 0)
{
FAStrings.GetStrings(filename, STRING_THRESHOLD, ref foundStrings);
}
FAStrings.DisplayPhoneNumbers(foundStrings);
FAStrings.DisplaySSNs(foundStrings);
FAStrings.DisplayEmails(foundStrings);
}
if (yaraScan)
{
string s = PythonScript.YaraScan(filename);
Console.WriteLine(s);
}
}
else
{
throw new FileNotFoundException("Please enter a filename with the correct/full path.");
}
}
