Find binary-like files with ssdeep

Slashdot it! Delicious Share on Facebook Tweet! Digg!

Conclusions

The ssdeep tool fills a gap. In the way that agrep makes it possible to perform fuzzy searches in text files, ssdeep lets you find connections and similarities between any – even binary – files and to reliably evaluate them. The implemented method also lets you effectively examine large collections of files; however, its particular strengths are with text-based files.

ressdeep is a Java-based alternative to ssdeep [8] that even offers a graphical interface (Figure 2). You can start the program using

java -jar ressdeep.exe
Figure 2: The Java version of ssdeep has a GUI.

There are other options available as well, usually based on pHash, which often have better results specifically in regard to searching for similar images.

Infos

  1. ssdeep homepage: http://ssdeep.sourceforge.net
  2. Jesse Kornblum: http://jessekornblum.com/
  3. Md5deep: http://md5deep.sourceforge.net/
  4. ssdeep principle: http://dx.doi.org/10.1016/j.diin.2006.06.015
  5. Spamsum: https://www.samba.org/ftp/unpacked/junkcode/spamsum/README
  6. pHash: http://phash.org
  7. FSlint: http://www.pixelbeat.org/fslint/
  8. ressdeep: http://reboot.pro/files/file/220-ressdeep/

1 2 Next »

Buy this article as PDF

Express-Checkout as PDF

Pages: 3

Price $0.99
(incl. VAT)

Buy Ubuntu User

SINGLE ISSUES
Print Issues
Digital Issues
 
SUBSCRIPTIONS
Print Subs
Digisubs
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

© 2024 Linux New Media USA, LLCLegal Notice