algorithms.base

Base classes for analysis algorithms.

class AnalysisContext[source]

Bases: object

Context provided to algorithms.

library: str
protocol_version: str
phase: str
secrets: List[CryptoSecret]
extra: Dict[str, Any]
property tls_version: str

Backward-compatible alias for protocol_version.

__init__(library, protocol_version, phase, secrets=<factory>, extra=<factory>)
Parameters:
Return type:

None

class Match[source]

Bases: object

A single match found by an algorithm.

offset: int
length: int
confidence: float
label: str = ''
data: bytes = b''
metadata: Dict[str, Any]
__init__(offset, length, confidence, label='', data=b'', metadata=<factory>)
Parameters:
Return type:

None

class AlgorithmResult[source]

Bases: object

Result from running an algorithm.

algorithm_name: str
confidence: float
matches: List[Match]
metadata: Dict[str, Any]
__init__(algorithm_name, confidence, matches=<factory>, metadata=<factory>)
Parameters:
Return type:

None

class BaseAlgorithm[source]

Bases: ABC

Base class for all analysis algorithms.

name: str = ''
description: str = ''
mode: str = ''
abstract run(dump_data, context)[source]

Run the algorithm on dump data.

Parameters:
Return type:

AlgorithmResult

Auto-discovery registry for algorithm plugins.

class AlgorithmRegistry[source]

Bases: object

Discover and manage algorithm plugins.

__init__()[source]
discover()[source]

Walk known_key/ and unknown_key/ subdirectories to find algorithms.

Return type:

None

get(name)[source]
Parameters:

name (str)

Return type:

BaseAlgorithm

list_all()[source]
Return type:

List[BaseAlgorithm]

list_by_mode(mode)[source]
Parameters:

mode (Literal['known_key', 'unknown_key'])

Return type:

List[BaseAlgorithm]

property names: List[str]
get_registry()[source]
Return type:

AlgorithmRegistry