SSF Toolkit User Guide: analyze Command¶
Overview¶
This guide introduces the ssf_tools analyze sub-command. You will learn how to use the main analysis features, review available options, and understand the general workflow. Detailed guides for entropy and credentials sub-commands:
analyze entropy: Perform Shannon Entropy analysis on source code, binaries and other filesanalyze credentials: Usedetect-secretsto identify hard-coded secrets in source code other files
Prerequisites¶
- Python 3.13 or later
- SSF Toolkit installed (
pipx install kp-ssf-toolkit) - Access to files or directories to analyze
Quick Start¶
To view available analysis options, run:
This displays a list of supported sub-commands and their usage.
Usage¶
The analyze command was built to facilitate security analysis tools for PCI SSF requirement 2.3 compliance. It supports multiple sub-commands:
Common Commands¶
ssf_tools analyze entropy <target>: Analyze file or directory for entropy-based risk patternsssf_tools analyze credentials <target>: Scan files for embedded credentials
Use --help with any sub-command to see available options:
Configuration¶
You can customize analysis behavior using command-line options and configuration files. Common options include risk thresholds, file block sizes, and recursive directory analysis.
Advanced Features¶
- Stream results directly to Excel for large datasets
- Filter files by pattern or extension
- Control verbosity and output details
Troubleshooting¶
- If no files are found, check your target path and ignore patterns
- For Excel export issues, review row limits and risk thresholds
- Use verbose mode for detailed output
FAQ¶
-
Q: How do I analyze a single file?
A: Use
ssf_tools analyze entropy <filename>orssf_tools analyze credentials <filename>. -
Q: Can I disable recursive file discovery?
Yes, use the
--no-recurseoption.
Additional Resources¶
Use this guide for a high-level overview of the analyze command. Refer to sub-command guides for detailed instructions.