Lib.rs

#string #tree-sitter #semantic #node #language #python #powershell

nightly bin+lib scrings

Semantic strings based on tree-sitter

by Sylvain Peyrefitte

3 releases

0.1.5 Dec 13, 2024
0.1.4 Dec 13, 2024
0.1.3 Dec 12, 2024

#4 in #powershell

Download history 344/week @ 2024-12-11 16/week @ 2024-12-18

360 downloads per month

MIT license

50KB
1K SLoC

Rust 1K SLoC // 0.0% comments Python 170 SLoC // 0.1% comments

scrings

Semantic scanner based on tree-sitter

scrings is a strings utility that will output only semantically valid strings based on tree-sitter grammar. For each script language we made a list of semantic nodes discriminant enough to detect the target language.

Python bindings are available in the pyscrings package.

A Volatility 3 plugin is also available to leverage memory dump analysis.

Usage

scrings is available through a command line utility like strings:

scrings --path [PATH_TO_DUMP] -o -l powershell

...
151297294       $eiD=-join'ylbmessA'[-1..-8];$JOD=-join'epyTteG'[-1..-7]
...

scrings is also available through a volatility plugin to leverage memory analysis technics.

Supported languages

Build

scrings is made in Rust 🦀.

⚠️ Use nightly version of Rust ⚠️

To built scrings you must rely on cargo :

git clone https://github.com/airbus-cert/scrings
cd scrings
cargo build --package scrings --bin scrings --features=scrings

Dependencies

~0–13MB
~410K SLoC