ncsi이용해서 네트워크 상태 구현함

Add network status

Catswords.DataType.Client/Catswords.DataType.Client.csproj

@@ -12,21 +12,6 @@
     <FileAlignment>512</FileAlignment>
     <AutoGenerateBindingRedirects>true</AutoGenerateBindingRedirects>
     <Deterministic>true</Deterministic>
-    <PublishUrl>게시\</PublishUrl>
-    <Install>true</Install>
-    <InstallFrom>Disk</InstallFrom>
-    <UpdateEnabled>false</UpdateEnabled>
-    <UpdateMode>Foreground</UpdateMode>
-    <UpdateInterval>7</UpdateInterval>
-    <UpdateIntervalUnits>Days</UpdateIntervalUnits>
-    <UpdatePeriodically>false</UpdatePeriodically>
-    <UpdateRequired>false</UpdateRequired>
-    <MapFileExtensions>true</MapFileExtensions>
-    <ApplicationRevision>0</ApplicationRevision>
-    <ApplicationVersion>1.0.0.%2a</ApplicationVersion>
-    <IsWebBootstrapper>false</IsWebBootstrapper>
-    <UseApplicationTrust>false</UseApplicationTrust>
-    <BootstrapperEnabled>true</BootstrapperEnabled>
   </PropertyGroup>
   <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
     <PlatformTarget>AnyCPU</PlatformTarget>
@@ -48,15 +33,12 @@
     <WarningLevel>4</WarningLevel>
   </PropertyGroup>
   <PropertyGroup>
-    <SignAssembly>true</SignAssembly>
+    <SignAssembly>false</SignAssembly>
-  </PropertyGroup>
-  <PropertyGroup>
-    <ApplicationIcon>Resources\icon.ico</ApplicationIcon>
-  </PropertyGroup>
-  <PropertyGroup>
-    <AssemblyOriginatorKeyFile>socialonthefile.snk</AssemblyOriginatorKeyFile>
   </PropertyGroup>
   <ItemGroup>
+    <Reference Include="BencodeNET, Version=1.0.0.0, Culture=neutral, processorArchitecture=MSIL">
+      <HintPath>..\packages\BencodeNET.4.0.0\lib\netstandard2.0\BencodeNET.dll</HintPath>
+    </Reference>
     <Reference Include="Crc32.NET, Version=1.0.0.0, Culture=neutral, PublicKeyToken=dc0b95cf99bf4e99, processorArchitecture=MSIL">
       <HintPath>..\packages\Crc32.NET.1.2.0\lib\net20\Crc32.NET.dll</HintPath>
     </Reference>
@@ -79,9 +61,6 @@
       <Private>True</Private>
       <Private>True</Private>
     </Reference>
-    <Reference Include="System.IO.Packaging, Version=8.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
-      <HintPath>..\packages\System.IO.Packaging.8.0.0\lib\net462\System.IO.Packaging.dll</HintPath>
-    </Reference>
     <Reference Include="System.IO.Pipelines, Version=8.0.0.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
       <HintPath>..\packages\System.IO.Pipelines.8.0.0\lib\net462\System.IO.Pipelines.dll</HintPath>
     </Reference>
@@ -108,45 +87,37 @@
     <Reference Include="System.Net.Http" />
     <Reference Include="System.Windows.Forms" />
     <Reference Include="System.Xml" />
-    <Reference Include="WindowsBase" />
     <Reference Include="XmpCore, Version=6.1.10.1, Culture=neutral, PublicKeyToken=961f4f366277b80e, processorArchitecture=MSIL">
       <HintPath>..\packages\XmpCore.6.1.10.1\lib\net35\XmpCore.dll</HintPath>
     </Reference>
   </ItemGroup>
   <ItemGroup>
     <Compile Include="Config.cs" />
-    <Compile Include="Helper\InfoHashExtractor.cs" />
+    <Compile Include="Form1.cs">
-    <Compile Include="Model\CfbfPartInfo.cs" />
-    <Compile Include="Model\HashInfo.cs" />
-    <Compile Include="Worker1.cs" />
-    <Compile Include="Main.cs">
       <SubType>Form</SubType>
     </Compile>
-    <Compile Include="Main.Designer.cs">
+    <Compile Include="Form1.Designer.cs">
-      <DependentUpon>Main.cs</DependentUpon>
+      <DependentUpon>Form1.cs</DependentUpon>
     </Compile>
-    <Compile Include="UserControl2.cs">
+    <Compile Include="Form2.cs">
-      <SubType>UserControl</SubType>
+      <SubType>Form</SubType>
     </Compile>
-    <Compile Include="UserControl2.Designer.cs">
+    <Compile Include="Form2.Designer.cs">
-      <DependentUpon>UserControl2.cs</DependentUpon>
+      <DependentUpon>Form2.cs</DependentUpon>
     </Compile>
     <Compile Include="Helper\ApkManifestExtractor.cs" />
-    <Compile Include="Helper\CfbfExtractor.cs" />
     <Compile Include="Helper\FileHasher.cs" />
-    <Compile Include="Helper\FileExtensionDatabase.cs" />
+    <Compile Include="Helper\FileExtensionDB.cs" />
-    <Compile Include="Helper\PeOrganizationExtractor.cs" />
+    <Compile Include="Helper\FileCompany.cs" />
-    <Compile Include="Helper\FileMagicExtractor.cs" />
+    <Compile Include="Helper\FileMagic.cs" />
     <Compile Include="Helper\LinkExtractor.cs" />
     <Compile Include="Helper\ImpHash.cs" />
-    <Compile Include="Helper\ExifTagExtractor.cs" />
     <Compile Include="Helper\OpenXMLExtractor.cs" />
     <Compile Include="Helper\Timeline.cs" />
     <Compile Include="Model\AndroidPermission.cs" />
-    <Compile Include="Model\ExifTag.cs" />
+    <Compile Include="Model\FileHash.cs" />
-    <Compile Include="Model\TimelineMessage.cs" />
+    <Compile Include="Model\Indicator.cs" />
     <Compile Include="Model\OpenXMLMetadata.cs" />
-    <Compile Include="Model\Timestamp.cs" />
     <Compile Include="Program.cs" />
     <Compile Include="Properties\AssemblyInfo.cs" />
     <Compile Include="UserControl1.cs">
@@ -155,11 +126,11 @@
     <Compile Include="UserControl1.Designer.cs">
       <DependentUpon>UserControl1.cs</DependentUpon>
     </Compile>
-    <EmbeddedResource Include="Main.resx">
+    <EmbeddedResource Include="Form1.resx">
-      <DependentUpon>Main.cs</DependentUpon>
+      <DependentUpon>Form1.cs</DependentUpon>
     </EmbeddedResource>
-    <EmbeddedResource Include="UserControl2.resx">
+    <EmbeddedResource Include="Form2.resx">
-      <DependentUpon>UserControl2.cs</DependentUpon>
+      <DependentUpon>Form2.cs</DependentUpon>
     </EmbeddedResource>
     <EmbeddedResource Include="Properties\Resources.resx">
       <Generator>ResXFileCodeGenerator</Generator>
@@ -185,7 +156,6 @@
       <DependentUpon>Settings.settings</DependentUpon>
       <DesignTimeSharedInput>True</DesignTimeSharedInput>
     </Compile>
-    <None Include="socialonthefile.snk" />
   </ItemGroup>
   <ItemGroup>
     <None Include="App.config" />
@@ -205,6 +175,16 @@
   <ItemGroup>
     <None Include="Resources\document_paperclip_list_paper_icon_219544.png" />
   </ItemGroup>
+  <ItemGroup>
+    <ProjectReference Include="..\..\..\..\OneDrive\문서\GitHub\androidxmldotnet\AndroidXml\AndroidXml.csproj">
+      <Project>{607eeb2c-6b7c-409e-959e-3b458a109426}</Project>
+      <Name>AndroidXml</Name>
+    </ProjectReference>
+    <ProjectReference Include="..\..\..\..\OneDrive\문서\GitHub\SsdeepNET\Source\SsdeepNET\SsdeepNET.csproj">
+      <Project>{b1244c5a-cdeb-4d1d-8807-bf40251abcab}</Project>
+      <Name>SsdeepNET</Name>
+    </ProjectReference>
+  </ItemGroup>
   <ItemGroup>
     <None Include="Resources\2333410-android-os-smartphone_85588.png" />
   </ItemGroup>
@@ -214,30 +194,5 @@
   <ItemGroup>
     <None Include="Resources\link-symbol_icon-icons.com_56927.png" />
   </ItemGroup>
-  <ItemGroup>
-    <None Include="Resources\tags_icon-icons.com_73382.png" />
-  </ItemGroup>
-  <ItemGroup>
-    <BootstrapperPackage Include=".NETFramework,Version=v4.8">
-      <Visible>False</Visible>
-      <ProductName>Microsoft .NET Framework 4.8%28x86 및 x64%29</ProductName>
-      <Install>true</Install>
-    </BootstrapperPackage>
-    <BootstrapperPackage Include="Microsoft.Net.Framework.3.5.SP1">
-      <Visible>False</Visible>
-      <ProductName>.NET Framework 3.5 SP1</ProductName>
-      <Install>false</Install>
-    </BootstrapperPackage>
-  </ItemGroup>
-  <ItemGroup>
-    <ProjectReference Include="..\androidxmldotnet\AndroidXml\AndroidXml.csproj">
-      <Project>{e55ce5e9-aeec-4625-82ff-9c73dad2ba84}</Project>
-      <Name>AndroidXml</Name>
-    </ProjectReference>
-    <ProjectReference Include="..\SsdeepNET\Source\SsdeepNET\SsdeepNET.csproj">
-      <Project>{1fc34ef4-5137-4069-a18a-d35afec5181f}</Project>
-      <Name>SsdeepNET</Name>
-    </ProjectReference>
-  </ItemGroup>
   <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
 </Project>

Catswords.DataType.Client/Form1.Designer.cs

@@ -1,6 +1,6 @@
 namespace Catswords.DataType.Client
 {
-    partial class Main
+    partial class Form1
     {
         /// <summary>
         /// 필수 디자이너 변수입니다.

Catswords.DataType.Client/Form1.cs

@@ -2,9 +2,9 @@
 
 namespace Catswords.DataType.Client
 {
-    public partial class Main : Form
+    public partial class Form1 : Form
     {
-        public Main()
+        public Form1()
         {
             InitializeComponent();
 

Catswords.DataType.Client/Form2.Designer.cs

@@ -1,6 +1,6 @@
 namespace Catswords.DataType.Client
 {
-    partial class UserControl2
+    partial class Form2
     {
         /// <summary>
         /// Required designer variable.
@@ -76,7 +76,6 @@
             this.txtExtension.Name = "txtExtension";
             this.txtExtension.Size = new System.Drawing.Size(284, 20);
             this.txtExtension.TabIndex = 1;
-            this.txtExtension.Text = "Calculating...";
             // 
             // txtHashSha256
             // 
@@ -84,7 +83,6 @@
             this.txtHashSha256.Name = "txtHashSha256";
             this.txtHashSha256.Size = new System.Drawing.Size(284, 20);
             this.txtHashSha256.TabIndex = 1;
-            this.txtHashSha256.Text = "Calculating...";
             // 
             // txtMagic
             // 
@@ -92,7 +90,6 @@
             this.txtMagic.Name = "txtMagic";
             this.txtMagic.Size = new System.Drawing.Size(284, 20);
             this.txtMagic.TabIndex = 1;
-            this.txtMagic.Text = "Calculating...";
             // 
             // txtHashCrc32
             // 
@@ -100,7 +97,6 @@
             this.txtHashCrc32.Name = "txtHashCrc32";
             this.txtHashCrc32.Size = new System.Drawing.Size(284, 20);
             this.txtHashCrc32.TabIndex = 1;
-            this.txtHashCrc32.Text = "Calculating...";
             // 
             // txtHashSha1
             // 
@@ -108,7 +104,6 @@
             this.txtHashSha1.Name = "txtHashSha1";
             this.txtHashSha1.Size = new System.Drawing.Size(284, 20);
             this.txtHashSha1.TabIndex = 1;
-            this.txtHashSha1.Text = "Calculating...";
             // 
             // txtHashMd5
             // 
@@ -116,7 +111,6 @@
             this.txtHashMd5.Name = "txtHashMd5";
             this.txtHashMd5.Size = new System.Drawing.Size(284, 20);
             this.txtHashMd5.TabIndex = 1;
-            this.txtHashMd5.Text = "Calculating...";
             // 
             // labelLocale
             // 
@@ -196,7 +190,6 @@
             this.txtInfoHash.Name = "txtInfoHash";
             this.txtInfoHash.Size = new System.Drawing.Size(284, 20);
             this.txtInfoHash.TabIndex = 1;
-            this.txtInfoHash.Text = "Calculating...";
             // 
             // labelTools
             // 
@@ -236,7 +229,6 @@
             this.txtSsdeep.Name = "txtSsdeep";
             this.txtSsdeep.Size = new System.Drawing.Size(284, 20);
             this.txtSsdeep.TabIndex = 9;
-            this.txtSsdeep.Text = "Calculating...";
             // 
             // labelSsdeep
             // 
@@ -277,8 +269,14 @@
             this.Controls.Add(this.labelInfoHash);
             this.Controls.Add(this.labelLocale);
             this.Controls.Add(this.labelExtension);
+            this.FormBorderStyle = System.Windows.Forms.FormBorderStyle.FixedSingle;
+            this.Icon = global::Catswords.DataType.Client.Properties.Resources.icon;
+            this.KeyPreview = true;
+            this.MaximizeBox = false;
+            this.MinimizeBox = false;
             this.Name = "Form2";
             this.Text = "Expert";
+            this.TopMost = true;
             this.Load += new System.EventHandler(this.Form2_Load);
             this.ResumeLayout(false);
             this.PerformLayout();

Catswords.DataType.Client/Form2.cs

@@ -0,0 +1,55 @@
+using Catswords.DataType.Client.Model;
+using System;
+using System.ComponentModel.Design;
+using System.Diagnostics;
+using System.Windows.Forms;
+
+namespace Catswords.DataType.Client
+{
+    public partial class Form2 : Form
+    {
+        private UserControl1 parent;
+        private FileHash hashed;
+
+        public Form2(UserControl1 parent)
+        {
+            InitializeComponent();
+
+            this.parent = parent;
+        }
+
+        private void Form2_Load(object sender, EventArgs e)
+        {
+            hashed = Helper.FileHasher.Compute(parent.filePath);
+            txtExtension.Text = hashed.Extension;
+            txtHashMd5.Text = hashed.MD5;
+            txtHashSha1.Text = hashed.SHA1;
+            txtHashCrc32.Text = hashed.CRC32;
+            txtHashSha256.Text = hashed.SHA256;
+            txtMagic.Text = hashed.MAGIC;
+            txtInfoHash.Text = hashed.InfoHash;
+            txtSsdeep.Text = hashed.SSDEEP;
+        }
+
+        private void button1_Click(object sender, EventArgs e)
+        {
+            ByteViewer bv = new ByteViewer();
+            bv.SetFile(parent.filePath); // or SetBytes
+
+            Form newForm = new Form();
+            newForm.Size = new System.Drawing.Size(650, 600);
+            newForm.Text = "ByteViewer";
+            newForm.Icon = Properties.Resources.icon;
+            newForm.MinimizeBox = false;
+            newForm.MaximizeBox = false;
+            newForm.FormBorderStyle = FormBorderStyle.FixedSingle;
+            newForm.Controls.Add(bv);
+            newForm.Show();
+        }
+
+        private void button2_Click(object sender, EventArgs e)
+        {
+            Process.Start("https://www.virustotal.com/gui/file/" + hashed.SHA256);
+        }
+    }
+}

Catswords.DataType.Client/Helper/ApkManifestExtractor.cs

@@ -32,7 +32,7 @@ namespace Catswords.DataType.Client.Helper
                 {
                     if (entry.FullName == "AndroidManifest.xml")
                     {
-                        TargetPath = Path.Combine(TempDirectory, Guid.NewGuid().ToString());
+                        TargetPath = Path.Combine(TempDirectory, entry.FullName);
                         entry.ExtractToFile(TargetPath);
                         break;
                     }

Catswords.DataType.Client/Helper/CfbfExtractor.cs

@@ -1,71 +0,0 @@
-using Catswords.DataType.Client.Model;
-using System.Collections.Generic;
-using System.IO.Packaging;
-using System.IO;
-
-namespace Catswords.DataType.Client.Helper
-{
-    public class CfbfExtractor
-    {
-        private string FilePath;
-
-        public CfbfExtractor(string filePath)
-        {
-            FilePath = filePath;
-        }
-
-        public List<CfbfPartInfo> GetParts()
-        {
-            List<CfbfPartInfo> partInfoList = new List<CfbfPartInfo>();
-
-            if (!IsValidFormat())
-            {
-                return partInfoList;
-            }
-
-            using (Package package = Package.Open(FilePath, FileMode.Open, FileAccess.Read))
-            {
-                foreach (PackagePart part in package.GetParts())
-                {
-                    CfbfPartInfo partInfo = new CfbfPartInfo();
-                    partInfo.URI = part.Uri.ToString();
-                    partInfo.ContentType = part.ContentType;
-
-                    using (Stream stream = part.GetStream(FileMode.Open, FileAccess.Read))
-                    {
-                        using (StreamReader reader = new StreamReader(stream))
-                        {
-                            partInfo.Content = reader.ReadToEnd();
-                        }
-                    }
-
-                    partInfoList.Add(partInfo);
-                }
-            }
-
-            return partInfoList;
-        }
-
-        public bool IsValidFormat()
-        {
-            // CFBF 파일 시그니처 확인
-            byte[] signatureBytes = { 0xD0, 0xCF, 0x11, 0xE0, 0xA1, 0xB1, 0x1A, 0xE1 };
-            byte[] fileBytes = new byte[signatureBytes.Length];
-
-            using (FileStream fileStream = new FileStream(FilePath, FileMode.Open, FileAccess.Read))
-            {
-                fileStream.Read(fileBytes, 0, signatureBytes.Length);
-            }
-
-            for (int i = 0; i < signatureBytes.Length; i++)
-            {
-                if (fileBytes[i] != signatureBytes[i])
-                {
-                    return false;
-                }
-            }
-
-            return true;
-        }
-    }
-}

Catswords.DataType.Client/Helper/ExifTagExtractor.cs

@@ -1,44 +0,0 @@
-using Catswords.DataType.Client.Model;
-using MetadataExtractor;
-using System;
-using System.Collections.Generic;
-
-namespace Catswords.DataType.Client.Helper
-{
-    class ExifTagExtractor
-    {
-        private string FilePath;
-
-        public ExifTagExtractor(string filePath)
-        {
-            FilePath = filePath;
-        }
-
-        public List<ExifTag> GetTags()
-        {
-            List<ExifTag> tags = new List<ExifTag>();
-
-            try {
-                IEnumerable<Directory> directories = ImageMetadataReader.ReadMetadata(FilePath);
-                foreach (var directory in directories)
-                {
-                    foreach (var tag in directory.Tags)
-                    {
-                        tags.Add(new ExifTag
-                        {
-                            Section = directory.Name,
-                            Name = tag.Name,
-                            Description = tag.Description.ToString()
-                        });
-                    }
-                }
-            }
-            catch
-            {
-                // nothing
-            }
-
-            return tags;
-        }
-    }
-}

Catswords.DataType.Client/Helper/FileCompany.cs

@@ -5,19 +5,17 @@ using System.Security.Cryptography.X509Certificates;
 
 namespace Catswords.DataType.Client.Helper
 {
-    class PeOrganizationExtractor
+    public static class FileCompany
     {
-        private string FilePath;
+        static public string Read(string filePath)
-
-        public PeOrganizationExtractor(string filePath)
-        {
-            FilePath = filePath;
-        }
-
-        public string GetString()
         {
             // 회사 정보 추출
-            string[] companies = new string[] { GetCompanyInfo(), GetProductName(),  GetCopyrightInfo(), GetOrganization() };
+            string[] companies = new string[] {
+                GetCompanyInfo(filePath),
+                GetProductName(filePath),
+                GetCopyrightInfo(filePath),
+                GetOrganization(filePath)
+            };
             foreach (string company in companies)
             {
                 if (company != null && !company.Equals(string.Empty))
@@ -29,12 +27,12 @@ namespace Catswords.DataType.Client.Helper
             return "Unknown";
         }
 
-        private string GetOrganization()
+        public static string GetOrganization(string filePath)
         {
             string organization = string.Empty;
 
             // 서명된 파일인 경우 인증서 정보 추출
-            X509Certificate2 certificate = GetCertificateInfo();
+            X509Certificate2 certificate = GetCertificateInfo(filePath);
             if (certificate != null)
             {
                 // Subject 필드에서 O (Organization) 값을 찾아 회사 정보 추출
@@ -54,31 +52,31 @@ namespace Catswords.DataType.Client.Helper
             return organization;
         }
 
-        private string GetCompanyInfo()
+        public static string GetCompanyInfo(string filePath)
         {
-            FileVersionInfo versionInfo = FileVersionInfo.GetVersionInfo(FilePath);
+            FileVersionInfo versionInfo = FileVersionInfo.GetVersionInfo(filePath);
             return versionInfo.CompanyName;
         }
 
-        private string GetProductName()
+        public static string GetProductName(string filePath)
         {
-            FileVersionInfo versionInfo = FileVersionInfo.GetVersionInfo(FilePath);
+            FileVersionInfo versionInfo = FileVersionInfo.GetVersionInfo(filePath);
             return versionInfo.ProductName;
         }
 
-        private string GetCopyrightInfo()
+        public static string GetCopyrightInfo(string filePath)
         {
-            FileVersionInfo versionInfo = FileVersionInfo.GetVersionInfo(FilePath);
+            FileVersionInfo versionInfo = FileVersionInfo.GetVersionInfo(filePath);
             return versionInfo.LegalCopyright;
         }
 
-        private X509Certificate2 GetCertificateInfo()
+        static X509Certificate2 GetCertificateInfo(string filePath)
         {
             // GetCertificateInfo 구현
             try
             {
                 // 파일에 디지털 서명이 있는지 확인
-                Assembly assembly = Assembly.LoadFile(FilePath);
+                Assembly assembly = Assembly.LoadFile(filePath);
                 X509Certificate2 certificate = new X509Certificate2(assembly.Location);
 
                 // 서명이 유효한지 확인 (옵션)

Catswords.DataType.Client/Helper/FileExtensionDB.cs

@@ -1,22 +1,27 @@
 using Catswords.DataType.Client.Model;
 using System;
 using System.Collections.Generic;
+using System.Diagnostics;
+using System.Linq;
 using System.Net;
+using System.Net.Http;
+using System.Net.NetworkInformation;
 using System.Text;
 using System.Windows.Forms;
 using System.Xml;
 
 namespace Catswords.DataType.Client.Helper
 {
-    class FileExtensionDatabase
+    class FileExtensionDB
     {
-        public List<TimelineMessage> Indicators;
+        public List<Indicator> Indicators;
 
-        public FileExtensionDatabase()
+        public FileExtensionDB()
         {
-            Indicators = new List<TimelineMessage>();
+            Indicators = new List<Indicator>();
         }
 
+
         public void Fetch(string q)
         {
             try
@@ -24,6 +29,7 @@ namespace Catswords.DataType.Client.Helper
                 // 원격 주소에서 XML 다운로드
                 string url = Config.SEARCH_URL + q;
                 WebClient client = new WebClient();
+
                 client.Headers.Add("User-Agent", "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3");
                 client.Encoding = Encoding.UTF8;
                 string xmlString = client.DownloadString(url);
@@ -39,7 +45,7 @@ namespace Catswords.DataType.Client.Helper
                 foreach (XmlNode itemNode in itemList)
                 {
                     // organization
-                    Indicators.Add(new TimelineMessage()
+                    Indicators.Add(new Indicator()
                     {
                         Id = itemNode.SelectSingleNode("id").InnerText,
                         CreatedAt = GetDateTimeFromString(itemNode.SelectSingleNode("datetime").InnerText),
@@ -48,7 +54,7 @@ namespace Catswords.DataType.Client.Helper
                     });
 
                     // description
-                    Indicators.Add(new TimelineMessage()
+                    Indicators.Add(new Indicator()
                     {
                         Id = itemNode.SelectSingleNode("id").InnerText,
                         CreatedAt = GetDateTimeFromString(itemNode.SelectSingleNode("datetime").InnerText),
@@ -57,7 +63,7 @@ namespace Catswords.DataType.Client.Helper
                     });
 
                     // content
-                    Indicators.Add(new TimelineMessage()
+                    Indicators.Add(new Indicator()
                     {
                         Id = itemNode.SelectSingleNode("id").InnerText,
                         CreatedAt = GetDateTimeFromString(itemNode.SelectSingleNode("datetime").InnerText),
@@ -66,7 +72,7 @@ namespace Catswords.DataType.Client.Helper
                     });
 
                     // openwith
-                    Indicators.Add(new TimelineMessage()
+                    Indicators.Add(new Indicator()
                     {
                         Id = itemNode.SelectSingleNode("id").InnerText,
                         CreatedAt = GetDateTimeFromString(itemNode.SelectSingleNode("datetime").InnerText),
@@ -75,7 +81,7 @@ namespace Catswords.DataType.Client.Helper
                     });
 
                     // first reported
-                    Indicators.Add(new TimelineMessage()
+                    Indicators.Add(new Indicator()
                     {
                         Id = itemNode.SelectSingleNode("id").InnerText,
                         CreatedAt = GetDateTimeFromString(itemNode.SelectSingleNode("datetime").InnerText),

Catswords.DataType.Client/Helper/FileHasher.cs

@@ -1,4 +1,7 @@
-using Force.Crc32;
+using BencodeNET.Parsing;
+using BencodeNET.Torrents;
+using Catswords.DataType.Client.Model;
+using Force.Crc32;
 using SsdeepNET;
 using System;
 using System.IO;
@@ -9,39 +12,48 @@ namespace Catswords.DataType.Client.Helper
 {
     public class FileHasher
     {
-        private string FilePath;
+        public static FileHash Compute(string filename)
-
-        public FileHasher(string filePath)
         {
-            FilePath = filePath;
+            string extension = GetExtension(filename);
+            return new FileHash
+            {
+                Extension = extension,
+                MD5 = GetMD5(filename),
+                SHA1 = GetSHA1(filename),
+                MAGIC = GetMAGIC(filename),
+                CRC32 = GetCRC32(filename),
+                SHA256 = GetSHA256(filename),
+                InfoHash = GetInfoHash(filename, extension),
+                SSDEEP = GetSSDEEP(filename)
+            };
         }
 
-        public string GetExtension()
+        private static string GetExtension(string filename)
         {
-            string extension = string.Empty;
-
             try
             {
-                if (Path.GetExtension(FilePath).Length > 0)
+                if (Path.GetExtension(filename).Length > 0)
                 {
-                    extension = Path.GetExtension(FilePath).Substring(1).ToLower();
+                    return Path.GetExtension(filename).Substring(1).ToUpper();
+                }
+                else
+                {
+                    return "";
                 }
             }
-            catch
+            catch (Exception)
             {
-                // nothing
+                return "";
             }
-
-            return extension;
         }
 
-        public string GetMD5()
+        private static string GetMD5(string filename)
         {
-            string checksum = string.Empty;
+            string checksum = "";
 
             using (MD5 hasher = MD5.Create())
             {
-                using (FileStream stream = File.OpenRead(FilePath))
+                using (FileStream stream = File.OpenRead(filename))
                 {
                     byte[] hash = hasher.ComputeHash(stream);
                     checksum = BitConverter.ToString(hash).Replace("-", "").ToLowerInvariant();
@@ -51,13 +63,13 @@ namespace Catswords.DataType.Client.Helper
             return checksum;
         }
 
-        public string GetSHA1()
+        private static string GetSHA1(string filename)
         {
-            string checksum = string.Empty;
+            string checksum = "";
 
             using (SHA1 hasher = SHA1.Create())
             {
-                using (FileStream stream = File.OpenRead(FilePath))
+                using (FileStream stream = File.OpenRead(filename))
                 {
                     byte[] hash = hasher.ComputeHash(stream);
                     checksum = BitConverter.ToString(hash).Replace("-", "").ToLowerInvariant();
@@ -67,11 +79,11 @@ namespace Catswords.DataType.Client.Helper
             return checksum;
         }
 
-        public string GetCRC32()
+        private static string GetCRC32(string filename)
         {
-            string checksum = string.Empty;
+            string checksum = "";
 
-            using (FileStream stream = File.OpenRead(FilePath))
+            using (FileStream stream = File.OpenRead(filename))
             {
                 MemoryStream ms = new MemoryStream();
                 stream.CopyTo(ms);
@@ -81,13 +93,13 @@ namespace Catswords.DataType.Client.Helper
             return checksum;
         }
 
-        public string GetSHA256()
+        private static string GetSHA256(string filename)
         {
-            string checksum = string.Empty;
+            string checksum = "";
 
             using (SHA256 hasher = SHA256.Create())
             {
-                using (FileStream stream = File.OpenRead(FilePath))
+                using (FileStream stream = File.OpenRead(filename))
                 {
                     var hash = hasher.ComputeHash(stream);
                     checksum = BitConverter.ToString(hash).Replace("-", "").ToLowerInvariant();
@@ -97,11 +109,11 @@ namespace Catswords.DataType.Client.Helper
             return checksum;
         }
 
-        public byte[] GetFileBytes(int count = 32)
+        public static byte[] GetFileBytes(string filename, int count = 32)
         {
             byte[] buffer = new byte[count];
 
-            using (var stream = File.OpenRead(FilePath))
+            using (var stream = File.OpenRead(filename))
             {
                 int offset = 0;
                 while (offset < count)
@@ -110,7 +122,7 @@ namespace Catswords.DataType.Client.Helper
                     {
                         int read = stream.Read(buffer, offset, count - offset);
                         if (read == 0)
-                            throw new EndOfStreamException();
+                            throw new System.IO.EndOfStreamException();
                         offset += read;
                     }
                     catch (EndOfStreamException)
@@ -125,30 +137,30 @@ namespace Catswords.DataType.Client.Helper
             return buffer;
         }
 
-        public string GetMagic()
+        private static string GetMAGIC(string filename)
         {
-            return new FileMagicExtractor(FilePath).GetString();
+            return FileMagic.Read(filename);
         }
 
-        public string GetInfoHash()
+        private static string GetInfoHash(string filename, string extension)
         {
-            string checksum = string.Empty;
+            string checksum = "";
-            string extension = GetExtension().ToLower();
 
-            if (extension == "torrent")
+            if (extension.ToUpper() == "TORRENT")
             {
-                var extractor = new InfoHashExtractor(FilePath);
+                BencodeParser parser = new BencodeParser();
-                checksum = extractor.GetString();
+                Torrent torrent = parser.Parse<Torrent>(filename);
+                checksum = BitConverter.ToString(torrent.GetInfoHashBytes()).Replace("-", "").ToLowerInvariant();
             }
 
             return checksum;
         }
 
-        public string GetSSDEEP()
+        private static string GetSSDEEP(string filename)
         {
-            string checksum = string.Empty;
+            string checksum = "";
 
-            using (FileStream stream = File.OpenRead(FilePath))
+            using (FileStream stream = File.OpenRead(filename))
             {
                 MemoryStream ms = new MemoryStream();
                 stream.CopyTo(ms);
@@ -160,9 +172,9 @@ namespace Catswords.DataType.Client.Helper
             return checksum;
         }
 
-        public string GetHexView(byte[] Data)
+        public static string GetHexView(byte[] Data)
         {
-            string output = string.Empty;
+            string output = "";
 
             StringBuilder strb = new StringBuilder();
             StringBuilder text = new StringBuilder();

Catswords.DataType.Client/Helper/FileMagic.cs

@@ -3,24 +3,18 @@ using System.IO;
 
 namespace Catswords.DataType.Client.Helper
 {
-    public class FileMagicExtractor
+    public static class FileMagic
     {
-        private string FilePath;
+        public static string Error = string.Empty;
-        private string Error = null;
 
-        public FileMagicExtractor(string filePath)
+        public static string Read(string filePath)
-        {
-            FilePath = filePath;
-        }
-
-        public string GetString()
         {
             string hexString = "";
 
             try
             {
                 // 파일 열기
-                using (FileStream fs = new FileStream(FilePath, FileMode.Open, FileAccess.Read))
+                using (FileStream fs = new FileStream(filePath, FileMode.Open, FileAccess.Read))
                 {
                     // 첫 3 바이트 읽기
                     byte[] buffer = new byte[3] { 0x00, 0x00, 0x00 };
@@ -38,10 +32,5 @@ namespace Catswords.DataType.Client.Helper
 
             return hexString;
         }
-
-        public string GetError()
-        {
-            return Error;
-        }
     }
 }

Catswords.DataType.Client/Helper/InfoHashExtractor.cs

@@ -1,51 +0,0 @@
-using System;
-using System.IO;
-
-namespace Catswords.DataType.Client.Helper
-{
-    public class InfoHashExtractor
-    {
-        private string FilePath;
-
-        public InfoHashExtractor(string filePath)
-        {
-            FilePath = filePath;
-        }
-
-        public string GetString()
-        {
-            string infoHashString = "";
-
-            try
-            {
-                // 토렌트 파일을 바이트 배열로 읽어옴
-                byte[] torrentData = File.ReadAllBytes(FilePath);
-
-                // 토렌트 파일에서 InfoHash 추출
-                byte[] infoHash = ExtractInfoHash(torrentData);
-
-                // InfoHash를 문자열로 변환하여 출력
-                infoHashString = BitConverter.ToString(infoHash).Replace("-", "").ToLower();
-            }
-            catch (Exception ex)
-            {
-                Console.WriteLine("An error occurred: " + ex.Message);
-            }
-
-            return infoHashString;
-        }
-
-        private byte[] ExtractInfoHash(byte[] torrentData)
-        {
-            // 토렌트 파일의 구조에 따라 InfoHash 위치 파악
-            int start = Array.IndexOf(torrentData, (byte)'4', 0);
-            int end = Array.IndexOf(torrentData, (byte)'e', start);
-
-            // InfoHash 추출
-            byte[] infoHash = new byte[20];
-            Array.Copy(torrentData, start + 1, infoHash, 0, 20);
-
-            return infoHash;
-        }
-    }
-}

Catswords.DataType.Client/Helper/LinkExtractor.cs

@@ -73,7 +73,7 @@ namespace Catswords.DataType.Client.Helper
             }
         }
 
-        public List<string> GetStrings()
+        public string[] GetStrings()
         {
             List<string> results = new List<string>();
 
@@ -111,7 +111,7 @@ namespace Catswords.DataType.Client.Helper
                 MessageBox.Show($"An error occurred: {ex.Message}");
             }
 
-            return results;
+            return results.ToArray();
         }
     }
 }

Catswords.DataType.Client/Helper/OpenXMLExtractor.cs

@@ -29,7 +29,7 @@ namespace Catswords.DataType.Client.Helper
                 {
                     if (entry.FullName == "docProps/core.xml")
                     {
-                        TargetPath = Path.Combine(TempDirectory, Guid.NewGuid().ToString());
+                        TargetPath = Path.Combine(TempDirectory, "docProps_core.xml");
                         entry.ExtractToFile(TargetPath);
                         break;
                     }

Catswords.DataType.Client/Helper/Timeline.cs

@@ -12,14 +12,14 @@ namespace Catswords.DataType.Client.Helper
     {
         public string ApiBaseUrl;
         public string AccessToken;
-        public List<TimelineMessage> Messages;
+        public List<Indicator> Indicators;
         public string ResponseText;
 
         public Timeline(string host, string access_token)
         {
             ApiBaseUrl = $"https://{host}/api/v1/timelines/tag";
             AccessToken = access_token;
-            Messages = new List<TimelineMessage>();
+            Indicators = new List<Indicator>();
         }
 
         public static string RemoveHtmlTags(string input)
@@ -77,7 +77,7 @@ namespace Catswords.DataType.Client.Helper
                         string createdAt = status["created_at"].Value<string>();
                         string content = status["content"].Value<string>();
 
-                        Messages.Add(new TimelineMessage
+                        Indicators.Add(new Indicator
                         {
                             CreatedAt = GetDateTimeFromString(createdAt),
                             Content = RemoveHtmlTags(content)

Catswords.DataType.Client/Model/AndroidPermission.cs

@@ -1,9 +1,13 @@
-namespace Catswords.DataType.Client.Model
+using System;
+
+namespace Catswords.DataType.Client.Model
 {
-    public class AndroidPermission: Timestamp
+    class AndroidPermission
     {
         public string Name { get; set; }
         public string Description { get; set; }
         public int Severity { get; set; }
+        public DateTime CreatedAt { get; set; }
+        public DateTime UpdatedAt { get; set; }
     }
 }

Catswords.DataType.Client/Model/CfbfPartInfo.cs

@@ -1,9 +0,0 @@
-namespace Catswords.DataType.Client.Model
-{
-    public class CfbfPartInfo: Timestamp
-    {
-        public string URI { get; set; }
-        public string ContentType { get; set; }
-        public string Content { get; set; }
-    }
-}

Catswords.DataType.Client/Model/ExifTag.cs

@@ -1,9 +0,0 @@
-namespace Catswords.DataType.Client.Model
-{
-    public class ExifTag: Timestamp
-    {
-        public string Section { get; set; }
-        public string Name { get; set; }
-        public string Description { get; set; }
-    }
-}

Catswords.DataType.Client/Model/FileHash.cs

@@ -1,6 +1,8 @@
-namespace Catswords.DataType.Client.Model
+using System;
+
+namespace Catswords.DataType.Client.Model
 {
-    class HashInfo: Timestamp
+    public class FileHash
     {
         public string Path { get; set; }
         public string Extension { get; set; }
@@ -11,5 +13,7 @@
         public string SHA256 { get; set; }
         public string InfoHash { get; set; }
         public string SSDEEP { get; set; }
+        public DateTime CreatedAt { get; set; }
+        public DateTime UpdatedAt { get; set; }
     }
-}
+}

Catswords.DataType.Client/Model/Indicator.cs

@@ -2,8 +2,11 @@
 
 namespace Catswords.DataType.Client.Model
 {
-    public class Timestamp
+    public class Indicator
     {
+        public string Id { get; set; }
+        public string Content { get; set; }
+        public string Url { get; set; }
         public DateTime CreatedAt { get; set; }
         public DateTime UpdatedAt { get; set; }
     }

Catswords.DataType.Client/Model/OpenXMLMetadata.cs

@@ -2,7 +2,7 @@
 
 namespace Catswords.DataType.Client.Model
 {
-    public class OpenXMLMetadata: Timestamp
+    public class OpenXMLMetadata
     {
         public string Author { get; set; }
         public string Title { get; set; }
@@ -12,5 +12,7 @@ namespace Catswords.DataType.Client.Model
         public string Description { get; set; }
         public string LastUpdatedBy { get; set; }
         public DateTime LastPrintedAt { get; set; }
+        public DateTime CreatedAt { get; set; }
+        public DateTime UpdatedAt { get; set; }
     }
 }

Catswords.DataType.Client/Model/TimelineMessage.cs

@@ -1,9 +0,0 @@
-namespace Catswords.DataType.Client.Model
-{
-    public class TimelineMessage: Timestamp
-    {
-        public string Id { get; set; }
-        public string Content { get; set; }
-        public string Url { get; set; }
-    }
-}

Catswords.DataType.Client/Program.cs

@@ -16,7 +16,7 @@ namespace Catswords.DataType.Client
         {
             Application.EnableVisualStyles();
             Application.SetCompatibleTextRenderingDefault(false);
-            Application.Run(new Main());
+            Application.Run(new Form1());
         }
     }
 }

Catswords.DataType.Client/Properties/AssemblyInfo.cs

@@ -6,12 +6,12 @@ using System.Runtime.InteropServices;
 // 제어됩니다. 어셈블리와 관련된 정보를 수정하려면
 // 이러한 특성 값을 변경하세요.
 [assembly: AssemblyTitle("Catswords.DataType.Client")]
-[assembly: AssemblyDescription("File reputation checker with Social media timeline")]
+[assembly: AssemblyDescription("")]
 [assembly: AssemblyConfiguration("")]
-[assembly: AssemblyCompany("Catswords Research, Co.")]
+[assembly: AssemblyCompany("")]
 [assembly: AssemblyProduct("Catswords.DataType.Client")]
-[assembly: AssemblyCopyright("Namhyeon Go, Opensource licensed under GPL 3.0")]
+[assembly: AssemblyCopyright("Copyright ©  2024")]
-[assembly: AssemblyTrademark("Catswords")]
+[assembly: AssemblyTrademark("")]
 [assembly: AssemblyCulture("")]
 
 // ComVisible을 false로 설정하면 이 어셈블리의 형식이 COM 구성 요소에 

Catswords.DataType.Client/Properties/Resources.Designer.cs

@@ -139,15 +139,5 @@ namespace Catswords.DataType.Client.Properties {
                 return ((System.Drawing.Bitmap)(obj));
             }
         }
-        
-        /// <summary>
-        ///   System.Drawing.Bitmap 형식의 지역화된 리소스를 찾습니다.
-        /// </summary>
-        internal static System.Drawing.Bitmap tags_icon_icons_com_73382 {
-            get {
-                object obj = ResourceManager.GetObject("tags_icon_icons_com_73382", resourceCulture);
-                return ((System.Drawing.Bitmap)(obj));
-            }
-        }
     }
 }

Catswords.DataType.Client/Properties/Resources.resx

@@ -139,9 +139,6 @@
   <data name="office_18907" type="System.Resources.ResXFileRef, System.Windows.Forms">
     <value>..\Resources\office_18907.png;System.Drawing.Bitmap, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a</value>
   </data>
-  <data name="tags_icon_icons_com_73382" type="System.Resources.ResXFileRef, System.Windows.Forms">
-    <value>..\Resources\tags_icon-icons.com_73382.png;System.Drawing.Bitmap, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a</value>
-  </data>
   <data name="_2333410_android_os_smartphone_85588" type="System.Resources.ResXFileRef, System.Windows.Forms">
     <value>..\Resources\2333410-android-os-smartphone_85588.png;System.Drawing.Bitmap, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a</value>
   </data>

Catswords.DataType.Client/UserControl1.cs

@@ -1,7 +1,12 @@
-using Catswords.DataType.Client.Helper;
+using Catswords.DataType.Client.Helper;
+using Catswords.DataType.Client.Model;
 using System;
+using System.ComponentModel.Design;
 using System.Diagnostics;
+using System.Drawing;
 using System.IO;
+using System.Linq;
+using System.Net;
 using System.Windows.Forms;
 
 namespace Catswords.DataType.Client
@@ -10,10 +15,10 @@ namespace Catswords.DataType.Client
     {
         private ImageList imageList = new ImageList();
 
-        public string FilePath;
+        public string filePath;
-        public string FileMagic;
+        public string fileMagic;
-        public string FileName;
+        public string fileName;
-        public string FileExtension;
+        public string fileExtension;
 
         public UserControl1(Form parent)
         {
@@ -25,14 +30,13 @@ namespace Catswords.DataType.Client
             imageList.Images.Add(Properties.Resources._2333410_android_os_smartphone_85588);
             imageList.Images.Add(Properties.Resources.office_18907);
             imageList.Images.Add(Properties.Resources.link_symbol_icon_icons_com_56927);
-            imageList.Images.Add(Properties.Resources.tags_icon_icons_com_73382);
 
             // set image list
             listView1.SmallImageList = imageList;
 
             // Store the file path.
-            FilePath = OpenFileDialog();
+            filePath = OpenFileDialog();
-            if (string.IsNullOrEmpty(FilePath))
+            if (string.IsNullOrEmpty(filePath))
             {
                 MessageBox.Show("Failed to get a file name", "Catswords.DataType.Client");
                 parent.Close();
@@ -40,34 +44,199 @@ namespace Catswords.DataType.Client
             }
 
             // Get first 4 bytes from the file.
-            var extractor = new FileMagicExtractor(FilePath);
+            fileMagic = FileMagic.Read(filePath);
-            FileMagic = extractor.GetString();
 
             // Show file magic to the label
-            label1.Text = "#0x" + FileMagic;
+            label1.Text = "#0x" + fileMagic;
-            if (extractor.GetError() != null)
+            if (FileMagic.Error != string.Empty)
             {
-                ShowStatus(extractor.GetError());
+                textBox1.Text = FileMagic.Error;
             }
 
             // Get file name and file extension
             try
             {
-                FileExtension = Path.GetExtension(FilePath);
+                fileExtension = Path.GetExtension(filePath);
-                FileName = Path.GetFileName(FilePath);
+                fileName = Path.GetFileName(filePath);
-                if (FileExtension.Length > 0 && FileExtension.Substring(0, 1) == ".")
+                if (fileExtension.Length > 0 && fileExtension.Substring(0, 1) == ".")
                 {
-                    FileExtension = FileExtension.Substring(1);
+                    fileExtension = fileExtension.Substring(1);
                 }
             }
             catch
             {
-                FileExtension = "";
+                fileExtension = "";
-                FileName = "";
+                fileName = "";
             }
 
-            // Run the worker
+            // Get data from file extension database
-            (new Worker1(this)).Run();
+            FetchFromFileExtensionDB();
+
+            // Get data from Android manifest
+            ExtractAndroidManifest();
+
+            // Get data from timeline
+            FetchFromTimeline();
+
+            // Get links from file binary
+            ExtractLink();
+        }
+
+        bool IsInternetConnected()
+        {
+            const string NCSI_TEST_URL = "http://www.msftncsi.com/ncsi.txt";
+            const string NCSI_DNS = "dns.msftncsi.com";
+            const string NCSI_DNS_IP_ADDRESS = "131.107.255.255";
+
+
+            try
+            {
+                // Check NCSI test link
+                var webClient = new WebClient();
+                string result = webClient.DownloadString(NCSI_TEST_URL);
+                if (result != "Microsoft NCSI")
+                {
+                    return false;
+                }
+
+                // Check NCSI DNS IP
+                var dnsHost = Dns.GetHostEntry(NCSI_DNS);
+                if (dnsHost.AddressList.Count() < 0 || dnsHost.AddressList[0].ToString() != NCSI_DNS_IP_ADDRESS)
+                {
+                    return false;
+                }
+            }
+            catch (Exception ex)
+            {
+                Debug.WriteLine(ex);
+                return false;
+            }
+
+            return true;
+        }
+
+        private void FetchFromFileExtensionDB()
+        {
+            if (IsInternetConnected())
+            {
+                var search = new FileExtensionDB();
+                search.Fetch(fileExtension);
+                foreach (Indicator ind in search.Indicators)
+                {
+                    listView1.Items.Add(new ListViewItem(new string[] { ind.CreatedAt.ToString(), ind.Content }, 0));
+                }
+            } else
+            {
+                MessageBox.Show("인터넷에 연결되어 있지 않습니다.", "오류", MessageBoxButtons.OK, MessageBoxIcon.Error);
+                return;
+            }
+
+        }
+
+        private void FetchFromTimeline()
+        {
+            // Request a timeline
+            var search = new Timeline(Config.MASTODON_HOST, Config.MASTODON_ACCESS_TOKEN);
+
+            // fetch data by file magic
+            search.Fetch("0x" + fileMagic);
+
+            // if PE format (ImpHash)
+            if (fileMagic.StartsWith("4d5a"))
+            {
+                try
+                {
+                    string imphash = ImpHash.Calculate(filePath);
+                    search.Fetch(imphash);
+
+                    string companyInfo = FileCompany.Read(filePath);
+                    search.Fetch(companyInfo);
+
+                    textBox1.Text = "ImpHash=" + imphash + "; CompanyInfo=" + companyInfo;
+                }
+                catch (Exception ex)
+                {
+                    textBox1.Text = ex.Message;
+                }
+            }
+
+            // fetch data by file extension
+            if (fileExtension.Length > 0)
+            {
+                search.Fetch(fileExtension);
+
+                // if Office365 format
+                if (fileExtension.StartsWith("xls") || fileExtension.StartsWith("ppt") || fileExtension.StartsWith("doc"))
+                {
+                    if (fileExtension == "xlsx" || fileExtension == "pptx" || fileExtension == "docx")
+                    {
+                        ExtractOpenXML();
+                    }
+
+                    search.Fetch("msoffice");
+                    search.Fetch("office365");
+                }
+            }
+
+            // if it contains ransomware keywords
+            if (fileName.ToLower().Contains("readme") || fileName.ToLower().Contains("decrypt"))
+            {
+                search.Fetch("ransomware");
+            }
+
+            // if IoC (Indicators of Compomise) mode
+            if (fileMagic == "58354f")    // EICAR test file header
+            {
+                search.Fetch("malware");
+            }
+
+            // Show the timeline
+            foreach (Indicator ind in search.Indicators)
+            {
+                listView1.Items.Add(new ListViewItem(new string[] { ind.CreatedAt.ToString(), ind.Content }, 1));
+            }
+        }
+
+        private void ExtractAndroidManifest()
+        {
+            if (fileExtension == "apk")
+            {
+                var extractor = new ApkManifestExtractor(filePath);
+                extractor.Open();
+                foreach (AndroidPermission perm in extractor.GetPermissions())
+                {
+                    listView1.Items.Add(new ListViewItem(new string[] { perm.CreatedAt.ToString(), perm.Name + ' ' + perm.Description }, 2));
+                }
+                extractor.Close();
+            }
+        }
+
+        private void ExtractOpenXML()
+        {
+            var extractor = new OpenXMLExtractor(filePath);
+            extractor.Open();
+
+            var metadata = extractor.GetMetadata();
+            listView1.Items.Add(new ListViewItem(new string[] { DateTime.Now.ToString(), "Author: " + metadata.Author }, 3));
+            listView1.Items.Add(new ListViewItem(new string[] { DateTime.Now.ToString(), "Title: " + metadata.Title }, 3));
+            listView1.Items.Add(new ListViewItem(new string[] { DateTime.Now.ToString(), "Subject: " + metadata.Subject }, 3));
+            listView1.Items.Add(new ListViewItem(new string[] { DateTime.Now.ToString(), "Category: " + metadata.Category }, 3));
+            listView1.Items.Add(new ListViewItem(new string[] { DateTime.Now.ToString(), "Description: " + metadata.Description }, 3));
+            listView1.Items.Add(new ListViewItem(new string[] { DateTime.Now.ToString(), "Created: " + metadata.CreatedAt.ToString() }, 3));
+            listView1.Items.Add(new ListViewItem(new string[] { DateTime.Now.ToString(), "Last updated: " + metadata.UpdatedAt.ToString() }, 3));
+            listView1.Items.Add(new ListViewItem(new string[] { DateTime.Now.ToString(), "Last updated by: " + metadata.LastUpdatedBy }, 3));
+            listView1.Items.Add(new ListViewItem(new string[] { DateTime.Now.ToString(), "Last printed: " + metadata.LastPrintedAt }, 3));
+            extractor.Close();
+        }
+
+        private void ExtractLink()
+        {
+            var extractor = new LinkExtractor(filePath);
+            string[] links = extractor.GetStrings();
+            foreach (string link in links)
+            {
+                listView1.Items.Add(new ListViewItem(new string[] { DateTime.Now.ToString(), link }, 4));
+            }
         }
 
         public string OpenFileDialog()
@@ -86,36 +255,6 @@ namespace Catswords.DataType.Client
             return filePath;
         }
 
-        public void AddIndicator(DateTime dt, string Description, int ImageIndex)
-        {
-            if (listView1.InvokeRequired) {
-                listView1.Invoke(new MethodInvoker(delegate
-                {
-                    listView1.Items.Add(new ListViewItem(new string[] { dt.ToString(), Description }, ImageIndex));
-                }));
-            }
-            else
-            {
-                listView1.Items.Add(new ListViewItem(new string[] { dt.ToString(), Description }, ImageIndex));
-            }
-            
-        }
-
-        public void ShowStatus(string status)
-        {
-            if (textBox1.InvokeRequired)
-            {
-                textBox1.Invoke(new MethodInvoker(delegate
-                {
-                    textBox1.Text = status;
-                }));
-            }
-            else
-            {
-                textBox1.Text = status;
-            }
-        }
-
         private void linkLabel1_LinkClicked(object sender, LinkLabelLinkClickedEventArgs e)
         {
             Process.Start("https://catswords.social/auth/sign_up");
@@ -123,19 +262,8 @@ namespace Catswords.DataType.Client
 
         private void button1_Click(object sender, EventArgs e)
         {
-            Form form = new Form
+            Form newForm = new Form2(this);
-            {
+            newForm.Show();
-                Text = "Expert",
-                FormBorderStyle = FormBorderStyle.FixedSingle,
-                Icon = Properties.Resources.icon,
-                MaximizeBox = false,
-                MinimizeBox = false,
-                Width = 450,
-                Height = 560,
-                BackColor = System.Drawing.SystemColors.Window
-            };
-            form.Controls.Add(new UserControl2(this));
-            form.Show();
         }
     }
 }

Catswords.DataType.Client/UserControl2.cs

@@ -1,102 +0,0 @@
-using Catswords.DataType.Client.Helper;
-using Catswords.DataType.Client.Model;
-using System;
-using System.ComponentModel.Design;
-using System.Diagnostics;
-using System.Threading.Tasks;
-using System.Windows.Forms;
-
-namespace Catswords.DataType.Client
-{
-    public partial class UserControl2 : UserControl
-    {
-        private UserControl1 Parent;
-        private HashInfo CalculatedHashInfo = new HashInfo();
-
-        public UserControl2(UserControl1 parent)
-        {
-            InitializeComponent();
-            Parent = parent;
-        }
-
-        private void Form2_Load(object sender, EventArgs e)
-        {
-            new Task(() =>
-            {
-                var hasher = new FileHasher(Parent.FilePath);
-
-                txtExtension.Invoke(new MethodInvoker(delegate
-                {
-                    txtExtension.Text = hasher.GetExtension();
-                    CalculatedHashInfo.Extension = txtExtension.Text;
-                }));
-
-                txtMagic.Invoke(new MethodInvoker(delegate
-                {
-                    txtMagic.Text = hasher.GetMagic();
-                    CalculatedHashInfo.Extension = txtMagic.Text;
-                }));
-
-                txtHashMd5.Invoke(new MethodInvoker(delegate
-                {
-                    txtHashMd5.Text = hasher.GetMD5();
-                    CalculatedHashInfo.MD5 = txtHashMd5.Text;
-                }));
-
-                txtHashSha1.Invoke(new MethodInvoker(delegate
-                {
-                    txtHashSha1.Text = hasher.GetSHA1();
-                    CalculatedHashInfo.SHA1 = txtHashSha1.Text;
-                }));
-
-                txtHashCrc32.Invoke(new MethodInvoker(delegate
-                {
-                    txtHashCrc32.Text = hasher.GetCRC32();
-                    CalculatedHashInfo.CRC32 = txtHashCrc32.Text;
-                }));
-
-                txtHashSha256.Invoke(new MethodInvoker(delegate
-                {
-                    txtHashSha256.Text = hasher.GetSHA256();
-                    CalculatedHashInfo.SHA256 = txtHashSha256.Text;
-                }));
-
-                txtInfoHash.Invoke(new MethodInvoker(delegate
-                {
-                    txtInfoHash.Text = hasher.GetInfoHash();
-                    CalculatedHashInfo.InfoHash = txtInfoHash.Text;
-                }));
-
-                txtSsdeep.Invoke(new MethodInvoker(delegate
-                {
-                    txtSsdeep.Text = hasher.GetSSDEEP();
-                    CalculatedHashInfo.SSDEEP = txtSsdeep.Text;
-                }));
-
-                CalculatedHashInfo.CreatedAt = DateTime.Now;
-                CalculatedHashInfo.UpdatedAt = CalculatedHashInfo.CreatedAt;
-            }).Start();
-        }
-
-        private void button1_Click(object sender, EventArgs e)
-        {
-            ByteViewer bv = new ByteViewer();
-            bv.SetFile(Parent.FilePath); // or SetBytes
-
-            Form newForm = new Form();
-            newForm.Size = new System.Drawing.Size(650, 600);
-            newForm.Text = "ByteViewer";
-            newForm.Icon = Properties.Resources.icon;
-            newForm.MinimizeBox = false;
-            newForm.MaximizeBox = false;
-            newForm.FormBorderStyle = FormBorderStyle.FixedSingle;
-            newForm.Controls.Add(bv);
-            newForm.Show();
-        }
-
-        private void button2_Click(object sender, EventArgs e)
-        {
-            Process.Start("https://www.virustotal.com/gui/file/" + CalculatedHashInfo.SHA256);
-        }
-    }
-}

Catswords.DataType.Client/Worker1.cs

@@ -1,167 +0,0 @@
-using Catswords.DataType.Client.Helper;
-using Catswords.DataType.Client.Model;
-using MetadataExtractor;
-using System;
-using System.Threading.Tasks;
-
-namespace Catswords.DataType.Client
-{
-    public class Worker1
-    {
-        private UserControl1 Parent;
-
-        public Worker1(UserControl1 parent)
-        {
-            Parent = parent;
-        }
-
-        public void FromFileExtension()
-        {
-            var search = new FileExtensionDatabase();
-            search.Fetch(Parent.FileExtension);
-            foreach (TimelineMessage ind in search.Indicators)
-            {
-                Parent.AddIndicator(ind.CreatedAt, ind.Content, 0);
-            }
-        }
-
-        public void FromTimeline()
-        {
-            // Request a timeline
-            var search = new Timeline(Config.MASTODON_HOST, Config.MASTODON_ACCESS_TOKEN);
-
-            // fetch data by file magic
-            search.Fetch("0x" + Parent.FileMagic);
-
-            // if PE format (ImpHash)
-            if (Parent.FileMagic.StartsWith("4d5a"))
-            {
-                try
-                {
-                    string imphash = ImpHash.Calculate(Parent.FilePath);
-                    search.Fetch(imphash);
-
-                    string organization = (new PeOrganizationExtractor(Parent.FilePath)).GetString();
-                    search.Fetch(organization);
-                    Parent.AddIndicator(DateTime.Now, "This file are distributed by " + organization, 4);
-                    Parent.ShowStatus("ImpHash=" + imphash + "; Organization=" + organization);
-                }
-                catch (Exception ex)
-                {
-                    Parent.ShowStatus(ex.Message);
-                }
-            }
-
-            // fetch data by file extension
-            if (Parent.FileExtension.Length > 0)
-            {
-                search.Fetch(Parent.FileExtension);
-
-                // if Office365 format
-                if (Parent.FileExtension.StartsWith("xls") || Parent.FileExtension.StartsWith("ppt") || Parent.FileExtension.StartsWith("doc"))
-                {
-                    if (Parent.FileExtension == "xlsx" || Parent.FileExtension == "pptx" || Parent.FileExtension == "docx")
-                    {
-                        FromOpenXML();
-                    }
-
-                    search.Fetch("msoffice");
-                    search.Fetch("office365");
-                }
-            }
-
-            // if it contains ransomware keywords
-            if (Parent.FileName.ToLower().Contains("readme") || Parent.FileName.ToLower().Contains("decrypt"))
-            {
-                search.Fetch("ransomware");
-            }
-
-            // if IoC (Indicators of Compomise) mode
-            if (Parent.FileMagic == "58354f")    // EICAR test file header
-            {
-                search.Fetch("malware");
-            }
-
-            // Show the timeline
-            foreach (TimelineMessage ind in search.Messages)
-            {
-                Parent.AddIndicator(ind.CreatedAt, ind.Content, 1);
-            }
-        }
-
-        public void FromAndroidManifest()
-        {
-            if (Parent.FileExtension == "apk")
-            {
-                var extractor = new ApkManifestExtractor(Parent.FilePath);
-                extractor.Open();
-                foreach (AndroidPermission perm in extractor.GetPermissions())
-                {
-                    Parent.AddIndicator(perm.CreatedAt, perm.Name + ' ' + perm.Description, 2);
-                }
-                extractor.Close();
-            }
-        }
-
-        public void FromOpenXML()
-        {
-            var extractor = new OpenXMLExtractor(Parent.FilePath);
-            extractor.Open();
-
-            var metadata = extractor.GetMetadata();
-            Parent.AddIndicator(DateTime.Now, "Author: " + metadata.Author, 3);
-            Parent.AddIndicator(DateTime.Now, "Title: " + metadata.Title, 3);
-            Parent.AddIndicator(DateTime.Now, "Subject: " + metadata.Subject, 3);
-            Parent.AddIndicator(DateTime.Now, "Category: " + metadata.Category, 3);
-            Parent.AddIndicator(DateTime.Now, "Description: " + metadata.Description, 3);
-            Parent.AddIndicator(DateTime.Now, "Created: " + metadata.CreatedAt.ToString(), 3);
-            Parent.AddIndicator(DateTime.Now, "Last updated: " + metadata.UpdatedAt.ToString(), 3);
-            Parent.AddIndicator(DateTime.Now, "Last updated by: " + metadata.LastUpdatedBy, 3);
-            Parent.AddIndicator(DateTime.Now, "Last printed: " + metadata.LastPrintedAt, 3);
-            extractor.Close();
-        }
-
-        public void FromLinks()
-        {
-            var extractor = new LinkExtractor(Parent.FilePath);
-            var strings = extractor.GetStrings();
-            foreach (string str in strings)
-            {
-                Parent.AddIndicator(DateTime.Now, str, 4);
-            }
-        }
-
-        public void FromExif()
-        {
-            var extractor = new ExifTagExtractor(Parent.FilePath);
-            var tags = extractor.GetTags();
-            foreach (ExifTag tag in tags)
-            {
-                Parent.AddIndicator(DateTime.Now, $"{tag.Name} ({tag.Section}): {tag.Description}", 5);
-            }
-        }
-
-        public void FormCfbf()
-        {
-            var extractor = new CfbfExtractor(Parent.FilePath);
-            var parts = extractor.GetParts();
-            foreach (CfbfPartInfo part in parts)
-            {
-                Parent.AddIndicator(DateTime.Now, $"CFBF: {part.Content} ({part.ContentType}, {part.URI})", 5);
-            }
-        }
-
-        public void Run()
-        {
-            new Task(() =>
-            {
-                FromFileExtension();    // Get data from file extension database
-                FromAndroidManifest();    // Get data from Android manifest
-                FromTimeline();   // Get data from timeline
-                FromLinks();  // Get links from file
-                FromExif();  // Get EXIF tags from file
-                FormCfbf();  // Get CFBF (aka. OLE) parts from file
-            }).Start();
-        }
-    }
-}

Catswords.DataType.Client/packages.config

@@ -1,11 +1,11 @@
 <?xml version="1.0" encoding="utf-8"?>
 <packages>
+  <package id="BencodeNET" version="4.0.0" targetFramework="net48" />
   <package id="Crc32.NET" version="1.2.0" targetFramework="net48" />
   <package id="MetadataExtractor" version="2.8.1" targetFramework="net48" />
   <package id="Newtonsoft.Json" version="13.0.3" targetFramework="net48" />
   <package id="System.Buffers" version="4.5.1" targetFramework="net48" />
   <package id="System.IO.Compression.ZipFile" version="4.3.0" targetFramework="net48" />
-  <package id="System.IO.Packaging" version="8.0.0" targetFramework="net48" />
   <package id="System.IO.Pipelines" version="8.0.0" targetFramework="net48" />
   <package id="System.Memory" version="4.5.5" targetFramework="net48" />
   <package id="System.Numerics.Vectors" version="4.5.0" targetFramework="net48" />