stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

semi implemented and features implemented save checkpoint

Browse Source
This commit is contained in:
master
2026-02-08 18:00:49 +02:00
parent 04360dff63
commit 1bf6bbf395
20895 changed files with 716795 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
docs/features/unchecked/scanner/entropy-analysis-for-binaries.md Normal file
View File

@@ -0,0 +1,35 @@
# Entropy Analysis for Binaries
## Module
Scanner
## Status
IMPLEMENTED
## Description
Shannon entropy analysis pass integrated into the binary scanning pipeline, detecting packed/encrypted/obfuscated sections in ELF and PE binaries to flag suspicious artifacts.
## Implementation Details
- **Core Entropy Calculator**:
- `src/Scanner/__Libraries/StellaOps.Scanner.Core/Entropy/EntropyCalculator.cs` - Shannon entropy calculation
- `src/Scanner/__Libraries/StellaOps.Scanner.Core/Entropy/EntropyReportBuilder.cs` - Builds entropy analysis reports
- `src/Scanner/__Libraries/StellaOps.Scanner.Core/Entropy/EntropyReportModels.cs` - Report models
- **Worker Stage**:
- `src/Scanner/StellaOps.Scanner.Worker/Processing/Entropy/EntropyStageExecutor.cs` - Entropy analysis stage in scan pipeline
- **PE Hardening Integration**:
- `src/Scanner/StellaOps.Scanner.Analyzers.Native/Hardening/PeHardeningExtractor.cs` - PE hardening extraction including entropy analysis
- `src/Scanner/StellaOps.Scanner.Analyzers.Native/Hardening/HardeningFlags.cs` - Hardening flags model
- **API Contracts**:
- `src/Scanner/StellaOps.Scanner.WebService/Contracts/EntropyContracts.cs` - Entropy analysis API contracts
- `src/Scanner/StellaOps.Scanner.WebService/Endpoints/ScanEndpoints.cs` - Exposes entropy data in scan results
- **Secrets Detection Integration**:
- `src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Secrets/Detectors/EntropyCalculator.cs` - Entropy calculator for secret detection
- `src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Secrets/Detectors/EntropyDetector.cs` - High-entropy string detection for secrets
## E2E Test Plan
- [ ] Scan a container image containing packed/UPX-compressed ELF binaries and verify high entropy sections are flagged
- [ ] Scan an image with standard (non-packed) binaries and verify entropy values are within normal range
- [ ] Verify PE binary analysis includes entropy data for each section
- [ ] Verify entropy analysis results appear in scan API response
- [ ] Verify the `EntropyStageExecutor` runs as part of the scan pipeline
- [ ] Verify entropy-based secret detection flags high-entropy strings as potential secrets