Formatting

ryanohoro · Mar 9, 2024 · f111712 · f111712
1 parent 5bdfdc3
commit f111712
Show file tree

Hide file tree

Showing 5 changed files with 52 additions and 52 deletions.
diff --git a/src/python/strelka/scanners/scan_docx.py b/src/python/strelka/scanners/scan_docx.py
@@ -33,17 +33,17 @@ def scan(self, data, file, options, expire_at):
                 self.event["identifier"] = docx_doc.core_properties.identifier
                 self.event["keywords"] = docx_doc.core_properties.keywords
                 self.event["language"] = docx_doc.core_properties.language
-                self.event[
-                    "last_modified_by"
-                ] = docx_doc.core_properties.last_modified_by
+                self.event["last_modified_by"] = (
+                    docx_doc.core_properties.last_modified_by
+                )
                 if docx_doc.core_properties.last_printed is not None:
-                    self.event[
-                        "last_printed"
-                    ] = docx_doc.core_properties.last_printed.isoformat()
+                    self.event["last_printed"] = (
+                        docx_doc.core_properties.last_printed.isoformat()
+                    )
                 if docx_doc.core_properties.modified is not None:
-                    self.event[
-                        "modified"
-                    ] = docx_doc.core_properties.modified.isoformat()
+                    self.event["modified"] = (
+                        docx_doc.core_properties.modified.isoformat()
+                    )
                 self.event["revision"] = docx_doc.core_properties.revision
                 self.event["subject"] = docx_doc.core_properties.subject
                 self.event["title"] = docx_doc.core_properties.title

diff --git a/src/python/strelka/scanners/scan_iso.py b/src/python/strelka/scanners/scan_iso.py
@@ -30,19 +30,19 @@ def scan(self, data, file, options, expire_at):
 
                 # Attempt to get Meta
                 try:
-                    self.event["meta"][
-                        "date_created"
-                    ] = self._datetime_from_volume_date(iso.pvd.volume_creation_date)
-                    self.event["meta"][
-                        "date_effective"
-                    ] = self._datetime_from_volume_date(iso.pvd.volume_effective_date)
-                    self.event["meta"][
-                        "date_expiration"
-                    ] = self._datetime_from_volume_date(iso.pvd.volume_expiration_date)
-                    self.event["meta"][
-                        "date_modification"
-                    ] = self._datetime_from_volume_date(
-                        iso.pvd.volume_modification_date
+                    self.event["meta"]["date_created"] = (
+                        self._datetime_from_volume_date(iso.pvd.volume_creation_date)
+                    )
+                    self.event["meta"]["date_effective"] = (
+                        self._datetime_from_volume_date(iso.pvd.volume_effective_date)
+                    )
+                    self.event["meta"]["date_expiration"] = (
+                        self._datetime_from_volume_date(iso.pvd.volume_expiration_date)
+                    )
+                    self.event["meta"]["date_modification"] = (
+                        self._datetime_from_volume_date(
+                            iso.pvd.volume_modification_date
+                        )
                     )
                     self.event["meta"][
                         "volume_identifier"

diff --git a/src/python/strelka/scanners/scan_lnk.py b/src/python/strelka/scanners/scan_lnk.py
@@ -143,18 +143,18 @@ def scan(self, data, file, options, expire_at):
 
                 try:
                     if extradata.IconEnvironmentDataBlock:
-                        self.event[
-                            "icon_target"
-                        ] = extradata.IconEnvironmentDataBlock.TargetAnsi
+                        self.event["icon_target"] = (
+                            extradata.IconEnvironmentDataBlock.TargetAnsi
+                        )
                 except strelka.ScannerTimeout:
                     raise
                 except Exception:
                     self.flags.append("Unable to parse IconEnvironmentDataBlock")
 
                 if extradata.TrackerDataBlock:
-                    self.event[
-                        "machine_id"
-                    ] = extradata.TrackerDataBlock.MachineID.strip(b"\x00")
+                    self.event["machine_id"] = (
+                        extradata.TrackerDataBlock.MachineID.strip(b"\x00")
+                    )
                     self.event["mac"] = str(
                         uuid.UUID(bytes_le=extradata.TrackerDataBlock.Droid[16:])
                     ).split("-")[-1]

diff --git a/src/python/strelka/scanners/scan_pe.py b/src/python/strelka/scanners/scan_pe.py
@@ -535,18 +535,18 @@ def scan(self, data, file, options, expire_at):
         self.event["address_of_entry_point"] = pe.OPTIONAL_HEADER.AddressOfEntryPoint
         self.event["image_base"] = pe.OPTIONAL_HEADER.ImageBase
         self.event["size_of_code"] = pe.OPTIONAL_HEADER.SizeOfCode
-        self.event[
-            "size_of_initialized_data"
-        ] = pe.OPTIONAL_HEADER.SizeOfInitializedData
+        self.event["size_of_initialized_data"] = (
+            pe.OPTIONAL_HEADER.SizeOfInitializedData
+        )
         self.event["size_of_headers"] = pe.OPTIONAL_HEADER.SizeOfHeaders
         self.event["size_of_heap_reserve"] = pe.OPTIONAL_HEADER.SizeOfHeapReserve
         self.event["size_of_image"] = pe.OPTIONAL_HEADER.SizeOfImage
         self.event["size_of_stack_commit"] = pe.OPTIONAL_HEADER.SizeOfStackCommit
         self.event["size_of_stack_reserve"] = pe.OPTIONAL_HEADER.SizeOfStackReserve
         self.event["size_of_heap_commit"] = pe.OPTIONAL_HEADER.SizeOfHeapCommit
-        self.event[
-            "size_of_uninitialized_data"
-        ] = pe.OPTIONAL_HEADER.SizeOfUninitializedData
+        self.event["size_of_uninitialized_data"] = (
+            pe.OPTIONAL_HEADER.SizeOfUninitializedData
+        )
         self.event["file_alignment"] = pe.OPTIONAL_HEADER.FileAlignment
         self.event["section_alignment"] = pe.OPTIONAL_HEADER.SectionAlignment
         self.event["checksum"] = pe.OPTIONAL_HEADER.CheckSum
@@ -555,12 +555,12 @@ def scan(self, data, file, options, expire_at):
         self.event["minor_image_version"] = pe.OPTIONAL_HEADER.MinorImageVersion
         self.event["major_linker_version"] = pe.OPTIONAL_HEADER.MajorLinkerVersion
         self.event["minor_linker_version"] = pe.OPTIONAL_HEADER.MinorLinkerVersion
-        self.event[
-            "major_operating_system_version"
-        ] = pe.OPTIONAL_HEADER.MajorOperatingSystemVersion
-        self.event[
-            "minor_operating_system_version"
-        ] = pe.OPTIONAL_HEADER.MinorOperatingSystemVersion
+        self.event["major_operating_system_version"] = (
+            pe.OPTIONAL_HEADER.MajorOperatingSystemVersion
+        )
+        self.event["minor_operating_system_version"] = (
+            pe.OPTIONAL_HEADER.MinorOperatingSystemVersion
+        )
         self.event["major_subsystem_version"] = pe.OPTIONAL_HEADER.MajorSubsystemVersion
         self.event["minor_subsystem_version"] = pe.OPTIONAL_HEADER.MinorSubsystemVersion
         self.event["image_version"] = float(

diff --git a/src/python/strelka/scanners/scan_pgp.py b/src/python/strelka/scanners/scan_pgp.py
@@ -77,9 +77,9 @@ def parse_pgpdump(self, data):
                         secret_key_entry["creation_time"] = creation_time.isoformat()
                     expiration_time = getattr(packet, "expiration_time", None)
                     if expiration_time is not None:
-                        secret_key_entry[
-                            "expiration_time"
-                        ] = expiration_time.isoformat()
+                        secret_key_entry["expiration_time"] = (
+                            expiration_time.isoformat()
+                        )
 
                     if secret_key_entry not in self.event["secret_keys"]:
                         self.event["secret_keys"].append(secret_key_entry)
@@ -101,9 +101,9 @@ def parse_pgpdump(self, data):
                         public_key_entry["creation_time"] = creation_time.isoformat()
                     expiration_time = getattr(packet, "expiration_time", None)
                     if expiration_time is not None:
-                        public_key_entry[
-                            "expiration_time"
-                        ] = expiration_time.isoformat()
+                        public_key_entry["expiration_time"] = (
+                            expiration_time.isoformat()
+                        )
 
                     if public_key_entry not in self.event["public_keys"]:
                         self.event["public_keys"].append(public_key_entry)
@@ -138,14 +138,14 @@ def parse_pgpdump(self, data):
                     }
                     creation_time = getattr(packet, "creation_time", None)
                     if creation_time is not None:
-                        signature_packet_entry[
-                            "creation_time"
-                        ] = creation_time.isoformat()
+                        signature_packet_entry["creation_time"] = (
+                            creation_time.isoformat()
+                        )
                     expiration_time = getattr(packet, "expiration_time", None)
                     if expiration_time is not None:
-                        signature_packet_entry[
-                            "expiration_time"
-                        ] = expiration_time.isoformat()
+                        signature_packet_entry["expiration_time"] = (
+                            expiration_time.isoformat()
+                        )
 
                     if signature_packet_entry not in self.event["signatures"]:
                         self.event["signatures"].append(signature_packet_entry)