Forked from: https://github.com/DinoTools/python-ssdeep
This is a straightforward Python wrapper for ssdeep by Jesse Kornblum, which is a library for computing context triggered piecewise hashes (CTPH). Also called fuzzy hashes, CTPH can match inputs that have homologies. Such inputs have sequences of identical bytes in the same order, although bytes in between these sequences may be different in both content and length.
The ssdeeper wrapper uses the ssdeep libraries as augmented by Fraunhofer FKIE. The specific flavor used is ssdeep-refactored-4b-djb2-nocommonsub. Scientific papers and slides on Fraunhofer FKIE's ssdeeper version 2.14.1 may be found on the DFRWS publication websites.
To compute a fuzzy hash, use hash function:
>>> import ssdeeper
>>> hash1 = ssdeeper.hash('Also called fuzzy hashes, Ctph can match inputs that have homologies.')
>>> hash1
'3:AN8gu5QklJgVNhyEgcGwFEBQJaL:VgDhxFkL'
>>> hash2 = ssdeeper.hash('Also called fuzzy hashes, CTPH can match inputs that have homologies.')
>>> hash2
'3:AN8gu5QklJuXgcGwFEBQJaL:VglxFkL'The compare function returns the match between 2 hashes, an integer value from 0 (no match) to 100.
>>> ssdeeper.compare(hash1, hash2)
28More examples are available in the python-ssdeep documentation.
If all requirements are met it is possible to install the wrapper by using pip or easy_install.
$ pip install git+https://codeberg.org/DFIR/python-ssdeeperThe build will always use the included version of the ssdeep library.
For more information have a look at the python-ssdeep documentation.
- Debian 12, 13
- Ubuntu 24.04
Feel free to use the prebuild python-ssdeep documentation or use the steps below to build the documentation.
$ cd docs
$ pip install -r requirements.txt
$ make htmlThe code is licensed under the terms of the LGPLv3+.
This wrapper includes the Python wrapper for the ssdeep fuzzy hashing library as enhanced by Fraunhofer FKIE (dubbed ssdeeper version 2.14.1). It is licensed under the GPLv2.