Entropy Buster v1.1
Entropy Buster or EBuster for short was inspired by Mining Mimecast: brute forcing your way to success by Paul Price. The attack he talked about is actually surprisingly common in the wild as a lot of companies will either use in-house custom URL encodings for link labeling or they will use existing encodings like Base64. In both of these cases unless the user is required to authorize before accessing the link, it opens a potential hole for attackers. The purpose of Entropy Buster is to take sets of strings that share some kind of commonality and look for commonly occurring characters or even static characters in the strings that can help with predictability.
Entropy Buster was run on a set of 14 Mimecast URLs using the same format as listed in the article to determine information. While the dataset is not amazing, we are still able to scrape a good bit of information from it.
Entropy Buster is a Python 3 project and requires Colorama and Astropy.
Added string mimicry functions -mU for unweighted mimicking and -mW for weighting mimicking.
Removed statics for timing past ASCII.
Added variation to the timing to show in Seconds, Minutes, Hours, Days, Weeks, Months, and Years.
Minor bug fixes with character weight printing where characters with leading zero percentages were showing above other numbers.
Added a rough pattern finding function that checks for character ranges and lengths for common hash functions and base64 encoding.