# ssdeep
> Compute fuzzy hashes (CTPH) for finding similar files — useful for malware variant clustering

**Category:** [[categories/examine-static-properties-general|Examine Static Properties > General]] | **Tier:** Rich (FOR610)
**Docs:** [https://docs.remnux.org/discover-the-tools/examine+static+properties/general](https://docs.remnux.org/discover-the-tools/examine+static+properties/general)

## Usage
```bash
ssdeep <sample>
ssdeep -m <known.ssdeep> <sample>
ssdeep -d <sample1> <sample2>
```

## Related Tools
- [[tools/7-zip|7-Zip]] — Compress and decompress files using a variety of algorithms.
- [[tools/binwalk|binwalk]] — Analyze and extract embedded files and firmware images
- [[tools/bulk-extractor|bulk-extractor]] — Extract interesting strings from binary files.
- [[tools/clamav|ClamAV]] — Open-source antivirus — scan files for known malware signatu
- [[tools/diec|diec]] — Detect packers, compilers, and tools used to create executab

#hashing #fuzzy #similarity #clustering