malice-zoner
Malice Zoner AntiVirus Plugin
Dependencies
Installation
- Install Docker.
- Download trusted build from public DockerHub:
docker pull malice/zoner
Usage
docker run --rm malice/zoner EICAR
Or link your own malware folder:
$ docker run --rm -v /path/to/malware:/malware:ro malice/zoner FILE
Usage: zoner [OPTIONS] COMMAND [arg...]
Malice Zoner AntiVirus Plugin
Version: v0.1.0, BuildTime: 20180903
Author:
blacktop - <https://github.com/blacktop>
Options:
--verbose, -V verbose output
--table, -t output as Markdown table
--callback, -c POST results to Malice webhook [$MALICE_ENDPOINT]
--proxy, -x proxy settings for Malice webhook endpoint [$MALICE_PROXY]
--elasticsearch value elasticsearch url for Malice to store results [$MALICE_ELASTICSEARCH_URL]
--timeout value malice plugin timeout (in seconds) (default: 60) [$MALICE_TIMEOUT]
--help, -h show help
--version, -v print the version
Commands:
update Update virus definitions
web Create a Zoner scan web service
help Shows a list of commands or help for one command
Run 'zoner COMMAND --help' for more information on a command.This will output to stdout and POST to malice results API webhook endpoint.
Sample Output
JSON
{
"zoner": {
"infected": true,
"result": "EICAR.Test.File-NoVirus",
"engine": "1979756",
"updated": "20170707"
}
}Markdown
Zoner
| Infected | Result | Engine | Updated |
|---|---|---|---|
| true | EICAR.Test.File-NoVirus | 1979756 | 20170707 |
Documentation
- To write results to ElasticSearch
- To create a Zoner scan micro-service
- To post results to a webhook
- To update the AV definitions
Issues
Find a bug? Want more features? Find something missing in the documentation? Let me know! Please don't hesitate to file an issue.
CHANGELOG
See CHANGELOG.md
Contributing
See all contributors on GitHub.
Please update the CHANGELOG.md and submit a Pull Request on GitHub.
License
MIT Copyright (c) 2016 blacktop