Malice F-Secure AntiVirus Plugin
- Install Docker.
- Download trusted build from public DockerHub:
docker pull malice/fsecure
docker run --rm malice/fsecure EICAR
$ docker run --rm -v /path/to/malware:/malware:ro malice/fsecure FILE
Usage: f-secure [OPTIONS] COMMAND [arg...]
Malice F-Secure AntiVirus Plugin
Version: v0.1.0, BuildTime: 20180903
Author:
blacktop - <https://github.com/blacktop>
Options:
--verbose, -V verbose output
--elasticsearch value elasticsearch url for Malice to store results [$MALICE_ELASTICSEARCH_URL]
--table, -t output as Markdown table
--callback, -c POST results to Malice webhook [$MALICE_ENDPOINT]
--proxy, -x proxy settings for Malice webhook endpoint [$MALICE_PROXY]
--timeout value malice plugin timeout (in seconds) (default: 60) [$MALICE_TIMEOUT]
--help, -h show help
--version, -v print the version
Commands:
update Update virus definitions
web Create a F-Secure scan web service
help Shows a list of commands or help for one command
Run 'f-secure COMMAND --help' for more information on a command.
This will output to stdout and POST to malice results API webhook endpoint.
{
"f-secure": {
"infected": true,
"results": {
"fse": "EICAR_Test_File",
"aquarius": "EICAR-Test-File (not a virus)"
},
"engine": "11.00 build 79",
"database": "2016-09-19_01",
"updated": "20170122"
}
}
Infected | Result | Engine | Updated |
---|---|---|---|
true | EICAR-Test-File (not a virus) | 11.00 build 79 | 20170122 |
- To write results to ElasticSearch
- To create a fsecure scan micro-service
- To post results to a webhook
- To update the AV definitions
Find a bug? Want more features? Find something missing in the documentation? Let me know! Please don't hesitate to file an issue.
See CHANGELOG.md
See all contributors on GitHub.
Please update the CHANGELOG.md and submit a Pull Request on GitHub.
MIT Copyright (c) 2016 blacktop