Awesome
malice-kaspersky
Malice Kaspersky Antivirus Plugin
This repository contains a Dockerfile of kaspersky.
Dependencies
Installation
- Install Docker.
- Download trusted build from public docker store:
docker pull malice/kaspersky
Usage
docker run --rm malice/kaspersky EICAR
Or link your own malware folder:
Usage: kaspersky [OPTIONS] COMMAND [arg...]
Malice Kaspersky AntiVirus Plugin
Version: v0.1.0, BuildTime: 20181126
Author:
blacktop - <https://github.com/blacktop>
Options:
--verbose, -V verbose output
--elasticsearch value elasticsearch url for Malice to store results [$MALICE_ELASTICSEARCH_URL]
--table, -t output as Markdown table
--callback, -c POST results back to Malice webhook [$MALICE_ENDPOINT]
--proxy, -x proxy settings for Malice webhook endpoint [$MALICE_PROXY]
--timeout value malice plugin timeout (in seconds) (default: 120) [$MALICE_TIMEOUT]
--help, -h show help
--version, -v print the version
Commands:
update Update virus definitions
web Create a Kaspersky scan web service
help Shows a list of commands or help for one command
Run 'kaspersky COMMAND --help' for more information on a command.
Sample Output
JSON
{
"kaspersky": {
"infected": true,
"result": "EICAR-Test-File",
"engine": "8.0.4.312",
"database": "9282732",
"updated": "20181126"
}
}
Markdown
Kaspersky
| Infected | Result | Engine | Updated |
|---|---|---|---|
| true | EICAR-Test-File | 8.0.4.312 | 20181126 |
Documentation
- To write results to ElasticSearch
- To create a Kaspersky scan micro-service
- To post results to a webhook
- To update the AV definitions
Issues
Find a bug? Want more features? Find something missing in the documentation? Let me know! Please don't hesitate to file an issue.
TODO
- add licence expiration detection
- expose WEB ui
CHANGELOG
See CHANGELOG.md
Thanks
Thank you @abunasar for helping me get this AV completed!
Contributing
See all contributors on GitHub.
Please update the CHANGELOG.md and submit a Pull Request on GitHub.
License
MIT Copyright (c) 2016 blacktop