Skip to content

malice-plugins/zoner

Repository files navigation

malice-zoner

Circle CI License Docker Stars Docker Pulls Docker Image

Malice Zoner AntiVirus Plugin


Dependencies

Installation

  1. Install Docker.
  2. Download trusted build from public DockerHub: docker pull malice/zoner

Usage

docker run --rm malice/zoner EICAR

Or link your own malware folder:

$ docker run --rm -v /path/to/malware:/malware:ro malice/zoner FILE

Usage: zoner [OPTIONS] COMMAND [arg...]

Malice Zoner AntiVirus Plugin

Version: v0.1.0, BuildTime: 20180903

Author:
  blacktop - <https://github.com/blacktop>

Options:
  --verbose, -V          verbose output
  --table, -t            output as Markdown table
  --callback, -c         POST results to Malice webhook [$MALICE_ENDPOINT]
  --proxy, -x            proxy settings for Malice webhook endpoint [$MALICE_PROXY]
  --elasticsearch value  elasticsearch url for Malice to store results [$MALICE_ELASTICSEARCH_URL]
  --timeout value        malice plugin timeout (in seconds) (default: 60) [$MALICE_TIMEOUT]
  --help, -h             show help
  --version, -v          print the version

Commands:
  update  Update virus definitions
  web     Create a Zoner scan web service
  help    Shows a list of commands or help for one command

Run 'zoner COMMAND --help' for more information on a command.

This will output to stdout and POST to malice results API webhook endpoint.

Sample Output

{
  "zoner": {
    "infected": true,
    "result": "EICAR.Test.File-NoVirus",
    "engine": "1979756",
    "updated": "20170707"
  }
}

Zoner

Infected Result Engine Updated
true EICAR.Test.File-NoVirus 1979756 20170707

Documentation

Issues

Find a bug? Want more features? Find something missing in the documentation? Let me know! Please don't hesitate to file an issue.

CHANGELOG

See CHANGELOG.md

Contributing

See all contributors on GitHub.

Please update the CHANGELOG.md and submit a Pull Request on GitHub.

License

MIT Copyright (c) 2016 blacktop