Malice - Virustotal Wanna Move (Now Alongside 100% To A Greater Extent Than Hipster)


Malice's mission is to live a costless opened upwards source version of VirusTotal that anyone tin give notice role at whatever scale from an independent researcher to a fortune 500 company.

Try It Out
DEMO: demo.malice.io
  • username: malice
  • password: ecilam

Requirements

Hardware
  • 16GB disk space
  • 4GB RAM

Software

Getting Started (OSX)

Install
$ brew install maliceio/tap/malice
Usage: malice [OPTIONS] COMMAND [arg...]  Open Source Malware Analysis Framework  Version: 0.3.11  Author:   blacktop - <https://github.com/blacktop>  Options:   --debug, -D      Enable debug trend [$MALICE_DEBUG]   --help, -h       demo assistance   --version, -v    impress the version  Commands:   scan        Scan a file   lookout        Watch a folder   lookup    Look upwards a file hash   elk        Start an ELK docker container   plugin    List, Install or Remove Plugins   assistance        Shows a listing of commands or assistance for i ascendancy  Run 'malice COMMAND --help' for to a greater extent than information on a command.

Scan about malware
$ malice scan evil.malware
NOTE: On the showtime run malice volition download all of it's default plugins which tin give notice accept a piece to complete.
Malice volition output the results every bit a markdown tabular array that tin give notice live piped or copied into a results.md that volition await cracking on Github run across here

Start Malice's Web UI
$ malice elk
You tin give notice opened upwards the Kibana UI as well as await at the scan results here: http://localhost (assuming you lot are using Docker for Mac)
  • Type inwards malice every bit the Index mention or pattern as well as click Create.
  • Now click on the Malice Tab as well as behold!!!


Getting Started (Docker inwards Docker)

Install/Update all Plugins
docker run --rm -v /var/run/docker.sock:/var/run/docker.sock malice/engine plugin update --all

Scan a file
docker run --rm -v /var/run/docker.sock:/var/run/docker.sock \                 -v `pwd`:/malice/samples \                 -e MALICE_VT_API=$MALICE_VT_API \                 malice/engine scan SAMPLE

Documentation


Popular posts from this blog

Telekiller - A Tool Session Hijacking In Addition To Stealer Local Passcode Telegram Windows

Image
H5N1 Tools Session Hijacking And Stealer Local passcode Telegram Windows. Features : Session Hijacking Stealer Local Passcode Keylogger Shell Bypass ii Step Verification Bypass Av (Coming Soon) Installation Windows git clone https://github.com/ultrasecurity/TeleKiller.git cd TeleKiller pip install -r requirements.txt python TeleKiller.py Dependency : python 2.7 pyHook pywin32 Video Tutorial Operating Systems Tested Windows 10 Windows 8.1 Windows 8 Windows 7 Contact WebSite Ultra Security Team: https://ultrasec.org Channel Telegram: https://t.me/UltraSecurity Thanks to Milad Ranjbar MrQadir Download TeleKiller
Read more

Efiguard - Disable Patchguard Together With Dse At Kicking Time

Image
EfiGuard is a portable x64 UEFI bootkit that patches the Windows kicking manager, kicking loader too center at kicking fourth dimension inward club to disable PatchGuard too Driver Signature Enforcement (DSE). Features Currently supports all EFI-compatible versions of Windows x64 e'er released, from Vista SP1 to Server 2019. Easy to use: tin live on booted from a USB stick via a loader application that automatically finds too boots Windows. The driver tin also live on loaded too configured manually using either the UEFI rhythm out or the loader. Makes extensive utilization of the Zydis disassembler library for fast runtime pedagogy decoding to back upwardly to a greater extent than robust analysis than what is possible amongst signature matching, which oftentimes requires changes amongst novel OS updates. Works passively: the driver does non charge or start the Windows kicking manager. Instead it acts on a charge of bootmgfw.efi yesteryear the firmware kicking ...
Read more

Cameradar V2.1.0 - Hacks Its Mode Into Rtsp Videosurveillance Cameras

Image
   An RTSP flow access tool that comes alongside its library Cameradar allows you lot to Detect opened upward RTSP hosts on whatever accessible target host Detect which device model is streaming Launch automated dictionary attacks to larn their stream route (e.g.: /live.sdp ) Launch automated lexicon attacks to larn the username in addition to password of the cameras Retrieve a consummate in addition to user-friendly study of the results Docker Image for Cameradar Install docker on your machine, in addition to run the next command: docker run -t ullaakut/cameradar -t <target> <other command-line options> See command-line options . e.g.: docker run -t ullaakut/cameradar -t 192.168.100.0/24 -l volition scan the ports 554 in addition to 8554 of hosts on the 192.168.100.0/24 subnetwork in addition to laid on the discovered RTSP streams in addition to volition output debug logs. YOUR_TARGET tin hold out a subnet (e.g.: 172.16.100.0/24 )...
Read more