Malice mission is to be a free open source version of VirusTotal that anyone can use at any scale from an independent researcher to a fortune 500 company.
Try It Out
DEMO: demo.malice.io
Username: malice
Password: ecilam
Also Read : CIRTKit : Tools for the Computer Incident Response Team
Installation
$ brew install maliceio/tap/malice
Usage: malice [OPTIONS] COMMAND [arg…]
Open Source Malware Analysis Framework
Version: 0.3.11
Author:
blacktop – https://github.com/blacktop
Options:
–debug, -D Enable debug mode [$MALICE_DEBUG]
–help, -h show help
–version, -v print the version
Commands:
scan Scan a file
watch Watch a folder
lookup Look up a file hash
elk Start an ELK docker container
plugin List, Install or Remove Plugins
help Shows a list of commands or help for one command
Run ‘malice COMMAND –help’ for more information on a command.
Scan some malware
$ malice scan evil.malware
NOTE: On the first run malice will download all of it’s default plugins which can take a while to complete.
Malice will output the results as a markdown table that can be piped or copied into a results.md that will look great on Github see here
Start Malice’s Web UI
$ malice elk
You can open the Kibana UI and look at the scan results here: http://localhost (assuming you are using Docker for Mac)
Getting Started (Docker in Docker)
Install/Update all Plugins
docker run –rm -v /var/run/docker.sock:/var/run/docker.sock malice/engine plugin update –all
Scan a file
docker run –rm -v /var/run/docker.sock:/var/run/docker.sock \
-v pwd
:/malice/samples \
-e MALICE_VT_API=$MALICE_VT_API \
malice/engine scan SAMPLE
The cp command, short for "copy," is the main Linux utility for duplicating files and directories. Whether…
Introduction In digital investigations, images often hold more information than meets the eye. With the…
The cat command short for concatenate, It is a fast and versatile tool for viewing and merging…
What is a Port? A port in networking acts like a gateway that directs data…
The ls command is fundamental for anyone working with Linux. It’s used to display the files and…
The pwd (Print Working Directory) command is essential for navigating the Linux filesystem. It instantly shows your…