Malice : VirusTotal Wanna Be – Now with 100% more Hipster

Malice mission is to be a free open source version of VirusTotal that anyone can use at any scale from an independent researcher to a fortune 500 company.

Try It Out

DEMO: demo.malice.io
Username: malice
Password: ecilam

Also Read : CIRTKit : Tools for the Computer Incident Response Team

Installation

$ brew install maliceio/tap/malice

Usage: malice [OPTIONS] COMMAND [arg…]
Open Source Malware Analysis Framework
Version: 0.3.11
Author:
blacktop – https://github.com/blacktop
Options:
–debug, -D Enable debug mode [$MALICE_DEBUG]
–help, -h show help
–version, -v print the version
Commands:
scan Scan a file
watch Watch a folder
lookup Look up a file hash
elk Start an ELK docker container
plugin List, Install or Remove Plugins
help Shows a list of commands or help for one command
Run ‘malice COMMAND –help’ for more information on a command.

Scan some malware

$ malice scan evil.malware

NOTE: On the first run malice will download all of it’s default plugins which can take a while to complete.

Malice will output the results as a markdown table that can be piped or copied into a results.md that will look great on Github see here

Start Malice’s Web UI

$ malice elk

You can open the Kibana UI and look at the scan results here: http://localhost (assuming you are using Docker for Mac)

  • Type in malice as the Index name or pattern and click Create.
  • Now click on the Malice Tab and behold!!!

Getting Started (Docker in Docker)

Install/Update all Plugins

docker run –rm -v /var/run/docker.sock:/var/run/docker.sock malice/engine plugin update –all

Scan a file

docker run –rm -v /var/run/docker.sock:/var/run/docker.sock \
-v pwd:/malice/samples \
-e MALICE_VT_API=$MALICE_VT_API \
malice/engine scan SAMPLE

R K

Recent Posts

Pystinger : Bypass Firewall For Traffic Forwarding Using Webshell

Pystinger is a Python-based tool that enables SOCKS4 proxying and port mapping through webshells. It…

1 week ago

CVE-Search : A Tool To Perform Local Searches For Known Vulnerabilities

Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…

1 week ago

CVE-Search : A Tool To Perform Local Searches For Known Vulnerabilities

Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…

1 week ago

How to Bash Append to File: A Simple Guide for Beginners

If you are working with Linux or writing bash scripts, one of the most common…

1 week ago

Mastering the Bash Case Statement with Simple Examples

What is a bash case statement? A bash case statement is a way to control…

1 week ago

How to Check if a File Exists in Bash – Simply Explained

Why Do We Check Files in Bash? When writing a Bash script, you often work…

1 week ago