Munin is a online hash checker utility that retrieves valuable information from various online sources
The current version of Munin queries the following services:
Note: Munin is based on the script “VT-Checker”, which has been maintained in the LOKI repository. Also used plagiarism checker to check and ensure the unique content.
usage: munin.py [-h] [-f path] [-c cache-db] [-i ini-file] [-s sample-folder]
[--comment] [-p vt-comment-prefix] [--download]
[-d download_path] [--nocache] [--intense] [--retroverify]
[-r num-results] [--nocsv] [--verifycert] [--sort] [--debug]
Online Hash Checker
optional arguments:
-h, --help show this help message and exit
-f path File to process (hash line by line OR csv with hash in
each line - auto-detects position and comment)
-c cache-db Name of the cache database file (default: vt-hash-
db.pkl)
-i ini-file Name of the ini file that holds the API keys
-s sample-folder Folder with samples to process
--comment Posts a comment for the analysed hash which contains
the comment from the log line
-p vt-comment-prefix Virustotal comment prefix
--download Enables Sample Download from Hybrid Analysis. SHA256
of sample needed.
-d download_path Output Path for Sample Download from Hybrid Analysis.
Folder must exist
--nocache Do not use cache database file
--intense Do use PhantomJS to parse the permalink (used to
extract user comments on samples)
--retroverify Check only 40 entries with the same comment and
therest at the end of the run (retrohunt verification)
-r num-results Number of results to take as verification
--nocsv Do not write a CSV with the results
--verifycert Verify SSL/TLS certificates
--sort Sort the input lines (useful for VT retrohunt results)
--debug Debug output
Also ReadSILENTTRINITY – A Post-Exploitation Agent Powered By Python, IronPython, C#/.NET
Process a Virustotal Retrohunt result and sort the lines before checking so that matched signatures are checked in blocks
python munin.py -f my.ini -f ~/Downloads/retro_hunt
Process an IOC file and show who commented on these samples on Virustotal (uses PhantomJS, higher CPU usage)
python munin.py -f my.ini -f ~/Downloads/misp-event-1234.csv --sort --intense
Process a directory with samples and check their hashes online
python munin.py -f my.ini -s ~/malware/case34
Profile > My API key
for your public API keyRegister here https://malshare.com/register.php
Profile > API key
Kali Linux 2024.4, the final release of 2024, brings a wide range of updates and…
This Go program applies a lifetime patch to PowerShell to disable ETW (Event Tracing for…
GPOHunter is a comprehensive tool designed to analyze and identify security misconfigurations in Active Directory…
Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders…
The free and open-source security platform SecHub, provides a central API to test software with…
Don't worry if there are any bugs in the tool, we will try to fix…