Munin is a online hash checker utility that retrieves valuable information from various online sources
The current version of Munin queries the following services:
Note: Munin is based on the script “VT-Checker”, which has been maintained in the LOKI repository. Also used plagiarism checker to check and ensure the unique content.
usage: munin.py [-h] [-f path] [-c cache-db] [-i ini-file] [-s sample-folder]
[--comment] [-p vt-comment-prefix] [--download]
[-d download_path] [--nocache] [--intense] [--retroverify]
[-r num-results] [--nocsv] [--verifycert] [--sort] [--debug]
Online Hash Checker
optional arguments:
-h, --help show this help message and exit
-f path File to process (hash line by line OR csv with hash in
each line - auto-detects position and comment)
-c cache-db Name of the cache database file (default: vt-hash-
db.pkl)
-i ini-file Name of the ini file that holds the API keys
-s sample-folder Folder with samples to process
--comment Posts a comment for the analysed hash which contains
the comment from the log line
-p vt-comment-prefix Virustotal comment prefix
--download Enables Sample Download from Hybrid Analysis. SHA256
of sample needed.
-d download_path Output Path for Sample Download from Hybrid Analysis.
Folder must exist
--nocache Do not use cache database file
--intense Do use PhantomJS to parse the permalink (used to
extract user comments on samples)
--retroverify Check only 40 entries with the same comment and
therest at the end of the run (retrohunt verification)
-r num-results Number of results to take as verification
--nocsv Do not write a CSV with the results
--verifycert Verify SSL/TLS certificates
--sort Sort the input lines (useful for VT retrohunt results)
--debug Debug output
Also ReadSILENTTRINITY – A Post-Exploitation Agent Powered By Python, IronPython, C#/.NET
Process a Virustotal Retrohunt result and sort the lines before checking so that matched signatures are checked in blocks
python munin.py -f my.ini -f ~/Downloads/retro_hunt Process an IOC file and show who commented on these samples on Virustotal (uses PhantomJS, higher CPU usage)
python munin.py -f my.ini -f ~/Downloads/misp-event-1234.csv --sort --intense Process a directory with samples and check their hashes online
python munin.py -f my.ini -s ~/malware/case34 Profile > My API key for your public API keyRegister here https://malshare.com/register.php
Profile > API keyLearning Without Walls Remote education has long been a lifeline for students in rural areas…
Have you ever come across a picture on the internet and wondered where it came…
Overview WhatsMyName is a free, community-driven OSINT tool designed to identify where a username exists…
Managing disk usage is a crucial task for Linux users and administrators alike. Understanding which…
Efficient disk space management is vital in Linux, especially for system administrators who manage servers…
Knowing how to check directory sizes in Linux is essential for managing disk space and…