Znalezione na niebezpieczniku
Cytat:
This project was originally created to set up a notification so when Virus Total had a report for a specific binary (One used in a pen test or otherwise) the pentester could be notified via log or email. It runs in an infinite loop and does not check files or hashes that have already been detected, however it does continue to re-check hashes that haven't been.
However, this can also be used as a detection mechanism. Target it at your web-root or other sensitive directory and become notified when anything that has a report on Virus Total is added to your directory.
The script doesn't have anything Linux specific in it, so it should be portable anywhere Ruby is installed.
|
https://github.com/mubix/vt-notify
Cytat:
For example, the following takes all 500+ files in the hackarmoury repository, SHA1 hashes them and checks them against Virus Total. The ones that have been submitted (even those that have a 0 detection rate) are reported via email to justanotheruser@gmail.com via the Gmail email servers.
./vt-notify.rb -d /opt/hackarmoury/ -e justanotheruser@gmail.com -m gmail-smtp-in.l.google.com
|