Malwoverview

alexandreborges · alexandreborges · commit 110e0d404512 · 2024-05-20T12:49:17.000-03:00
diff --git a/README.md b/README.md
@@ -1,6 +1,6 @@
 # Malwoverview
 
-[<img alt="GitHub release (latest by date)" src="https://img.shields.io/github/v/release/alexandreborges/malwoverview?color=red&style=for-the-badge">](https://github.com/alexandreborges/malwoverview/releases/tag/5.4.2) [<img alt="GitHub last commit" src="https://img.shields.io/github/last-commit/alexandreborges/malwoverview?color=Yellow&style=for-the-badge">](https://github.com/alexandreborges/malwoverview/releases) [<img alt="GitHub Release Date" src="https://img.shields.io/github/release-date/alexandreborges/malwoverview?label=Release%20Date&style=for-the-badge">](https://github.com/alexandreborges/malwoverview/releases) [<img alt="GitHub" src="https://img.shields.io/github/license/alexandreborges/malwoverview?style=for-the-badge">](https://github.com/alexandreborges/malwoverview/blob/master/LICENSE) 
+[<img alt="GitHub release (latest by date)" src="https://img.shields.io/github/v/release/alexandreborges/malwoverview?color=red&style=for-the-badge">](https://github.com/alexandreborges/malwoverview/releases/tag/5.4.3) [<img alt="GitHub last commit" src="https://img.shields.io/github/last-commit/alexandreborges/malwoverview?color=Yellow&style=for-the-badge">](https://github.com/alexandreborges/malwoverview/releases) [<img alt="GitHub Release Date" src="https://img.shields.io/github/release-date/alexandreborges/malwoverview?label=Release%20Date&style=for-the-badge">](https://github.com/alexandreborges/malwoverview/releases) [<img alt="GitHub" src="https://img.shields.io/github/license/alexandreborges/malwoverview?style=for-the-badge">](https://github.com/alexandreborges/malwoverview/blob/master/LICENSE) 
 [<img alt="GitHub stars" src="https://img.shields.io/github/stars/alexandreborges/malwoverview?logoColor=Red&style=for-the-badge">](https://github.com/alexandreborges/malwoverview/stargazers)
 [<img alt="Twitter Follow" src="https://img.shields.io/twitter/follow/ale_sp_brazil?style=for-the-badge&logo=X&color=blueviolet">](https://twitter.com/ale_sp_brazil)
 [<img alt="Downloads/Last Month" src="https://img.shields.io/pypi/dm/malwoverview?color=blue&style=for-the-badge&label=Last%20Month">](https://pypistats.org/packages/malwoverview)
@@ -56,7 +56,7 @@
 ![Alt text](pictures/picture_47.jpg?raw=true "Title")
 ![Alt text](pictures/picture_48.jpg?raw=true "Title")
 
-      Copyright (C)  2018-2023 Alexandre Borges <alexandreborges at blackstormsecurity dot com>
+      Copyright (C)  2018-2024 Alexandre Borges (https://exploitreversing.com) 
 
       This program is free software: you can redistribute it and/or modify
       it under the terms of the GNU General Public License as published by
@@ -71,7 +71,7 @@
       See GNU Public License on <http://www.gnu.org/licenses/>.
 
 
-# Current Version: 5.4.2
+# Current Version: 5.4.3
 
      Important note:  Malwoverview does NOT submit samples to any endpoint by default, 
      so it respects possible Non-Disclosure Agreements (NDAs). There're specific options
@@ -143,7 +143,7 @@ can be installed by executing the following command:
       
       * git clone https://github.com/alexandreborges/malwoverview
 
-If you are installing Malwoverview on  macOS, you must execute the following commands:
+If you want to install the  Malwoverview on macOS, you have to execute the following commands:
 
       * /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
       * brew install libmagic
@@ -240,7 +240,7 @@ Additional explanation about Triage:
 ----------------------------------------------------
 
 Every Triage operation is based on the Triage ID of each artifact, so you need to
-use the "-x 1 -X \<attribute\>:\<value\>" to look for the correct ID of the artifact,
+use the "-x 1 -X \<attribute\>:\<value\>" to search for the correct ID of the artifact,
 so use this ID information with the remaining Triage options (-x [2-7]) for getting 
 further threat hunting information from Triage endpoint.
 
@@ -269,7 +269,7 @@ Further information is available on:
        (PYPI.org repository) https://pypi.org/project/malwoverview/
        (Github) https://github.com/alexandreborges/malwoverview
 
-If you want to perform the manual steps (usually, it is not necessary), so few steps 
+If you want to perform the manual installation (it is not usually necessary), so few steps 
 should be executed:
 
 ## REMnux / Ubuntu (manual steps)
@@ -284,18 +284,18 @@ should be executed:
 
        $ pip3.11 install python-magic
 
-      Or compiling it from the github repository:
+      Or you can compile it from the github repository:
 
        $ git clone https://github.com/ahupp/python-magic
        $ cd python-magic/
        $ python3.11 setup.py build
        $ python3.11 setup.py install
 
-      As there are serious problems about existing two versions of python-magic package, my 
+      As there are serious issues related to existing two versions of python-magic package, the  
       recommendation is to install it from github (second procedure above) and copy the magic.py 
       file to the SAME directory of malwoverview tool. 
       
-3. Install several Python packages: 
+3. Install all needed Python packages: 
 
        $ pip3.11 install -r requirements.txt
 
@@ -312,13 +312,13 @@ should be executed:
        $ pip3.11 install -U pathlib
        $ pip3.11 install -U configparser
 
-4. To check an Android mobile you need to install the "adb" program by executing the following command:
+4. To check an Android mobile you need to install the "adb" tool:
 
-       # apt get install adb
+       $ sudo apt get install adb
 
    PS: before trying Android's options, check:
 
-       * If the adb program is listed in the PATH environment variable.
+       * If the adb tool is listed in the PATH environment variable.
        * If the system has authorized access to the device by using "adb devices -l"
 
 
@@ -433,6 +433,14 @@ should be executed:
 
 # HISTORY
 
+Version 5.4.3:
+
+      This version:
+
+	    * Fixes a recent issue on -v 10 and 11 options (VT) due to 
+	      a change in one of the used libraries. 
+	    * Fixes other minor issues on several options. 
+
 Version 5.4.2:
 
       This version:
diff --git a/malwoverview/malwoverview.py b/malwoverview/malwoverview.py
@@ -1,6 +1,6 @@
 #!/usr/bin/env python3
 
-# Copyright (C)  2018-2022 Alexandre Borges <alexandreborges@blackstormsecurity.com>
+# Copyright (C)  2018-2024 Alexandre Borges (https://exploitreversing.com) 
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -20,7 +20,7 @@
 # Corey Forman (https://github.com/digitalsleuth)
 # Christian Clauss (https://github.com/cclauss)
 
-# Malwoverview.py: version 5.4.2
+# Malwoverview.py: version 5.4.3
 
 import os
 import sys
@@ -60,9 +60,9 @@
 # On Windows systems, it is necessary to install python-magic-bin: pip install python-magic-bin
 
 __author__ = "Alexandre Borges"
-__copyright__ = "Copyright 2018-2021, Alexandre Borges"
+__copyright__ = "Copyright 2018-2024, Alexandre Borges"
 __license__ = "GNU General Public License v3.0"
-__version__ = "5.4.2"
+__version__ = "5.4.3"
 __email__ = "alexandreborges at blackstormsecurity.com"
 
 haurl = 'https://www.hybrid-analysis.com/api/v2'
@@ -10412,7 +10412,7 @@ def sendandroidvt(package):
     ipaddrvtx = ''
     ffpname = ''
 
-    parser = argparse.ArgumentParser(prog=None, description="Malwoverview is a first response tool for threat hunting written by Alexandre Borges. This version is 5.4.2", usage= "python malwoverview.py -c <API configuration file> -d <directory> -o <0|1> -v <1-13> -V <virustotal arg> -a <1-15> -w <0|1> -A <filename> -l <1-7> -L <hash> -j <1-7> -J <URLhaus argument> -p <1-8> -P <polyswarm argument> -y <1-5> -Y <file name> -n <1-5> -N <argument> -m <1-8> -M <argument> -b <1-10> -B <arg> -x <1-7> -X <arg> -i <1-13> -I <INQUEST argument>")
+    parser = argparse.ArgumentParser(prog=None, description="Malwoverview is a first response tool for threat hunting written by Alexandre Borges. This version is 5.4.3", usage= "python malwoverview.py -c <API configuration file> -d <directory> -o <0|1> -v <1-13> -V <virustotal arg> -a <1-15> -w <0|1> -A <filename> -l <1-7> -L <hash> -j <1-7> -J <URLhaus argument> -p <1-8> -P <polyswarm argument> -y <1-5> -Y <file name> -n <1-5> -N <argument> -m <1-8> -M <argument> -b <1-10> -B <arg> -x <1-7> -X <arg> -i <1-13> -I <INQUEST argument>")
     parser.add_argument('-c', '--config', dest='config', type=str, metavar = "CONFIG FILE", default = (USER_HOME_DIR + '.malwapi.conf'), help='Use a custom config file to specify API\'s.')
     parser.add_argument('-d', '--directory', dest='direct',type=str, metavar = "DIRECTORY", help='Specifies the directory containing malware samples to be checked against VIRUS TOTAL. Use the option -D to decide whether you are being using a public VT API or a Premium VT API.')
     parser.add_argument('-o', '--background', dest='backg', type=int,default = 1, metavar = "BACKGROUND", help='Adapts the output colors to a light background color terminal. The default is dark background color terminal.')
diff --git a/setup.py b/setup.py
@@ -11,7 +11,7 @@
 
 setup(
     name="malwoverview",
-    version="5.4.2",
+    version="5.4.3",
     author="Alexandre Borges",
     author_email="alexandreborges@blackstormsecurity.com",
     license="GNU GPL v3.0",
