Skip to content

Commit 110e0d4

Browse files
Malwoverview
1 parent 7cf1066 commit 110e0d4

File tree

3 files changed

+26
-18
lines changed

3 files changed

+26
-18
lines changed

README.md

Lines changed: 20 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
# Malwoverview
22

3-
[<img alt="GitHub release (latest by date)" src="https://img.shields.io/github/v/release/alexandreborges/malwoverview?color=red&style=for-the-badge">](https://github.com/alexandreborges/malwoverview/releases/tag/5.4.2) [<img alt="GitHub last commit" src="https://img.shields.io/github/last-commit/alexandreborges/malwoverview?color=Yellow&style=for-the-badge">](https://github.com/alexandreborges/malwoverview/releases) [<img alt="GitHub Release Date" src="https://img.shields.io/github/release-date/alexandreborges/malwoverview?label=Release%20Date&style=for-the-badge">](https://github.com/alexandreborges/malwoverview/releases) [<img alt="GitHub" src="https://img.shields.io/github/license/alexandreborges/malwoverview?style=for-the-badge">](https://github.com/alexandreborges/malwoverview/blob/master/LICENSE)
3+
[<img alt="GitHub release (latest by date)" src="https://img.shields.io/github/v/release/alexandreborges/malwoverview?color=red&style=for-the-badge">](https://github.com/alexandreborges/malwoverview/releases/tag/5.4.3) [<img alt="GitHub last commit" src="https://img.shields.io/github/last-commit/alexandreborges/malwoverview?color=Yellow&style=for-the-badge">](https://github.com/alexandreborges/malwoverview/releases) [<img alt="GitHub Release Date" src="https://img.shields.io/github/release-date/alexandreborges/malwoverview?label=Release%20Date&style=for-the-badge">](https://github.com/alexandreborges/malwoverview/releases) [<img alt="GitHub" src="https://img.shields.io/github/license/alexandreborges/malwoverview?style=for-the-badge">](https://github.com/alexandreborges/malwoverview/blob/master/LICENSE)
44
[<img alt="GitHub stars" src="https://img.shields.io/github/stars/alexandreborges/malwoverview?logoColor=Red&style=for-the-badge">](https://github.com/alexandreborges/malwoverview/stargazers)
55
[<img alt="Twitter Follow" src="https://img.shields.io/twitter/follow/ale_sp_brazil?style=for-the-badge&logo=X&color=blueviolet">](https://twitter.com/ale_sp_brazil)
66
[<img alt="Downloads/Last Month" src="https://img.shields.io/pypi/dm/malwoverview?color=blue&style=for-the-badge&label=Last%20Month">](https://pypistats.org/packages/malwoverview)
@@ -56,7 +56,7 @@
5656
![Alt text](pictures/picture_47.jpg?raw=true "Title")
5757
![Alt text](pictures/picture_48.jpg?raw=true "Title")
5858

59-
Copyright (C) 2018-2023 Alexandre Borges <alexandreborges at blackstormsecurity dot com>
59+
Copyright (C) 2018-2024 Alexandre Borges (https://exploitreversing.com)
6060

6161
This program is free software: you can redistribute it and/or modify
6262
it under the terms of the GNU General Public License as published by
@@ -71,7 +71,7 @@
7171
See GNU Public License on <http://www.gnu.org/licenses/>.
7272

7373

74-
# Current Version: 5.4.2
74+
# Current Version: 5.4.3
7575

7676
Important note: Malwoverview does NOT submit samples to any endpoint by default,
7777
so it respects possible Non-Disclosure Agreements (NDAs). There're specific options
@@ -143,7 +143,7 @@ can be installed by executing the following command:
143143
144144
* git clone https://github.com/alexandreborges/malwoverview
145145

146-
If you are installing Malwoverview on macOS, you must execute the following commands:
146+
If you want to install the Malwoverview on macOS, you have to execute the following commands:
147147

148148
* /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
149149
* brew install libmagic
@@ -240,7 +240,7 @@ Additional explanation about Triage:
240240
----------------------------------------------------
241241

242242
Every Triage operation is based on the Triage ID of each artifact, so you need to
243-
use the "-x 1 -X \<attribute\>:\<value\>" to look for the correct ID of the artifact,
243+
use the "-x 1 -X \<attribute\>:\<value\>" to search for the correct ID of the artifact,
244244
so use this ID information with the remaining Triage options (-x [2-7]) for getting
245245
further threat hunting information from Triage endpoint.
246246

@@ -269,7 +269,7 @@ Further information is available on:
269269
(PYPI.org repository) https://pypi.org/project/malwoverview/
270270
(Github) https://github.com/alexandreborges/malwoverview
271271

272-
If you want to perform the manual steps (usually, it is not necessary), so few steps
272+
If you want to perform the manual installation (it is not usually necessary), so few steps
273273
should be executed:
274274

275275
## REMnux / Ubuntu (manual steps)
@@ -284,18 +284,18 @@ should be executed:
284284

285285
$ pip3.11 install python-magic
286286

287-
Or compiling it from the github repository:
287+
Or you can compile it from the github repository:
288288

289289
$ git clone https://github.com/ahupp/python-magic
290290
$ cd python-magic/
291291
$ python3.11 setup.py build
292292
$ python3.11 setup.py install
293293

294-
As there are serious problems about existing two versions of python-magic package, my
294+
As there are serious issues related to existing two versions of python-magic package, the
295295
recommendation is to install it from github (second procedure above) and copy the magic.py
296296
file to the SAME directory of malwoverview tool.
297297

298-
3. Install several Python packages:
298+
3. Install all needed Python packages:
299299

300300
$ pip3.11 install -r requirements.txt
301301

@@ -312,13 +312,13 @@ should be executed:
312312
$ pip3.11 install -U pathlib
313313
$ pip3.11 install -U configparser
314314

315-
4. To check an Android mobile you need to install the "adb" program by executing the following command:
315+
4. To check an Android mobile you need to install the "adb" tool:
316316

317-
# apt get install adb
317+
$ sudo apt get install adb
318318

319319
PS: before trying Android's options, check:
320320

321-
* If the adb program is listed in the PATH environment variable.
321+
* If the adb tool is listed in the PATH environment variable.
322322
* If the system has authorized access to the device by using "adb devices -l"
323323

324324

@@ -433,6 +433,14 @@ should be executed:
433433

434434
# HISTORY
435435

436+
Version 5.4.3:
437+
438+
This version:
439+
440+
* Fixes a recent issue on -v 10 and 11 options (VT) due to
441+
a change in one of the used libraries.
442+
* Fixes other minor issues on several options. 
443+
436444
Version 5.4.2:
437445

438446
This version:

malwoverview/malwoverview.py

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
#!/usr/bin/env python3
22

3-
# Copyright (C) 2018-2022 Alexandre Borges <alexandreborges@blackstormsecurity.com>
3+
# Copyright (C) 2018-2024 Alexandre Borges (https://exploitreversing.com)
44
#
55
# This program is free software: you can redistribute it and/or modify
66
# it under the terms of the GNU General Public License as published by
@@ -20,7 +20,7 @@
2020
# Corey Forman (https://github.com/digitalsleuth)
2121
# Christian Clauss (https://github.com/cclauss)
2222

23-
# Malwoverview.py: version 5.4.2
23+
# Malwoverview.py: version 5.4.3
2424

2525
import os
2626
import sys
@@ -60,9 +60,9 @@
6060
# On Windows systems, it is necessary to install python-magic-bin: pip install python-magic-bin
6161

6262
__author__ = "Alexandre Borges"
63-
__copyright__ = "Copyright 2018-2021, Alexandre Borges"
63+
__copyright__ = "Copyright 2018-2024, Alexandre Borges"
6464
__license__ = "GNU General Public License v3.0"
65-
__version__ = "5.4.2"
65+
__version__ = "5.4.3"
6666
__email__ = "alexandreborges at blackstormsecurity.com"
6767

6868
haurl = 'https://www.hybrid-analysis.com/api/v2'
@@ -10412,7 +10412,7 @@ def sendandroidvt(package):
1041210412
ipaddrvtx = ''
1041310413
ffpname = ''
1041410414

10415-
parser = argparse.ArgumentParser(prog=None, description="Malwoverview is a first response tool for threat hunting written by Alexandre Borges. This version is 5.4.2", usage= "python malwoverview.py -c <API configuration file> -d <directory> -o <0|1> -v <1-13> -V <virustotal arg> -a <1-15> -w <0|1> -A <filename> -l <1-7> -L <hash> -j <1-7> -J <URLhaus argument> -p <1-8> -P <polyswarm argument> -y <1-5> -Y <file name> -n <1-5> -N <argument> -m <1-8> -M <argument> -b <1-10> -B <arg> -x <1-7> -X <arg> -i <1-13> -I <INQUEST argument>")
10415+
parser = argparse.ArgumentParser(prog=None, description="Malwoverview is a first response tool for threat hunting written by Alexandre Borges. This version is 5.4.3", usage= "python malwoverview.py -c <API configuration file> -d <directory> -o <0|1> -v <1-13> -V <virustotal arg> -a <1-15> -w <0|1> -A <filename> -l <1-7> -L <hash> -j <1-7> -J <URLhaus argument> -p <1-8> -P <polyswarm argument> -y <1-5> -Y <file name> -n <1-5> -N <argument> -m <1-8> -M <argument> -b <1-10> -B <arg> -x <1-7> -X <arg> -i <1-13> -I <INQUEST argument>")
1041610416
parser.add_argument('-c', '--config', dest='config', type=str, metavar = "CONFIG FILE", default = (USER_HOME_DIR + '.malwapi.conf'), help='Use a custom config file to specify API\'s.')
1041710417
parser.add_argument('-d', '--directory', dest='direct',type=str, metavar = "DIRECTORY", help='Specifies the directory containing malware samples to be checked against VIRUS TOTAL. Use the option -D to decide whether you are being using a public VT API or a Premium VT API.')
1041810418
parser.add_argument('-o', '--background', dest='backg', type=int,default = 1, metavar = "BACKGROUND", help='Adapts the output colors to a light background color terminal. The default is dark background color terminal.')

setup.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@
1111

1212
setup(
1313
name="malwoverview",
14-
version="5.4.2",
14+
version="5.4.3",
1515
author="Alexandre Borges",
1616
author_email="alexandreborges@blackstormsecurity.com",
1717
license="GNU GPL v3.0",

0 commit comments

Comments
 (0)