Malice Avira AntiVirus Plugin
This repository contains a Dockerfile of avira.
- Install Docker.
- Download trusted build from public DockerHub:
docker pull malice/avira
docker run --rm -v `pwd`/hbedv.key:/opt/avira/hbedv.key malice/avira EICAR
NOTE: I am mounting my license key into the docker container at run time
$ docker run --rm -v /path/to/malware:/malware:ro malice/avira FILE
Usage: avira [OPTIONS] COMMAND [arg...]
Malice Avira AntiVirus Plugin
Version: v0.1.0, BuildTime: 20180908
Author:
blacktop - <https://github.com/blacktop>
Options:
--verbose, -V verbose output
--table, -t output as Markdown table
--callback, -c POST results to Malice webhook [$MALICE_ENDPOINT]
--proxy, -x proxy settings for Malice webhook endpoint [$MALICE_PROXY]
--elasticsearch value elasticsearch address for Malice to store results [$MALICE_ELASTICSEARCH_URL]
--timeout value malice plugin timeout (in seconds) (default: 60) [$MALICE_TIMEOUT]
--help, -h show help
--version, -v print the version
Commands:
update Update virus definitions
web Create a Avira scan web service
help Shows a list of commands or help for one command
Run 'avira COMMAND --help' for more information on a command.This will output to stdout and POST to malice results API webhook endpoint.
{
"avira": {
"infected": true,
"result": "Eicar-Test-Signature",
"engine": "8.3.44.100",
"updated": "20170709"
}
}| Infected | Result | Engine | Updated |
|---|---|---|---|
| true | Eicar-Test-Signature | 8.3.44.100 | 20170709 |
- To use your own license key
- To write results to ElasticSearch
- To create a Avira scan micro-service
- To post results to a webhook
- To update the AV definitions
Find a bug? Want more features? Find something missing in the documentation? Let me know! Please don't hesitate to file an issue.
- add docs on how to get a license key 😉
See CHANGELOG.md
See all contributors on GitHub.
Please update the CHANGELOG.md and submit a Pull Request on GitHub.
MIT Copyright (c) 2016 blacktop