https://github.com/password123456/malwarescanner

Simple Malware Scanner written in python
https://github.com/password123456/malwarescanner

antivirus file-finder file-scan file-scanner malware-analyzer malware-detection malware-scanner owasp scanner security-scanner security-tools virus

Last synced: about 1 month ago
JSON representation

Simple Malware Scanner written in python

• Host: GitHub
• URL: https://github.com/password123456/malwarescanner
• Owner: password123456
• License: gpl-2.0
• Created: 2022-03-26T15:39:31.000Z (over 2 years ago)
• Default Branch: main
• Last Pushed: 2023-09-06T22:03:22.000Z (over 1 year ago)
• Last Synced: 2024-08-05T17:44:15.386Z (4 months ago)
• Topics: antivirus, file-finder, file-scan, file-scanner, malware-analyzer, malware-detection, malware-scanner, owasp, scanner, security-scanner, security-tools, virus
• Language: Python
• Homepage:
• Size: 234 KB
• Stars: 85
• Watchers: 3
• Forks: 22
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • Changelog: CHANGES
  • License: LICENSE

Awesome Lists containing this project

• awesome-hacking-lists - password123456/malwarescanner - Simple Malware Scanner written in python (Python)

README

        
# MalwareScanner

![made-with-python][made-with-python]

![Python Versions][pyversion-button]

[pyversion-button]: https://img.shields.io/pypi/pyversions/Markdown.svg

[made-with-python]: https://img.shields.io/badge/Made%20with-Python-1f425f.svg

- Very basic malware Scanner by hash comparison

- Sometimes this can be needed when an incident response.

- If you found new or suspicious files when you do response, you want to check out where these files exist in systems. so then you may need like this tool. this is a demo version. not complete. you have to change and modify code and make it yours.

- Let me know if there are any changes required or additional features need it.

- and press the "stars" if it helps. then it will continue to improvement.

# Features

- File inspection based on hash (free malware hashes)

- Scanning include subdirectories

- Multithreading Jobs

- Define file extensions to scan

- Define directories not to scan

- Easy to attach scan_logs to the SIEM (e.g Splunk)

- Easy to Handle and changeable code/function structure (if you interest)

## v1.0.5

- https://github.com/password123456/malwarescanner/blob/main/CHANGES

## Preview



## Scan result_log

- datetime, scan_id, os, hostname, ip, file.........hash,

```

datetime="2022-12-23 13:52:45",scan_id="4d7f0b1b-f771-4dd0-bb87-6453ff6341e8",os="Windows",hostname="DESKTOP-S5VJGLH",ip="192.168.0.23",infected_file="F:\code\pythonProject\malware_hash_scanner3\scan_test_dir\chrome.exe",sha256="45de9f5a25bf478c6a8d8625a984895c9b3fdea6eb12a55ddd088dcebd9df5ab",created_at="2022-05-02 21:33:38",modified_at="2022-04-14 06:17:04"

datetime="2022-12-23 13:52:46",scan_id="4d7f0b1b-f771-4dd0-bb87-6453ff6341e8",os="Windows",hostname="DESKTOP-S5VJGLH",ip="192.168.0.23",infected_file="F:\code\pythonProject\malware_hash_scanner3\scan_test_dir\LineLauncher.exe",sha256="60fd9ceac8d1c40e835d3dc9aa77599d3f810a646199ecbdcb8003521ce7d502",created_at="2022-05-10 12:38:18",modified_at="2022-03-10 18:00:10"

datetime="2022-12-23 13:52:46",scan_id="4d7f0b1b-f771-4dd0-bb87-6453ff6341e8",os="Windows",hostname="DESKTOP-S5VJGLH",ip="192.168.0.23",infected_file="F:\code\pythonProject\malware_hash_scanner3\scan_test_dir\LineUpdater.exe",sha256="6b663f9f7bf3b6c1a2ce898b2402b691fff6dced36e9b0196e152bbfc409db42",created_at="2022-05-10 12:38:22",modified_at="2022-04-06 10:06:28"

datetime="2022-12-23 13:52:47",scan_id="4d7f0b1b-f771-4dd0-bb87-6453ff6341e8",os="Windows",hostname="DESKTOP-S5VJGLH",ip="192.168.0.23",infected_file="F:\code\pythonProject\malware_hash_scanner3\scan_test_dir\PCHunter32.exe",sha256="0544b99c52d607712d70351c6d9afb1fba6adb0de256baf662f06fdf6058aa3d",created_at="2022-05-10 11:36:04",modified_at="2017-08-14 02:27:08"

datetime="2022-12-23 13:52:48",scan_id="4d7f0b1b-f771-4dd0-bb87-6453ff6341e8",os="Windows",hostname="DESKTOP-S5VJGLH",ip="192.168.0.23",infected_file="F:\code\pythonProject\malware_hash_scanner3\scan_test_dir\report.xlsx",sha256="dd1dc1cb4ffa3e1b91f00496436416807f6153d53ac45e67ce1287c842bd5e3e",created_at="2022-04-27 23:53:33",modified_at="2021-09-07 10:52:40"

datetime="2022-12-23 13:52:48",scan_id="4d7f0b1b-f771-4dd0-bb87-6453ff6341e8",os="Windows",hostname="DESKTOP-S5VJGLH",ip="192.168.0.23",infected_file="F:\code\pythonProject\malware_hash_scanner3\scan_test_dir\TWOD_Launcher.exe",sha256="1d55ab0a703f2b8f5cc0d3cc93bedf7c03799b2b3e42defc83c175da8a125962",created_at="2022-04-27 23:54:50",modified_at="2022-04-07 09:14:08"

datetime="2022-12-23 13:52:49",scan_id="4d7f0b1b-f771-4dd0-bb87-6453ff6341e8",os="Windows",hostname="DESKTOP-S5VJGLH",ip="192.168.0.23",infected_file="F:\code\pythonProject\malware_hash_scanner3\scan_test_dir\unins000.exe",sha256="2da3b504c2b68219c0b4c6f062867dae091560c3f1e0735f1a7b17b1d79b5a90",created_at="2022-04-27 23:54:53",modified_at="2022-04-26 12:19:01"

datetime="2022-12-23 13:52:49",scan_id="4d7f0b1b-f771-4dd0-bb87-6453ff6341e8",os="Windows",hostname="DESKTOP-S5VJGLH",ip="192.168.0.23",infected_file="F:\code\pythonProject\malware_hash_scanner3\scan_test_dir\vmware-view.exe",sha256="17b21902170784d460fd0168e08f6e2075d6eb0a501093bc35184c550d73b5d8",created_at="2022-05-10 12:38:38",modified_at="2020-07-07 18:08:06"

```