Git Product home page Git Product logo

malware-organiser's Introduction

Malware Organiser Tool

A simple tool to organise large malicious/benign files into a organised Structure.

Usage:

PreRequsite

Creation of Table

CREATE TABLE `file_meta` (
 `md5` varchar(40) NOT NULL,
 `sha256` varchar(80) NOT NULL,
 `mime` varchar(100) NOT NULL,
 `severity` varchar(10) NOT NULL,
 `timestamp` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
 `file_source` varchar(15) NOT NULL,
 `file_size` varchar(30) NOT NULL,
 `file_path` varchar(200) NOT NULL,
 `file_new_location` varchar(200) NOT NULL,
 `file_name` varchar(100) NOT NULL,
 `author` varchar(30) NOT NULL,
 `tags` varchar(250) NOT NULL,
 PRIMARY KEY (`md5`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1

Update Database Fields in the script file.

Edit the variable in the config.json file.

Application Usage

$ sudo python app.py  -h
usage: app.py [-h] -f FOLDER -src SOURCE -sev {malicious,clean} [-d DELETE] -a
              AUTHOR [-t TAGS]

optional arguments:
  -h, --help            show this help message and exit
  -f FOLDER, --folder FOLDER
                        Samples Folder/File
  -src SOURCE, --source SOURCE
                        Source from which malware is downloaded
  -sev {malicious,clean}, --severity {malicious,clean}
                        Benign or Malicious
  -d DELETE, --delete DELETE
                        Delete files from source folder after copying
  -a AUTHOR, --author AUTHOR
                        Author name
  -t TAGS, --tags TAGS  Tags to classify the samples

Index samples based on the Condition

$ python query.py -h
usage: database.py [-h] -m MIME [-s SIZE] -src SOURCE -sev {malicious,clean}
                   -a AUTHOR [-t TAGS]

optional arguments:
  -h, --help            show this help message and exit
  -m MIME, --mime MIME  Mime Type of Files for query
  -s SIZE, --size SIZE  Size query of files (Specify Range in MB like 1,2 or 1 )
  -src SOURCE, --source SOURCE
                        Source from which malware is downloaded
  -sev {malicious,clean}, --severity {malicious,clean}
                        Benign or Malicious
  -a AUTHOR, --author AUTHOR
                        Author name
  -t TAGS, --tags TAGS  Tags to classify the samples

Featues:

  1. Ability to classify malware/benign files based on the mime_type
  2. Index records in Database to fetch files which match different conditions like
    • All pdf files with size less than 1MB and collected from Virustotal(Source)
    • All clean files which are collected yesterday and are fresh files.
  3. Tagging different files based on family_name,source etc is implemented.

malware-organiser's People

Contributors

uppusaikiran avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.