Maltrieve - Tool To Retrieve Malware Directly From the Source
Maltrieve is a python tool that allows you to retrieve malware directly from the sources as listed at a number of sites.
Currently it can crawl the following:
Currently it can crawl the following:
It requires the following dependencies:
Usage:
maltrieve [-h] [-p PROXY] [-d DUMPDIR] [-l LOGFILE] [-x] [-v] [-c] [-s]-h, --help show this help message and exit
-p PROXY, --proxy PROXY
Define HTTP proxy as address:port
-d DUMPDIR, --dumpdir DUMPDIR
Define dump directory for retrieved files
-l LOGFILE, --logfile LOGFILE
Define file for logging progress
-x, --vxcage Dump the files to a VxCage instance
-v, --viper Dump the files to a Viper instance
-r, --crits Dump the file and domain to a CRITs instance
-c, --cuckoo Enable Cuckoo analysis
-s, --sort_mime Sort files by MIME type
Cron can be used to automate the execution of Maltrieve. The following example is provided to help get you started. It will create a cron job that will run Maltrieve every day at 2:01 as a standard user.
As a user, execute
crontab -eIf installed normally, add the following to the end of the file.
01 02 * * * maltrieve <optional flags>If downloaded to a folder and executed, add the following to the end of the file.
01 02 * * * cd </folder/location> && /usr/bin/python maltrieve.py <optional flags>Note: Red Hat systems will need to ensure that the user is added to the /etc/cron.allow file.
Source: www.effecthacking.com
Maltrieve - Tool To Retrieve Malware Directly From the Source
Reviewed by Anonymous
on
7:50 AM
Rating:
Reviewed by Anonymous
on
7:50 AM
Rating:
