Add shorter output format for 'scan' mode

chainguard-dev / malcontent

detect malicious program behaviors

Apache License 2.0

407 stars 26 forks source link

Add shorter output format for 'scan' mode #457

Closed tstromberg closed 2 weeks ago

tstromberg commented 2 weeks ago

Example output:

[CRIT] ../bincapz-samples/linux/2021.FontOnLake/45E9.elf: 3P/elastic/rootkit/fontonlake (Detects Linux Rootkit Fontonlake (Linux.Rootkit.Fontonlake)), 3P/signature_base/susp/elf (Detects a suspicious ELF binary with UPX compression)

tip: For detailed analysis, run: bincapz analyze <path>