Change request: define by tags, what kind of files should be uploaded and tested by virustotal

cuckoosandbox / cuckoo

Cuckoo Sandbox is an automated dynamic malware analysis system

http://www.cuckoosandbox.org

Other

5.54k stars 1.7k forks source link

Change request: define by tags, what kind of files should be uploaded and tested by virustotal #2072

Open saintxseiya opened 6 years ago

saintxseiya commented 6 years ago

Hi,

i am sorry, pretty new to github, but I would like to request a functionality to decide when a file is uploaded to virustotal.

blacklisting and whitelisting would also be awesome.

I.e. blacklist: .doc; .pdf; .xls; etc. etc. every other file can be transmitted, like .exe etc. etc.

Is that possible? I am looking right now in the code if I can do that by myself.

Cheers,

Saint.

doomedraven commented 6 years ago

you can do whatever you want :P

saintxseiya commented 6 years ago

@doomedraven

Could you point me in the direction where the antivirus_virustotal.py is executed? As there should already by something, reading the other settings in the config file right?

i would add then there some decisions.

Thanks for helping :)

doomedraven commented 6 years ago

https://github.com/cuckoosandbox/cuckoo/blob/master/cuckoo/processing/virustotal.py this? https://github.com/cuckoosandbox/cuckoo/blob/master/cuckoo/common/virustotal.py

jbremer commented 6 years ago

@RicoVZ is working on functionality that would allow this in the future. No ETA currently though.