vmonkey: separate processing from output.

decalage2 / ViperMonkey

A VBA parser and emulation engine to analyze malicious macros.

1.05k stars 186 forks source link

vmonkey: separate processing from output. #8

Closed Lastpixl closed 8 years ago

Lastpixl commented 8 years ago

Make both process_file() and process_file_scanexpr() output a dict containing results. Remove all print statements. This allows them to be used from external python modules.

Move display display_processing_results, with an optional argument to specify a file descriptor for external output.

decalage2 commented 8 years ago

process_file is actually meant to be used only when vmonkey is launched from the command line. (as in oletools)

I have not documented it yet, but if you want to use the ViperMonkey engine from your own scripts, the best is to use the ViperMonkey class from the vipermonkey.core package.

It's a bit rough for now, and some pre-processing needs to be done as in process_file, but it's the idea. I will improve the ViperMonkey API to make it easier to use - when I have more spare time.

Lastpixl commented 8 years ago

Hi, Thanks for this explanation, I'll try using the ViperMonkey class.