Closed Sh4d0wS4int closed 9 years ago
@Sh4d0wS4int What would you like to see it do? To date, we've tried to keep Maltrieve focused as a crawler rather than analysis per se, but I'm certainly open to hearing new ideas!
yeah the crawler is epic :) but what i thought is that it could be like a optional virustotal support which could store the Hashes in the HTML/DB (Json response) which could provide the ease the work of the initial static analysis just my suggestion though.
This to me really feels like scope creep. I understand the temptation, but this seems like a great use case for some kind of secondary tool. Just my 2 cents.
why i said this because we have cuckoo and others sandbox support why not virustotal after first thing people do is scan in virustotal well if you guys think it is a scope creep then it is fine with me
I like the idea as a secondary function like submit to cuckoo.
well there is one drawback to that public api key has a limitation regarding post Requests https://www.virustotal.com/en/documentation/public-api/
scan time too seems to be a issue
Yes, I think this function is best served with an add-on script rather than in the core functionality. I'll see if I can't find a good tool to recommend in the docs here.
The process I have with Maltrieve is to run on cron as well as submit to my cuckoo instance. Nice automated analysis. :)
i think the Virustotal Api support is missing in this awesome crawler so is it worth adding ? shall i try some code to it or is it in progress ?