usage

Using Malice

• Download All Malice Plugins
• Run Malice
• Lookup a Hash
• Scan Some Malware
• Watch a Folder

Download All Malice Plugins

$ malice plugin update --all

NOTE: pulling down all of the plugins can take a long time depending on your network speed.

Run Malice

$ export MALICE_VT_API=<YOUR API KEY>
$ malice

NOTE: Malice has just created a .malice folder in your home directory. This is used to store the config.toml/plugins.toml that you can change.

Usage: malice [OPTIONS] COMMAND [arg...]

Open Source Malware Analysis Framework

Version: 0.1.0-alpha, build HEAD

Author:
  blacktop - <https://github.com/blacktop>

Options:
  --debug, -D  	Enable debug mode [$MALICE_DEBUG]
  --help, -h   	show help
  --version, -v	print the version

Commands:
  scan		Scan a file
  watch		Watch a folder
  lookup	Look up a file hash
  elk		Start an ELK docker container
  plugin	List, Install or Remove Plugins
  help		Shows a list of commands or help for one command

Run 'malice COMMAND --help' for more information on a command.

Lookup a Hash

$ malice lookup 6fe80e56ad4de610304bab1675ce84d16ab6988e

See Lookup Output

Scan Some Malware

$ malice scan befb88b89c2eb401900a68e9f5b78764203f2b48264fcc3f7121bf04a57fd408

See Scan Output

Watch a Folder

$ malice watch .

INFO[0000] Malice watching folder: .                     env=development