Malice McAfee AntiVirus Plugin
This repository contains a Dockerfile of mcafee.
- Install Docker.
- Download trusted build from public docker store:
docker pull malice/mcafee
docker run --rm malice/mcafee EICAR $ docker run --rm -v /path/to/malware:/malware:ro malice/mcafee FILE Usage: mcafee [OPTIONS] COMMAND [arg...] Malice McAfee AntiVirus Plugin Version: v0.1.0, BuildTime: 20180903 Author: blacktop - <https://github.com/blacktop> Options: --verbose, -V verbose output --elasticsearch value elasticsearch url for Malice to store results [$MALICE_ELASTICSEARCH_URL] --table, -t output as Markdown table --callback, -c POST results back to Malice webhook [$MALICE_ENDPOINT] --proxy, -x proxy settings for Malice webhook endpoint [$MALICE_PROXY] --timeout value malice plugin timeout (in seconds) (default: 120) [$MALICE_TIMEOUT] --help, -h show help --version, -v print the version Commands: update Update virus definitions web Create a McAfee scan web service help Shows a list of commands or help for one command Run 'mcafee COMMAND --help' for more information on a command.{ "mcafee": { "infected": true, "result": "EICAR test file", "engine": "5600.1067", "database": "9005", "updated": "20180903" } }| Infected | Result | Engine | Updated |
|---|---|---|---|
| true | EICAR test file | 5600.1067 | 20180903 |
- To write results to ElasticSearch
- To create a McAfee scan micro-service
- To post results to a webhook
- To update the AV definitions
Find a bug? Want more features? Find something missing in the documentation? Let me know! Please don't hesitate to file an issue.
- add licence expiration detection
See CHANGELOG.md
See all contributors on GitHub.
Please update the CHANGELOG.md and submit a Pull Request on GitHub.
MIT Copyright (c) 2017 blacktop