- Rising amount of total malware and Potentially Unwanted Applications (PUA).
- Multi AV file analyzer for better accuracy and efficiency.
- Ease of use and deployment. Platform agnostic property.
- Open source resources (Cost effective).
- API support and building automation.
- Front End: HTML5, CSS3, Java Script
- Backend: Python, Flask, AWS - DynamoDB and S3, AV components - Virus Total, Clam AV and crowd sourced Yara rules.
-
Download the source code onto your machine or any cloud instance.
-
Install Docker.
-
Replace the AWS credentials in
config/aws/credentials
with your AWS keys. (To access S3 and DynamoDB services). -
Replace the certificates in
config/backend/certs
with your certificate key pair. (To encrypt the communication between frontend and backend through HTTPS) -
Create new or use an existing email ID that can be used for sending reports. REVISOR_EMAIL
-
Generate a virus total API key. VT_API_KEY
-
Update the below ENVIRONMENT variables in
docker_files/docker-compose.yaml
:- REVISOR_EMAIL
- REVISOR_EMAIL_PASSWORD
- VT_API_KEY
- CLAMD_IP
-
Run below command to set up the docker images and run the containers
sudo docker-compose up -d
High level architecture of the project is shown below:
Front end website/UI to upload the file to be analyzed
File anayzer report is sent in the form of email. Reports include the summary PDF report and additional files for more context.
APIs exposed as part of the project and can be used after the deployment is sucessful
GET <host>:443/
- browse home page on the browserGET <host>:5000/
- Health check APIPOST <host>:5000/upload_file
- Upload file for scanning
This is a student project (POC) and is not meant for use in production.