Skip to content
  • 7.2.2
  • b5a78df
  • Compare
    Choose a tag to compare
    Search for a tag
  • 7.2.2
  • b5a78df
  • Compare
    Choose a tag to compare
    Search for a tag

@extremeshok extremeshok released this Dec 20, 2020

  • eXtremeSHOK.com Maintenance
  • Use POSIX character classes instead of literals
  • Prevent linuxmalwaredetect yara files being extracted when yara is not supported
  • Replace echo with xshok_pretty_echo_and_log to silence database cleanup cron messages
Assets 2
  • 7.2.1
  • b94125b
  • Compare
    Choose a tag to compare
    Search for a tag
  • 7.2.1
  • b94125b
  • Compare
    Choose a tag to compare
    Search for a tag

@extremeshok extremeshok released this Dec 14, 2020 · 9 commits to master since this release

  • eXtremeSHOK.com Maintenance
  • Change yararule email/Email_generic_phishing.yar to HIGH
  • New config option: force_host, by default dig is used when dig and host is present.
  • Refactor and correct the assigning of binaries/commands
  • Fix broken yara rule database names: Maldoc_hancitor_dropper and Maldoc_APT19_CVE-2017-1099
  • Ensure only dig or host is used when either dig or host is enabled
  • Enable remove_disabled_databases by default
  • Fix disabled databases removed when "$remove_disabled_databases" is set to "no"
  • Incremented the config to version 95
Assets 2
  • 7.2
  • 5269b72
  • Compare
    Choose a tag to compare
    Search for a tag
7.2
  • 7.2
  • 5269b72
  • Compare
    Choose a tag to compare
    Search for a tag

@extremeshok extremeshok released this Dec 7, 2020 · 24 commits to master since this release

  • eXtremeSHOK.com maintenance
  • Database rating downgrades are now supported, eg, changing from HIGH to LOW will remove the HIGH and MEDIUM rated databases.
  • Disabled databases are automatically removed
  • Disable databases by setting the rating to "DISABLED" eg. securiteinfo_dbs_rating="DISABLED" will disable all securiteinfo databases
  • Added Malware Expert databases (non-free)
  • Added interServer databases (free)
  • Reworked securiteinfo premium databases (non-free)
  • Added malwarepatrol_db to specify the exact database name (default: malwarepatrol.db)
  • Added detection of tar executable (use gtar on mac and bsd)
  • Config os.macosx.conf renamed to os.macos.conf
  • Fix: set ownership of last-version-check.txt
  • More automated linting and testing (markdown and macOS / osx) via travis-ci
  • Updated macOS installation guide for Big Sur (OSX 11)
  • Incremented the config to version 94
  • Thank you @dandanio @jkellerer @msapiro @shawniverson
  • Enforce HTTPS validation by default
  • Updated sanesecurity publickey.gpg url to use SSL
  • Ignore yara files that include modules
  • Enabled yararulesproject rules by default
  • os.gentoo.conf: disable updates and upgrade checks
  • Fix: URLhaus log message
  • Fix wrong download URL for MalwarePatrol
  • Fix: fallback to host if dig is not used
  • Disable cron MAILTO
  • BSD read config fix
  • Incremented the config to version 92
  • Thank you @dandanio @jkellerer @m0urs @Mrothyr @msapiro @orlitzky @RobbieTheK @SlothOfAnarchy
Assets 2
  • 7.0.1
  • 5369095
  • Compare
    Choose a tag to compare
    Search for a tag
  • 7.0.1
  • 5369095
  • Compare
    Choose a tag to compare
    Search for a tag

@extremeshok extremeshok released this Jan 25, 2020 · 142 commits to master since this release

Disable yara project rules duplicated in rxfn.yara (Thanks @dominicraf)
Incremented the config to version 91

Assets 2
7.0

@extremeshok extremeshok released this Jan 24, 2020 · 158 commits to master since this release

  • eXtremeSHOK.com Maintenance
  • Added urlhaus database
  • Added extra yararulesproject databases
  • Added new linuxmalwaredetect yara file
  • Automatic upgrades ( --upgrade )
  • Added --upgrade command line option
  • Option to disable automatic upgrades ( allow_upgrades )
  • Option to disable update checks (allow_update_checks)
  • Increase download time to 1800 seconds from 600 seconds
  • os.conf takes preference over os.***.conf
  • Warn if there are multiple os.***.conf files
  • More sanity checks to help users and prevent errors
  • Better output of --info
  • Fix all known bugs
  • Implement all suggestions
  • Fixed yararulesproject database names
  • Correctly silence curl and wget
  • New linuxmalwaredetect logic
  • New malwarepatrol logic
  • Suppress --- and === from the logs
  • Update the documentation / guides
  • Increase minimum clamav version for yara rules to 0.100 or above
  • Fix systemd.timer and systemd.service files
  • More travis-ci tests
  • Added os.alpine.conf
  • Added debug options/mode to config
  • Set minimum config required to 90
  • Lots of refactoring and optimizing
  • Only check for and notify about script updates every 12hours
  • Incremented the config to version 90
Assets 2
  • 6.1.1
  • 51c9064
  • Compare
    Choose a tag to compare
    Search for a tag
  • 6.1.1
  • 51c9064
  • Compare
    Choose a tag to compare
    Search for a tag

@extremeshok extremeshok released this Sep 2, 2019 · 239 commits to master since this release

eXtremeSHOK.com Maintenance
Update os.archlinux.conf, thanks @amishmm
master.conf set default dbs rating to medium
user.conf better suggested values
Default to using curl, less logic required (lower cpu)
force_curl replaced with force_wget
Fix: suppress all non-error output under cron/non interactive terminal
Fix: check log file is not a link before setting permissions, only set if owned by root.
Fix: failed to create symbolic link
Fix: curl --compress ->> curl --compressed
Minor enhancement to travis-ci checks
Incremented the config to version 77

Assets 2
  • 6.1.0
  • fea47d8
  • Compare
    Choose a tag to compare
    Search for a tag
  • 6.1.0
  • fea47d8
  • Compare
    Choose a tag to compare
    Search for a tag

@extremeshok extremeshok released this Aug 27, 2019 · 270 commits to master since this release

  • eXtremeSHOK.com Maintenance
  • Thanks Reio Remma & Oliver Nissen
  • fail added to all curl commands
  • Fix: Missing logic for LOWMEDIUMONLY | MEDIUMHIGHONLY | HIGHONLY databases
  • Support for either os.osname.conf or os.conf files (no more needing to rename the os.osname.conf to os.conf)
  • Where possible replaced echo with xshok_pretty_echo_and_log
  • Refactor xshok_pretty_echo_and_log and make all notices styles consistent
  • Silence output when run under cron
  • add MAILTO=root to the generated cron file
  • Add full proxy support for wget, curl, rsync, dig, host
  • Better support for proxy config variables
  • New config variable: git_branch (defaults to master for the update checks)
  • allow -w signature for quicker whitelisting
  • Sanitize whitelist input string (Remove quotes and .UNOFFICIAL)
  • Added Full support for Hash-based Signature Databases
  • User.conf is pre-configured with default options to allow for quicker setup
  • Default sanesecurity and linuxmalwaredetect to enabled
  • Increase default retries from 3 to 5
  • Ensure log file permissions are correct
  • Better update comparison check, only notify if newer
  • Incremented the config to version 76
Assets 2

@extremeshok extremeshok released this Jul 31, 2019 · 316 commits to master since this release

Assets 2

@extremeshok extremeshok released this Jul 31, 2019 · 317 commits to master since this release

  • eXtremeSHOK.com Maintenance & Refactoring
  • Add timestamp support (do not re-download not modified files, saves bandwidth)
  • wget and curl uses compression for the transfer (detected when supported, saves bandwidth)
  • Posix compliance 'which' replaced with 'command -v'
  • More escaped characters, shellcheck compliance
  • Option added : force_curl , to force the usage of curl instead of wget
  • Workaround for wget, which cannot do --timestamping and --output-document together
  • Added SECURITEINFO securiteinfoold.hdb
  • set malwarepatrol_free = no , when malwarepatrol_product_code != 8
  • Fix: remove hardcoded malwarepatrol_product_code
  • Fix: os.macosx.conf service: command not found
  • Fix: whitelist a MalwarePatrol signature
  • More reliable version checking
  • Fix: Clamscan database integrity test
  • Fix: version comparison of minimum Yara @bytesplit
  • Use custom config directory @amish
  • unzip option -j was removed @wotomg
  • ZCS 8.7 updates @tonster
  • Logic fixes @Claus-Justus Heine
  • Specify correct path for systemd units @SlothOfAnarchy
  • Avoid hardcoded path to BASH @rseichter
Assets 2

@extremeshok extremeshok released this Mar 18, 2017 · 379 commits to master since this release

  • eXtremeSHOK.com Maintenance
  • Bug Fix GPG always being disabled, thanks @orlitzky
Assets 2