clamav

malice-clamav

Malice ClamAV AntiVirus

This repository contains a Dockerfile of ClamAV for Docker's trusted build published to the public DockerHub.

Dependencies

• malice/alpine

Installation

1. Install Docker.
2. Download trusted build from public DockerHub: docker pull malice/clamav

Usage

docker run --rm malice/clamav EICAR

Or link your own malware folder:

$ docker run --rm -v /path/to/malware:/malware:ro malice/clamav FILE

Usage: clamav [OPTIONS] COMMAND [arg...]

Malice ClamAV Plugin

Version: v0.1.0, BuildTime: 20180903

Author:
  blacktop - <https://github.com/blacktop>

Options:
  --verbose, -V          verbose output
  --table, -t            output as Markdown table
  --callback, -c         POST results to Malice webhook [$MALICE_ENDPOINT]
  --proxy, -x            proxy settings for Malice webhook endpoint [$MALICE_PROXY]
  --elasticsearch value  elasticsearch url for Malice to store results [$MALICE_ELASTICSEARCH_URL]
  --timeout value        malice plugin timeout (in seconds) (default: 60) [$MALICE_TIMEOUT]
  --help, -h             show help
  --version, -v          print the version

Commands:
  update  Update virus definitions
  web     Create a ClamAV scan web service
  help    Shows a list of commands or help for one command

Run 'clamav COMMAND --help' for more information on a command.

Sample Output

JSON

{
  "clamav": {
    "infected": true,
    "result": "Eicar-Test-Signature",
    "engine": "0.99.2",
    "known": "5630857",
    "updated": "20170123",
    "error": ""
  }
}

Markdown

ClamAV

Documentation

• To write results to ElasticSearch
• To create a ClamAV scan micro-service
• To post results to a webhook
• To update the AV definitions

Issues

Find a bug? Want more features? Find something missing in the documentation? Let me know! Please don't hesitate to file an issue.

CHANGELOG

See CHANGELOG.md

Contributing

See all contributors on GitHub.

Please update the CHANGELOG.md and submit a Pull Request on GitHub.

License

MIT Copyright (c) 2016 blacktop