1. SRL Avatar SRL
  2. Default Project
  3. virusbattle-sdk

Wiki

Clone wiki

virusbattle-sdk / VbSDK Command Line

View History

REFERENCE: Command Line

vbSDK contains the program vbclient.py that provides access to its CLI as well as the library. When executed as a program it provides command line capability for uploading, querying, and downloading. When used as a package that may be used to integrate with your own internal systems to create a seamless automated malware analysis pipeline.

The following shows the help message printed by vbclient.py. The client is a swiss-army knife, providing access to all of VirusBattle services. As a result the program has a variety of options, though not all are meaningful for all actions.

Usage: vbclient.py [options] [arg]

General Options:
  -h, --help            show this help message and exit.
  -f, --force           Force resubmission, if the file already exists.
  -p PASSWORD, --password=PASSWORD
                        Password for Zip and 7z encrypted archives.
  -a ACTION, --action=ACTION
                        Action to perform. One of upload, reprocess, query,
                        download, map, status, show, search, matches,
                        myuploads. Default is: upload
  -o OUTDIR, --outdir=OUTDIR
                        Directory to save downloaded files. Default is:
                        ./Results
  --norecursive         Do not recursively visit children nodes.
  --test                Do a test run, don't actually upload.
  --lf=LISTFILE, --list-file=LISTFILE
                        File to keep list of filehashes that are uploaded.
                        Default is: UploadedHashes.txt
  --loglevel=LOGLEVEL   Select log level. One of: info, debug, warn, error.
                        Default is: warn.
  -v, --verbose         Verbose output.

  --enable_malware_download
                        Download Malware files. Malware download is disabled
                        by default.
  --downloadall         Download all files in the tree. By default only analyses output files are
                        downloaded.
  --zipbinary           Download binary files as zip. Default- as .exe file.

Show or Search Action related options:
  --xl, --noLibrary     eXclude Library functions from juice and similarity
                        responses
  --fullmatrix          Get full matrix search; default upperhalf only
  --threshold=THRESHOLD
                        Threshold for similarity matching
  -l LIMIT, --limit=LIMIT
                        limit similarity search results to semantically
                        equivalent (High similarity) or semantically similar procedures (Low similarity) only.

USAGE GUIDES

Updated