GithubHelp home page GithubHelp logo

cyb3rchi3f / nsrl Goto Github PK

View Code? Open in Web Editor NEW

This project forked from malice-plugins/nsrl

0.0 0.0 0.0 3.3 MB

Malice NSRL Plugin

License: MIT License

Shell 10.69% Go 57.21% Makefile 23.95% Dockerfile 8.15%

nsrl's Introduction

NSRL logo

malice-nsrl

Circle CI License Docker Stars Docker Pulls Docker Image

Malice NSRL Plugin - This takes the 5.5 GB NSRL minimal set and converts it into a 77.4 MB bloom filter with an Estimate False Positive Rate of 0.001

This repository contains a Dockerfile of the NSRL lookup malice plugin malice/nsrl.

Dependencies

Image Tags

REPOSITORY          TAG                 SIZE
malice/nsrl         latest              117MB
malice/nsrl         0.1.0               117MB
malice/nsrl         sha1                117MB
malice/nsrl         md5                 117MB

NOTE:

  • tags latest and 0.1.0 are the same as sha1
  • tag sha1 can query by sha1 hash
  • tag md5 can query by md5 hash

Installation

  1. Install Docker.
  2. Download trusted build from public DockerHub: docker pull malice/nsrl

Usage

docker run --rm malice/nsrl --help

Usage: nsrl [OPTIONS] COMMAND [arg...]

Malice nsrl Plugin

Version: v0.1.0, BuildTime: 20161119

Author:
  blacktop - <https://github.com/blacktop>

Options:
  --verbose, -V  verbose output
  --help, -h     show help
  --version, -v  print the version

Commands:
  web     Create a NSRL lookup web service
  build   Build bloomfilter from NSRL database
  lookup  Query NSRL for hash
  help    Shows a list of commands or help for one command

Run 'nsrl COMMAND --help' for more information on a command.

Lookup By Hash md5|sha1

docker run --rm malice/nsrl:md5 lookup 829e4805b0e12b383ee09abdc9e2dc3c
docker run --rm malice/nsrl:sha1 lookup 5a272b7441328e09704b6d7eabdbd51b8858fde4
NAME:
   nsrl lookup - Query NSRL for hash

USAGE:
   nsrl lookup [command options] SHA1 to query NSRL with

OPTIONS:
   --elasticsearch value  elasticsearch url for Malice to store results [$MALICE_ELASTICSEARCH_URL]
   --post, -p             POST results to Malice webhook [$MALICE_ENDPOINT]
   --proxy, -x            proxy settings for Malice webhook endpoint [$MALICE_PROXY]
   --timeout value        malice plugin timeout (in seconds) (default: 10) [$MALICE_TIMEOUT]
   --table, -t            output as Markdown table

Sample Output


{
  "nsrl": {
    "found": true,
    "hash": "5A272B7441328E09704B6D7EABDBD51B8858FDE4"
  }
}


NSRL Database

  • Found โœ…

Documentation

Issues

Find a bug? Want more features? Find something missing in the documentation? Let me know! Please don't hesitate to file an issue

CHANGELOG

See CHANGELOG.md

Contributing

See all contributors on GitHub.

Please update the CHANGELOG.md and submit a Pull Request on GitHub.

License

MIT Copyright (c) 2015 blacktop

nsrl's People

Contributors

blacktop avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.