Crate amsi[−][src]
Antimalware Scan Interface
The "Antimalware Scan Interface" is an API by Microsoft, this crate is a safe wrapper for the native API.
Example
extern crate amsi; fn main() { let malicious_file = r"X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*"; let ctx = amsi::AmsiContext::new("emailscanner-1.0.0").unwrap(); let session = ctx.create_session().unwrap(); let result = session.scan_string(r"C:\eicar-test.txt", malicious_file).unwrap(); println!("malicious = {}", result.is_malware()); }
Note
This crate only works with Windows 10, or Windows Server 2016 and above due to the API it wraps.
Structs
AmsiContext |
A Context that can be used for scanning payloads. |
AmsiResult |
Allows you to tell if a scan result is malicious or not. |
AmsiSession |
Represents a scan session. |
WinError |
Represents a Windows Error |