Crate malwaredb

Expand description

§Malware DB Python Client

This is a Python module for interacting with an instance of Malware DB.

§Installation

Assuming you already have Malware DB checked out:

python3 -m venv mdb-venv
source mdb-venv/bin/activate
pip install maturin
cd client-py
maturin develop

§Features

If using this crate with another library, be sure to use the rust_lib feature flag to avoid creating the Malware DB client module type. This could be useful for reusing the functions defined in this crate with another Python module.

§Use

Import the module: from malwaredb import MalwareDBClient
Create a client object from one of three ways:
- MalwareDBClient.from_file() to use a configuration file
- MalwareDBClient() to have the client library find a configuration file
- MalwareDBClient.connect(url, api_key, [cert_path]) to provide the URL, API key, and optional path for a certificate for encrypted communication
- MalwareDBClient.login(url, username, password, save, [cert_path]) to provide the URL, user name, password, whether to save the configuration, and optional path for a certificate for encrypted communication
Client functionality:
- .get_file_bytes() get a file from Malware DB
- .server_info() get server information
- .submit_file() submit a file to Malware DB
- .labels() get available labels for samples
- .whoami() get information about the user’s account
CaRT functionality:
- malwaredb.cart.create_cart() encodes bytes into a CaRT bytes
- malwaredb.cart.decode_cart() decodes CaRT bytes back into the original binary long with header and footer data. See client-py/py_test/cart.py.
- Current limitations:
  - create_cart() doesn’t allow setting custom fields.
  - decode_cart() will not be able to return fields which aren’t plain float, integer, or string types.
- See cart as an alternative CaRT module which is probably more feature-rich.

Modules§

cart: CaRT file I/O
types: Python wrapper types for some Malware DB API types

Constants§

MDB_VERSION: MDB version
VERSION