gomalshare

package module

v1.0.0 Latest Latest Go to latest Published: Apr 27, 2019 License: BSD-3-Clause Imports: 10 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/MonaxGT/gomalshare

Links

Open Source Insights

README ¶

MalShare client library

MalShare is a free Malware repository providing researchers access to samples, malicous feeds, and Yara results. Link to Malshare:

Usage example

go get -u github.com/MonaxGT/gomalshare

go test -api APIKEY -url URL

Simple example using library in cmd/gomalshare/main.go

package main

import (
	"flag"
	"fmt"

	"github.com/MonaxGT/gomalshare"
)

func main() {
	apiKeyPtr := flag.String("api", "", "API key MalShare")
	urlPtr := flag.String("url", "", "URL MalShare")
	flag.Parse()
	var err error
	var conf *gomalshare.Client

	// init function
	conf, err = gomalshare.New(*apiKeyPtr, *urlPtr) // Initiate new connection to API
	if err != nil {
		panic(err)
	}

	// example with return list of hashes last 24 hours
	var list24 *[]gomalshare.HashList
	list24, _ = conf.GetListOfHash24()
	fmt.Println(list24)

	// example with return list of types of downloading files last 24 hours
	typeCount, _ := conf.GetListOfTypesFile24()
	fmt.Println(typeCount)

	// example with return current api key limit
	var limitKey *gomalshare.LimitKey
	limitKey, _ = conf.GetLimitKey()
	fmt.Println(limitKey)

	// example with return information of files by using sample
	var search *[]gomalshare.SearchDetails
	search, err = conf.GetSearchResult("emotet")
	if err != nil {
		fmt.Println(err)
	}
	for _, v := range *search {
		fmt.Println(v.Md5)
	}
	// example upload file
	filename := "test.test"
	err = conf.UploadFile(filename)
	if err != nil {
		fmt.Println(err)
	}

	// example for download file by hash request
	file, err := conf.DownloadFileFromHash("95bc3d64f49b03749427fcd6601fa8a7")
	if err != nil {
		fmt.Println(err)
	}
	fmt.Println(string(file))
}

Documentation ¶

Index ¶

type Client
- func New(apiKey string, url string) (*Client, error)
type FileDetails
type HashList
type LimitKey
type SearchDetails

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Client ¶

type Client struct {
	// contains filtered or unexported fields
}

Client main struct

func New ¶

func New(apiKey string, url string) (*Client, error)

New constructor function

func (*Client) DownloadFileFromHash ¶

func (c *Client) DownloadFileFromHash(hash string) ([]byte, error)

DownloadFileFromHash return file for specific hash

func (*Client) GetLimitKey ¶

func (c *Client) GetLimitKey() (*LimitKey, error)

GetLimitKey return allocated number of API key requests per day and remaining

func (*Client) GetListOfHash24 ¶

func (c *Client) GetListOfHash24() (*[]HashList, error)

GetListOfHash24 return list hashes from the past 24 hours

func (*Client) GetListOfHash24Type ¶

func (c *Client) GetListOfHash24Type(typeFile string) (*[]HashList, error)

GetListOfHash24Type return list MD5/SHA1/SHA256 hashes of a specific type from the past 24 hours

func (*Client) GetListOfSource24 ¶

func (c *Client) GetListOfSource24() (*[]string, error)

GetListOfSource24 return list of sample sources from the past 24 hours

func (*Client) GetListOfTypesFile24 ¶

func (c *Client) GetListOfTypesFile24() (map[string]uint64, error)

GetListOfTypesFile24 return list of file types & count from the past 24 hours

func (*Client) GetSearchResult ¶

func (c *Client) GetSearchResult(str string) (*[]SearchDetails, error)

GetSearchResult return details form search sample hashes, sources and file names

func (*Client) GetStoredFileDetails ¶

func (c *Client) GetStoredFileDetails(hash string) (*FileDetails, error)

GetStoredFileDetails return stored file details

func (*Client) UploadFile ¶

func (c *Client) UploadFile(filename string) error

UploadFile used for upload using FormData field "upload"

type FileDetails ¶

type FileDetails struct {
	HashList
	Ssdeep  string   `json:"ssdeep,omitempty"`
	FType   string   `json:"f_type,omitempty"`
	Sources []string `json:"sources,omitempty"`
}

FileDetails unmarshal special fields

type HashList ¶

type HashList struct {
	Md5    string `json:"md5,omitempty"`
	Sha1   string `json:"sha1,omitempty"`
	Sha256 string `json:"sha256,omitempty"`
}

HashList struct for unmarshal general hash fields

type LimitKey ¶

type LimitKey struct {
	Limit     string `json:"limit,omitempty"`
	Remaining string `json:"remaining,omitempty"`
}

LimitKey struct for unmarshal limits of API

type SearchDetails ¶

type SearchDetails struct {
	HashList
	TypeSample string `json:"type,omitempty"`
	Added      uint64 `json:"added,omitempty"`
	Source     string `json:"source,omitempty"`
	YaraHits   struct {
		Yara []string `json:"yara,omitempty"`
	} `json:"yarahits,omitempty"`
	Parentfiles []interface{} `json:"parentfiles,omitempty"`
	Subfiles    []interface{} `json:"subfiles,omitempty"`
}

SearchDetails return searching result

Source Files ¶

View all Source files

gomalshare.go

Directories ¶

Path	Synopsis
cmd
gomalshare

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL