This is a Python module for interacting with an instance of Malware DB.
Assuming you already have Malware DB checked out:
python3 -m venv mdb-venv
source mdb-venv/bin/activate
pip install maturin
cd client-py
maturin develop
(ormaturin build
to create a distributable wheel)
If using this crate with another library, be sure to use the rust_lib
feature flag to avoid creating the Malware DB client module type. This could be useful for reusing the functions defined in this crate with another Python module.
- Import the module:
from malwaredb import MalwareDBClient
- Create a client object from one of three ways:
MalwareDBClient.from_file()
to use a configuration fileMalwareDBClient()
to have the client library find a configuration fileMalwareDBClient.connect(url, api_key, [cert_path])
to provide the URL, API key, and optional path for a certificate for encrypted communicationMalwareDBClient.login(url, username, password, save, [cert_path])
to provide the URL, user name, password, whether to save the configuration, and optional path for a certificate for encrypted communication
- Client functionality:
.get_file_bytes()
get a file from Malware DB.server_info()
get server information.submit_file()
submit a file to Malware DB.labels()
get available labels for samples.whoami()
get information about the user's account
- CaRT functionality:
malwaredb.cart.create_cart()
encodes bytes into aCaRT
bytesmalwaredb.cart.decode_cart()
decodesCaRT
bytes back into the original binary long with header and footer data. Seeclient-py/py_test/cart.py
.- Current limitations:
create_cart()
doesn't allow setting custom fields.decode_cart()
will not be able to return fields which aren't plain float, integer, or string types.
- See cart as an alternative
CaRT
module which is probably more feature-rich.