Public | Automated Build

Last pushed: 3 months ago
Short Description
Malice NSRL Plugin
Full Description

malice-nsrl

Malice NSRL Plugin - This takes the 4.6 GB NSRL minimal set and converts it into a 64.5 MB bloom filter with an Estimate False Positive Rate of 0.001

This repository contains a Dockerfile of the NSRL lookup malice plugin malice/nsrl.

Dependencies

Installation

  1. Install Docker.
  2. Download trusted build from public DockerHub: docker pull malice/nsrl

Usage

docker run --rm malice/nsrl:md5 lookup MD5
docker run --rm malice/nsrl:sha1 lookup SHA1
Usage: nsrl [OPTIONS] COMMAND [arg...]

Malice nsrl Plugin

Version: v0.1.0, BuildTime: 20161119

Author:
  blacktop - <https://github.com/blacktop>

Options:
  --verbose, -V        verbose output
  --post, -p        POST results to Malice webhook [$MALICE_ENDPOINT]
  --proxy, -x        proxy settings for Malice webhook endpoint [$MALICE_PROXY]
  --table, -t        output as Markdown table
  --timeout value       malice plugin timeout (in seconds) (default: 10) [$MALICE_TIMEOUT]    
  --elasitcsearch value    elasitcsearch address for Malice to store results [$MALICE_ELASTICSEARCH]
  --help, -h        show help
  --version, -v        print the version

Commands:
  web        Create a NSRL lookup web service
  build        Build bloomfilter from NSRL database
  lookup    Query NSRL for hash
  help        Shows a list of commands or help for one command

Run 'nsrl COMMAND --help' for more information on a command.

Sample Output

JSON:


{
  "nsrl": {
    "found": true
  }
}

Markdown Table:


NSRL Database

  • Found :white_check_mark:

Documentation

Issues

Find a bug? Want more features? Find something missing in the documentation? Let me know! Please don't hesitate to file an issue

CHANGELOG

See CHANGELOG.md

Contributing

See all contributors on GitHub.

Please update the CHANGELOG.md and submit a Pull Request on GitHub.

License

MIT Copyright (c) 2016-2017 blacktop

Docker Pull Command
Owner
malice
Source Repository

Comments (0)