cbi / php-malware-checker
This package checks if a hash or a file is registered as malware in Team Cymru database
Requires (Dev)
- phpunit/phpunit: ~7.0
This package is not auto-updated.
Last update: 2022-01-26 18:03:26 UTC
README
This package checks if a given hash or file is registered as malware in Team Cymru database.
Installation
Install via composer:
composer require cbi/php-malware-checker
How to use it
If you don't have the hash you can generate it using a resouce or the uri to the file, by default it uses the md5 algo:
// Generate a hash from a resource MalwareChecker::makeHash($resouce); // fea80f2db003d4ebc4536023814aa885 MalwareChecker::makeHash($resouce, 'sha1'); // 38f00f8738e241daea6f37f6f55ae8414d7b0219 // Generate a hash from an uri MalwareChecker::makeHash($uri); // fea80f2db003d4ebc4536023814aa885 MalwareChecker::makeHash($uri, 'sha1'); // 38f00f8738e241daea6f37f6f55ae8414d7b0219 // Generate multiple hashes from one file MalwareChecker::makeHashes($uri, ['md5', 'sha1']) // ['fea80f2db003d4ebc4536023814aa885', '38f00f8738e241daea6f37f6f55ae8414d7b0219'] MalwareChecker::makeHashes($resouce, ['md5', 'sha1']) // ['fea80f2db003d4ebc4536023814aa885', '38f00f8738e241daea6f37f6f55ae8414d7b0219']
To check the generated hashes you can use two methods, check and checkMany, they use different protocols to avoid cluttering the database.
To check a single hash use the following function:
MalwareChecker::check($infectedHash); // ['hash' => 'f58628917abcbcfb2b2258b6b46bf721', timestamp => '1511919759' detection_percentage => '68'] MalwareChecker::check($safeHash); // false
To check multiple hashed use checkMany method, this method only returns the infected hashes among all the provided:
MalwareChecker::checkMany($hashes); // [ ... ['hash' => 'f58628917abcbcfb2b2258b6b46bf721', timestamp => '1511919759' detection_percentage => '68']]
Testing
Execute tests using vendor/bin/phpunit from the project root.
License
MIT. Copyright (c) CBI Consulting.