Vscan
Jump to navigation
Jump to search
Description
Vscan is a framework composed of tools intended to be used in Command Line (CLI) as an advanced grep:
- vscan-highlight:
- vscan-report: Tabulate descriptive statistics from a summary database
- vscan-scan-dir: Recursively scan a directory using filters and sensors
- vscan-scan-tarball: Perform an offline scan on an archive of content samples captured by an earlier invocation of vscan-scan-dir
- vscan-summarize: Convert scan logs into a queryable sqlite3 database of scan results
- vscan-view: Render a highlighted view of an input file using sensors as described in vscan-config
Installation
Prerequisites
libarchive
$ sudo aptitude install libarchive-dev
zlib
$ sudo aptitude install zlib1g-dev
sqlite3
$ sudo aptitude install libsqlite3-dev
lua
$ sudo aptitude install liblua5.1-0-dev
re2
$ cd /data/src/ $ wget https://re2.googlecode.com/files/re2-20130115.tgz $ tar xzvf re2-20130115.tgz $ cd re2/ $ make $ sudo make install
pandoc
$ sudo aptitude install pandoc
Installation of vscan
$ cd /data/src/ $ git clone https://github.com/mstone/vscan.git $ cd vscan/ $ ./configure $ make $ sudo make install