anti-virus

Anti-Virus in Kali Linux

Hello fellows and instabl3ger’s, first of i will start saying that im addicted to this community, i feel the challenge growing up so fast, all the newbies, amateurs,advanced and professionals hackers around trying their best to help the community, badly but we got some script-kids too but anyway, today we are going to learn how to install and use clanAV in kali linux..

INTRODUCTION

Is no longer true when someone says your Linux or your Mac don’t get viruses, despite the Windows be more popular and more obviously targeted by malware, security systems do not always advance as quickly as their vulnerabilities. Fortunately it is possible to learn to protect without many difficulties.

So for guys like me that wanna take security to the paranoid level here we go.

what is ClanAV?

is a set of tools developed originally for UNIX operating systems, in addition to antivirus scan by command lines, it also scans e-mails and has a tool to update the database, as well as other features.

Installation


this process is so easy, we can get it using the apt-get commands, so lets start our kali linux
Before starting:

if you are using Kali since half the tools out there would be detected as a virus and whenever you make a payload it would also detect it as a virus. im using kali just to demonstrate how you can use it, you better use it on your own responsibility or in a non hacking distro

apt-get install clamav

To check the syntax and your options use
man clamscan

for the full option you can run
clamscan –help

SCANNING
Now lets scan our computer using the clamscan
clamscan

As you can see from the above screenshot its scanning file by file and flagging it with „OK “ that means the file is ok but have a look in that red underline.. it says“PHP -1 FOUND“ and from the summary its saying „1 infected file“ it means this file contains a virus and even tho this file is actually a shell that i use to test websites for shell upload vulnerability,the test showed us that it can catch knows threats, its good to run it daily so that you can check your files manually and make sure that is a trustable file.

Now you can remove this file manually,using the command „rm“ or just run
clamscan -r –remove /directory and it will remove all threats it found

Now lets scan a directory

For this example i will use the download directory as sometimes we might download trash from the internet its good to check every file we download

the „r“ means recursive scan
clamscan -r /root/Downloads

Luckily according to clamAv i dont have any threat inside my download folder..
for those lazies nullbyters you can use its gui version
just run
apt-get install clamtk
and after installation run it and start playing with the toys.

for today that is all if you wanna go deep on its full usage just RFM

Note: if you are using Kali since half the tools out there would be detected as a virus and whenever you make a payload it would also detect it as a virus. im using kali just to demonstrate how you can use it, you better use it on your own responsibility or in a non hacking distro

Eine Antwort schreiben