xvirus
/
Xvirus_CLI
1
0
Fork 0
Code Issues Releases 8 Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
13 Commits
1 Branch
8 Tags
390 MiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
Dani Santos c59d26713d
quick fix and documentation update 		4 months ago
bin quick fix and documentation update 4 months ago
README.md quick fix and documentation update 4 months ago

README.md

Xvirus CLI

Xvirus CLI 5.0

Table of Contents

Minimum Requirements

The following Operating Systems are supported:

  • Windows:
    • Windows 10 1607
    • Windows 11 22H2
    • Windows Server 2012
    • Windows Server Core 2012
  • Linux (glibc 2.35):
    • Alpine Linux 3.19
    • Azure Linux 3.0
    • CentOS Stream 9
    • Debian 12
    • Fedora 41
    • openSUSE Leap 15.6
    • Red Hat Enterprise Linux 8
    • SUSE Enterprise Linux 15.6
    • Ubuntu 22.04

Changelog

  • Version 5.0:

    • Updated to .NET 8
    • XvirusAI is now out of beta
    • XvirusAI now works on C++ bindings
    • Improved performance of heuristics engine
    • Added new settings: EnableSignatures, HeuristicsLevel, AILevel, MaxHeuristicsPeScanLength, MaxHeuristicsOthersScanLength, MaxAIScanLength, CheckSDKUpdates

  • Version 4.2.3:

    • Fixed Windows scan performance regression
    • Fixed ScanFolder command not working in CLI
    • Fixed ScanFolderString JSON not formatted correctly
    • Fixed update check always returning there was a update

  • Version 4.2.2:

    • Optimized scanning speed of PDF files
    • ScanResult now returns the file path
    • Added new ScanFolder() and ScanFolderString() functions

  • Version 4.2.1:

    • Optimized scanning speed of big files
    • Optimized scanning speed in Linux version

  • Version 4.2:

    • Reduced glibc minimum version to 2.17 on Linux
    • Added "Logging()" function to enable/disable logging
    • Added "BaseFolder()" function to set a custom base folder
    • Added new setting "DatabaseFolder" to set the Database folder path
    • Fixed C++ binding will return "Success=false" correctly when failing to scan a file

  • Version 4.1:

    • Upgraded from .NET 5 to .NET 7
    • C++ bindings now also support Linux
    • Changed how exceptions are handled in C++ bindings

  • Version 4.0:

    • Completely redone in .NET 5
    • Now supports Linux (CLI and C# bindings only)
    • Added XvirusAI scan engine (BETA)
    • Scan speed is up to 2x faster
    • Fixed memory usage spike when scanning large files
    • Removed file size limit for scanned files by default
    • The checkUpdate function can now check for SDK updates
    • Added 3 new settings "EnableAIScan", "MaxScanLength" and "DatabaseVersion"

Known Issues

  • The checkUpdate function can check for SDK/CLI updates but can't update it automatically
  • When loading or scanning files with the AI scanner, the TensorFlow library might print diagnostic information to the console. To suppress these messages, set the environment variable "TF_CPP_MIN_LOG_LEVEL" to "3" before starting the SDK/CLI.

Get Started

You can run it by opening executable file in the bin folder with a command as the execution argument. For example: XvirusCLI.exe interactive.

Avaiable Commands

You have the following commands available:

  • Interactive - Starts Xvirus CLI in interactive mode. When in this mode you can write commands and the executable will keep running until you call the quit command.
  • Quit - Stop Xvirus CLI execution.
  • Load 'force' - Loads Xvirus Scan Engine into memory, if set force=true it will reload the scan engine, even if it is already loaded.
  • Unload - Unloads Xvirus Scan Engine from memory.
  • Scan 'filepath' - Scans the file located at filepath. It will print one of the following messages:
    • "Safe" - If no malware is detected.
    • "Malware" - If malware is detected but the name isn't known.
    • Malware Name - If it is malware from a known family (example: "Trojan.Downloader").
    • "AI.{aiScore}" - Score of the file using XvirusAI from 0 to 100, the higher the score the more probable it is malicious (example: "AI.99.99").
    • "File not found!" - If no file is found in the submited path.
    • "File too big!" - If the file size is bigger than the set limit.
    • "Could not get file hash!" - There was an error calculating the hash of the file.
  • ScanFolder 'folderpath' - Scans all the files inside the folder at folderpath. It will print the scan result message for each file scanned.
  • Update 'loadDBAfterUpdate' - Checks and updates the databases and AI engine to the most recent versions. If loadDBAfterUpdate=true then it will reload the Xvirus Scan Engine after the update is done. It can print the following messages:
    • "There is a new SDK version available!"
    • "Database was updated!"
    • "Database is up-to-date!"
  • Logging 'enableLogging' - Sets and prints if Logging is enabled. If no enableLogging value is provided it will only print.
  • BaseFolder 'baseFolder' - Sets and prints the BaseFolder path. If no baseFolder value is provided it will only print.
  • Settings - Prints the settings.json file.
  • Version - Prints the version of the SDK/CLI.

Settings

Settings are located in the "settings.json" file in the root folder of the SDK/CLI. Available options:

Engine Settings

  • EnableSignatures - Enables signature-based scanning of files. Default: true
  • EnableHeuristics - Enables heuristics scanning of files. Default: true
  • EnableAIScan - Enables XvirusAI scan engine. Default: true

Scan Levels

  • HeuristicsLevel - Heuristics aggressiveness level from 1 to 5, higher is more aggressive. Default: 4
  • AILevel - AI scan aggressiveness level from 1 to 100, higher is more aggressive. Default: 10

File Size Limits

  • MaxScanLength - Maximum file size to be scanned in bytes. If set "null" then there is no limit. Default: null
  • MaxHeuristicsPeScanLength - Maximum PE file size for heuristics scanning in bytes. If set "null" then there is no limit. Default: 20971520 (20MB)
  • MaxHeuristicsOthersScanLength - Maximum non-PE file size for heuristics scanning in bytes. If set "null" then there is no limit. Default: 10485760 (10MB)
  • MaxAIScanLength - Maximum file size for AI scanning in bytes. If set "null" then there is no limit. Default: 20971520 (20MB)

Update Settings

  • CheckSDKUpdates - Enables checking for SDK updates. Default: true
  • DatabaseFolder - Path to the database folder, it accepts both relative and absolute paths. Default: "Database"
  • DatabaseVersion - KeyValue list of database files version. This is updated automatically when using the "checkUpdate()" function.

Example of a settings.json file:

{
  "EnableSignatures": true,
  "EnableHeuristics": true,
  "EnableAIScan": true,
  "HeuristicsLevel": 4,
  "AILevel": 10,
  "MaxScanLength": null,
  "MaxHeuristicsPeScanLength": 20971520,
  "MaxHeuristicsOthersScanLength": 10485760,
  "MaxAIScanLength": 20971520,
  "CheckSDKUpdates": true,
  "DatabaseFolder": "Database",
  "DatabaseVersion": {
    "AIModel": 0,
    "MainDB": 0,
    "DailyDB": 0,
    "WhiteDB": 0,
    "DailywlDB": 0,
    "HeurDB": 0,
    "HeurDB2": 0,
    "MalvendorDB": 0
  }
}

Exceptions

If any of the functions fail it may return an exception.

All exceptions are logged in the errorlog.txt file.