You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Dani Santos 2c4cbc4f6e Version 4.0.4 3 years ago
bin Version 4.0.4 3 years ago
README.md Version 4.0.4 3 years ago

README.md

Xvirus CLI 4.0.4

Xvirus CLI 4.0.4.

Table of Contents

Minimum Requirements

To run Xvirus CLI you need:

Changelog

  • Completely redone in .NET 5
  • Now supports Linux (CLI and C# bindings only)
  • Added XvirusAI scan engine (BETA)
  • Scan speed is up to 2x faster
  • Fixed memory usage spike when scanning large files
  • Removed file size limit for scanned files by default
  • The checkUpdate function can now check for SDK updates
  • Added 3 new settings "EnableAIScan", "MaxScanLength" and "DatabaseVersion"

Known Issues

  • XvirusAI engine is still in BETA. It is not recomended to use in production yet.
  • The checkUpdate function can now check for SDK updates but can't update it

Get Started

You can run it by opening executable file in the bin folder with a command as the execution argument. For example: XescSDK.exe interactive.

Avaiable Commands

You have the following commands available:

  • Interactive - Starts Xvirus CLI in interactive mode. When in this mode you can write commands and the executable will keep running until you call the quit command.
  • Quit - Stop Xvirus CLI execution.
  • Load 'force' - Loads Xvirus Scan Engine into memory, if set force=true it will reload the scan engine, even if it is already loaded.
  • Unload - Unloads Xvirus Scan Engine from memory.
  • Scan 'filepath' - Scans the file located at filepath. It will print one of the following messages:
    • "Safe" - If no malware is detected.
    • "Malware" - If malware is detected but the name isn't known.
    • Malware Name - If it is malware from a known family (example: "Trojan.Downloader").
    • "AI.{aiScore}" - Score of the file using XvirusAI from 0 to 100, the higher the score the more probable it is malicious (example: "AI.99").
    • "File not found!" - If no file is found in the submited path.
    • "File too big!" - If the file size is bigger than the set limit.
    • "Could not get file hash!" - There was an error calculating the hash of the file.
  • Update 'checkSDKUpdates' 'loadDBAfterUpdate' - Checks and updates the databases and AI engine to the most recent versions. If checkSDKUpdates=true then it will also check for SDK updates. If loadDBAfterUpdate=true then it will reload the Xvirus Scan Engine after the update is done. It can print the following messages:
    • "There is a new SDK version available!"
    • "Database was updated!"
    • "Database is up-to-date!"
  • Settings - prints the settings.json file.
  • Version - prints the version of the SDK/CLI.

Settings

Settings are located in the "settings.json" file in the root folder of the SDK. There are 4 avaiable options:

  • EnableHeuristics - Enables heuristics scanning of files. Default: true
  • EnableAIScan - Enables XvirusAI scan engine. This feature is still in BETA. Default: false
  • MaxScanLength - Maximum file size to be scanned in bytes. If set "null" then there is no limit. Default: null
  • DatabaseVersion - KeyValue list of database files version. This is updated automatically when using the "checkUpdate()" function.

Example of a settings.json file:

{
  "EnableHeuristics": true,
  "EnableAIScan": false,
  "MaxScanLength": null,
  "DatabaseVersion": {
    "AIModel": 0,
    "MainDB": 0,
    "DailyDB": 0,
    "WhiteDB": 0,
    "DailywlDB": 0,
    "HeurDB": 0,
    "HeurDB2": 0,
    "MalvendorDB": 0
  }
}

Exceptions

If any of the functions fail it may return an exception. Exception will stop the execution of the CLI.

All exceptions are logged in the errorlog.txt file.