Dani Santos
f644f4b1d7
|
2 years ago | |
---|---|---|
bin | 2 years ago | |
example | 2 years ago | |
headers | 2 years ago | |
README.md | 2 years ago | |
functions.JPG | 2 years ago |
README.md
Xvirus SDK C++
Xvirus SDK 4.1 C++ bindings.
Table of Contents
Minimum Requirements
No minimum requirements needed!
Changelog
-
Version 4.1:
- Upgraded from .NET 5 to .NET 7
- C++ bindings now also support Linux
- Removed Minimum Requirements on C++ bindings and CLI
- Changed how exceptions are handled in C++ bindings
-
Version 4.0:
- Completely redone in .NET 5
- Now supports Linux (CLI and C# bindings only)
- Added XvirusAI scan engine (BETA)
- Scan speed is up to 2x faster
- Fixed memory usage spike when scanning large files
- Removed file size limit for scanned files by default
- The checkUpdate function can now check for SDK updates
- Added 3 new settings "EnableAIScan", "MaxScanLength" and "DatabaseVersion"
Known Issues
- XvirusAI engine is still in BETA. It is not recomended to use in production yet.
- XvirusAI engine does not work in C++ bindings.
- The checkUpdate function can now check for SDK updates but can't update it
Get Started
The "example
" folder contains an example project on how to import and use Xvirus SDK in C++.
This project shows you how to dynamically load Xvirus SDK (XvirusSDK.dll
) for both Windows and Linux and call a function. You can also read more here.
You can run it by building it, copying the files from the bin
folder to the output folder of the build and then running xvbdc.exe
.
Avaiable Functions
You can find the definition of all functions and structs in the file xvneng.h
located in the "headers" folder.
- load - Loads Xvirus Scan Engine into memory, if set
force
=true it will reload the scan engine, even if it is already loaded. - unload - Unloads Xvirus Scan Engine from memory.
- scan - Scans the file located at
filepath
. It will return aScanResult
. - scanAsString - Scans the file located at
filepath
. It will return one of the following strings:- "Safe" - If no malware is detected.
- "Malware" - If malware is detected but the name isn't known.
- Malware Name - If it is malware from a known family (example: "Trojan.Downloader").
- "AI.{aiScore}" - Score of the file using XvirusAI from 0 to 100, the higher the score the more probable it is malicious (example: "AI.99").
- "File not found!" - If no file is found in the submited path.
- "File too big!" - If the file size is bigger than the set limit.
- "Could not get file hash!" - There was an error calculating the hash of the file.
- checkUpdates - Checks and updates the databases and AI engine to the most recent versions. If
checkSDKUpdates
=true then it will also check for SDK updates. IfloadDBAfterUpdate
=true then it will reload the Xvirus Scan Engine after the update is done. It can return the following strings:- "There is a new SDK version available!"
- "Database was updated!"
- "Database is up-to-date!"
- getSettings - returns a string representation of the
settings.json
file. - version - returns the version of the SDK/CLI.
Model
The scan
function returns a struct ScanResult
with the following properties:
struct ScanResult {
bool sucess; // true if scan was sucessful
bool isMalware; // true if malware
double score; // between 0 and 1, higher score means more likely to be malware, -1 if there was an error
wchar_t* name; // detection name
wchar_t* error; // error message, only has value if success=false
};
All other functions return a struct ActionResult
with the following properties:
struct ActionResult {
bool sucess; // true if action was sucessful
wchar_t* result; // result message, only has value if success=true
wchar_t* error; // error message, only has value if success=false
};
Settings
Settings are located in the "settings.json
" file in the root folder of the SDK. There are 4 avaiable options:
- EnableHeuristics - Enables heuristics scanning of files. Default: true
- EnableAIScan - Enables XvirusAI scan engine. This feature is still in BETA. Default: false
- MaxScanLength - Maximum file size to be scanned in bytes. If set "null" then there is no limit. Default: null
- DatabaseVersion - KeyValue list of database files version. This is updated automatically when using the "checkUpdate()" function.
Example of a settings.json
file:
{
"EnableHeuristics": true,
"EnableAIScan": false,
"MaxScanLength": null,
"DatabaseVersion": {
"AIModel": 0,
"MainDB": 0,
"DailyDB": 0,
"WhiteDB": 0,
"DailywlDB": 0,
"HeurDB": 0,
"HeurDB2": 0,
"MalvendorDB": 0
}
}
Exceptions
If any of the functions fails the success
property returns false
and the error
property contains the error message.
All exceptions are logged in the errorlog.txt
file.