veinmind-malicious is a mirror malicious file scanning tool developed by Changting Technology
- Quickly scan images for malicious files (ClamAV and VirusTotal are currently supported)
- Supports the 'docker'/' containerd 'container runtime
- Support JSON/CLI/HTML
- linux/amd64
- linux/386
- linux/arm64
- linux/arm
Please install libveinmind, installation method can refer to [official documentation] (https://github.com/chaitin/libveinmind)
make run ARG="scan xxx"
Compile the executable
make build
Run the executable file for scanning
chmod +x veinmind-malicious && ./veinmind-malicious scan xxx
Make sure you have 'docker' and 'docker-compose' installed on your machine
make run.docker ARG="scan xxxx"
Build the 'veinmind-malicious' image
make build.docker
Run the container to scan
docker run --rm -it --mount 'type=bind,source=/,target=/host,readonly,bind-propagation=rslave' veinmind-malicious scan xxx
- Specify the image name or image ID and scan (if the image exists locally)
./veinmind-malicious scan image [imagename/imageid]
2. Scan all local images
./veinmind-malicious scan image
- Specify the output report format Supported output formats:
- html
- json
- cli (default)
./veinmind-malicious scan image -f html
