Steve, thank you very much, so this is how it needs to look like :-)
2015-07-21 17:33 GMT+02:00 Steve Basford <[email protected]>: > > On Tue, July 21, 2015 3:55 pm, Jörg Stephan wrote: > > Hi there, > > > > > > I guess you know that a team has released a tool to check for HackingTeam > > files. The provided a test tool including the file hashes of the files. > > > > As I am seem to be "under"-skilled to create a database for this, I will > > hand this over to you... maybe you can do better than I am. > > > > Hi Joerg, > > Ok, based on that Rook Security's (https://www.rooksecurity.com) hashes, > here's a quick ClamAV database... perhaps you can test if you've got known > samples... > > Database is called hackingteam.hsb > > Available for a little while from here... > > > https://drive.google.com/file/d/0B1SVySdiVS8BbnBpdlkyZkFIV2M/view?usp=sharing > > clamscan --database=hackingteam.hsb > > If someone finds it's useful I'll add to the main Sanesecurity mirrors. > > Cheers, > > Steve > Web : sanesecurity.com > Blog: sanesecurity.blogspot.com > > _______________________________________________ > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml > -- Regards Joerg Stephan IDSBlog: http://sendmespamids.blogspot.nl/ _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
