1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
|
# PeekabooAV #
**Peekaboo Extended Email Attachment Behavior Observation Owl**
* PeekabooAV is an Anti Virus software
* It gets email attachments from AMaViSd, checks them, uses Cuckoo for behavioral checks, and evaluates and rates fully automatic
* PeekabooAV is written in Python, multi-threaded, scalable, has a very powerful ruleset, and is easy to extend and personalize
* It is able to detect: malware by its behavior, exploitation of zero days, and targeted attacks
For news and announcements follow us on twitter [@peekabooAV](https://twitter.com/peekabooav).
## Getting Started ##
### Prerequisites ####
* [Python 2.7](https://www.python.org/downloads/)
* [Cuckoo 2.0](https://github.com/cuckoosandbox/cuckoo)
* [AMaViSd 2.11.0](https://www.ijs.si/software/amavisd/)
### Installation ###
Clone the repository
```shell
git clone https://github.com/scVENUS/PeekabooAV.git
```
Install dependencies
```shell
pip install -r requirements.txt
```
Install PeekabooAV
```shell
python setup.py install
```
### Configuration ###
Take a look at ``peekaboo.conf.sample`` and ``ruleset.conf.sample``.
## Running the tests ##
Runs the unit tests
```shell
python test.py
```
## Usage ##
Now, you can run PeekabooAV with
```shell
peekaboo -c /path/to/your/peekaboo.conf
```
**Note:** If you have your PeekabooAV configuration file named ``peekaboo.conf``
and put it in the base directory of the repository you can omit the ``-c`` option.
Also, for detailed command line options run
```shell
peekaboo --help
```
### Usage without Installation ###
You can now run PeekabooAV without installing it using the ``peekaboo_debug.py`` script.
```shell
python peekaboo_debug.py -c /path/to/your/peekaboo.conf
```
**Note:** ``peekaboo_debug.py`` provides the same command line options like ``peekaboo``.
They can be displayed by running
```shell
python peekaboo_debug.py --help
```
## Contributing ##
Please read [CONTRIBUTING.md](CONTRIBUTING.md) for details on our code of conduct, and the process for submitting pull requests to us.
## Versioning ##
We use [SemVer](http://semver.org/) for versioning. For the versions available,
see the [tags on this repository](https://github.com/scVENUS/PeekabooAV/releases).
## Authors ##
* **Felix Bauer** - *Security Analyst and Project Leader* - [@Jack28](https://github.com/Jack28)
* **Sebastian Deiss** - *Technical Lead* - [@SebastianDeiss](https://github.com/SebastianDeiss)
## License ##
This project is licensed under the GPL 3 license - see the [LICENSE.txt](LICENSE.txt) file for details.
|
