Commit Graph

60 Commits

Author SHA1 Message Date
Michael Boelen 7ad42d689f
Fix for line that gave error 2024-05-15 20:29:28 +00:00
Michael Boelen 481880e0f6
Merge pull request #1317 from zbalkan/wazuh-malware-scan
Added Wazuh as a malware scanner/antivirus and rootkit detection tool
2024-05-14 13:30:58 +02:00
Michael Boelen 2db0bb7334
Merge pull request #1302 from konstruktoid/issue1285
add check for ESET oaeventd
2024-05-14 13:18:07 +02:00
Michael Boelen b8064bc5de
Don't reset status of malware scanner, as there might be two available. Small change to format 2024-05-14 06:50:26 +00:00
Michael Boelen f22bfb5c6a
Merge pull request #1481 from vk6xebec/vk6xebec-macafee-1
McAfee antivirus has been deprecated
2024-05-14 08:35:15 +02:00
Michael Boelen 6cbea90a7d
Merge pull request #1384 from xnoguer/issue-1322
Adding test MALW-3291 in order to solve issue 1322
2024-05-14 08:31:29 +02:00
vk6xebec 75818a636c
McAfee antivirus has been deprecated
As of 1 Oct 2023, McAfee antivirus for Linux has been deprecated https://www.mcafee.com/support/?locale=no-NO&articleId=TS103384&page=shell&shell=article-view
2024-04-07 11:02:14 +08:00
Stefan Baumgartner bf197ffd7f
Update tests_malware
Fix incorrect "IsRunning" invocations for SentinelOne detection.
2023-09-17 10:24:52 +02:00
Michael Boelen 9a19aa6a5b
Merge pull request #1404 from avenjamin/sentinelone-malware
Add malware detection support for SentinelOne
2023-09-13 16:08:36 +02:00
Michael Boelen 1bfcc9b146
Update tests_malware
Corrected variable
2023-09-13 16:07:41 +02:00
Michael Boelen 0d77a367c5
[MALW-3280] Correction to detect com.avast.daemon 2023-08-08 11:15:34 +00:00
Ben Perry aa7085bf92
Update tests_malware 2023-05-30 18:19:46 +10:00
xnoguer fd64aa24d6 Adding test MALW-3291 in order to solve issue 1322 (related to issue 994) 2023-04-18 16:46:19 -04:00
Zafer Balkan 32a39eaaf8
Added Wazuh agent as a rootkit scanner
Wazuh is a fork of OSSEC and is being actively maintained. Wazuh agent has capabilities to detect and prevent rootkits. Therefore, it seems feasible to add wazuh-agent to the accepted rootkit detection products.

https://documentation.wazuh.com/current/pci-dss/rootkit-detection.html
2022-07-20 21:50:26 +03:00
Zafer Balkan e4cd5eaede
Added Wazuh Agent as a malware scanner/antivirus
Solves https://github.com/CISOfy/lynis/issues/1304

Wazuh is a fork of OSSEC and is being actively maintained. Wazuh agent has capabilities to detect and prevent malware acting as an EDR. Therefore, it seems feasible to add wazuh-agent to the accepted antivirus products.

https://documentation.wazuh.com/current/user-manual/capabilities/anomalies-detection/index.html
https://documentation.wazuh.com/current/pci-dss/rootkit-detection.html
2022-07-20 21:41:55 +03:00
Thomas Sjögren b3436629ce add check for ESET oaeventd
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2022-06-20 09:54:29 +02:00
Michael Boelen 98f57d6d76
Added MALW-3274 to detect McAfee VirusScan Command Line Scanner 2022-01-31 13:29:11 +01:00
Michael Boelen c74bc10db8
Added MALW-3290, Trend Micro malware agent detection, added agent and rootkit scanner status 2021-07-27 10:44:08 +02:00
Michael Boelen da1c1eca10
Preparation for release 3.0.3 2021-01-07 15:22:19 +01:00
Thomas Sjögren 4671fb7fb9 add Synology Antivirus Essential malware scanner
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2020-10-22 12:10:01 +02:00
Stéphane 67d04f2536
Add translate function for all sections
+ add EN and FR up to date languages files
2020-10-22 00:13:42 +02:00
Michael Boelen c707b7d100
[MALW-3280] added additional BitDefender process 2020-06-24 08:09:12 +02:00
Michael Boelen 38310223a6
Updated date/year 2020-03-20 14:50:25 +01:00
Michael Boelen cb59e92441
[MALW-3280] Added support for falcon-sensor by CrowdStrike 2019-12-18 12:22:51 +01:00
Michael Boelen 09f29a5e64
Code style improvement: quote argument 2019-12-18 12:17:46 +01:00
fbomj 2b8f761efa MALW-3280: Kaspersky detection 2019-11-06 21:49:54 +01:00
Michael Boelen 17137408d2
Use IsRunning exit code instead of variable 2019-07-26 11:32:48 +02:00
Michael Boelen fa8bad20db
Use -n instead of ! -z 2019-07-16 13:20:30 +02:00
Michael Boelen 66066ae226
Changed year and preparing for new release 2019-01-31 14:47:35 +01:00
Jason Soto 73e0e7b5e4 Changed Process name search for Bitdefender test. (#503)
* Added php.ini locations for Ubuntu 16.04LTS

* Switched Process name Search Bitdefender

* Switched Process name Search Bitdefender
2018-01-13 12:55:16 +01:00
Michael Boelen 66f8cb2441
Changed year 2018-01-11 09:50:26 +01:00
Michael Boelen 4ecb9d4d05
[bulk change] cleaning up, code enhancements, initialization of variables, and new tests 2017-04-30 17:59:35 +02:00
Michael Boelen 5ccd0912cf
[MALW-3280] Added detection of Symantic components 2017-04-29 14:22:40 +02:00
Michael Boelen 4be6b958e4 [MALW-3280] added Avira detection 2017-03-13 15:51:13 +01:00
Michael Boelen 34ba1ba184 Changed date and preparing for release 2017-02-09 13:35:40 +01:00
Michael Boelen d4f4c2d785 Added support for Trend Micro and Cylance (macOS) 2017-01-24 20:01:22 +01:00
Justin P 50b06efd30 macOS Refactoring (#311)
* Default all macOS `OS` names as macOS. Added comments to specify `uname` outputs for better understanding.

* Refactored all `Mac` instances referring to macOS over to `macOS` formatting.

Tested on my own machine, unable to find any errors outside of normal parameters.
2016-11-05 11:53:22 +01:00
marcus-cr f93573ff60 [MALW-3280] Bitdefender AV Support (macOS) (#293)
* Support for Bitdefender AV (Mac OS)

* Update CHANGELOG.md
2016-10-19 11:17:54 +02:00
Michael Boelen 9a5b5e5a42 [MALW-3280] Added support for Avast on macOS 2016-10-17 20:45:53 +02:00
Michael Boelen 903016df36 Code cleanups and generic enhancements 2016-09-10 16:12:44 +02:00
Michael Boelen 679e8c628e Use detected binaries 2016-08-25 15:31:33 +02:00
Michael Boelen 2f4c854ba7 Rename of categories, introduction of groups 2016-07-24 17:22:00 +02:00
Michael Boelen 983e293eb1 Replaced text strings to allow translations 2016-06-18 11:14:01 +02:00
mboelen 42607ceaf5 Replaced old function names with new ones 2016-04-28 12:31:57 +02:00
mboelen 8cc47819b4 Removed copyright line, added description 2016-03-13 16:03:46 +01:00
mboelen 6197ac08e7 Added link to website, blog, github 2016-03-13 16:00:39 +01:00
mboelen d16b38eff8 Rename of logtext and report functions, upcoming year change 2015-12-21 21:17:15 +01:00
mboelen cf11b95c3f Added detection of ESET products and logging of malware scanner to report 2015-09-28 11:00:34 +02:00
mboelen 4f5eedabfc Added the detection of LMD, or Linux Malware Detect tooling 2015-09-24 16:45:03 +02:00
Laurent Quillerou 3cdd9ea949 Delete trailing whitespace 2015-09-07 18:35:07 +03:00