Secure File Scan is a threat intelligence-based website that provides malware detection and analysis services. It includes a dedicated database for malware detection, API integration, and a reporting portal for malware researchers.

In the realm of cybersecurity, the proliferation of malware poses a constant threat to individuals and organizations alike. Secure File Scan steps in to alleviate this concern by offering a comprehensive and centralized solution for malware detection and research. The multifaceted approach taken by Secure File Scan addresses several critical aspects of cybersecurity:

1. Efficient Detection: The platform employs a sophisticated threat intelligence database, enabling swift and accurate detection of malware within uploaded files. This not only minimizes the risk of potential infections but also saves valuable time for users.

2. Holistic Information Retrieval: Secure File Scan goes beyond mere detection by providing users with detailed information and YARA rules for identified malware. This empowers cybersecurity professionals and researchers with the insights needed to understand the nature of threats and devise effective mitigation strategies.

3. Seamless Multiple API Integration: Through its integrated Flask-based API and external malware analyzing APIs, Secure File Scan enhances research capabilities. This integration ensures that users have access to a diverse set of tools and resources, fostering a more collaborative and informed cybersecurity community.

4. Community-Driven Reporting Portal: The inclusion of a reporting portal encourages active participation from malware researchers. By allowing them to report new malware to the database, Secure File Scan leverages collective intelligence to stay ahead of emerging threats, contributing to a more secure online environment.

By consolidating these features into a single platform, Secure File Scan eliminates the need for users to navigate disparate sources for malware analysis. This unified approach not only enhances the overall efficiency of cybersecurity efforts but also promotes a shared responsibility in combating the evolving landscape of cyber threats.

• Malware Detection: Scan uploaded files for malware using a comprehensive threat intelligence database.
• Detailed Information: Retrieve detailed information and YARA rules for identified malware.
• YARA Rules Database: Integrated YARA rule database that generates and adds new signatures using the YARA rule engine developed by Florian Roth
• Multiple API Integration: Integrated Flask-based API and external malware analyzing APIs for enhanced research capabilities.
• Malware Reporting Portal: Allows malware researchers to report new malware to the database.
• Real-time Dashboard: Displays real-time information on recent cyber attacks, reported malware, IOCs, top countries in threat intelligence, and a pie chart showing the distribution of companies affected by phishing attacks.
• Data Encryption: Utilizes Blowfish encryption algorithm for secure data storage. Bcrypt is employed with a 128-bit salt and encrypts a 192-bit magic value, taking advantage of the expensive key setup in eksblowfish.
• Comprehensive Logs: Utilizes Python logging to provide comprehensive insights into user interactions, potential threats, and system performance. Logs aid in security analysis and system optimization.
• End-to-End Security: Ensuring end-to-end security is paramount. SSL certificates encrypt data in transit, maintaining confidentiality and integrity, and fortifying the platform against potential threats and unauthorized access.

Ensure you have Python3.10 or above along with these libraries:

• Flask and its dependencies
• hashlib
• flask_sqlalchemy
• flask_login
• flask_wtf
• wtforms
• flask_bcrypt
• werkzeug
• requests
• subprocess
• logging

To use the Secure File Scan project, follow these steps:

1. Clone the repository:

   git clone https://github.com/0xZainRaza/secure-file-scan.git
   cd secure-file-scan
   docker build .
   python app.py
   
   

Submit a file for scanning and get the analysis report.

POST /api/virustotal/scan

FULL Documentation VirusTotal API

Get Recent Malware Samples

Retrieve information on recent malware samples.

GET /api/malwarebazaar/recent

FULL Documentation malwarebazaar API

• Zain Ali Raza
• Sarim Muhammad khan
• Mehdi Badami
• Moiz Ullah Siddiqui

1. VirusTotal API Documentation and references, https://docs.virustotal.com/reference/public-vs-premium-api

2. Malware Bazaar API Documentation and references, https://bazaar.abuse.ch/api/

3. Python Logging Documentation, https://docs.python.org/3/library/logging.html

4. SSL/TLS Overview, www.example.com/ssl-tls-overview

5. Florian Roth, the creator of Yara Rules, https://github.com/Neo23x0