Plugin for Sarlacc to automatically upload all previously unseen samples to the awesome malshare API
To install this plugin, simply clone the repo into the smtpd/src/plugins
directory in the Sarlacc repo and then run pip install -r requirements.txt
from inside the plugin repo.
cd smtpd/src/plugins
git clone https://github.com/scrapbird/sarlacc-malshare
cd sarlacc-malshare
pip install -r requirements.txt
For the malshare plugin to work it will need an API key, register at https://malshare.com/.
Once you have an API key, create a file named malshare.cfg
with the following contents in the sarlacc-malshare root
[malshare]
key = API_KEY_GOES_HERE
That's it, restart Sarlacc and it will upload any new samples to malshare. If you are using docker, remember to rebuild the docker container to include your latest plugins.