eXtremeSHOK has released a new version of their ClamAV unofficial signatures updater script.
The clamav-unofficial-sigs script provides a simple way to download, test, and update third-party signature databases provided by Sanesecurity, FOXHOLE, OITC, Scamnailer, BOFHLAND, CRDF, Porcupine, Securiteinfo, MalwarePatrol, Yara-Rules Project, urlhaus, MalwareExpert, interServer etc. The script will also generate and install cron, logrotate, and man files.
Change log:
- eXtremeSHOK.com Maintenance
- Whitelist support for yararules (whitelist signature tracking is disabled for yararules)
- Disable JJencode.yar , due to excessive CPU usage
- Disable scamnailer , discontinued
- Update pfsense guide for 2.5
- Fix working directory variable "urlhausy" to "urlhaus"
- Fix missing tracker-tmp.txt
- Thank you @perplexityjeff
- Disabled winnow_malware.yara , duplicated in EMAIL_Cryptowall.yar and no longer maintained
- Removed gtar requirement (--wildcards is the default)
- Incremented the config to version 97
