EnCase v8 EnScript - Check executables to VirusTotal
I have updated the EnScript to send hash values for all executable/DLLs to VirusTotal for analysis. This version works in EnCase v8 and the source code is included for customization.
You must provide either a public or private VirusTotal API key:
This EnScript will ignore duplicate hash values and only send unique values to VirusTotal. All hash values with a score greater than zero are bookmarked with their detection name:
0 comments:
Post a Comment