Metadata-Version: 2.1
Name: ThreatHunter
Version: 1.1.1
Author: Wambua aka Bullet Angel
License: MIT
Keywords: MalwareDART,ThreatHunter,malware,malware-analysis,malware-scan,malware-detection,trojan,virus
Classifier: Environment :: Console
Classifier: Operating System :: OS Independent
Classifier: Natural Language :: English
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python
Classifier: Programming Language :: Python :: 3 :: Only
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.7
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Requires-Python: >=3
Description-Content-Type: text/markdown
License-File: LICENSE

# ThreatHunter
A python malware detection, analysis and reverse ngineering toolkit.
This is a Linux command-line interface (CLI) utility that use YARA , Capstone ,Redare2 among otheres to detect analyze and reverse engineer malware.
This is still a work in progress version, great things are underway.

## Installation

1. Install via pip:

   ```shell
   pip install ThreatHunter
      ```
2. Install from github:

   ```shell
   pip install git+https://github.com/skye-cyber/ThreatHunter.git
   ```
## Usage

To run the CLI app, use the following command:

```shell
ThreatHunter [option]
```

Replace `[options]` with the appropriate command-line options.

## Available Options

- `-p/--path`:path to directory or file to scan
- `-v/--verbose`: Show all infor. By default screen clering is on so only one line of output show per time,
pass verbose to prevent screen cleaning.
verbose mode can be useful when work to e done is minimal

## Examples

1. Example command 1:

   ```shell
   ThreatHunter -p /home/user/Documents/
   ```

   ```shell
   ThreatHunter -p /home/user/Documents/ -v
   ```

  The toolkit will scan all the files and folder in the `/home/user/Documents/` directory and it's nested
  files and folders to the last child.
  `-p` also accepts file input

2. Scan working directory
   ```shell
   ThreatHunter
   ```
   ```shell
   ThreatHunter -v
   ```
Giving no option as in the above case, the toolkit will recursively scan the current directory (working directory)

## Adding rule(s) to the existing rules
```shell
ThreatHunter --add @foo
```
where ``@foo`` is the rule file, folder or even rule in text form

## Using exclusive rule
You may also want to rune scan using a given rule only, that case, you can follow this format
```shell
ThreatHunter --use @foo -p
```
where ``@foo`` is the rule file, folder or rule itself.
if ``-u/--use`` is used, then ``-p/--path`` must be provided
## Contributing
Feel free to submit any suggestions!

Contributions are welcome! If you encounter any issues or have suggestions for improvements, please open an issue or submit a pull request.

## License

This project is an open source software. Under GPL-3.0 license


Feel free to modify and customize this template according to your specific project requirements and add any additional sections or information that you think would be helpful for users.

