-
Notifications
You must be signed in to change notification settings - Fork 1
How to use
Nong Hoang Tu edited this page Jan 8, 2024
·
9 revisions
The help menu is very simple:
$ rkscanmal -h
Engine options:
--use-clamdb Use ClamAV's default sigs (/var/lib/clamav/)
--clam-debug Enable libclam debug mode
--path-clamdb <file or dir> Set custom ClamAV's signatures
--path-yaradb <file> Set custom Yara's rules
Scan options:
--scan-files <file1 file2> Scan files and dirs
--scan-procs <pid1 pid2> Scan processes. Skip if --all-procs is used
--scan-mem Scan all running proccesses
- To scan files or directories
$ rkscanmal --scan-files <path_to_file_1> <path_to_file_2>
Example:
$ rkscanmal --scan-files /usr/bin/ls /home/myuser
- To scan processes:
$ rkscanmal --scan-procs <pid 1> <pid 2>
Example:
$ rkscanmal --scan-procs 12 34567