POC script for Malware Hunting over the WWW
POC script for Malware Hunting over the WWW
To start with Malware Hunting, execute: python3 ./lovac.py.
The script will start looking for random domain names, download first page to ./lovac_download/ folder and parse interesting strings to the ./lovac_output/ folder. After the tool is done, you can analyze output files manually and run the antivirus scan on download folder.
The tool will save current status of discovery process in ./lovac_discovered.txt and ./lovac_tried.txt files.
Discover “co.rs” domains, with minimum length 2 and maximum length 6, try 10k combinations and use only letters “abvgdjezijklm”:
# python3 ./lovac.py –tld “co.rs” –min 2 –max 6 –repeat 10000 –chars “abvgdjezijklm”
Discover domains from keyword list and append “.rs”:
# python3 ./lovac.py –list LIST_KEYWORDS_OR_DOMAINS.txt –appendtld –tld “rs”
For all options run: python3 ./lovac.py -h
Tool is