scan.sh


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48

#/bin/bash

diff_folder=false

SCAN_CMD='./yara -r ./malwares.yara -f'

show_help() {
    cat << EOF
Usage ${0##*/} [-dhw]
    -d  Path to the diff folder
    -h  Show this help message
    -w  Provide a whitelist file, containing one path per line
EOF
}

OPTIND=1
while getopts "hw:d:" opt; do
    case "$opt" in
        h)
            show_help
            exit 0
            ;;
        d)
            diff_folder="$OPTARG"
            ;;
        '?')
            show_help
            exit 1
            ;;
    esac
done
shift "$((OPTIND-1))"

if [ ! -d "$diff_folder" ]; then
    echo "[-] Invalid previous_scan directory: " "$diff_folder"
    exit 1
fi

previous_scan="$(ls -t "$diff_folder" | head -1)"
if [ -z "$previous_scan" ]; then
    echo "[*] No previous scan found: This will be the first one."
    $SCAN_CMD "$@" | sort | tee > "$diff_folder/$(date +%s)"
    exit 0
fi

diff <($SCAN_CMD "$@" | sort | tee "$diff_folder/$(date +%s)") <(cat "$diff_folder"/"$previous_scan")

exit 0