polyswarmclient.abstractscanner
¶
Module Contents¶
-
class
polyswarmclient.abstractscanner.
ScanResult
(bit=False, verdict=False, confidence=1.0, metadata=Verdict().set_malware_family('').json())[source]¶ Bases:
object
Results from scanning one artifact
-
class
polyswarmclient.abstractscanner.
ScanMode
[source]¶ Bases:
enum.Enum
Denote whether the Scanner is using asynchronous or synchronous scan
-
class
polyswarmclient.abstractscanner.
AbstractScanner
(mode: ScanMode = ScanMode.ASYNC)[source]¶ Base Scanner class. To be overwritten with other scanning logic.
This class offers two scan options, which can be specified by passing a ScanMode enum value as mode. It uses asynchronous scan by default.
The function scan_async is a coroutine function where everything called from this function must be async compatible, That means it uses only non-blocking IO, and runs nothing cpu-bound, like hash functions.
The function scan_sync is a synchronous function where anything goes. It is called in a ThreadPoolExecutor so it is compatible with the worker that uses asyncio.
Overwriting scan directly is deprecated.
-
scan_sync
(self, guid, artifact_type, content, metadata, chain)[source]¶ Override this to implement custom synchronous scanning logic
- Parameters
guid (str) – GUID of the bounty under analysis, use to track artifacts in the same bounty
artifact_type (ArtifactType) – Artifact type for the bounty being scanned
content (bytes) – Content of the artifact to scan
metadata (dict) – Metadata dict from the ambassador
chain (str) – What chain are we operating on
- Returns
Result of this scan
- Return type
-