Provided by: clamav_0.103.12+dfsg-0ubuntu0.20.04.1_amd64
NAME
sigtool - signature and database management tool
SYNOPSIS
sigtool [options]
DESCRIPTION
sigtool can be used to generate MD5 checksums, convert data into hexadecimal format, list virus signatures and build/unpack/test/verify CVD databases and update scripts.
OPTIONS
-h, --help Output help information and exit. -V, --version Print version number and exit. --quiet Be quiet - output only error messages. --stdout Write all messages to stdout. --hex-dump Read data from stdin and write hex string to stdout. --md5 [FILES] Generate MD5 checksum from stdin or MD5 sigs for FILES. --sha1 [FILES] Generate SHA1 checksum from stdin or SHA1 sigs for FILES. --sha256 [FILES] Generate SHA256 checksum from stdin or SHA256 sigs for FILES. --mdb [FILES] Generate .mdb signatures for FILES. --html-normalise=FILE Create normalised HTML files comment.html, nocomment.html, and script.html in current working directory. --utf16-decode=FILE Decode UTF16 encoded data. --vba=FILE Extract VBA/Word6 macros from given MS Office document. --vba-hex=FILE Extract Word6 macros from given MS Office document and display the corresponding hex values. -i, --info Print a CVD information and verify MD5 and a digital signature. --build=FILE, -b FILE Build a CVD file. -s, --server is required for signed virus databases(.cvd), or, --unsigned for unsigned(.cud). --max-bad-sigs=NUMBER Maximum number of mismatched signatures when building a CVD. Default: 3000 --flevel Specify a custom flevel. Default: 77 --cvd-version Specify the version number to use for the build. Default is to use the value+1 from the current CVD in --datadir. If no datafile is found the default behaviour is to prompt for a version number, this switch will prevent the prompt. NOTE: If a CVD is found in the --datadir its version+1 is used and this value is ignored. --no-cdiff Don't create a .cdiff file when building a new database file. --unsigned Create a database file without digital signatures (.cud). --server ClamAV Signing Service address (for virus database maintainers only). --datadir=DIR Use DIR as the default database directory for all operations. --unpack=FILE, -u FILE Unpack FILE (CVD) to a current directory. --unpack-current Unpack a local CVD file (main or daily) to current directory. --diff=OLD NEW, -d OLD NEW Create a diff file for OLD and NEW CVDs/INCDIRs. --compare=OLD NEW, -c OLD NEW This command will compare two text files and print differences in a cdiff format. --run-cdiff=FILE, -r FILE Execute update script FILE in current directory. --verify-cdiff=FILE, -r FILE Verify DIFF against CVD/INCDIR. -l[FILE], --list-sigs[=FILE] List all signature names from the local database directory (default) or from FILE. -fREGEX, --find-sigs=REGEX Find and display signatures from the local database directory which match the given REGEX. The whole signature body (name, hex string, etc.) is checked. --decode-sigs=REGEX Decode signatures read from the standard input (eg. piped from --find-sigs) --test-sigs=DATABASE TARGET_FILE Test all signatures from DATABASE against TARGET_FILE. This option will only give valid results if the target file is the final one (after unpacking, normalization, etc.) for which the signatures were created. --print-certs=FILE Print Authenticode details from a PE file.
EXAMPLES
Generate hex string from testfile and save it to testfile.hex: cat testfile | sigtool --hex-dump > testfile.hex
CREDITS
Please check the full documentation for credits.
AUTHOR
Tomasz Kojm <tkojm@clamav.net>
SEE ALSO
freshclam(1), freshclam.conf(5)