I would like to share the python module I built for smooth ATD scripting.
The module, readme and usage example are available at https://github.com/passimens/atdlib.
It might be used by python-experienced ATD administrators and/or security analysts for different scenarios.
My own tools based on the module include:
- ATD Client - command line tool; submits a given file to ATD and saves the corresponding PDF report.
- ATD Scanner - command line file scanner; scans given dirs/files with ATD analytics and isolates potentially malicious files.
- MAR-ATD integration - a set of tools, implementing ATD scanning and cleaning of files not supported by TIE (docs, scripts).
Some of these might also be published in the community later on.
PS. Could not get any response to the authorization form in McAfee Tool Exchange space. So, posting this here.