quark-engine
Add link to MD5 hash to directly go to VT report
LINK FOR VIRUS TOTAL REPORT & DIALOG FOR RULE INFO
The following PR aims to close issue #393 and extend the feature of the web report.
- I added to the MD5 hash a link to go directly to Virus Total with the corresponding hash.
The browser will open a new tab to Virus Total when the user clicks on the link related to the hash.
- For each crime, a dialog is displayed when the user clicks on the description of the rule. This feature helps the user to go deeper with the analysis of the single rule. The dialog shows a title with the description of the rule (the color changes according to the confidence score) and the detail of the rule itself.
Hi @ciastron! Sorry to keep you waiting so long! Thank you for implementing the feature we discussed in issue #393. Also, your additional feature is amazing! We appreciate your contributions so much! And I think we can make the third feature even more awesome!
Here are the ideas. 1. Use bold title with the format "Rule <Rule Number>: <Rule Description>" This way, users can understand the content of this dialog easily. 2. Show the score label directly at the top right corner It could make users tell the score at a glance. 3. Display the content on a dark background and colorize the text. Also, show line numbers on the left It may improve the readability of the rules.
The image below demonstrates the ideas more clearly.
What do you think?
Although I answer you with a lot of delay, here I am. I am sorry for taking so much time to answer you. I think the feature could be extremely helpful and I like your idea. I will probably open a new PR or use this one to conclude the work if you are ok with that.
We appreciate that! Using this PR to conclude the work is totally fine! We always welcome any contributions at any time :)