DOKK / manpages / debian 11 / clamav / sigtool.1.en
sigtool(1) Clam AntiVirus sigtool(1)

sigtool - signature and database management tool

sigtool [options]

sigtool can be used to generate MD5 checksums, convert data into hexadecimal format, list virus signatures and build/unpack/test/verify CVD databases and update scripts.

Output help information and exit.
Print version number and exit.
Be quiet - output only error messages.
Write all messages to stdout.
Read data from stdin and write hex string to stdout.
Generate MD5 checksum from stdin or MD5 sigs for FILES.
Generate SHA1 checksum from stdin or SHA1 sigs for FILES.
Generate SHA256 checksum from stdin or SHA256 sigs for FILES.
Generate .mdb signatures for FILES.
Create normalised HTML files comment.html, nocomment.html, and script.html in current working directory.
Decode UTF16 encoded data.
Extract VBA/Word6 macros from given MS Office document.
Extract Word6 macros from given MS Office document and display the corresponding hex values.
Print a CVD information and verify MD5 and a digital signature.
Build a CVD file. -s, --server is required for signed virus databases(.cvd), or, --unsigned for unsigned(.cud).
Maximum number of mismatched signatures when building a CVD. Default: 3000
Specify a custom flevel. Default: 77
Specify the version number to use for the build. Default is to use the value+1 from the current CVD in --datadir. If no datafile is found the default behaviour is to prompt for a version number, this switch will prevent the prompt. NOTE: If a CVD is found in the --datadir its version+1 is used and this value is ignored.
Don't create a .cdiff file when building a new database file.
Create a database file without digital signatures (.cud).
ClamAV Signing Service address (for virus database maintainers only).
Use DIR as the default database directory for all operations.
Unpack FILE (CVD) to a current directory.
Unpack a local CVD file (main or daily) to current directory.
Create a diff file for OLD and NEW CVDs/INCDIRs.
This command will compare two text files and print differences in a cdiff format.
Execute update script FILE in current directory.
Verify DIFF against CVD/INCDIR.
List all signature names from the local database directory (default) or from FILE.
Find and display signatures from the local database directory which match the given REGEX. The whole signature body (name, hex string, etc.) is checked.
Decode signatures read from the standard input (eg. piped from --find-sigs)
Test all signatures from DATABASE against TARGET_FILE. This option will only give valid results if the target file is the final one (after unpacking, normalization, etc.) for which the signatures were created.
Print Authenticode details from a PE file.

cat testfile | sigtool --hex-dump > testfile.hex

Please check the full documentation for credits.

Tomasz Kojm <tkojm@clamav.net>

freshclam(1), freshclam.conf(5)

February 12, 2007 ClamAV 0.103.10