BlitzVT - opinions?

Discussion in 'other anti-virus software' started by flatfly, Aug 2, 2014.

  1. flatfly

    flatfly Registered Member

    Joined:
    Aug 25, 2010
    Posts:
    66
    Hi,

    I've made a quick VirusTotal-checking utility for my own usage, as I could find no other tool that was matching all my requirements:

    - really fast and unobtrusive UI/UX - saves a few precious seconds each time, which add up to hours (really) if you are a frequent VT user
    - by design, will never upload any files, only hashes. (<- this one was especially important to me, for privacy/confidentiality reasons)
    - tiny and fully portable
    - global keyboard shortcut
    - very low memory usage
    - does not require a VT account
    - does not require admin rights
    - support for authenticated proxy environments
    - uses SHA256 fingerprints (not MD5)

    - a few other exciting features are in the pipeline - but the application should always stay lean and fast.


    http://i.imgur.com/RpubJuY.png

    http://i.imgur.com/sKEUQ8n.png

    Would people be interested by such a utility?
    If so, I will consider releasing it pretty soon. (It's currently in private testing)

    [EDIT] pre-release available - see below. Note that some of the above-mentioned features have not been implemented yet. Web page coming soon.

    This pre-release is a standalone file and can be downloaded from:
    http://trax.x10.mx/blitzVT-beta.exe

    Size: 813,568 bytes
    SHA256: 34d7ba4b64f49201a45d04694f0aa7bd6f95949308947628e960db440e725410


    How to use it:
    this pre-release does not require installation or configuration of any kind. Just start the application, which stays resident in your system tray. To launch a request, just select an executable file in Windows Explorer or on your desktop and press Win+V.
     
    Last edited: Aug 6, 2014
  2. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    It's an interesting project that I'm sure users here will be happy to road test.
     
  3. 0strodamus

    0strodamus Registered Member

    Joined:
    Aug 23, 2009
    Posts:
    1,047
    Location:
    United Surveillance States
    If it works on Linux, I'm interested.
     
  4. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,010
    Location:
    The Netherlands
    Can you post some more screenshots? :)
     
  5. flatfly

    flatfly Registered Member

    Joined:
    Aug 25, 2010
    Posts:
    66
    More screenshots and info soon :)
     
  6. Yanick

    Yanick Registered Member

    Joined:
    May 3, 2011
    Posts:
    269
    Sounds interesting! I'l look forward to your product :thumb:
     
  7. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,713
    Location:
    Kolkata, India
    For a new file not listed in Virustotal, how can the rating be shown using hashes?
     
  8. flatfly

    flatfly Registered Member

    Joined:
    Aug 25, 2010
    Posts:
    66
    Here's another screenshot of a scan lookup dialog. :)
    The GUI is still under development, so feel free to provide comments or requests.

    http://i.imgur.com/sKEUQ8n.png
     
  9. flatfly

    flatfly Registered Member

    Joined:
    Aug 25, 2010
    Posts:
    66
    In the uncommon case that a file was never submitted to VT, the hash will be simply reported as unknown. This is all I need to know. It's a design choice: in such a scenario I prefer to manually decide what to do, depending on the context. In some situations you don't want the bad guys to KNOW that their malware has been noticed and is being investigated - which they will the moment you upload the actual file to VT.
     
  10. Austerity

    Austerity Registered Member

    Joined:
    Jun 21, 2013
    Posts:
    367
    Location:
    Georgia / USA
    I would most certainly be interested in this. In fact, i'm ready to beta test and use it right now!
     
  11. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
  12. flatfly

    flatfly Registered Member

    Joined:
    Aug 25, 2010
    Posts:
    66
    I'm familliar with MultiHasher, which is quite nice, but requires a few too many clicks to my liking. Also it does not support proxy settings, keyboard shortcuts, and you can't look up a whole folder of executables at once.

    Thanks! I'll update this thread when a beta becomes available. The current build, while stable and fast already, is still a bit rough on the UI side and missing a few features.

    -
     
    Last edited: Aug 4, 2014
  13. flatfly

    flatfly Registered Member

    Joined:
    Aug 25, 2010
    Posts:
    66
    OK, I've decided to go ahead and post the beta already, so people can give it a try. So far, only the core features are included.


    How to use it:
    the beta does not require installation or configuration of any kind. Just start the application, which stays resident in your system tray. To launch a request, just select an executable file in Windows Explorer or on your desktop and press Win+V.

    Yes, the UI still needs quite a bit of work but for now, I'm focusing on performance and reliability. More features coming soon. Oh, BTW, the ironic thing is that the beta itself triggers a false positive (Antiy-AVL)! Ah, those obscure AVs... :)

    This beta is a 795KB standalone file and can be downloaded from:
    http://trax.x10.mx/blitzVT-beta.exe

    SHA256: 34d7ba4b64f49201a45d04694f0aa7bd6f95949308947628e960db440e725410
    [EDIT] Updated the beta (current version is 0.81).

    Thanks for providing feedback. I'd especially like to hear about stability or performance issues, if you encounter any.
     
    Last edited: Aug 5, 2014
  14. Austerity

    Austerity Registered Member

    Joined:
    Jun 21, 2013
    Posts:
    367
    Location:
    Georgia / USA
    I'll give it a of tonight. Thanks
     
  15. flatfly

    flatfly Registered Member

    Joined:
    Aug 25, 2010
    Posts:
    66
    I'm gathering a little list of known limitations issues with the current build.
     
    Last edited: Aug 10, 2014
  16. flatfly

    flatfly Registered Member

    Joined:
    Aug 25, 2010
    Posts:
    66
    aCVxihu.png

    As promised, here's a list of known issues with the current build:

    - accepts only files with a .EXE extension
    - unable to scan files in some redirected folders on x64 systems
    - on some systems, hashing of large files fails
    - garbled sound effect on Win 8 systems

    A new build addressing these issues will be out soon. Also feel free to report any other issues.



    Note, the download link in the top post seems to be down.
    This one should still be OK:
    http://trax.x10.mx/dl.php?appname=blitzVT_BETA.exe
     
    Last edited: Aug 10, 2014
  17. flatfly

    flatfly Registered Member

    Joined:
    Aug 25, 2010
    Posts:
    66
    And here's a sneak preview of the upcoming multi-scan feature...
    In the meantime the app also got approved by VirusTotal for special "shared key" privileges.
    Feel free to let me know if there are any questions.

    scrshot.gif
     
  18. Behold Eck

    Behold Eck Registered Member

    Joined:
    Aug 23, 2013
    Posts:
    437
    Location:
    The Outer Limits
    Excellent project best wishes with it.

    You one smart cookie flatfly.

    Regards Eck:)
     
  19. flatfly

    flatfly Registered Member

    Joined:
    Aug 25, 2010
    Posts:
    66
    Thanks ;)

    A new beta build is now ready:

    http://trax.x10.mx/dl.php?appname=blitzVT_beta.exe

    MD5: 3bd9f5dd9d1c17b2ca9f7cba33e72521
    SHA256: 346abfbd728efa26cbe89d79bd4cd4f5c6e289a56c050290af32b36bcae83238
     
  20. flatfly

    flatfly Registered Member

    Joined:
    Aug 25, 2010
    Posts:
    66
    A new release is available (no installation needed):

    http://trax.x10.mx/dl.php?appname=blitzvt.exe

    Note that these beta releases expire after a while. Be sure to check this thread for new releases from time to time.

    Size: 804 KB
    SHA256: f1700aba0f330dc4521f158a4fbcc8b99fda26bac741efd6dd8ddb4aa0c09bd0

    Untitled.png

    changes:
    - support for x64 filepaths
    - usage statistics
    - stability enhancements

    coming up next:
    - fast multiple-file lookups
    - realtime plugin for ExeWatch (this will probably cost a few bucks)


    Feel free to suggest other features or report issues. :)
     
    Last edited: Oct 4, 2014
  21. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    Suggestions:
    • Ability to scan any type of file, not just certain file types.
    • Add option to enable/disable context menu scan.
     
  22. flatfly

    flatfly Registered Member

    Joined:
    Aug 25, 2010
    Posts:
    66
    Thanks for the suggestions. First item now implemented in the latest version (see post below). Second item on the to-do list.
     
  23. flatfly

    flatfly Registered Member

    Joined:
    Aug 25, 2010
    Posts:
    66
    A new release is available (no installation needed):

    http://trax.x10.mx/dl.php?appname=blitzvt.exe

    New:
    • all file types now supported
    • Win+G global hotkey to scan 10 latest downloaded files
      (this assumes that your downloads are in C:\Users\username\Downloads - there will be an option to customize this location in a later release)

    Feel free to test! Thanks for your feedback.
    I do have plans to improve the UI / UX.

    Note that these beta releases expire after a while. Be sure to check this thread for new releases from time to time.

    Size: 788 KB
    SHA256: 029ca71ebb265700d13a7cf5a2462f104adc5cefb38ece0ffd03b30a1d04d0d6