Docker/pandora-box
Docker/pandora-box
1
0
Fork 0
mirror of https://github.com/dbarzin/pandora-box.git synced 2025-07-18 21:09:41 +02:00
Code Issues Activity
pandora-box est une station d'analyse USB conçue pour détecter et supprimer les logiciels malveillants des clés USB.
417 commits 1 branch 0 tags 23 MiB
Find a file
Exact
didier 169ab91ed8 add NTFS
2025-06-25 12:27:42 +02:00
.github/workflows work on code quality 2025-04-17 15:20:06 +02:00
3D add 3D model 2022-10-25 23:15:02 +02:00
images add error image 2022-09-25 10:40:05 +02:00
rsyslog.d config file for rsyslog 2023-03-10 15:54:02 +01:00
tests fix 2025-04-08 09:25:25 +02:00
.gitignore work in progress 2022-06-28 17:52:32 +02:00
INSTALL.md update doc 2025-04-22 11:49:50 +02:00
install.sh add NTFS 2025-06-25 12:27:42 +02:00
LICENSE Initial commit 2022-07-07 07:20:09 +02:00
pandora-box.curses fix bug 2023-03-04 21:48:48 +01:00
pandora-box.ini.curses add file size 2025-04-22 12:35:06 +02:00
pandora-box.ini.rpi fix typo 2025-04-22 12:36:00 +02:00
pandora-box.ini.ubuntu add file size 2025-04-22 12:35:27 +02:00
pandora-box.py ifix global 2025-04-22 12:50:37 +02:00
pandora-box.txt add logo 2023-02-15 14:58:55 +01:00
pandora.service bugfix 2023-02-13 17:19:00 +01:00
quality.sh work on code quality 2025-04-17 15:20:06 +02:00
README.md max file size + documentation 2025-04-22 11:43:00 +02:00
ROADMAP.md fix mouse or enter 2023-03-23 14:14:48 +01:00

README.md

PandoraBox

PandoraBox is a USB scanning station designed to detect and remove malware from USB disks. It is based on Pandora by CIRCL and is distributed under the GPLv3 license.

Key Features

  • Detects USB insertion/removal in real time
  • Automatically or manually mounts USB devices
  • Multithreaded scanning using pypandora
  • Automatic quarantine of infected files
  • Manual file removal after user confirmation
  • Interactive terminal interface (curses) or graphical feedback using images
  • Uses well-known malware detection tools:

Other malware detection tools can be configured using Pandora antivirus-workers.

Interface

PandoraBox supports:

Graphical Feedback

Text Interface (Advanced Users)

Installation

PandoraBox runs on Ubuntu 24.04 server LTS.

Dependencies

  • Python 3.8+
  • Python modules: psutil, pyudev, pypandora, curses, logging, subprocess

Install dependencies:

pip install psutil pyudev pypandora

Configuration

Edit pandora-box.ini at the root of the project:

[DEFAULT]
; Curses mode (full text)
CURSES = False

; Set USB_AUTO_MOUNT to True is if the OS automaticaly mount USB keys
USB_AUTO_MOUNT = False

; Set PANDORA_ROOT_URL to the URL of the Pandora server
; the default value is "http://127.0.0.1:6100"
PANDORA_ROOT_URL = http://127.0.0.1:6100

; Set FAKE_SCAN to true to fake the scan process (used during developement only)
FAKE_SCAN = False

; Set to true to copy infected files to the quarantine folder
; in the USB scanning station
QUARANTINE = True

; Set quarantine folder
QUARANTINE_FOLDER = /var/quarantine

; Number of threads used by Pandora
THREADS = 8

; Max File Size (1G)
MAX_FILE_SIZE = 1080000000

Setup & Usage

More details in the installation guide.

Application States

  • START: Initialization and config loading
  • WAIT: Wait for USB insertion
  • SCAN: Scan device contents
  • CLEAN: Prompt for infected file removal
  • STOP: Application ends or error

Roadmap

If you'd like to contribute, check the roadmap.

Architecture

PandoraBox is implemented as a Python class (PandoraBox) which handles:

  • Configuration parsing
  • Device detection with pyudev
  • File scanning using pypandora
  • Logging and progress tracking
  • Interactive interface handling

Security and Customization

  • Uses a system lock to prevent multiple instances
  • Can be integrated with additional tools or security measures
  • Easily extendable to new malware detection engines or logging systems

Author

License

PandoraBox is open source software released under the GPLv3 license.