ClamAV for malware lab

modules/utilities/unix/audit_tools/clamav/clamav.pp

@@ -0,0 +1 @@
+include clamav::install

modules/utilities/unix/audit_tools/clamav/manifests/install.pp

@@ -0,0 +1,3 @@
+class clamav::install {
+  ensure_packages(['clamav', 'clamtk', 'clamav-freshclam'])
+}

modules/utilities/unix/audit_tools/clamav/secgen_metadata.xml

@@ -0,0 +1,11 @@
+<?xml version="1.0"?>
+<utility xmlns="http://www.github/cliffe/SecGen/utility"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://www.github/cliffe/SecGen/utility">
+  <name>ClamAV</name>
+  <author>Z. Cliffe Schreuders</author>
+  <module_license>MIT</module_license>
+  <description>ClamAV is an open-source antivirus engine for detecting and removing malware on Linux systems. It provides command-line scanner tools and a daemon for automatic signature updates.</description>
+  <type>linux_antivirus</type>
+  <platform>linux</platform>
+</utility>

scenarios/labs/introducing_attacks/2_malware_msf_payloads.xml

@@ -111,6 +111,8 @@ Chapter 19 "Malicious Logic": Bishop, M. (2005), Introduction to Computer Securi
     <utility module_path=".*/handy_cli_tools"/>
     <service module_path=".*/apache"/>
     <utility module_path=".*/nmap"/>
+    
+    <utility module_path=".*/clamav"/>
 
     <network type="private_network" >
       <input into="IP_address">