IPFS Recon

Ever wondered if the file you are about to download is safe? IPFS Recon let's you inspect any file on IPFS for viruses and malware.

Comment

IPFS Recon

TLDR

IPFS Recon offers OSINT reconnaissance on any file on IPFS for malware.

banner

Description

Ever wondered if the file you are about to download is safe? IPFS Recon let's you inspect any file on IPFS for viruses and malware.

Web3 is a young and fast moving space and suffers from hacks and exploits. While IPFS is a genius innovation, attackers are already using it to distribute malware. This pilot project demonstrates how files shared on IPFS can be inspected before downloading them.

Future work could include doing this on-chain by integrating security scans in the FileCoin Virtual Machine.

Reconnaissance

It hashes the file and checks it against a list of OSINT (Open Source Intelligence) sources. A report is generated with the results and warn the user if the file is malicious.

If the hash has not been sighted yet, the user can upload the file to VirusTotal to scan it for viruses and get a report in return.

All this from the browser without downloading the file to your computer.

Main Features:

  • Inspect CID content if available ✅
  • fetch the data into memory from IPFS through it's CID ✅
  • Scan the file for viruses ✅
  • Generate a report based on gethered OSINT ✅

Live Demo

How we built it

  • [x] IPFS web client
  • [x] VirusTotal opensource api
  • [x] Alwys one step ahead of the intruder 🐾

Challenges we ran into

CORS ❗❗❗

What we learned

CORS 🖤

What's next for IPFS Recon

It's up and running. Hope it serves its purpose and saves many OS! Ideally a similar malware check gets integrated directly into the IPFS client and the Filecoin network 🔹🔷🔹

Built With

Share this project:

Updates