Two easy to use tools are available for reporting. This page will help you understand what they are and how to use them. Both tools are used from the commandline. If you are uncomfortable with the commandline, these are easy to learn, but using the web interface may be the option for you.
Both tools can be installed using pip:
pip install certReport
pip install certReportCentral
A Cert Central API key is required to submit public reports. If the API key is not configured, certReport will inform you how to configure it when you use the "-p" option. The API key should be set as an environment variable on your system: if you are unfamiliar with this process, certReport will tell you how. This information is also documented in GitHub.
The API key for your account is visible on your profile when you are logged into Cert Central.
The main purpose of certReport is to generate a quick and thorough report which is printed to the user's terminal. The tool then provides the user with information about where to submit the report.
certReport has also been modified to pass information to Cert Central. Please refer to the GitHub page linked above to better understand the general usage.
In version 3.2, a new option was added to certReport: "-p" or "--public". Only when using this option, the report will be sent to Cert Central.
A full example of using certReport may look like this:
certReport -# SHA256_hash -s VT -p -t malware_name
Where "SHA256_hash" specifies the hash of the file you are reporting.
"-s VT" specifies to use VirusTotal (API key must be set up. (Not specifying a service with -s will default to MalwareBazaar).
"-p" specifies to report to Cert Central
"-t malware name" specifies the name of the malware. This is optional, but recommended. This information will be included in Cert Centrl's database if submitted with "-p"
certReportCentral is exclusively for reporting to Cert Central.
When using certReportCentral, it won't print a local report and will always submit the information to Cert Central.
A full example of using certReport central may look like this:
certReportCentral -# SHA256_hash -s VT -t malware name
Where "-# SHA256_hash" specifies the hash of the file you are reporting.
"-s VT" specifies to use VirusTotal (API key must be set up. (Not specifying a service with -s will default to MalwareBazaar).
"-t malware name" specifies the name of the malware. This is optional, but recommended. This information will be included in Cert Centrl's database if submitted with "-p"
Both tools are easy to use and provide a quick way to report certificates to Cert Central. If you have any questions, please email admin at certcentral.org.