SkillAgentSearch skills...

Maldump

Multi-quarantine extractor

GenerateConvertImprove

Install / Use

/learn @NUKIB/Maldump
About this skill

Quality Score

0/100

Supported Platforms

Universal

README

maldump

Maldump makes it easy to extract quarantined files of multiple AVs from a live system or a mounted disk image.

Features

Supports extraction from the following AV products

  • Avast Antivirus
  • Avira Antivirus
  • Eset NOD32
  • FortiClient
  • G Data
  • Kaspersky for Windows Server
  • Malwarebytes
  • Microsoft Defender
  • McAfee
  • AVG

Usage & installation

In order to use maldump, you can:

  • Download the latest binaries from releases (recommended).
  • Install using pip.
  • Install using git & PDM (for development).

Using pip

pip install maldump

Using git & PDM

git clone https://github.com/NUKIB/maldump
cd maldump
pdm install
pdm run python -m maldump

Usage

usage: maldump [-h] [-l] [-q] [-m] [-a] [-v] root_dir

Multi-quarantine extractor

positional arguments:
  root_dir       root directory where OS is installed (example C:\)

optional arguments:
  -h, --help     show this help message and exit
  -l, --list     list quarantined file(s) to stdout (default action)
  -q, --quar     dump quarantined file(s) to archive 'quarantine.tar'
  -m, --meta     dump metadata to CSV file 'quarantine.csv'
  -a, --all      equivalent of running both -q and -m
  -v, --version  show program's version number and exit
  -d, --dest     destination for exported files

Examples

On Windows

List quarantine files located on disk C

maldump C:\

Dump quarantine files from disk C into archive quarantine.tar

maldump C:\ --quar

Export quarantine metadata from disk C into quarantine.csv

maldump C:\ --meta

Export both files and metadata from a mounted disk F

maldump F:\ --all

On Linux

List quarantine files from a windows partition mounted on /mnt/win

maldump /mnt/win

Disclaimer

Keep in mind, all timestamps are in UTC except for "Kaspersky for Windows Server" which stores timestamps in a local timezone.

For optimal results, admin privileges are required when running on Windows system. Linux does not require admin rights.

Contributing

To contribute to this project, please follow the CONTRIBUTING.

License

This software is licensed under GNU General Public License version 3.

Related Skills

healthcheck

354.2k

Host security hardening and risk-tolerance configuration for OpenClaw deployments

node-connect

354.2k

Diagnose OpenClaw node connection and pairing failures for Android, iOS, and macOS companion apps

prose

354.2k

OpenProse VM skill pack. Activate on any `prose` command, .prose files, or OpenProse mentions; orchestrates multi-agent workflows.

frontend-design

112.2k

Create distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, or applications. Generates creative, polished code that avoids generic AI aesthetics.

NUKIB

View profile

View on GitHub
GitHub Stars54
CategoryDevelopment
Updated9d ago
Forks10
NUKIB/maldump

Languages

Python

Security Score

100/100

Audited on Apr 1, 2026

No findings