An easy to use tool is available for reporting. This page will help you understand what it is and how to use it. The tool is used from the commandline. If you are uncomfortable with the commandline, this is easy to learn, but using the web interface may be the option for you.
Both tools can be installed using pip:
pip install certReport
A Cert Graveyard API key is required to submit public reports from the commandline. If the API key is not configured, certReport will inform you how to configure it when you use the "-p" option. The API key should be set as an environment variable on your system: "CERT_CENTRAL_API".
On Linux or MacOS, you can set the environment variable like this:
export CERT_CENTRAL_API="your_api_key_here" >> ~/.bashrc
setx CERT_CENTRAL_API="your_api_key_here"
The API key for your account is visible on your profile when you are logged into Cert Graveyard.
The main purpose of certReport is to generate a quick and thorough report which is printed to the user's terminal. The tool then provides the user with information about where to submit the report.
In version 3.2, a new option was added to certReport: "-p" or "--public". Only when using this option, the report will be sent to Cert Graveyard.
A full example of using certReport may look like this:
certReport -# SHA256_hash -s VT -p -t malware_name
Where "SHA256_hash" specifies the hash of the file you are reporting.
"-s VT" specifies to use VirusTotal (API key must be set up. (Not specifying a service with -s will default to MalwareBazaar).
"-p" specifies to report to Cert Graveyard
"-t malware name" specifies the name of the malware. This is optional, but recommended. This information will be included in Cert Centrl's database if submitted with "-p"
Both tools are easy to use and provide a quick way to report certificates to Cert Graveyard. If you have any questions, please email admin at certcentral.org.