VirusTotal Public API
Python scripts to interact with the virustotal.com Public API
Dependencies
python requests module (pip install requests) - essential only when uploading files for scan
How to use
Get api key
Register to get your api key from virustotal
Update key in file
Take your key from here and add it to virustotal.py
self.api_key = '<-- YOUR API KEY HERE -->'
Alternatively, use (see usage):
vt.setkey('___KEY___')
Import
from virustotal import vt
vt = vt()
Update api key
vt.setkey('___KEY___')
API calls
- Retrieving file scan reports (file/hash)
vt.getfile('path/to/filename.ext')
vt.getfile('ee0fc30726c6dc1ef9ed15809c58d2bb438456ab')
- Retrieving URL/IP/Domain scan reports
vt.geturl('https://github.com/nu11p0inter/')
vt.getip('98.76.54.32')
vt.getdomain('github.com')
- Sending and scanning files
vt.scanfile('path/to/file.ext')
- Sending and scanning URLs
vt.scanurl('http://github.com/nu11p0inter.com')
- Rescanning already submitted files (file/hash)
vt.rescan('file.ext')
vt.rescan('ee0fc30726c6dc1ef9ed15809c58d2bb438456ab')
- Comment on existing report
hash = open(file, 'rb').read()
msg = "#Malware @https://github.com/nu11p0inter/virustotal/"
vt.comment(hash, msg)
Feature - Output format
For geturl/ getfile - you can get your repsonse as a JSON, HTML or Print simpley change the vt.out() to the desired output format and call the api normally. Exmaple:
vt.out('html')
vt.getfile('file.ext')
vt.out('print')
vt.geturl('http://github.com/nu11p0inter/')
vt.out('json')
...
Author
Tal Melamed
<github@appsec.it>
https://github.com/nu11p0inter/
License
By using the scan API, you consent to virustotal Terms of Service and allow VirusTotal to share this file with the security community. See virustotal Privacy Policy for details.