Skip to main content

A Python script to automatically search and download DLL files

Project description

DLL-Downloader

DLL-Downloader

Search, download, and optionally scan DLL files with VirusTotal

PyPI Version Python Versions License CI Status Coverage SBOM Quality OpenSSF Best Practices

GitHub Stars GitHub Issues Buy Me a Coffee


Overview

DLL-Downloader is a Python tool that searches and downloads DLL files from trusted sources and can optionally scan them using VirusTotal. It works as both a CLI tool and a Python library.

Key Features

Feature Description
Search & Download Resolve DLL names and download the correct file
ZIP Extraction Optionally extract the DLL when the source returns a ZIP
Architecture Support x86 and x64 downloads with PE architecture validation
VirusTotal Scan Optional security scan before saving
Batch Mode Download many DLLs from a file
Library Mode Use the downloader directly from Python
Clean Architecture Domain/use-case/infrastructure separation

Installation

From PyPI (Recommended)

pip install dll-downloader

From Source

git clone https://github.com/seifreed/DLL-Downloader.git
cd DLL-Downloader
python3 -m venv venv
source venv/bin/activate  # Windows: venv\Scripts\activate
pip install -e .

Configuration

You can configure settings using .config.json, environment variables, or ~/.vt.toml.

JSON config (.config.json)

{
  "virustotal_api_key": "your_virustotal_api_key_here",
  "download_directory": "./downloads",
  "download_base_url": "https://es.dll-files.com",
  "http_timeout": 60,
  "virustotal_timeout": 60.0,
  "verify_ssl": true,
  "scan_before_save": true,
  "malicious_threshold": 5,
  "suspicious_threshold": 1,
  "log_level": "INFO",
  "user_agent": null
}

VirusTotal key via ~/.vt.toml

apikey="your_virustotal_api_key_here"

Environment variables

export DLL_VIRUSTOTAL_API_KEY="your_virustotal_api_key_here"
export DLL_DOWNLOAD_DIRECTORY="./downloads"
export DLL_VIRUSTOTAL_TIMEOUT="60"

Quick Start

# Download a single DLL
python3 dll-downloader.py msvcp140.dll

# Download x86 and fail if the source does not provide a matching PE DLL
python3 dll-downloader.py msvcp140.dll --arch x86

# Download and extract when the source returns a ZIP
python3 dll-downloader.py msvcp140.dll --extract

# Download from a list
python3 dll-downloader.py --file dll_list.txt

# Emit machine-readable JSON
python3 dll-downloader.py msvcp140.dll --json

# Emit SARIF for CI/security pipelines
python3 dll-downloader.py msvcp140.dll --sarif

Usage

Command Line Interface

python3 dll-downloader.py <dll_name> [options]

Available Options

Option Description
--file File with one DLL name per line
--arch Target architecture (x86 or x64; default: x64)
--debug Enable debug output
--no-scan Skip VirusTotal scan
--force Force download even if cached
--output-dir Custom output directory
--extract Extract the DLL when the download is a ZIP archive
--json Emit machine-readable JSON output
--sarif Emit SARIF v2.1.0 output

Some providers return the DLL inside a ZIP archive. By default, dll-downloader expects the payload to be a real ZIP and validates that it contains a valid PE DLL. Without --extract, the validated ZIP is saved as-is. With --extract, the tool saves the unpacked .dll, which is useful in CI/CD workflows. If the payload is not a valid ZIP or the embedded DLL is not a valid PE file, the download fails with an explicit error.

The selected architecture is also validated against the embedded PE header. If --arch x86 is requested and the source returns an x64 DLL, the download fails instead of saving a mislabeled file.

The HTTP transport retries transient failures up to 5 times by default and rotates across a pool of 5 legitimate User-Agent strings unless you provide an explicit user_agent in configuration.

Retry policy settings:

  • http_max_retries
  • http_retry_backoff_seconds
  • http_retry_jitter_seconds
  • user_agent
  • user_agent_pool

For pipeline integration, --json emits one structured JSON document and --sarif emits one SARIF v2.1.0 log. Both formats also serialize boundary errors such as invalid CLI input or unreadable DLL list files.


Python Library

Basic Usage

from dll_downloader.api import (
    Architecture,
    DownloadDLLRequest,
)
from dll_downloader.runtime import (
    load_settings,
    create_dependencies,
)

settings = load_settings()
use_case, http_client, scanner = create_dependencies(settings)

try:
    response = use_case.execute(DownloadDLLRequest(
        dll_name="msvcp140.dll",
        architecture=Architecture.X64,
        scan_before_save=True,
        force_download=False,
        extract_archive=True,
    ))
    print(response)
finally:
    http_client.close()
    if scanner:
        scanner.close()

Requirements

  • Python 3.13 or 3.14
  • See pyproject.toml for dependencies

Software Bill of Materials (SBOM)

A CycloneDX 1.6 SBOM for the runtime dependency closure is committed at sbom.cdx.json and regenerated by:

python scripts/generate_sbom.py -o sbom.cdx.json

It documents the application and its runtime dependencies (not the development/test tooling) with full supplier, license, hash, and source/distribution provenance. The SBOM scores 10.0/10.0 Grade A on every NTIA and BSI TR-03183-2 profile of sbomqs; CI enforces this contract via scripts/check_sbom_quality.py:

sbomqs score --profile ntia,bsi-v1.1,bsi-v2.0,bsi-v2.1 sbom.cdx.json
python scripts/check_sbom_quality.py sbom.cdx.json

The SBOM Quality badge above is dynamic: --badge sbom-score.json writes a shields.io endpoint file that the badge fetches live, and CI fails if the committed badge drifts from the real score:

python scripts/check_sbom_quality.py sbom.cdx.json --badge sbom-score.json

Reporting Issues & Security

  • Bugs and feature requests: open a GitHub issue. Existing issues and discussions are searchable and serve as the public archive.
  • Security vulnerabilities: please do not open a public issue. Follow the private reporting process in SECURITY.md.

Contributing

Contributions are welcome. See CONTRIBUTING.md for the contribution process, coding standards, and the testing policy (tests are required for new functionality, and the project enforces 100% coverage). The fork-and-pull-request workflow is used; CI runs lint, type checks, security scans, and the full test suite on every change.

Notable changes are recorded in CHANGELOG.md.


Support the Project

If you find DLL-Downloader useful, consider supporting its development:

Buy Me A Coffee

License

See the LICENSE file for details.

Attribution Required:


Built for secure, reliable DLL acquisition

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

dll_downloader-1.2.0.tar.gz (156.8 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

dll_downloader-1.2.0-py3-none-any.whl (95.0 kB view details)

Uploaded Python 3

File details

Details for the file dll_downloader-1.2.0.tar.gz.

File metadata

  • Download URL: dll_downloader-1.2.0.tar.gz
  • Upload date:
  • Size: 156.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.13

File hashes

Hashes for dll_downloader-1.2.0.tar.gz
Algorithm Hash digest
SHA256 66dbb51a5e7357777fac745cb485126f37d34441ceb760643794054b7bd6511e
MD5 d23dbbb8a064a1cd526bb42d528483b7
BLAKE2b-256 d1c5f31a683c29c48e1dabbb6de632140f98ee74a0cb3187b113c2edae58f040

See more details on using hashes here.

Provenance

The following attestation bundles were made for dll_downloader-1.2.0.tar.gz:

Publisher: publish.yml on seifreed/DLL-Downloader

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file dll_downloader-1.2.0-py3-none-any.whl.

File metadata

  • Download URL: dll_downloader-1.2.0-py3-none-any.whl
  • Upload date:
  • Size: 95.0 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.13

File hashes

Hashes for dll_downloader-1.2.0-py3-none-any.whl
Algorithm Hash digest
SHA256 828666f596f33cfe8d5e494f267027e762531738c6c776986b069aac59950192
MD5 d849d39f86dab24e17681ffdc01a41c1
BLAKE2b-256 f6f5b52c8dfb596ae007ea0a119c152dd087b8b18d697e5afeafff912da812ba

See more details on using hashes here.

Provenance

The following attestation bundles were made for dll_downloader-1.2.0-py3-none-any.whl:

Publisher: publish.yml on seifreed/DLL-Downloader

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page