Skip to main content

Python scripts to interact with the virustotal.com API

Project description

.. image:: https://virustotalcloud.appspot.com/static/img/logo-small.png

VirusTotal API v2
==============

Python scripts to interact with the virustotal.com APIs v2:
- https://www.virustotal.com/en/documentation/public-api/
- https://www.virustotal.com/en/documentation/private-api/


Installation
==========

.. code-block:: bash

$ pip install virustotal-api-v2

Usage: bash
==========
.. code-block:: bash

usage: vt.py [-h] [-k] [-sk SETKEY] [-gf GETFILE] [-gu GETURL]
[-gi GETIP] [-gd GETDOMAIN] [-c COMMENT COMMENT]
[-sf SCANFILE] [-su SCANURL] [-r RESCAN] [-b BEHAVIOUR]
[-uf URLFEED] [-nt NETWORK] [-fs FILESEARCH] [-dl DOWNLOAD]
[-o OUTPUT] [-q] [-nb]

optional arguments:
-h, --help | show this help message and exit
-k, --getkey | print your VirusTotal API Key
-sk, --setkey [api_key] | set VirusTotal API Key
-gf, --getfile [options: path/to/file, md5] | return result of the specified file
-gu, --geturl [url] | return result for the specified url
-gi, --getip [ip_address] | return result for the specified IP address
-gd, --getdomain [domain] | return result for the specified
-c, --comment [resource] [comment] | comment on a specified resource (hash)
-sf, --scanfile [options: path/to/file, md5] | return result for the specified file
-su, --scanurl [url] | submit the specified url for a scan
-r, --rescan [options: /path/to/file, hash] | request newscan for
-b, --behaviour [options: /path/to/file, hash] | request dynamic behavioural report [Private API]
-uf, --urlfeed [package] | request received items for time window [Private API]
-nt, --network [options: /path/to/file, hash] | request traffic dump for file [Private API]
-fs, --filesearch [options: /path/to/file, hash] | request file search [Private API]
-dl, --download [options: /path/to/file, hash] | download file [Private API]
-o, --output [options: stdout, html, json] | set the result output type. default=json
-q, --quiet | when set, no prints to stdout
-nb, --nobrowser | when using `html` mode, will disable automatic open of report


Usage: python
============
.. code-block:: python

# import
#-------
fron vt import VT
vt = VT()

# key management
#-------
vt.getkey()
vt.setkey('___KEY___')


# API calls: FILES
#-------
vt.getfile('path/to/filename.ext')
vt.getfile('ee0fc30726c6dc1ef9ed15809c58d2bb438456ab')
vt.scanfile('path/to/file.ext')
vt.rescan('file.ext')
vt.rescan('ee0fc30726c6dc1ef9ed15809c58d2bb438456ab')

# API calls: NET
#-------
vt.geturl('https://github.com/nu11p0inter/')
vt.scanurl('http://github.com/nu11p0inter.com')
vt.getip('98.76.54.32')
vt.getdomain('github.com')

# API Call: Comment
#-------
hash = open(file, 'rb').read()
msg = "#Malware @https://github.com/nu11p0inter/virustotal/"
vt.comment(hash, msg)
vt.comment('path/to/filename.ext', msg)


# Set OUTPUT method:
#-------
vt.out('html')
vt.out('print')
vt.out('json')


Author
======
Tal Melamed
<dev@appsec.it>
https://github.com/nu11p0inter/


License
=======
By using the scan API, you consent to virustotal [Terms of Service](https://www.virustotal.com/en/about/terms-of-service/)
and allow VirusTotal to share this file with the security community. See virustotal [Privacy Policy](https://www.virustotal.com/en/about/privacy/) for details.


Project details


Release history Release notifications

This version

0.8

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for virustotal-api-v2, version 0.8
Filename, size File type Python version Upload date Hashes
Filename, size virustotal_api_v2-0.8-py2.py3-none-any.whl (8.5 kB) File type Wheel Python version py2.py3 Upload date Hashes View

Supported by

Pingdom Pingdom Monitoring Google Google Object Storage and Download Analytics Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page