Python scripts to interact with the virustotal.com API
Project description
.. image:: https://virustotalcloud.appspot.com/static/img/logo-small.png
VirusTotal API v2
==============
Python scripts to interact with the virustotal.com APIs v2:
- https://www.virustotal.com/en/documentation/public-api/
- https://www.virustotal.com/en/documentation/private-api/
Installation
==========
.. code-block:: bash
$ pip install virustotal-api-v2
Usage: bash
==========
.. code-block:: bash
usage: vt.py [-h] [-k] [-sk SETKEY] [-gf GETFILE] [-gu GETURL]
[-gi GETIP] [-gd GETDOMAIN] [-c COMMENT COMMENT]
[-sf SCANFILE] [-su SCANURL] [-r RESCAN] [-b BEHAVIOUR]
[-uf URLFEED] [-nt NETWORK] [-fs FILESEARCH] [-dl DOWNLOAD]
[-o OUTPUT] [-q] [-nb]
optional arguments:
-h, --help | show this help message and exit
-k, --getkey | print your VirusTotal API Key
-sk, --setkey [api_key] | set VirusTotal API Key
-gf, --getfile [options: path/to/file, md5] | return result of the specified file
-gu, --geturl [url] | return result for the specified url
-gi, --getip [ip_address] | return result for the specified IP address
-gd, --getdomain [domain] | return result for the specified
-c, --comment [resource] [comment] | comment on a specified resource (hash)
-sf, --scanfile [options: path/to/file, md5] | return result for the specified file
-su, --scanurl [url] | submit the specified url for a scan
-r, --rescan [options: /path/to/file, hash] | request newscan for
-b, --behaviour [options: /path/to/file, hash] | request dynamic behavioural report [Private API]
-uf, --urlfeed [package] | request received items for time window [Private API]
-nt, --network [options: /path/to/file, hash] | request traffic dump for file [Private API]
-fs, --filesearch [options: /path/to/file, hash] | request file search [Private API]
-dl, --download [options: /path/to/file, hash] | download file [Private API]
-o, --output [options: stdout, html, json] | set the result output type. default=json
-q, --quiet | when set, no prints to stdout
-nb, --nobrowser | when using `html` mode, will disable automatic open of report
Usage: python
============
.. code-block:: python
# import
#-------
fron vt import VT
vt = VT()
# key management
#-------
vt.getkey()
vt.setkey('___KEY___')
# API calls: FILES
#-------
vt.getfile('path/to/filename.ext')
vt.getfile('ee0fc30726c6dc1ef9ed15809c58d2bb438456ab')
vt.scanfile('path/to/file.ext')
vt.rescan('file.ext')
vt.rescan('ee0fc30726c6dc1ef9ed15809c58d2bb438456ab')
# API calls: NET
#-------
vt.geturl('https://github.com/nu11p0inter/')
vt.scanurl('http://github.com/nu11p0inter.com')
vt.getip('98.76.54.32')
vt.getdomain('github.com')
# API Call: Comment
#-------
hash = open(file, 'rb').read()
msg = "#Malware @https://github.com/nu11p0inter/virustotal/"
vt.comment(hash, msg)
vt.comment('path/to/filename.ext', msg)
# Set OUTPUT method:
#-------
vt.out('html')
vt.out('print')
vt.out('json')
Author
======
Tal Melamed
<dev@appsec.it>
https://github.com/nu11p0inter/
License
=======
By using the scan API, you consent to virustotal [Terms of Service](https://www.virustotal.com/en/about/terms-of-service/)
and allow VirusTotal to share this file with the security community. See virustotal [Privacy Policy](https://www.virustotal.com/en/about/privacy/) for details.
VirusTotal API v2
==============
Python scripts to interact with the virustotal.com APIs v2:
- https://www.virustotal.com/en/documentation/public-api/
- https://www.virustotal.com/en/documentation/private-api/
Installation
==========
.. code-block:: bash
$ pip install virustotal-api-v2
Usage: bash
==========
.. code-block:: bash
usage: vt.py [-h] [-k] [-sk SETKEY] [-gf GETFILE] [-gu GETURL]
[-gi GETIP] [-gd GETDOMAIN] [-c COMMENT COMMENT]
[-sf SCANFILE] [-su SCANURL] [-r RESCAN] [-b BEHAVIOUR]
[-uf URLFEED] [-nt NETWORK] [-fs FILESEARCH] [-dl DOWNLOAD]
[-o OUTPUT] [-q] [-nb]
optional arguments:
-h, --help | show this help message and exit
-k, --getkey | print your VirusTotal API Key
-sk, --setkey [api_key] | set VirusTotal API Key
-gf, --getfile [options: path/to/file, md5] | return result of the specified file
-gu, --geturl [url] | return result for the specified url
-gi, --getip [ip_address] | return result for the specified IP address
-gd, --getdomain [domain] | return result for the specified
-c, --comment [resource] [comment] | comment on a specified resource (hash)
-sf, --scanfile [options: path/to/file, md5] | return result for the specified file
-su, --scanurl [url] | submit the specified url for a scan
-r, --rescan [options: /path/to/file, hash] | request newscan for
-b, --behaviour [options: /path/to/file, hash] | request dynamic behavioural report [Private API]
-uf, --urlfeed [package] | request received items for time window [Private API]
-nt, --network [options: /path/to/file, hash] | request traffic dump for file [Private API]
-fs, --filesearch [options: /path/to/file, hash] | request file search [Private API]
-dl, --download [options: /path/to/file, hash] | download file [Private API]
-o, --output [options: stdout, html, json] | set the result output type. default=json
-q, --quiet | when set, no prints to stdout
-nb, --nobrowser | when using `html` mode, will disable automatic open of report
Usage: python
============
.. code-block:: python
# import
#-------
fron vt import VT
vt = VT()
# key management
#-------
vt.getkey()
vt.setkey('___KEY___')
# API calls: FILES
#-------
vt.getfile('path/to/filename.ext')
vt.getfile('ee0fc30726c6dc1ef9ed15809c58d2bb438456ab')
vt.scanfile('path/to/file.ext')
vt.rescan('file.ext')
vt.rescan('ee0fc30726c6dc1ef9ed15809c58d2bb438456ab')
# API calls: NET
#-------
vt.geturl('https://github.com/nu11p0inter/')
vt.scanurl('http://github.com/nu11p0inter.com')
vt.getip('98.76.54.32')
vt.getdomain('github.com')
# API Call: Comment
#-------
hash = open(file, 'rb').read()
msg = "#Malware @https://github.com/nu11p0inter/virustotal/"
vt.comment(hash, msg)
vt.comment('path/to/filename.ext', msg)
# Set OUTPUT method:
#-------
vt.out('html')
vt.out('print')
vt.out('json')
Author
======
Tal Melamed
<dev@appsec.it>
https://github.com/nu11p0inter/
License
=======
By using the scan API, you consent to virustotal [Terms of Service](https://www.virustotal.com/en/about/terms-of-service/)
and allow VirusTotal to share this file with the security community. See virustotal [Privacy Policy](https://www.virustotal.com/en/about/privacy/) for details.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
No source distribution files available for this release.See tutorial on generating distribution archives.
Built Distribution
File details
Details for the file virustotal_api_v2-0.8-py2.py3-none-any.whl.
File metadata
- Download URL: virustotal_api_v2-0.8-py2.py3-none-any.whl
- Upload date:
- Size: 8.5 kB
- Tags: Python 2, Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/1.13.0 pkginfo/1.5.0.1 requests/2.21.0 setuptools/36.7.2 requests-toolbelt/0.8.0 tqdm/4.31.1 CPython/2.7.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 8afe23cd7fcd2373aa453931cb697dfa3fdc0caf3abedbd68f642db11c71ea31 |
|
| MD5 | 7b0bf0c3d868e77dbeb791610141b38d |
|
| BLAKE2b-256 | 82ab4af636d78be3c6156824aa4d39751238e771a5ee881659eafb84b8a137ef |
