jeansouzak/virus_total_url_scanner.py

## virus_total_url_scanner.py
import requests
import argparse


class URLAnalyzerInterface:
    def is_suspicious(self, url):
        pass

class VirusTotalAnalyzer(URLAnalyzerInterface):
    def __init__(self, api_key):
        self.api_key = api_key

    def send_url(self, url):
        endpoint = "https://www.virustotal.com/api/v3/urls"

        payload = f"url={url}"
        headers = {
            "accept": "application/json",
            "x-apikey": self.api_key,
            "content-type": "application/x-www-form-urlencoded"
        }
        response = requests.post(endpoint, data=payload, headers=headers)
        response.raise_for_status()
        return response.json()

    def analyze_result(self, analysis_id):
        endpoint = f"https://www.virustotal.com/api/v3/analyses/{analysis_id}"
        headers = {
            "x-apikey": self.api_key
        }
        response = requests.get(endpoint, headers=headers)
        response.raise_for_status()
        return response.json()

    def is_suspicious(self, url):
        try:
            analysis_response = self.send_url(url)
            analysis_id = analysis_response["data"]["id"]
            result_response = self.analyze_result(analysis_id)
            status = result_response["data"]["attributes"]["status"]
            if status == "completed":
                stats = result_response["data"]["attributes"]["stats"]
                malicious = stats["malicious"]
                suspicious = stats["suspicious"]
                is_suspicious = malicious > 0 or suspicious > 0
                print(f"[Suspicious - {is_suspicious}] {url}")
                return is_suspicious
        except requests.exceptions.HTTPError as e:
            print(f"Failed to verify URL {url}: {e}")
        return False


def main(api_key):
    virus_total_analyzer = VirusTotalAnalyzer(api_key)
    url_analyzer = virus_total_analyzer

    with open("check_urls.txt", "r") as file:
        urls = file.readlines()

    suspicious_urls = []

    for url in urls:
        url = url.strip()
        if url_analyzer.is_suspicious(url):
            suspicious_urls.append(url)

    with open("suspicious_urls.txt", "w") as file:
        file.write("\n".join(suspicious_urls))

    print("Analysis completed. Suspicious URLs has been saved in suspicious_urls.txt.")


if __name__ == "__main__":
    parser = argparse.ArgumentParser(description="Scans URLs in a file for suspected viruses.")
    parser.add_argument("api_key", help="VirusTotal API Key")
    args = parser.parse_args()
    main(args.api_key)
	import requests
	import argparse


	class URLAnalyzerInterface:
	def is_suspicious(self, url):
	pass

	class VirusTotalAnalyzer(URLAnalyzerInterface):
	def __init__(self, api_key):
	self.api_key = api_key

	def send_url(self, url):
	endpoint = "https://www.virustotal.com/api/v3/urls"

	payload = f"url={url}"
	headers = {
	"accept": "application/json",
	"x-apikey": self.api_key,
	"content-type": "application/x-www-form-urlencoded"
	}
	response = requests.post(endpoint, data=payload, headers=headers)
	response.raise_for_status()
	return response.json()

	def analyze_result(self, analysis_id):
	endpoint = f"https://www.virustotal.com/api/v3/analyses/{analysis_id}"
	headers = {
	"x-apikey": self.api_key
	}
	response = requests.get(endpoint, headers=headers)
	response.raise_for_status()
	return response.json()

	def is_suspicious(self, url):
	try:
	analysis_response = self.send_url(url)
	analysis_id = analysis_response["data"]["id"]
	result_response = self.analyze_result(analysis_id)
	status = result_response["data"]["attributes"]["status"]
	if status == "completed":
	stats = result_response["data"]["attributes"]["stats"]
	malicious = stats["malicious"]
	suspicious = stats["suspicious"]
	is_suspicious = malicious > 0 or suspicious > 0
	print(f"[Suspicious - {is_suspicious}] {url}")
	return is_suspicious
	except requests.exceptions.HTTPError as e:
	print(f"Failed to verify URL {url}: {e}")
	return False


	def main(api_key):
	virus_total_analyzer = VirusTotalAnalyzer(api_key)
	url_analyzer = virus_total_analyzer

	with open("check_urls.txt", "r") as file:
	urls = file.readlines()

	suspicious_urls = []

	for url in urls:
	url = url.strip()
	if url_analyzer.is_suspicious(url):
	suspicious_urls.append(url)

	with open("suspicious_urls.txt", "w") as file:
	file.write("\n".join(suspicious_urls))

	print("Analysis completed. Suspicious URLs has been saved in suspicious_urls.txt.")


	if __name__ == "__main__":
	parser = argparse.ArgumentParser(description="Scans URLs in a file for suspected viruses.")
	parser.add_argument("api_key", help="VirusTotal API Key")
	args = parser.parse_args()
	main(args.api_key)