Last active
January 31, 2023 07:27
-
-
Save macostag/7a9f3a2cdae22ce3251a5509ba91a577 to your computer and use it in GitHub Desktop.
VirusTotal Public API v2.0 Script
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#VirusTotal Public API v2.0 Script | |
import requests | |
import hashlib | |
import pprint | |
class VT(): | |
def __init__(self): | |
self.apiKey = '' | |
self.baseUrl = 'https://www.virustotal.com/vtapi/v2' | |
def sendF(self,file): | |
#Sending and scanning files | |
#POST https://www.virustotal.com/vtapi/v2/file/scan | |
url = self.baseUrl + '/file/scan' | |
params = {'apikey': self.apikey} | |
samples = {'file': (self.file.name , open(file, 'rb'))} | |
response = requests.post(url, files=samples, params=params) | |
pprint.pprint(response.json()) | |
def reportF(self,hashFile,file): | |
#Retrieve file scan reports | |
#Get https://www.virustotal.com/vtapi/v2/file/report | |
url = self.baseUrl + '/file/report' | |
params = {'apikey': self.apiKey , 'resource': hashFile} | |
response = requests.get(url, params=params) | |
responseCode = response.json()['response_code'] | |
if responseCode == 0 : | |
print "[+] The item you searched for was not present in VirusTotal's dataset." | |
elif responseCode == -2: | |
print "[+] The requested item is still queued for analysis." | |
elif responseCode == 1: | |
print "[+] The item was indeed present and it could be retrieved it." | |
pprint.pprint(response.json()) | |
def getHash(self,file): | |
hash = hashlib.sha1() | |
while True: | |
data = file.read(1024) | |
if not data: | |
break | |
hash.update(data) | |
return hash.hexdigest() | |
def main(): | |
print "VirusTotal Public API v2.0" | |
path = "" | |
print path | |
sample = open(path,'rb') | |
virusTotal = VT() | |
hashSample = virusTotal.getHash(sample) | |
virusTotal.reportF(hashSample,sample) | |
if __name__ == '__main__': | |
main() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment