Skip to content

Latest commit

 

History

History
56 lines (44 loc) · 1.69 KB

README.md

File metadata and controls

56 lines (44 loc) · 1.69 KB

vta.py

vta.py is a simple Python implementation of the VirusTotal public API https://www.virustotal.com/en/documentation/public-api/

I use it to sort my malware samples, so it's lacking a lot of functionalities the full VT API supports. For the time being vta.py can only be used to scan files/urls and get back the results of said scans.

It can be used both as a library in a Python program or as a standalone CLI application. It needs requests(1) to work. If you have ansicolors(2) installed, results are colored depending if a url/file is malicious or not.

Usage as a CLI app

Scanning a url:

python vtwrapper.py -u erethon.com

or use '' for weird urls

python vtwrapper.py -u 'erethon.com/weird-url-!chars' 

Scanning a file:

python vtwrapper.py -f virus.exe

Getting the results for a URL or file that was previously scanned:

python vtwrapper.py -r erethon.com

for a file use:

python vtwrapper.py -F virus.exe

Usage as a library

from vta import vtapi

vt = vtapi()
print vt.results("url", "erethon.com")

This will print the json response from the server. If you want to 'beautify' it use:

vt.print_scam_results(vt.results("url", "erethon.com"))

The rest of the fuctions are documented here:

vt.sendfile(filename) -- Submits a file to be scanned
vt.results("file","HashOfFile") -- Returns the results of a previously scanned file (you need to use its md5/sha1/sha256 hash)
vt.results("url", "ScannedURL") -- Returns the results of a previously scanned url
vt.scanurl("URL") -- Submits URL to be scanned