Download & Extend

VirusTotal API

Posted by patrickd on October 13, 2011 at 1:17pm
VirusTotal Logo (© Hispasec Sistemas)

Virustotal is a service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information...

This module integrates the VirusTotal API service
It provides an API for developers and Rules 2.x integration
(but does nothing out of the box).

How to use it?

Install as usual.

Configuration (6.x, 7.x)

  • Goto admin/config/system/virustotal and paste in a valid personal API key. If you are registered to the VirusTotal community you will find you key at your profile on the "API key" tab.

Sitebuilding (7.x)

  • If you just need the basic API functionality you should have a look at the VirusTotal Rules submodule. With Rules 2.x and the VirusTotal API Rules integration you can handle most of the API functionality without writing any line of code. Instructions..

Development (6.x, 7.x)

  • If you want to use or extend the VirusTotal API you should have a look at the VirusTotal API Examples submodule. It will show you how to use the all functionality in detail.

API Functionality

Functions of the VirusTotal API Class

  • scanFile() Sends a File to VirusTotal service to queue it for scanning.
  • getFileReport() Tries to retrieve a file scan report.
  • scanUrl() Sends an URL to VirusTotal service and queue it for scanning.
  • getUrlReport() Tries to retrieve a URL scan report.
  • makeComment() Creates a comment on a file or URL report.

Hooks

  • hook_virustotal_query_alter Modules may make changes to the query data before it is send to VirusTotal.
  • hook_virustotal_result_alter Modules may make changes to the response data before it is returned.

Requirements

No other modules are required but a valid VirusTotal community account is needed and cURL library must be installed.

A word of warning

As VirusTotal.com is a free service please remember to protect them from "junk". Don't send images (like .png, .jpgs and .gif) or plain-text files (like .txt) to Virustotal, it is very unlikely that these files contain harmful stuff. Really vulnerable files (that are worth sending to VT) are executables (.exe, .scr, .pif, .bat) and typical files like .pdf's, java-applet's or flash applications. Also rather think about requesting an existing scan-report before checking the same file twice.

sponsored by maloon

Downloads

Version Downloads Date Links
7.x-2.0-beta2 tar.gz (16.62 KB) | zip (22.04 KB) 2012-Jan-27 Notes
6.x-2.0-beta2 tar.gz (13.62 KB) | zip (17.16 KB) 2012-Jan-27 Notes

Project Information


Maintainers for VirusTotal API

  • patrickd - 45 commits
    last: 16 weeks ago, first: 31 weeks ago

Issues for VirusTotal API

To avoid duplicates, please search before submitting a new issue.
All issues
0 open, 2 total
Bug reports
0 open, 0 total
Subscribe via e-mail
nobody click here