A meeting to learn how to use VirusTotal's API and create a tool that contributes to the anti-malware industry
python 2.7.5
https://github.com/kanokanoka/virustotal_api/
it's here. https://www.virustotal.com/
The page is, for example, how to use it, but if you insert a suspicious file, it will be applied to various antiviruses to judge whether it is suspicious or not, and it will return various analysis information. You can also see the results of other people's calls, so you can, for example, know the hash value and see if it has already been parsed.
An API that allows you to use the functions of virustotal programmatically is open to the public, and you can probably get information returned by throwing a hash value, and you can do various other things (Reference 1.).
If you register as a user, the API key will be issued individually, so enter it. For hash, enter the file hash.
#!/usr/bin/env python
import sys
import json
import urllib
#hash = "this is hash area"
hash= "hash"
url= "https://www.virustotal.com/vtapi/v2/file/report"
param = {"resource":hash, "apikey": "Write your own api key"}
data= urllib.urlencode(param)
req=urllib.urlopen(url,data)
json=req.read()
print json
This will bring json back.
If you look at the API collection roughly, it seems that the following are APIs.
--Send files to scan, rescan --Send a hash to search the report --Send URL and scan --Send IP address and scan
Mental arithmetic is a "GUI that can be easily executed by each", but there is no trick. You just have to use the official. Try a little more thought.
Official API https://www.virustotal.com/ja/documentation/public-api/
How to use VirusTotal API http://www.morihi-soc.net/?p=600