June 2018
Beginner
510 pages
13h 7m
English
Content preview from Learning Malware Analysis
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
3.2 Querying Hash Values Using VirusTotal Public API
VirusTotal also provides scripting capabilities via its public API (https://www.virustotal.com/en/documentation/public-api/); it allows you to automate file submission, retrieve file/URL scan reports, and retrieve domain/IP reports.
The following is a Python script that demonstrates the use of VirusTotal's public API. This script takes the hash value (MD5/SHA1/SHA256) as input and queries the VirusTotal database. To use the following script, you need to use a Python 2.7.x version; you must be connected to the internet and must have a VirusTotal public API key (which can be obtained by signing up for a VirusTotal account). Once you have the API key, just update the api_key variable with ...