24 releases (5 breaking)
| new 0.5.0 | Apr 16, 2025 |
|---|---|
| 0.4.1 | Mar 17, 2025 |
| 0.3.1 | Feb 12, 2025 |
| 0.2.0 | Dec 22, 2024 |
| 0.0.3 | Dec 30, 2023 |
#612 in Database interfaces
414 downloads per month
Used in 3 crates
115KB
2K
SLoC
VirusTotal Client
This is logic for interacting with VirusTotal's V3 API. At present, only the following actions are supported:
- Fetch file, IP address, and domain reports: this gets the anti-virus scan and other data for a given sample, and there are examples in the
testdata/directory.- The goal is for the file report to have all the possible fields for increased ease of use.
- Request re-scan: ask VirusTotal to run a given item through their collection of anti-virus applications and analysis tools.
- Submit a file sample: send a sample to VirusTotal for analysis.
- Download a file sample: download the original sample from VirusTotal (not fully tested, requires VirusTotal Premium).
- Search: find the hashes of files which match some search criteria (not fully tested, requires VirusTotal Premium, uses older V2 API). See VirusTotal's doc for more information.
- The file report object and error types can be useful when interacting with VirusTotal using another crate or using VT's API directly; you don't have to use the client object in this crate to use the data (and error) types in this crate.
VirusTotal supports these actions given a MD5, SHA-1, or SHA-256 hash.
Additionally, this provides a client application (in bin/, or malwaredb-virustotal-bin) for the supported operations on the command line.
MUSL Targets
It's recommended to use the native-tls-vendored feature to avoid OpenSSL build errors when compiling for Linux MUSL targets. See the example Cargo.toml entry below:
[target.'cfg(target_env = "musl")'.dependencies]
malwaredb-virustotal = { version = "0.5", features = ["native-tls-vendored"] }
Dependencies
~4–19MB
~292K SLoC