Python implements the method of uploading samples to virustotal and querying scan information, pythonvirustotal

Python implements the method of uploading samples to virustotal and querying scan information, pythonvirustotal

This example describes how to upload a sample to virustotal in python and query scan information. Share it with you for your reference. The specific method is as follows:

Import simplejson import urllib import urllib2 import OS MD5 = "required" MD5 = "required" # do not have report on virustotal.com ############### ######################################## ################ APIKEY = "e0a50a50e77fxxxxxxxxxxxxxx4f17e31 use the KEY of the account you applied for on virustotal." class VirusTotal: "def _ init _ (self, md5):" "Constructor" self. _ virus_dict ={} self. _ md5 = md5 def repr (self): return str (self. _ virus_dict) def submit_md5 (self, file_path): import postfile # submit the file FILE_NAME = OS. path. basename (file_path) host = "www.virustotal.com" selector = "https://www.virustotal.com/vtapi/v2/file/scan" fields = [("apikey", APIKEY)] file_to_send = open (file_path, "rb "). read () files = [("file", FILE_NAME, file_to_send)] json = postfile. post_multipart (host, selector, fields, files) print json pass def get_report_dict (self): result_dict = {} url = "https://www.virustotal.com/vtapi/v2/file/report" parameters = {"resource": self. _ md5, "apikey": APIKEY} data = urllib. urlencode (parameters) req = urllib2.Request (url, data) response = urllib2.urlopen (req) json = response. read () response_dict = simplejson. loads (json) if response_dict ["response_code"]: # has result scans_dict = response_dict.get ("scans", {}) for anti_virus_comany, virus_name in scans_dict.iteritems (): if virus_name ["detected"]: self. _ virus_dict.setdefault (anti_virus_co1_, virus_name ["result"]) return self. _ virus_dict

The returned result is: {u'sophos': u'sus/Behav-1010 '}, if any scan results are returned ..

The call method is as follows:

MD5 = "12fa5fb74201d9b6a14f63fbf9a81ff6" # do not have report on virustotal.com MD5 = "5248f774d2ee0a1_36d0b1dc891_f1" FILE_PATH = r "D: \ backSample \ 10 \ Users "from getVirusTotalInfo import VirusTotal # obtain the scan result and print it out virus_total = VirusTotal (MD5) print virus_total.get_report_dict () # submit the file to the scan, then you can obtain the scan result virus_total.submit_md5 (FILE_PATH) based on the MD5)

I hope this article will help you with Python programming.

Several websites with multi-engine online scanning are known: virscan, virustotal, and jotti supplements

This is the two, but the size of the uploaded file is limited.


Virustotal scan results

Not secure. Didn't you see it?

Most anti-virus software has been poisoned.