Need a script that can scan urls and return clean or infected with count if possible

3,116 views
Skip to first unread message

Digian .

unread,
Oct 22, 2013, 9:48:19 PM10/22/13
to virus...@googlegroups.com
Hi guys,

I have some url's I would like to scan and return detected information whether clean or infected for each url, if possible showing count x/47 would be a bonus.

I am using public API with python script found here: https://github.com/doomedraven/VirusTotalPublicApi


What I notice is when submitting url to virustotal API, it returns another url to check after processing, even when i re-submit already processed url, api will try to re-process again and send me analysis url, instead of detection information.

I looked everywhere but cant find any script which can scan url and also then return clean / infected, can anybody help me please ?

Search function does not seem to work correctly either when I search a url that I have already analysed I get no result, even when a url is found infected. Some url's begin with http://ip.address/path also and IP address seems to confuse things.

Thanks

Emiliano Martinez

unread,
Oct 23, 2013, 9:09:37 AM10/23/13
to virus...@googlegroups.com, Andriy Brukhovetskyy
[+ Introducing Doomedraven into the conversation]

Hello Doomedraven,

It seems that Digian already found your script useful. I took a quick look at it and it does seem that the URL report retrieval never got implemented:

It seems that only URL submissions are possible.

I guess you probably want to implement that, helping Digian at the same time.

Thank you!


--
--
Choose a file, check it with more than 40 antivirus, fast and easy: http://www.virustotal.com
 
---
You received this message because you are subscribed to the Google Groups "VirusTotal" group.
To unsubscribe from this group and stop receiving emails from it, send an email to virustotal+...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

Andriy Brukhovetskyy

unread,
Oct 23, 2013, 3:07:12 PM10/23/13
to virus...@googlegroups.com

El 23/10/2013, a las 21:04, Andriy Brukhovetskyy <doomme...@gmail.com> escribió:

Hello :)


(new) from usage
 -us, --url-scan       Url scan, support space separated list, Max 4 urls
  -ur, --url-report     Url(s) report, support space separated list, Max 4
                        urls, you can use --url-report --url-scan options for
                        analysing url(s) if they are not in VT data base
if some url not in VT data base, and you want analyze it, just execute script as:
vt.py --url-report --url-scan google.com virustotal.com
if just check for report
vt.py --url-report google.com virustotal.com
or shorted versions of both like here:

python vt_dev.py -us -ur cuatvientos.org poringa.es      
Searching for url(s) report: 

Scanned on:           2013-10-23 18:11:02
Detected by:          0 / 47

Status      : Scan finished, scan information embedded in this object



Scanned on:           2013-10-23 18:11:02
Detected by:          0 / 47

Status      : Scan finished, scan information embedded in this object
Scanned url : http://poringa.es/




verbose mode

python vt_dev.py -us -ur cuatvientos.org poringa.es -j -v
Searching for url(s) report: 

Scanned on:           2013-10-23 18:11:02
Detected by:          0 / 47

Status      : Scan finished, scan information embedded in this object

Verbose VirusTotal Information Output:

CLEAN MX  False clean site 
MalwarePatrol  False clean site 
ZDB Zeus  False clean site 
K7AntiVirus  False clean site 
TrendMicro  False clean site 
Quttera  False clean site 
Yandex Safebrowsing   False clean site 
MalwareDomainList   False clean site 
ZeusTracker  False clean site 
zvelo False clean site 
Google Safebrowsing   False clean site 
Kaspersky  False unrated site 
BitDefender  False clean site 
Dr.Web False clean site 
ADMINUSLabs  False clean site 
AlienVault  False clean site 
C-SIRT False clean site 
CyberCrime  False clean site 
Websense ThreatSeeker    False unrated site 
VX Vault  False clean site 
Webutation  False clean site 
G-Data False clean site 
Malwarebytes hpHosts    False clean site 
Opera False clean site 
WOT False clean site 
Sophos False unrated site 
Malc0de Database   False clean site 
SpyEyeTracker  False clean site 
Phishtank  False clean site 
Malwared  False clean site 
Avira False clean site 
StopBadware  False unrated site 
Antiy-AVL  False clean site 
SCUMWARE.org  False clean site 
Comodo Site Inspector    False clean site 
Malekal  False clean site 
ESET False clean site 
SecureBrain  False clean site 
Malware Domain Blocklist    False clean site 
Netcraft  False unrated site 
PalevoTracker  False clean site 
ThreatHive  False clean site 
ParetoLogic  False clean site 
URLQuery  False unrated site 
Sucuri SiteCheck   False clean site 
Wepawet  False unrated site 
Fortinet  False unrated site 

JSON Written to File -- VTDL_7a7d4424c7b6c4724693015b7e8cee91.json



Scanned on:           2013-10-23 18:11:02
Detected by:          0 / 47

Status      : Scan finished, scan information embedded in this object
Scanned url : http://poringa.es/

Verbose VirusTotal Information Output:

CLEAN MX  False clean site 
MalwarePatrol  False clean site 
ZDB Zeus  False clean site 
K7AntiVirus  False clean site 
TrendMicro  False clean site 
Quttera  False clean site 
Yandex Safebrowsing   False clean site 
MalwareDomainList   False clean site 
ZeusTracker  False clean site 
zvelo False clean site 
Google Safebrowsing   False clean site 
Kaspersky  False unrated site 
BitDefender  False clean site 
Dr.Web False clean site 
ADMINUSLabs  False clean site 
AlienVault  False clean site 
C-SIRT False clean site 
CyberCrime  False clean site 
Websense ThreatSeeker    False unrated site 
VX Vault  False clean site 
Webutation  False clean site 
G-Data False clean site 
Malwarebytes hpHosts    False clean site 
Opera False clean site 
WOT False clean site 
Sophos False unrated site 
Malc0de Database   False clean site 
SpyEyeTracker  False clean site 
Phishtank  False clean site 
Malwared  False clean site 
Avira False clean site 
StopBadware  False unrated site 
Antiy-AVL  False clean site 
SCUMWARE.org  False clean site 
Comodo Site Inspector    False clean site 
Malekal  False clean site 
ESET False clean site 
SecureBrain  False clean site 
Malware Domain Blocklist    False clean site 
Netcraft  False unrated site 
PalevoTracker  False clean site 
ThreatHive  False clean site 
ParetoLogic  False clean site 
URLQuery  False unrated site 
Sucuri SiteCheck   False clean site 
Wepawet  False unrated site 
Fortinet  False unrated site 

JSON Written to File -- VTDL_411dcdc123537c9dd36ee923231fb9a5.json



If you have any advice/suggest/etc send me a mail :)
Thanks for report missed function

best regards
Reply all
Reply to author
Forward
0 new messages