-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathVT_file_search.py
44 lines (36 loc) · 1006 Bytes
/
VT_file_search.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
#!/usr/bin/python
import sys
import time
import urllib2
import urllib
import json
VIRUSTOTAL_API2_KEY = ''
VIRUSTOTAL_REPORT_URL = "https://www.virustotal.com/vtapi/v2/file/report"
hash_list = []
counter = 0
in_file = open(sys.argv[1],'r')
for line in in_file:
hash_list.append(line)
in_file.close
for searchTerm in hash_list:
counter = counter + 1
webForms = {'resource':searchTerm,'apikey':VIRUSTOTAL_API2_KEY}
req = urllib2.Request(VIRUSTOTAL_REPORT_URL,urllib.urlencode(webForms))
hRequest = urllib2.urlopen(req, timeout=15)
data = hRequest.read()
data = json.loads(data)
try:
pos = data['positives']
total = data['total']
url = data['permalink']
comment = data['verbose_msg']
hash = data['md5']
date = data['scan_date']
result = "%s / %s" % (pos,total)
print hash + ',' + result + ',' + date + ',' + url + ',' + comment
time.sleep(1)
except:
print data['resource'] + " is not indexed on virustotal"
time.sleep(1)
if (counter % 4) == 0:
time.sleep(15)