Submits multiple domains to VirusTotal API
Switch branches/tags
Nothing to show
Clone or download
clairmont32 Deleting legacy version that was half broke
Refactored this code into a much more stable and flexible version in Python 3. This version has several flaws and exception points that were fixed in the new version.
Latest commit 6012791 Sep 11, 2018
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.gitignore Initial commit Jul 1, 2015
LICENSE Initial commit Jul 1, 2015
README.md Update README.md Jul 10, 2018
VT_Domain_Scanner_py3.exe EXE format Jul 10, 2018
VT_Domain_Scanner_py3.py Minor changes Jul 10, 2018
VT_Domain_Scanner_py3_CLI_version.py Modifed for more CLI friendly calls. Now prompts for API key, status … Jul 10, 2018

README.md

VT-Domain-Scanner

Takes an input file with domains or IPs on each line and passes them to the VT API then writes the following items to a CSV. IPs that are put through this scanner is effectively doing a HTTP/HTTPS check to see if a direct IP connection is malicious.

  • Most recent scan date/time
  • Sanitized domain
  • Count of non-clean detections
  • Total AV scans
  • Link to scan results

Exe Version

Exe version of the script has been modified for CLI usage. It will still write the same information as the script to a CSV file which is written to the directory where the script is run from.

  • Prompts for API key
  • Status of key (public/private)
  • Filepath to a file

Script Prerequisites

  • Python 3.x+
  • VirusTotal API key
  • requests library

pip install requests

Example usecases

  • Scan list of domains from an investigation
  • PiHole domain nightly scans
  • DNS log domain scans
  • Periodic network traffic scans

Feature requests and bug reports

Please submit feature requests and bug reports through the issues page for this project.