organization | category | icon_url | brand_color | display_name | short_name | description | og_description | og_image | |
---|---|---|---|---|---|---|---|---|---|
Turbot |
|
/images/plugins/turbot/virustotal.svg |
#394eff |
VirusTotal |
virustotal |
Steampipe plugin to query file, domain, URL and IP scanning results from VirusTotal. |
Query VirusTotal with SQL! Open source CLI. No DB required. |
/images/plugins/turbot/virustotal-social-graphic.png |
VirusTotal is an Internet security, file and URL analyzer.
Steampipe is an open source CLI to instantly query cloud APIs using SQL.
Get VirusTotal scan data for a local file:
select
meaningful_name,
reputation
from
virustotal_file
where
path = '/full/path/to/file'
+----------------------------------+------------+
| meaningful_name | reputation |
+----------------------------------+------------+
| terraform_1.0.1_darwin_amd64.zip | 0 |
+----------------------------------+------------+
Download and install the latest VirusTotal plugin:
steampipe plugin install virustotal
Item | Description |
---|---|
Credentials | VirusTotal requires a free API key for all requests. |
Radius | Each connection represents a single VirusTotal account. |
Installing the latest virustotal plugin will create a config file (~/.steampipe/config/virustotal.spc
) with a single connection named virustotal
:
connection "virustotal" {
plugin = "virustotal"
api_key = "beec40da46647b5e31d5377af470c0c525fd4185fb14ed2d0b38a038718ae3bf"
}
api_key
- Your VirusTotal API key.
- Open source: https://github.com/turbot/steampipe-plugin-virustotal
- Community: Slack Channel