VirusTotal + Steampipe
VirusTotal is an Internet security, file and URL analyzer.
Steampipe is an open source CLI to instantly query cloud APIs using SQL.
Get VirusTotal scan data for a local file:
select meaningful_name, reputationfrom virustotal_filewhere path = '/full/path/to/file'
+----------------------------------+------------+| meaningful_name | reputation |+----------------------------------+------------+| terraform_1.0.1_darwin_amd64.zip | 0 |+----------------------------------+------------+
Documentation
Get started
Install
Download and install the latest VirusTotal plugin:
steampipe plugin install virustotal
Credentials
Item | Description |
---|---|
Credentials | VirusTotal requires a free API key for all requests. |
Radius | Each connection represents a single VirusTotal account. |
Configuration
Installing the latest virustotal plugin will create a config file (~/.steampipe/config/virustotal.spc
) with a single connection named virustotal
:
connection "virustotal" { plugin = "virustotal" api_key = "beec40da46647b5e31d5377af470c0c525fd4185fb14ed2d0b38a038718ae3bf"}
api_key
- Your VirusTotal API key.
Get involved
- Open source: https://github.com/turbot/steampipe-plugin-virustotal
- Community: Slack Channel