turbot/virustotal

GitHub
steampipe plugin install virustotalsteampipe plugin install virustotal

VirusTotal + Steampipe

VirusTotal is an Internet security, file and URL analyzer.

Steampipe is an open source CLI to instantly query cloud APIs using SQL.

Get VirusTotal scan data for a local file:

select
meaningful_name,
reputation
from
virustotal_file
where
path = '/full/path/to/file'
+----------------------------------+------------+
| meaningful_name | reputation |
+----------------------------------+------------+
| terraform_1.0.1_darwin_amd64.zip | 0 |
+----------------------------------+------------+

Documentation

Get started

Install

Download and install the latest VirusTotal plugin:

steampipe plugin install virustotal

Credentials

ItemDescription
CredentialsVirusTotal requires a free API key for all requests.
RadiusEach connection represents a single VirusTotal account.

Configuration

Installing the latest virustotal plugin will create a config file (~/.steampipe/config/virustotal.spc) with a single connection named virustotal:

connection "virustotal" {
plugin = "virustotal"
api_key = "beec40da46647b5e31d5377af470c0c525fd4185fb14ed2d0b38a038718ae3bf"
}
  • api_key - Your VirusTotal API key.

Get involved