Good evening everyone. This is IRISnoir from Hackingarise. Bringing to you another tutorial. This time about viruses and VirusTotal, a virus database scanner. Sit back and keep reading.
Now, viruses are something that all of us are familiar with. We use the word when something unusual happens to our machine. But in this case, the appropriate word to use is “malware”. Now, we’ve heard of anti-viruses. They can be for either Windows or Linux or even both.
There is an online file and URL scanner: VirusTotal. This is the GUI version. Just submit a file and it will query all it’s databases for matching threat rules.
The first thing is to sign up to it. Then receive your API key. Why? I will explain later. How to do it?
The GUI is cool. But what if I told you that there is a CLI version. You can find it on your Linux terminal. Install it with:
apt install virustotal-cli
Install it. Then you will need your API key ready. Use this command to save the key to your system:
Now copy the key and paste it. You’re done.
This is just the public API key. To get the premium key, just go the the API key section again and click “Request premium key”. Premium keys will enable you to do all sorts of feature while the public ones is limited. Some of the locked features will display an error message: (Error: You are not authorized to perform the requested operation) if you request them without a premium key.
You can now scan files or even URLs to search for malice. Is that not cool?
By the way, you will need openssl-tool to digest files into hashes. That way, you can analyze files as VirusTotal needs them in hash format. You also need internet connection as it queries online databases after all.
I have covered what I needed to cover. I hope that you enjoy this tutorial and find it useful. If you do, don’t forget to share it around. And never forget: Stay safe, stay ethical.