VirusTotal Command

VT is a script add-in command for Directory Opus, that allows users to scan files using the VirusTotal API.

Key Features:

  • Automated process, including file upload if they do not exist in the database.
  • Comprehensive report presented in an easy-to-use and understand interface.
  • Ability to write reports to disk/clipboard (to be implemented).

:warning: IMPORTANT: READ BEFORE PROCEED

This script is provided "as is" and without warranty of any kind or whatsoever.
It has been made during my spare time and has not been extensively tested, so it is presented as a testing version.
The user assumes full responsibility for its use and understands that the author is not responsible for possible failures or loss of data.
Kind remind that this is a work in progress, so expect bugs.
Any feedback on possible improvements or bugs is welcome.
The program acts solely as an interface for the VirusTotal API. It does not provide one, and how you use it is entirely your responsibility.

Before use

Obviously, first you're going to need an API key.

How to Install

:warning: IMPORTANT: Needs at least DOpus v13.12
Download the file below. Then go to Settings / Scripts (or run Prefs SCRIPTINSTALL) and select the downloaded file.

v0.9a : VTCommand.opusscriptinstall

Options

In the Script Management window, select VT and click in the Edit button.

  • log level : Logging level to be displayed.
    • OFF to show only errors.
    • DEBUG to show all messages.
    • STANDARD to show only the most relevant information.
    • WARNING to show messages that needs your attention.
  • max timeout : Maximum time in seconds to wait for a connection.

Usage

VT supports the following arguments:

Command Arguments

ARGUMENT TYPE VALUE DESCRIPTION
FILE Fullpath of the file to scan
SETKEY /S Open the dialog for set your API key
DELKEY /O Prompt for deleting current saved API key.
quiet Use it to quietly delete it.
REPORT /Ktoclip
html
txt
json
Creates a report to disk in the required format.

The first time you attempt to use the command, if no API key is saved, you will be prompted to enter one to proceed. You can also set it using VT SETKEY.

To scan a file, you can use VT {filepath$}.

Notes / Technical Stuff

  • If a file is not found in the database, you will be asked if you want to upload it for analysis. If you choose to proceed, the command will handle the upload, but it will not retrieve the report since it remains in "idle" status for a certain time with the free API version. In such cases, it's better to open the link in your browser to manually perform the scan (you can use the link at the bottom of the dialog window for this).
  • REPORT is not yet implemented. It only works if used together with toclip or json.
  • Due to free API limitations, only files of 650MB or smaller can be uploaded, and you are limited to 4 requests per minute. (Uploading a file larger than 32MB uses 3–4 requests).

Acknowledgments

VirusTotal

@OpusDevelopers for including so many of my requests, like the HTTPRequest one, which makes this command possible.

Changelog

v0.9a (Dec 22, 2024) : Initial release
VTCommand.opusscriptinstall (9.2 KB)

4 Likes