virustotal_api 0.3.0 → 0.5.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/ruby.yml +26 -0
- data/.gitignore +1 -0
- data/.rubocop.yml +12 -8
- data/CHANGELOG.md +38 -6
- data/Gemfile +2 -0
- data/README.md +121 -31
- data/Rakefile +2 -1
- data/lib/virustotal_api.rb +8 -5
- data/lib/virustotal_api/analysis.rb +24 -0
- data/lib/virustotal_api/base.rb +41 -10
- data/lib/virustotal_api/domain.rb +24 -0
- data/lib/virustotal_api/exceptions.rb +5 -0
- data/lib/virustotal_api/file.rb +56 -0
- data/lib/virustotal_api/group.rb +26 -0
- data/lib/virustotal_api/ip.rb +24 -0
- data/lib/virustotal_api/uri.rb +3 -1
- data/lib/virustotal_api/url.rb +46 -0
- data/lib/virustotal_api/user.rb +26 -0
- data/lib/virustotal_api/version.rb +3 -1
- data/test/analysis_test.rb +23 -0
- data/test/base_test.rb +14 -25
- data/test/domain_test.rb +32 -0
- data/test/exceptions_test.rb +23 -0
- data/test/file_test.rb +71 -0
- data/test/fixtures/analysis.yml +544 -0
- data/test/fixtures/domain.yml +830 -0
- data/test/fixtures/file_analyse.yml +52 -0
- data/test/fixtures/file_find.yml +853 -0
- data/test/fixtures/file_not_found.yml +52 -0
- data/test/fixtures/file_rate_limit.yml +52 -0
- data/test/fixtures/file_unauthorized.yml +51 -0
- data/test/fixtures/file_upload.yml +54 -0
- data/test/fixtures/group_find.yml +216 -0
- data/test/fixtures/ip.yml +716 -0
- data/test/fixtures/unscanned_url_find.yml +44 -0
- data/test/fixtures/url_analyse.yml +52 -0
- data/test/fixtures/url_find.yml +599 -0
- data/test/fixtures/user_find.yml +213 -0
- data/test/group_test.rb +32 -0
- data/test/{ip_report_test.rb → ip_test.rb} +5 -4
- data/test/test_helper.rb +1 -0
- data/test/uri_test.rb +2 -1
- data/test/url_test.rb +65 -0
- data/test/user_test.rb +31 -0
- data/test/version_test.rb +2 -2
- data/virustotal_api.gemspec +12 -9
- metadata +104 -65
- data/.travis.yml +0 -15
- data/lib/virustotal_api/domain_report.rb +0 -35
- data/lib/virustotal_api/file_report.rb +0 -36
- data/lib/virustotal_api/file_scan.rb +0 -36
- data/lib/virustotal_api/ip_report.rb +0 -35
- data/lib/virustotal_api/url_report.rb +0 -40
- data/test/domain_report_test.rb +0 -31
- data/test/file_report_test.rb +0 -34
- data/test/file_scan_test.rb +0 -29
- data/test/fixtures/domain_report.yml +0 -311
- data/test/fixtures/ip_report.yml +0 -1323
- data/test/fixtures/queue_unscanned_url_report.yml +0 -46
- data/test/fixtures/report.yml +0 -110
- data/test/fixtures/report_not_found.yml +0 -42
- data/test/fixtures/request_forbidden.yml +0 -38
- data/test/fixtures/scan.yml +0 -49
- data/test/fixtures/unscanned_url_report.yml +0 -43
- data/test/fixtures/url_report.yml +0 -95
- data/test/url_report_test.rb +0 -56
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 1bed8beb641ac85649be4628d37065079d3f2c881499a67065200eeba57f2176
|
4
|
+
data.tar.gz: a55ce4ed4bdc573607389e20578efd53f10d7ab1597b3deb05644571dac752c6
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 13c8674a48591fd1c063a4d76040555aeace01a19981feb558241ff1843984f2e8052c6169bec8a1ec4f63519e14bf9b3a109fcf7f8fc667d8a1e0cbfe7f99aa
|
7
|
+
data.tar.gz: b64cfe0bfa5fa79927d22d591534f2b7db2b3ca7f572e8360b0423c3de5def7948f3264381e001596c095c66ec04187fe5fddf1d4148ad21bcf66a08eaf981ac
|
@@ -0,0 +1,26 @@
|
|
1
|
+
name: Ruby
|
2
|
+
|
3
|
+
on:
|
4
|
+
push:
|
5
|
+
branches: [ master ]
|
6
|
+
pull_request:
|
7
|
+
branches: [ master ]
|
8
|
+
|
9
|
+
jobs:
|
10
|
+
Test:
|
11
|
+
runs-on: ubuntu-latest
|
12
|
+
|
13
|
+
steps:
|
14
|
+
- uses: actions/checkout@v2
|
15
|
+
- name: Set up Ruby
|
16
|
+
# To automatically get bug fixes and new Ruby versions for ruby/setup-ruby,
|
17
|
+
# change this to (see https://github.com/ruby/setup-ruby#versioning):
|
18
|
+
uses: ruby/setup-ruby@v1.46.0
|
19
|
+
with:
|
20
|
+
ruby-version: 2.5
|
21
|
+
- name: Install dependencies
|
22
|
+
run: bundle install
|
23
|
+
- name: Lint
|
24
|
+
run: bundle exec rake rubocop
|
25
|
+
- name: Run tests
|
26
|
+
run: bundle exec rake
|
data/.gitignore
CHANGED
data/.rubocop.yml
CHANGED
@@ -1,18 +1,16 @@
|
|
1
1
|
# This is the configuration used to check the rubocop source code.
|
2
2
|
|
3
3
|
AllCops:
|
4
|
+
NewCops: enable
|
4
5
|
Exclude:
|
5
6
|
- 'test/fixtures/*'
|
6
7
|
|
7
8
|
Style/StringLiterals:
|
8
9
|
Enabled: true
|
9
10
|
|
10
|
-
Style/
|
11
|
+
Style/RedundantPercentQ:
|
11
12
|
Enabled: true
|
12
13
|
|
13
|
-
Style/HashSyntax:
|
14
|
-
EnforcedStyle: hash_rockets
|
15
|
-
|
16
14
|
# Disabled Checks
|
17
15
|
Style/Documentation:
|
18
16
|
Enabled: false
|
@@ -23,13 +21,19 @@ Style/PercentLiteralDelimiters:
|
|
23
21
|
Style/RegexpLiteral:
|
24
22
|
Enabled: false
|
25
23
|
|
26
|
-
Style/BracesAroundHashParameters:
|
27
|
-
Enabled: false
|
28
|
-
|
29
24
|
Lint/MissingCopEnableDirective:
|
30
25
|
Exclude:
|
31
26
|
- 'test/base_test.rb'
|
32
27
|
|
33
|
-
Naming/
|
28
|
+
Naming/MethodParameterName:
|
34
29
|
Exclude:
|
35
30
|
- 'lib/virustotal_api/ip_report.rb'
|
31
|
+
|
32
|
+
Layout/LineLength:
|
33
|
+
Enabled: false
|
34
|
+
|
35
|
+
Metrics/MethodLength:
|
36
|
+
Enabled: false
|
37
|
+
|
38
|
+
Gemspec/RequiredRubyVersion:
|
39
|
+
Enabled: false
|
data/CHANGELOG.md
CHANGED
@@ -1,15 +1,47 @@
|
|
1
1
|
# VirusTotal API Changelog
|
2
2
|
|
3
|
-
## 0.
|
3
|
+
## [0.5.2] - 2020-10-06
|
4
4
|
|
5
|
-
*
|
5
|
+
* Fix Fix exists? check
|
6
|
+
* Fix detected_by for File
|
7
|
+
* Fix RateLimitError
|
8
|
+
* Added User and Group API
|
9
|
+
* [@jonnynux](https://github.com/jonnynux)
|
10
|
+
|
11
|
+
## [0.5.1] - 2020-10-06
|
12
|
+
|
13
|
+
* Downgrade ruby requirement to 2.5.
|
14
|
+
* [@crondaemon](https://github.com/crondaemon)
|
15
|
+
|
16
|
+
## [0.5.0] - 2020-09-02
|
17
|
+
|
18
|
+
* Full rework to support API V3 [#30](https://github.com/pwelch/virustotal_api/pull/30)
|
19
|
+
* [@crondaemon](https://github.com/crondaemon) & [@jonnynux](https://github.com/jonnynux)
|
20
|
+
* Move to Ruby 2.6 for minimum Ruby version
|
21
|
+
|
22
|
+
## [0.4.1] - 2019-09-04
|
23
|
+
|
24
|
+
* Fixed Reponse Parsing
|
25
|
+
* [@jonnynux](https://github.com/jonnynux)
|
26
|
+
|
27
|
+
## [0.4.0] - 2019-07-23
|
28
|
+
|
29
|
+
* Added ReScan [#15](https://github.com/pwelch/virustotal_api/pull/15)
|
30
|
+
* Added URL Scan [#16](https://github.com/pwelch/virustotal_api/pull/16)
|
31
|
+
* [@jonnynux](https://github.com/jonnynux)
|
32
|
+
|
33
|
+
## [0.3.0] - 2018-03-31
|
34
|
+
|
35
|
+
* Added optional scan param for url report API [#5](https://github.com/pwelch/virustotal_api/pull/5)
|
6
36
|
* [@mkunkel ](https://github.com/mkunkel)
|
7
37
|
|
8
|
-
## 0.2.0
|
38
|
+
## [0.2.0] - 2015-12-19
|
9
39
|
|
10
|
-
* Check if the respone is 204 [#2](https://github.com/pwelch/virustotal_api/pull/2)
|
11
|
-
*
|
40
|
+
* Added Check if the respone is 204 [#2](https://github.com/pwelch/virustotal_api/pull/2)
|
41
|
+
* [@postmodern](https://github.com/postmodern)
|
12
42
|
|
13
|
-
## 0.1.0
|
43
|
+
## [0.1.0] - 2014-12-26
|
14
44
|
|
15
45
|
* First Release
|
46
|
+
|
47
|
+
https://keepachangelog.com
|
data/Gemfile
CHANGED
data/README.md
CHANGED
@@ -1,9 +1,11 @@
|
|
1
1
|
# VirustotalAPI
|
2
2
|
|
3
|
-
Ruby Gem for [VirusTotal](https://www.virustotal.com) [
|
3
|
+
Ruby Gem for [VirusTotal](https://www.virustotal.com) [V3 API](https://developers.virustotal.com/v3.0/reference).
|
4
|
+
If you want the version 2, check out the gem versions up to [0.4.0](https://github.com/crondaemon/virustotal_api/tree/v0.4.0).
|
5
|
+
|
6
|
+
![Ruby](https://github.com/pwelch/virustotal_api/workflows/Ruby/badge.svg)
|
4
7
|
|
5
8
|
[![Gem Version](https://badge.fury.io/rb/virustotal_api.svg)](http://badge.fury.io/rb/virustotal_api)
|
6
|
-
[![Build Status](https://secure.travis-ci.org/pwelch/virustotal_api.svg)](http://travis-ci.org/pwelch/virustotal_api)
|
7
9
|
|
8
10
|
## Installation
|
9
11
|
|
@@ -27,7 +29,7 @@ VirusTotal only allows 4 queries per minute for their Public API. https://www.vi
|
|
27
29
|
|
28
30
|
You will need a Private API Key if you require more queries per minute.
|
29
31
|
|
30
|
-
### File
|
32
|
+
### File Find
|
31
33
|
|
32
34
|
```ruby
|
33
35
|
require 'virustotal_api'
|
@@ -35,7 +37,7 @@ require 'virustotal_api'
|
|
35
37
|
sha256 = '01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b'
|
36
38
|
api_key = 'MY_API_KEY'
|
37
39
|
|
38
|
-
vtreport = VirustotalAPI::
|
40
|
+
vtreport = VirustotalAPI::File.find(sha256, api_key)
|
39
41
|
|
40
42
|
# Does the resource have any results?
|
41
43
|
vtreport.exists?
|
@@ -43,14 +45,19 @@ vtreport.exists?
|
|
43
45
|
|
44
46
|
# URL for File Report (if it exists)
|
45
47
|
vtreport.report_url
|
46
|
-
# => "https://www.virustotal.com/
|
48
|
+
# => "https://www.virustotal.com/api/v3/files/01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b"
|
47
49
|
|
48
50
|
# Report results (if they exist) are available via #report
|
49
|
-
vtreport.report[
|
50
|
-
# => {"
|
51
|
+
vtreport.report['data']['attributes']['last_analysis_results']['ClamAV']
|
52
|
+
# => {"category"=>"undetected", "engine_name"=>"ClamAV", "engine_update"=>"20200826",
|
53
|
+
# "engine_version"=>"0.102.4.0", "method"=>"blacklist", "result"=>nil}
|
54
|
+
|
55
|
+
# Check whether an Antivirus detected this sample or not
|
56
|
+
vtreport.detected_by('ClamAV')
|
57
|
+
# => false
|
51
58
|
```
|
52
59
|
|
53
|
-
### File
|
60
|
+
### File Upload
|
54
61
|
|
55
62
|
```ruby
|
56
63
|
require 'virustotal_api'
|
@@ -58,28 +65,43 @@ require 'virustotal_api'
|
|
58
65
|
file = '/path/to/file'
|
59
66
|
api_key = 'MY_API_KEY'
|
60
67
|
|
61
|
-
vtscan = VirustotalAPI::
|
68
|
+
vtscan = VirustotalAPI::File.upload(file, api_key)
|
62
69
|
|
63
|
-
#
|
64
|
-
vtscan.
|
70
|
+
# Virustotal ID of file
|
71
|
+
vtscan.id
|
65
72
|
# => "01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b-1419454668"
|
66
73
|
|
67
74
|
# Response results are available via #response
|
68
|
-
|
75
|
+
vtscan.report
|
76
|
+
# =>
|
77
|
+
{"data"=>
|
78
|
+
{"id"=>"MTkxNDBmMjU4ZGY1OGZiYzZjNmU2ODcyMWNhYjhkZTM6MTU5ODUzMTE5OQ==",
|
79
|
+
"type"=>"analysis"}}
|
80
|
+
```
|
81
|
+
|
82
|
+
### File Analyse
|
83
|
+
|
84
|
+
```ruby
|
85
|
+
require 'virustotal_api'
|
86
|
+
|
87
|
+
sha256 = '01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b'
|
88
|
+
api_key = 'MY_API_KEY'
|
89
|
+
|
90
|
+
vtrescan = VirustotalAPI::File.analyse(sha256, api_key)
|
91
|
+
|
92
|
+
# Virustotal ID of file
|
93
|
+
vtrescan.id
|
94
|
+
# => "MTkxNDBmMjU4ZGY1OGZiYzZjNmU2ODcyMWNhYjhkZTM6MTU5ODUzMTE5OQ=="
|
95
|
+
|
96
|
+
# Response results are available via #response
|
97
|
+
vtrescan.report
|
69
98
|
# =>
|
70
|
-
{
|
71
|
-
"
|
72
|
-
|
73
|
-
"resource"=>"01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b",
|
74
|
-
"response_code"=>1,
|
75
|
-
"sha256"=>"01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b",
|
76
|
-
"permalink"=>"https://www.virustotal.com/file/01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b/analysis/1419454668/",
|
77
|
-
"md5"=>"68b329da9893e34099c7d8ad5cb9c940",
|
78
|
-
"verbose_msg"=>"Scan request successfully queued, come back later for the report"
|
79
|
-
}
|
99
|
+
{"data"=>
|
100
|
+
{"id"=>"MTkxNDBmMjU4ZGY1OGZiYzZjNmU2ODcyMWNhYjhkZTM6MTU5ODUzMTE5OQ==",
|
101
|
+
"type"=>"analysis"}}
|
80
102
|
```
|
81
103
|
|
82
|
-
### URL
|
104
|
+
### URL find
|
83
105
|
|
84
106
|
```ruby
|
85
107
|
require 'virustotal_api'
|
@@ -87,7 +109,7 @@ require 'virustotal_api'
|
|
87
109
|
url = 'http://www.google.com'
|
88
110
|
api_key = 'MY_API_KEY'
|
89
111
|
|
90
|
-
vturl_report = VirustotalAPI::
|
112
|
+
vturl_report = VirustotalAPI::URL.find(url, api_key)
|
91
113
|
|
92
114
|
# Does the resource have any results?
|
93
115
|
vturl_report.exists?
|
@@ -95,14 +117,37 @@ vturl_report.exists?
|
|
95
117
|
|
96
118
|
# URL for Report (if it exists)
|
97
119
|
vturl_report.report_url
|
98
|
-
# => "https://www.virustotal.com/
|
120
|
+
# => "https://www.virustotal.com/api/v3/urls/dd014af5ed6b38d9130e3f466f850e46d21b951199d53a18ef29ee9341614eaf/"
|
99
121
|
|
100
122
|
# Report results (if they exist) are available via #report
|
101
|
-
vturl_report.report[
|
102
|
-
# => {"
|
123
|
+
vturl_report.report['data']['attributes']['last_analysis_results']['Avira']
|
124
|
+
# => {"category"=>"harmless", "engine_name"=>"Avira", "method"=>"blacklist", "result"=>"clean"}
|
103
125
|
```
|
104
126
|
|
105
|
-
###
|
127
|
+
### URL Upload
|
128
|
+
|
129
|
+
```ruby
|
130
|
+
require 'virustotal_api'
|
131
|
+
|
132
|
+
url = 'http://www.google.com'
|
133
|
+
api_key = 'MY_API_KEY'
|
134
|
+
|
135
|
+
vturl_scan = VirustotalAPI::URL.upload(url, api_key)
|
136
|
+
|
137
|
+
# Virustotal ID of file
|
138
|
+
vturl_scan.id
|
139
|
+
# => "u-dd014af5ed6b38d9130e3f466f850e46d21b951199d53a18ef29ee9341614eaf-1598531929"
|
140
|
+
|
141
|
+
# Response results are available via #response
|
142
|
+
vturl_scan.report
|
143
|
+
# =>
|
144
|
+
{"data"=>
|
145
|
+
{"id"=>
|
146
|
+
"u-dd014af5ed6b38d9130e3f466f850e46d21b951199d53a18ef29ee9341614eaf-1598531929",
|
147
|
+
"type"=>"analysis"}}
|
148
|
+
```
|
149
|
+
|
150
|
+
### IP Find
|
106
151
|
|
107
152
|
```ruby
|
108
153
|
require 'virustotal_api'
|
@@ -110,7 +155,7 @@ require 'virustotal_api'
|
|
110
155
|
ip = '8.8.8.8'
|
111
156
|
api_key = 'MY_API_KEY'
|
112
157
|
|
113
|
-
vtip_report = VirustotalAPI::
|
158
|
+
vtip_report = VirustotalAPI::IP.find(ip, api_key)
|
114
159
|
|
115
160
|
# Does the resource have any results?
|
116
161
|
vtip_report.exists?
|
@@ -121,7 +166,7 @@ vtip_report.report
|
|
121
166
|
# => Hash of report results
|
122
167
|
```
|
123
168
|
|
124
|
-
### Domain
|
169
|
+
### Domain Find
|
125
170
|
|
126
171
|
```ruby
|
127
172
|
require 'virustotal_api'
|
@@ -129,7 +174,7 @@ require 'virustotal_api'
|
|
129
174
|
domain = 'virustotal.com'
|
130
175
|
api_key = 'MY_API_KEY'
|
131
176
|
|
132
|
-
vtdomain_report = VirustotalAPI::
|
177
|
+
vtdomain_report = VirustotalAPI::Domain.find(domain, api_key)
|
133
178
|
|
134
179
|
# Does the resource have any results?
|
135
180
|
vtdomain_report.exists?
|
@@ -140,6 +185,51 @@ vtdomain_report.report
|
|
140
185
|
# => Hash of report results
|
141
186
|
```
|
142
187
|
|
188
|
+
### User Find
|
189
|
+
|
190
|
+
```ruby
|
191
|
+
require 'virustotal_api'
|
192
|
+
|
193
|
+
user_key = 'user_key' # user_id or api_key
|
194
|
+
api_key = 'MY_API_KEY'
|
195
|
+
|
196
|
+
vtuser_report = VirustotalAPI::User.find(user_key, api_key)
|
197
|
+
|
198
|
+
# Does the resource have any results?
|
199
|
+
vtuser_report.exists?
|
200
|
+
# => true
|
201
|
+
|
202
|
+
# Report results (if they exist) are available via #report
|
203
|
+
vtuser_report.report
|
204
|
+
# => Hash of report results
|
205
|
+
```
|
206
|
+
|
207
|
+
### Group Find
|
208
|
+
|
209
|
+
```ruby
|
210
|
+
require 'virustotal_api'
|
211
|
+
|
212
|
+
group_id = 'GROUP_id'
|
213
|
+
api_key = 'MY_API_KEY'
|
214
|
+
|
215
|
+
vtgroup_report = VirustotalAPI::Group.find(group_id, api_key)
|
216
|
+
|
217
|
+
# Does the resource have any results?
|
218
|
+
vtgroup_report.exists?
|
219
|
+
# => true
|
220
|
+
|
221
|
+
# Report results (if they exist) are available via #report
|
222
|
+
vtgroup_report.report
|
223
|
+
# => Hash of report results
|
224
|
+
```
|
225
|
+
|
226
|
+
## Contributors
|
227
|
+
|
228
|
+
- [@postmodern](https://github.com/postmodern)
|
229
|
+
- [@mkunkel](https://github.com/mkunkel)
|
230
|
+
- [@jonnynux](https://github.com/jonnynux)
|
231
|
+
- [@crondaemon](https://github.com/crondaemon/)
|
232
|
+
|
143
233
|
## Contributing
|
144
234
|
|
145
235
|
1. Fork it ( https://github.com/pwelch/virustotal_api/fork )
|
data/Rakefile
CHANGED
data/lib/virustotal_api.rb
CHANGED
@@ -1,8 +1,11 @@
|
|
1
|
+
# frozen_string_literal: true
|
1
2
|
|
2
|
-
require 'virustotal_api/
|
3
|
-
require 'virustotal_api/
|
4
|
-
require 'virustotal_api/
|
5
|
-
require 'virustotal_api/
|
6
|
-
require 'virustotal_api/
|
3
|
+
require 'virustotal_api/analysis'
|
4
|
+
require 'virustotal_api/domain'
|
5
|
+
require 'virustotal_api/file'
|
6
|
+
require 'virustotal_api/group'
|
7
|
+
require 'virustotal_api/ip'
|
8
|
+
require 'virustotal_api/url'
|
7
9
|
require 'virustotal_api/uri'
|
10
|
+
require 'virustotal_api/user'
|
8
11
|
require 'virustotal_api/version'
|
@@ -0,0 +1,24 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require_relative 'base'
|
4
|
+
|
5
|
+
module VirustotalAPI
|
6
|
+
# A class for '/analyses' API
|
7
|
+
class Analysis < Base
|
8
|
+
attr_reader :report
|
9
|
+
|
10
|
+
# rubocop:disable Lint/MissingSuper
|
11
|
+
def initialize(report)
|
12
|
+
@report = report
|
13
|
+
end
|
14
|
+
|
15
|
+
# @param [String] id The Virustotal ID to get the report for.
|
16
|
+
# @param [String] api_key The key for virustotal
|
17
|
+
# @return [VirustotalAPI::IP] Report
|
18
|
+
def self.find(id, api_key)
|
19
|
+
report = perform("/analyses/#{id}", api_key)
|
20
|
+
new(report)
|
21
|
+
end
|
22
|
+
end
|
23
|
+
end
|
24
|
+
# rubocop:enable Lint/MissingSuper
|
data/lib/virustotal_api/base.rb
CHANGED
@@ -1,22 +1,50 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'virustotal_api/exceptions'
|
2
4
|
require 'rest-client'
|
3
5
|
require 'json'
|
6
|
+
require 'base64'
|
4
7
|
|
8
|
+
# The base VirustotalAPI module.
|
5
9
|
module VirustotalAPI
|
10
|
+
# The base class implementing the raw calls to Virustotal API V3.
|
6
11
|
class Base
|
12
|
+
attr_reader :report
|
13
|
+
|
14
|
+
def initialize(report)
|
15
|
+
@report = report
|
16
|
+
end
|
17
|
+
|
7
18
|
# @return [String] string of API URI class method
|
8
19
|
def self.api_uri
|
9
20
|
VirustotalAPI::URI
|
10
21
|
end
|
11
22
|
|
12
|
-
#
|
13
|
-
#
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
23
|
+
# The actual method performing a call to Virustotal
|
24
|
+
#
|
25
|
+
# @param [String] url The url of the API
|
26
|
+
# @param [String] api_key The key for virustotal
|
27
|
+
# @param [String] method The HTTP method to use
|
28
|
+
# @param [Hash] options Options to pass as payload
|
29
|
+
# @return [VirustotalAPI::Domain] Report Search Result
|
30
|
+
def self.perform(url, api_key, method = :get, options = {})
|
31
|
+
response = RestClient::Request.execute(
|
32
|
+
method: method,
|
33
|
+
url: api_uri + url,
|
34
|
+
headers: { 'x-apikey': api_key },
|
35
|
+
payload: options
|
36
|
+
)
|
19
37
|
JSON.parse(response.body)
|
38
|
+
rescue RestClient::NotFound
|
39
|
+
{}
|
40
|
+
rescue RestClient::Unauthorized
|
41
|
+
# Raise a custom exception not to expose the underlying
|
42
|
+
# HTTP client.
|
43
|
+
raise VirustotalAPI::Unauthorized
|
44
|
+
rescue RestClient::TooManyRequests
|
45
|
+
# Raise a custom exception not to expose the underlying
|
46
|
+
# HTTP client.
|
47
|
+
raise VirustotalAPI::RateLimitError
|
20
48
|
end
|
21
49
|
|
22
50
|
# @return [String] string of API URI instance method
|
@@ -25,11 +53,14 @@ module VirustotalAPI
|
|
25
53
|
end
|
26
54
|
|
27
55
|
# @return [Boolean] if report for resource exists
|
28
|
-
# 0 => not_present, 1 => exists, -1 => invalid_ip_address
|
29
56
|
def exists?
|
30
|
-
|
57
|
+
!report.empty?
|
58
|
+
end
|
31
59
|
|
32
|
-
|
60
|
+
# Generate a URL identifier.
|
61
|
+
# @see https://developers.virustotal.com/v3.0/reference#url
|
62
|
+
def self.url_identifier(url)
|
63
|
+
Base64.encode64(url).strip.gsub('=', '')
|
33
64
|
end
|
34
65
|
end
|
35
66
|
end
|