RubyGems - virustotal_api - Versions diffs - 0.4.0 → 0.5.3 - Mend

virustotal_api 0.4.0 → 0.5.3

Files changed (70) hide show

checksums.yaml +4 -4
data/.github/workflows/ruby.yml +26 -0
data/.gitignore +1 -0
data/.rubocop.yml +12 -5
data/CHANGELOG.md +35 -9
data/README.md +97 -59
data/lib/virustotal_api.rb +7 -7
data/lib/virustotal_api/analysis.rb +16 -0
data/lib/virustotal_api/base.rb +41 -10
data/lib/virustotal_api/domain.rb +18 -0
data/lib/virustotal_api/exceptions.rb +3 -0
data/lib/virustotal_api/file.rb +48 -0
data/lib/virustotal_api/group.rb +18 -0
data/lib/virustotal_api/ip.rb +18 -0
data/lib/virustotal_api/uri.rb +2 -1
data/lib/virustotal_api/url.rb +38 -0
data/lib/virustotal_api/user.rb +18 -0
data/lib/virustotal_api/version.rb +2 -1
data/test/analysis_test.rb +26 -0
data/test/base_test.rb +13 -25
data/test/domain_test.rb +27 -0
data/test/exceptions_test.rb +22 -0
data/test/file_test.rb +63 -0
data/test/fixtures/analysis.yml +544 -0
data/test/fixtures/domain.yml +830 -0
data/test/fixtures/file_analyse.yml +52 -0
data/test/fixtures/file_find.yml +853 -0
data/test/fixtures/file_not_found.yml +52 -0
data/test/fixtures/file_rate_limit.yml +52 -0
data/test/fixtures/file_unauthorized.yml +51 -0
data/test/fixtures/file_upload.yml +54 -0
data/test/fixtures/group_find.yml +216 -0
data/test/fixtures/ip.yml +716 -0
data/test/fixtures/unscanned_url_find.yml +44 -0
data/test/fixtures/url_analyse.yml +52 -0
data/test/fixtures/url_find.yml +599 -0
data/test/fixtures/user_find.yml +213 -0
data/test/group_test.rb +27 -0
data/test/{ip_report_test.rb → ip_test.rb} +6 -4
data/test/uri_test.rb +1 -1
data/test/url_test.rb +47 -0
data/test/user_test.rb +26 -0
data/test/version_test.rb +1 -2
data/virustotal_api.gemspec +10 -8
metadata +99 -69
data/.circleci/config.yml +0 -19
data/lib/virustotal_api/domain_report.rb +0 -36
data/lib/virustotal_api/file_report.rb +0 -37
data/lib/virustotal_api/file_rescan.rb +0 -35
data/lib/virustotal_api/file_scan.rb +0 -37
data/lib/virustotal_api/ip_report.rb +0 -36
data/lib/virustotal_api/url_report.rb +0 -41
data/lib/virustotal_api/url_scan.rb +0 -35
data/test/domain_report_test.rb +0 -32
data/test/file_report_test.rb +0 -36
data/test/file_rescan_test.rb +0 -32
data/test/file_scan_test.rb +0 -30
data/test/fixtures/domain_report.yml +0 -311
data/test/fixtures/ip_report.yml +0 -1323
data/test/fixtures/queue_unscanned_url_report.yml +0 -46
data/test/fixtures/report.yml +0 -110
data/test/fixtures/report_not_found.yml +0 -42
data/test/fixtures/request_forbidden.yml +0 -38
data/test/fixtures/rescan.yml +0 -47
data/test/fixtures/scan.yml +0 -49
data/test/fixtures/unscanned_url_report.yml +0 -43
data/test/fixtures/url_report.yml +0 -95
data/test/fixtures/url_scan.yml +0 -48
data/test/url_report_test.rb +0 -57
data/test/url_scan_test.rb +0 -30

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d5cb4002cc7336dab43ad9cad54f42f646428c80b80bdd9c21c54d16dfa971a4
-  data.tar.gz: 2e4091e0944e2ae0e4038574964035690e43eaf5aab0f69e26cb51ce1f6d36aa
+  metadata.gz: 549e10acf953216ded9295c21129e76fc737bd63f29703af799499c6feed2c6e
+  data.tar.gz: d20c12d67d748d329e3b0e340a4857115d516d942af5e3a282bb72e80a90e373
 SHA512:
-  metadata.gz: 3635ade214ad1a803a85a7169c84eedc085a5793bc3973aebe73e30f9f7b54cb4f6d46b79d66403441f02729f9f74ea52b70e147cdcee4a1181539c8a393a47d
-  data.tar.gz: 27ae5dffc0d0fbbaa379b9dd96daab5a4fe513c406a5234d4d481bcd25016084c2a589e3fa01ad0792d2ee2eda71d9e5884144b9198bb305e5c80f5e6a22c3cf
+  metadata.gz: 394ad7a9dbf0f4c59d7e286acd57974e042427f0f4c82d1c652195b0dca4d17a0eeed28cd82946da2a072679a824060bacf184c741ecd0578e383386295c328d
+  data.tar.gz: 0f9b0e2bc76a11d1b496ac1b0fb266875ed36cbfb51b27396396b555c3e47d5e411073e8bef956e1e44d08ec395e1165a45df8e525b24af6a0ae915d2c9c1b79

data/.github/workflows/ruby.yml ADDED

@@ -0,0 +1,26 @@
+name: Ruby
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    branches: [ master ]
+jobs:
+  Test:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v2
+    - name: Set up Ruby
+    # To automatically get bug fixes and new Ruby versions for ruby/setup-ruby,
+    # change this to (see https://github.com/ruby/setup-ruby#versioning):
+      uses: ruby/setup-ruby@v1.46.0
+      with:
+        ruby-version: 2.5
+    - name: Install dependencies
+      run: bundle install
+    - name: Lint
+      run: bundle exec rake rubocop
+    - name: Run tests
+      run: bundle exec rake

data/.gitignore CHANGED

@@ -12,3 +12,4 @@
 *.o
 *.a
 mkmf.log
+.rake_tasks~

data/.rubocop.yml CHANGED

@@ -1,13 +1,14 @@
 # This is the configuration used to check the rubocop source code.
 AllCops:
+  NewCops: enable
   Exclude:
     - 'test/fixtures/*'
 Style/StringLiterals:
   Enabled: true
-Style/UnneededPercentQ:
+Style/RedundantPercentQ:
   Enabled: true
 # Disabled Checks
@@ -20,13 +21,19 @@ Style/PercentLiteralDelimiters:
 Style/RegexpLiteral:
   Enabled: false
-Style/BracesAroundHashParameters:
-  Enabled: false
 Lint/MissingCopEnableDirective:
   Exclude:
     - 'test/base_test.rb'
-Naming/UncommunicativeMethodParamName:
+Naming/MethodParameterName:
   Exclude:
     - 'lib/virustotal_api/ip_report.rb'
+Layout/LineLength:
+  Enabled: false
+Metrics/MethodLength:
+  Enabled: false
+Gemspec/RequiredRubyVersion:
+  Enabled: false

data/CHANGELOG.md CHANGED

@@ -1,21 +1,47 @@
 # VirusTotal API Changelog
-## 0.4.0
+## [0.5.2] - 2020-10-06
-* Add ReScan [#15](https://github.com/pwelch/virustotal_api/pull/15)
-* Add URL Scan [#16](https://github.com/pwelch/virustotal_api/pull/16)
+* Fix Fix exists? check
+* Fix detected_by for File
+* Fix RateLimitError
+* Added User and Group API
+  * [@jonnynux](https://github.com/jonnynux)
+## [0.5.1] - 2020-10-06
+* Downgrade ruby requirement to 2.5.
+  * [@crondaemon](https://github.com/crondaemon)
+## [0.5.0] - 2020-09-02
+* Full rework to support API V3 [#30](https://github.com/pwelch/virustotal_api/pull/30)
+  * [@crondaemon](https://github.com/crondaemon) & [@jonnynux](https://github.com/jonnynux)
+* Move to Ruby 2.6 for minimum Ruby version
+## [0.4.1] - 2019-09-04
+* Fixed Reponse Parsing
+  * [@jonnynux](https://github.com/jonnynux)
+## [0.4.0] - 2019-07-23
+* Added ReScan [#15](https://github.com/pwelch/virustotal_api/pull/15)
+* Added URL Scan [#16](https://github.com/pwelch/virustotal_api/pull/16)
   * [@jonnynux](https://github.com/jonnynux)
-## 0.3.0
+## [0.3.0] - 2018-03-31
-* Add optional scan param for url report API [#5](https://github.com/pwelch/virustotal_api/pull/5)
+* Added optional scan param for url report API [#5](https://github.com/pwelch/virustotal_api/pull/5)
   * [@mkunkel ](https://github.com/mkunkel)
-## 0.2.0
+## [0.2.0] - 2015-12-19
-* Check if the respone is 204 [#2](https://github.com/pwelch/virustotal_api/pull/2)
-  * Check if the respone is 204 (No Content) and raise an exception. [@postmodern](https://github.com/postmodern)
+* Added Check if the respone is 204 [#2](https://github.com/pwelch/virustotal_api/pull/2)
+  * [@postmodern](https://github.com/postmodern)
-## 0.1.0
+## [0.1.0] - 2014-12-26
 * First Release
+https://keepachangelog.com

data/README.md CHANGED

@@ -1,9 +1,11 @@
 # VirustotalAPI
-Ruby Gem for [VirusTotal](https://www.virustotal.com) [V2 API](https://www.virustotal.com/en/documentation/public-api/)
+Ruby Gem for [VirusTotal](https://www.virustotal.com) [V3 API](https://developers.virustotal.com/v3.0/reference).
+If you want the version 2, check out the gem versions up to [0.4.0](https://github.com/crondaemon/virustotal_api/tree/v0.4.0).
+![Ruby](https://github.com/pwelch/virustotal_api/workflows/Ruby/badge.svg)
 [![Gem Version](https://badge.fury.io/rb/virustotal_api.svg)](http://badge.fury.io/rb/virustotal_api)
-[![CircleCI](https://circleci.com/gh/pwelch/virustotal_api.svg?style=svg)](https://circleci.com/gh/pwelch/virustotal_api)
 ## Installation
@@ -27,7 +29,7 @@ VirusTotal only allows 4 queries per minute for their Public API. https://www.vi
 You will need a Private API Key if you require more queries per minute.
-### File Report
+### File Find
 ```ruby
 require 'virustotal_api'
@@ -35,7 +37,7 @@ require 'virustotal_api'
 sha256  = '01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b'
 api_key = 'MY_API_KEY'
-vtreport = VirustotalAPI::FileReport.find(sha256, api_key)
+vtreport = VirustotalAPI::File.find(sha256, api_key)
 # Does the resource have any results?
 vtreport.exists?
@@ -43,14 +45,19 @@ vtreport.exists?
 # URL for File Report (if it exists)
 vtreport.report_url
-# => "https://www.virustotal.com/file/01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b/analysis/1418032127/"
+# => "https://www.virustotal.com/api/v3/files/01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b"
 # Report results (if they exist) are available via #report
-vtreport.report["scans"]["ClamAV"]
-# => {"detected"=>false, "version"=>"0.98.5.0", "result"=>nil, "update"=>"20141208"}
+vtreport.report['data']['attributes']['last_analysis_results']['ClamAV']
+# => {"category"=>"undetected", "engine_name"=>"ClamAV", "engine_update"=>"20200826",
+# "engine_version"=>"0.102.4.0", "method"=>"blacklist", "result"=>nil}
+# Check whether an Antivirus detected this sample or not
+vtreport.detected_by('ClamAV')
+# => false
 ```
-### File Scan
+### File Upload
 ```ruby
 require 'virustotal_api'
@@ -58,28 +65,21 @@ require 'virustotal_api'
 file    = '/path/to/file'
 api_key = 'MY_API_KEY'
-vtscan = VirustotalAPI::FileScan.scan(file, api_key)
+vtscan = VirustotalAPI::File.upload(file, api_key)
-# Scan ID of file
-vtscan.scan_id
+# Virustotal ID of file
+vtscan.id
 # => "01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b-1419454668"
 # Response results are available via #response
-vtscan.response
+vtscan.report
 # =>
-{
-  "scan_id"=>"01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b-1419454668",
-  "sha1"=>"adc83b19e793491b1c6ea0fd8b46cd9f32e592fc",
-  "resource"=>"01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b",
-  "response_code"=>1,
-  "sha256"=>"01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b",
-  "permalink"=>"https://www.virustotal.com/file/01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b/analysis/1419454668/",
-  "md5"=>"68b329da9893e34099c7d8ad5cb9c940",
-  "verbose_msg"=>"Scan request successfully queued, come back later for the report"
-}
+{"data"=>
+  {"id"=>"MTkxNDBmMjU4ZGY1OGZiYzZjNmU2ODcyMWNhYjhkZTM6MTU5ODUzMTE5OQ==",
+   "type"=>"analysis"}}
 ```
-### File Rescan
+### File Analyse
 ```ruby
 require 'virustotal_api'
@@ -87,25 +87,21 @@ require 'virustotal_api'
 sha256  = '01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b'
 api_key = 'MY_API_KEY'
-vtrescan = VirustotalAPI::FileRescan.rescan(sha256, api_key)
+vtrescan = VirustotalAPI::File.analyse(sha256, api_key)
-# Rescan ID of file
-vtrescan.rescan_id
-# => "01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b-1562684247"
+# Virustotal ID of file
+vtrescan.id
+# => "MTkxNDBmMjU4ZGY1OGZiYzZjNmU2ODcyMWNhYjhkZTM6MTU5ODUzMTE5OQ=="
 # Response results are available via #response
-vtrescan.response
+vtrescan.report
 # =>
-{
-  "permalink": "https://www.virustotal.com/file/01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b/analysis/1562684247/",
-  "response_code": 1,
-  "sha256": "01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b",
-  "resource": "01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b",
-  "scan_id": "01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b-1562684247"
-}
+{"data"=>
+  {"id"=>"MTkxNDBmMjU4ZGY1OGZiYzZjNmU2ODcyMWNhYjhkZTM6MTU5ODUzMTE5OQ==",
+   "type"=>"analysis"}}
 ```
-### URL Report
+### URL find
 ```ruby
 require 'virustotal_api'
@@ -113,7 +109,7 @@ require 'virustotal_api'
 url     = 'http://www.google.com'
 api_key = 'MY_API_KEY'
-vturl_report = VirustotalAPI::URLReport.find(url, api_key)
+vturl_report = VirustotalAPI::URL.find(url, api_key)
 # Does the resource have any results?
 vturl_report.exists?
@@ -121,14 +117,14 @@ vturl_report.exists?
 # URL for Report (if it exists)
 vturl_report.report_url
-# => "https://www.virustotal.com/url/dd014af5ed6b38d9130e3f466f850e46d21b951199d53a18ef29ee9341614eaf/analysis/1419457210/"
+# => "https://www.virustotal.com/api/v3/urls/dd014af5ed6b38d9130e3f466f850e46d21b951199d53a18ef29ee9341614eaf"
 # Report results (if they exist) are available via #report
-vturl_report.report["scans"]["Opera"]
-# => {"detected"=>false, "result"=>"clean site"}
+vturl_report.report['data']['attributes']['last_analysis_results']['Avira']
+# => {"category"=>"harmless", "engine_name"=>"Avira", "method"=>"blacklist", "result"=>"clean"}
 ```
-### URL Scan
+### URL Upload
 ```ruby
 require 'virustotal_api'
@@ -136,27 +132,22 @@ require 'virustotal_api'
 url     = 'http://www.google.com'
 api_key = 'MY_API_KEY'
-vturl_scan = VirustotalAPI::URLScan.scan(url, api_key)
+vturl_scan = VirustotalAPI::URL.upload(url, api_key)
-# Scan ID of file
-vturl_scan.scan_id
-# => "dd014af5ed6b38d9130e3f466f850e46d21b951199d53a18ef29ee9341614eaf-1562751553"
+# Virustotal ID of file
+vturl_scan.id
+# => "u-dd014af5ed6b38d9130e3f466f850e46d21b951199d53a18ef29ee9341614eaf-1598531929"
 # Response results are available via #response
-vturl_scan.response
+vturl_scan.report
 # =>
-{
-  "permalink": "https://www.virustotal.com/url/dd014af5ed6b38d9130e3f466f850e46d21b951199d53a18ef29ee9341614eaf/analysis/1562751553/",
-  "resource": "http://www.google.com/",
-  "url": "http://www.google.com/",
-  "response_code": 1,
-  "scan_date": "2019-07-10 09:39:13",
-  "scan_id": "dd014af5ed6b38d9130e3f466f850e46d21b951199d53a18ef29ee9341614eaf-1562751553",
-  "verbose_msg": "Scan request successfully queued, come back later for the report"
-}
+{"data"=>
+  {"id"=>
+    "u-dd014af5ed6b38d9130e3f466f850e46d21b951199d53a18ef29ee9341614eaf-1598531929",
+   "type"=>"analysis"}}
 ```
-### IP Report
+### IP Find
 ```ruby
 require 'virustotal_api'
@@ -164,18 +155,22 @@ require 'virustotal_api'
 ip      = '8.8.8.8'
 api_key = 'MY_API_KEY'
-vtip_report = VirustotalAPI::IPReport.find(ip, api_key)
+vtip_report = VirustotalAPI::IP.find(ip, api_key)
 # Does the resource have any results?
 vtip_report.exists?
 # => true
+# URL for Report (if it exists)
+vtip_report.report_url
+# => "https://www.virustotal.com/api/v3/ip_addresses/8.8.8.8"
 # Report results (if they exist) are available via #report
 vtip_report.report
 # => Hash of report results
 ```
-### Domain Report
+### Domain Find
 ```ruby
 require 'virustotal_api'
@@ -183,22 +178,65 @@ require 'virustotal_api'
 domain  = 'virustotal.com'
 api_key = 'MY_API_KEY'
-vtdomain_report = VirustotalAPI::DomainReport.find(domain, api_key)
+vtdomain_report = VirustotalAPI::Domain.find(domain, api_key)
 # Does the resource have any results?
 vtdomain_report.exists?
 # => true
+# URL for Report (if it exists)
+vtdomain_report.report_url
+# => "https://www.virustotal.com/api/v3/domains/virustotal.com"
 # Report results (if they exist) are available via #report
 vtdomain_report.report
 # => Hash of report results
 ```
+### User Find
+```ruby
+require 'virustotal_api'
+user_key  = 'user_key' # user_id or api_key
+api_key = 'MY_API_KEY'
+vtuser_report = VirustotalAPI::User.find(user_key, api_key)
+# Does the resource have any results?
+vtuser_report.exists?
+# => true
+# Report results (if they exist) are available via #report
+vtuser_report.report
+# => Hash of report results
+```
+### Group Find
+```ruby
+require 'virustotal_api'
+group_id  = 'GROUP_id'
+api_key = 'MY_API_KEY'
+vtgroup_report = VirustotalAPI::Group.find(group_id, api_key)
+# Does the resource have any results?
+vtgroup_report.exists?
+# => true
+# Report results (if they exist) are available via #report
+vtgroup_report.report
+# => Hash of report results
+```
 ## Contributors
 - [@postmodern](https://github.com/postmodern)
 - [@mkunkel](https://github.com/mkunkel)
 - [@jonnynux](https://github.com/jonnynux)
+- [@crondaemon](https://github.com/crondaemon/)
 ## Contributing

data/lib/virustotal_api.rb CHANGED

@@ -1,11 +1,11 @@
 # frozen_string_literal: true
-require 'virustotal_api/domain_report'
-require 'virustotal_api/file_report'
-require 'virustotal_api/file_rescan'
-require 'virustotal_api/file_scan'
-require 'virustotal_api/ip_report'
-require 'virustotal_api/url_report'
-require 'virustotal_api/url_scan'
+require 'virustotal_api/analysis'
+require 'virustotal_api/domain'
+require 'virustotal_api/file'
+require 'virustotal_api/group'
+require 'virustotal_api/ip'
+require 'virustotal_api/url'
 require 'virustotal_api/uri'
+require 'virustotal_api/user'
 require 'virustotal_api/version'

data/lib/virustotal_api/analysis.rb ADDED

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+require_relative 'base'
+module VirustotalAPI
+  # A class for '/analyses' API
+  class Analysis < Base
+    # @param [String] id The Virustotal ID to get the report for.
+    # @param [String] api_key The key for virustotal
+    # @return [VirustotalAPI::IP] Report
+    def self.find(id, api_key)
+      report = perform("/analyses/#{id}", api_key)
+      new(report)
+    end
+  end
+end