virustotal_api 0.5.2 → 0.5.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +9 -1
- data/lib/virustotal_api/analysis.rb +0 -8
- data/lib/virustotal_api/base.rb +3 -1
- data/lib/virustotal_api/domain.rb +0 -6
- data/lib/virustotal_api/file.rb +0 -8
- data/lib/virustotal_api/group.rb +0 -8
- data/lib/virustotal_api/ip.rb +0 -6
- data/lib/virustotal_api/url.rb +0 -8
- data/lib/virustotal_api/user.rb +0 -8
- data/lib/virustotal_api/version.rb +1 -1
- data/test/analysis_test.rb +4 -1
- data/test/domain_test.rb +3 -8
- data/test/file_test.rb +25 -33
- data/test/group_test.rb +2 -7
- data/test/ip_test.rb +2 -0
- data/test/url_test.rb +7 -25
- data/test/user_test.rb +2 -7
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 549e10acf953216ded9295c21129e76fc737bd63f29703af799499c6feed2c6e
|
4
|
+
data.tar.gz: d20c12d67d748d329e3b0e340a4857115d516d942af5e3a282bb72e80a90e373
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 394ad7a9dbf0f4c59d7e286acd57974e042427f0f4c82d1c652195b0dca4d17a0eeed28cd82946da2a072679a824060bacf184c741ecd0578e383386295c328d
|
7
|
+
data.tar.gz: 0f9b0e2bc76a11d1b496ac1b0fb266875ed36cbfb51b27396396b555c3e47d5e411073e8bef956e1e44d08ec395e1165a45df8e525b24af6a0ae915d2c9c1b79
|
data/README.md
CHANGED
@@ -117,7 +117,7 @@ vturl_report.exists?
|
|
117
117
|
|
118
118
|
# URL for Report (if it exists)
|
119
119
|
vturl_report.report_url
|
120
|
-
# => "https://www.virustotal.com/api/v3/urls/dd014af5ed6b38d9130e3f466f850e46d21b951199d53a18ef29ee9341614eaf
|
120
|
+
# => "https://www.virustotal.com/api/v3/urls/dd014af5ed6b38d9130e3f466f850e46d21b951199d53a18ef29ee9341614eaf"
|
121
121
|
|
122
122
|
# Report results (if they exist) are available via #report
|
123
123
|
vturl_report.report['data']['attributes']['last_analysis_results']['Avira']
|
@@ -161,6 +161,10 @@ vtip_report = VirustotalAPI::IP.find(ip, api_key)
|
|
161
161
|
vtip_report.exists?
|
162
162
|
# => true
|
163
163
|
|
164
|
+
# URL for Report (if it exists)
|
165
|
+
vtip_report.report_url
|
166
|
+
# => "https://www.virustotal.com/api/v3/ip_addresses/8.8.8.8"
|
167
|
+
|
164
168
|
# Report results (if they exist) are available via #report
|
165
169
|
vtip_report.report
|
166
170
|
# => Hash of report results
|
@@ -180,6 +184,10 @@ vtdomain_report = VirustotalAPI::Domain.find(domain, api_key)
|
|
180
184
|
vtdomain_report.exists?
|
181
185
|
# => true
|
182
186
|
|
187
|
+
# URL for Report (if it exists)
|
188
|
+
vtdomain_report.report_url
|
189
|
+
# => "https://www.virustotal.com/api/v3/domains/virustotal.com"
|
190
|
+
|
183
191
|
# Report results (if they exist) are available via #report
|
184
192
|
vtdomain_report.report
|
185
193
|
# => Hash of report results
|
@@ -5,13 +5,6 @@ require_relative 'base'
|
|
5
5
|
module VirustotalAPI
|
6
6
|
# A class for '/analyses' API
|
7
7
|
class Analysis < Base
|
8
|
-
attr_reader :report
|
9
|
-
|
10
|
-
# rubocop:disable Lint/MissingSuper
|
11
|
-
def initialize(report)
|
12
|
-
@report = report
|
13
|
-
end
|
14
|
-
|
15
8
|
# @param [String] id The Virustotal ID to get the report for.
|
16
9
|
# @param [String] api_key The key for virustotal
|
17
10
|
# @return [VirustotalAPI::IP] Report
|
@@ -21,4 +14,3 @@ module VirustotalAPI
|
|
21
14
|
end
|
22
15
|
end
|
23
16
|
end
|
24
|
-
# rubocop:enable Lint/MissingSuper
|
data/lib/virustotal_api/base.rb
CHANGED
@@ -9,10 +9,12 @@ require 'base64'
|
|
9
9
|
module VirustotalAPI
|
10
10
|
# The base class implementing the raw calls to Virustotal API V3.
|
11
11
|
class Base
|
12
|
-
attr_reader :report
|
12
|
+
attr_reader :report, :report_url, :id
|
13
13
|
|
14
14
|
def initialize(report)
|
15
15
|
@report = report
|
16
|
+
@report_url = report&.dig('data', 'links', 'self')
|
17
|
+
@id = report&.dig('data', 'id')
|
16
18
|
end
|
17
19
|
|
18
20
|
# @return [String] string of API URI class method
|
@@ -5,11 +5,6 @@ require_relative 'base'
|
|
5
5
|
module VirustotalAPI
|
6
6
|
# A class for '/domains' API
|
7
7
|
class Domain < Base
|
8
|
-
# rubocop:disable Lint/UselessMethodDefinition
|
9
|
-
def initialize(report)
|
10
|
-
super(report)
|
11
|
-
end
|
12
|
-
|
13
8
|
# Find a domain.
|
14
9
|
#
|
15
10
|
# @param [String] domain The domain to search
|
@@ -21,4 +16,3 @@ module VirustotalAPI
|
|
21
16
|
end
|
22
17
|
end
|
23
18
|
end
|
24
|
-
# rubocop:enable Lint/UselessMethodDefinition
|
data/lib/virustotal_api/file.rb
CHANGED
@@ -5,14 +5,6 @@ require_relative 'base'
|
|
5
5
|
module VirustotalAPI
|
6
6
|
# A class for '/files' API
|
7
7
|
class File < Base
|
8
|
-
attr_reader :id, :report_url
|
9
|
-
|
10
|
-
def initialize(report)
|
11
|
-
super(report)
|
12
|
-
@id = report&.dig('data', 'id')
|
13
|
-
@report_url = report&.dig('data', 'links', 'self')
|
14
|
-
end
|
15
|
-
|
16
8
|
# Find a hash.
|
17
9
|
#
|
18
10
|
# @param [String] resource file as a md5/sha1/sha256 hash
|
data/lib/virustotal_api/group.rb
CHANGED
@@ -5,14 +5,6 @@ require_relative 'base'
|
|
5
5
|
module VirustotalAPI
|
6
6
|
# A class for '/groups' API
|
7
7
|
class Group < Base
|
8
|
-
attr_reader :report_url, :id
|
9
|
-
|
10
|
-
def initialize(report)
|
11
|
-
super(report)
|
12
|
-
@report_url = report&.dig('data', 'links', 'self')
|
13
|
-
@id = report&.dig('data', 'id')
|
14
|
-
end
|
15
|
-
|
16
8
|
# Find a Group.
|
17
9
|
#
|
18
10
|
# @param [String] group_id to find
|
data/lib/virustotal_api/ip.rb
CHANGED
@@ -5,11 +5,6 @@ require_relative 'base'
|
|
5
5
|
module VirustotalAPI
|
6
6
|
# A class for '/ip_addresses' API
|
7
7
|
class IP < Base
|
8
|
-
# rubocop:disable Lint/UselessMethodDefinition
|
9
|
-
def initialize(report)
|
10
|
-
super(report)
|
11
|
-
end
|
12
|
-
|
13
8
|
# Find an IP.
|
14
9
|
#
|
15
10
|
# @param [String] ip address The IP to find.
|
@@ -21,4 +16,3 @@ module VirustotalAPI
|
|
21
16
|
end
|
22
17
|
end
|
23
18
|
end
|
24
|
-
# rubocop:enable Lint/UselessMethodDefinition
|
data/lib/virustotal_api/url.rb
CHANGED
@@ -5,14 +5,6 @@ require_relative 'base'
|
|
5
5
|
module VirustotalAPI
|
6
6
|
# A class for '/urls' API
|
7
7
|
class URL < Base
|
8
|
-
attr_reader :report_url, :id
|
9
|
-
|
10
|
-
def initialize(report)
|
11
|
-
super(report)
|
12
|
-
@report_url = report&.dig('data', 'links', 'self')
|
13
|
-
@id = report&.dig('data', 'id')
|
14
|
-
end
|
15
|
-
|
16
8
|
# Find a URL.
|
17
9
|
#
|
18
10
|
# @param [String] resource as an ip/domain/url
|
data/lib/virustotal_api/user.rb
CHANGED
@@ -5,14 +5,6 @@ require_relative 'base'
|
|
5
5
|
module VirustotalAPI
|
6
6
|
# A class for '/users' API
|
7
7
|
class User < Base
|
8
|
-
attr_reader :report_url, :id
|
9
|
-
|
10
|
-
def initialize(report)
|
11
|
-
super(report)
|
12
|
-
@report_url = report&.dig('data', 'links', 'self')
|
13
|
-
@id = report&.dig('data', 'id')
|
14
|
-
end
|
15
|
-
|
16
8
|
# Find a User.
|
17
9
|
#
|
18
10
|
# @param [String] user_key with id or api_key
|
data/test/analysis_test.rb
CHANGED
@@ -11,13 +11,16 @@ class VirustotalAPIAnalysisTest < Minitest::Test
|
|
11
11
|
def test_todo
|
12
12
|
VCR.use_cassette('url_find') do
|
13
13
|
vtreport = VirustotalAPI::URL.find(@url, @api_key)
|
14
|
+
|
14
15
|
@id = vtreport.id
|
15
|
-
assert @id
|
16
|
+
assert @id.is_a?(String)
|
16
17
|
end
|
17
18
|
|
18
19
|
VCR.use_cassette('analysis') do
|
19
20
|
analysis = VirustotalAPI::Analysis.find(@id, @api_key)
|
21
|
+
|
20
22
|
assert analysis.exists?
|
23
|
+
assert analysis.id.is_a?(String)
|
21
24
|
end
|
22
25
|
end
|
23
26
|
end
|
data/test/domain_test.rb
CHANGED
@@ -17,16 +17,11 @@ class VirustotalAPIDomainTest < Minitest::Test
|
|
17
17
|
vtdomain_report = VirustotalAPI::Domain.find(@domain, @api_key)
|
18
18
|
|
19
19
|
# Make sure that the JSON was parsed
|
20
|
+
assert vtdomain_report.exists?
|
20
21
|
assert vtdomain_report.is_a?(VirustotalAPI::Domain)
|
21
22
|
assert vtdomain_report.report.is_a?(Hash)
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
def test_exists?
|
26
|
-
VCR.use_cassette('domain') do
|
27
|
-
vtdomain_report = VirustotalAPI::Domain.find(@domain, @api_key)
|
28
|
-
|
29
|
-
assert vtdomain_report.exists?
|
23
|
+
assert vtdomain_report.id.is_a?(String)
|
24
|
+
assert vtdomain_report.report_url.is_a?(String)
|
30
25
|
end
|
31
26
|
end
|
32
27
|
end
|
data/test/file_test.rb
CHANGED
@@ -4,9 +4,9 @@ require './test/test_helper'
|
|
4
4
|
|
5
5
|
class VirustotalAPIFileTest < Minitest::Test
|
6
6
|
def setup
|
7
|
-
@sha256
|
7
|
+
@sha256 = '01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b'
|
8
8
|
@file_path = File.expand_path('test/fixtures/null_file')
|
9
|
-
@api_key
|
9
|
+
@api_key = 'testapikey'
|
10
10
|
end
|
11
11
|
|
12
12
|
def test_class_exists
|
@@ -15,57 +15,49 @@ class VirustotalAPIFileTest < Minitest::Test
|
|
15
15
|
|
16
16
|
def test_report_response
|
17
17
|
VCR.use_cassette('file_find') do
|
18
|
-
|
18
|
+
vt_file_report = VirustotalAPI::File.find(@sha256, @api_key)
|
19
19
|
|
20
20
|
# Make sure that the JSON was parsed
|
21
|
-
assert
|
22
|
-
assert
|
21
|
+
assert vt_file_report.exists?
|
22
|
+
assert vt_file_report.is_a?(VirustotalAPI::File)
|
23
|
+
assert vt_file_report.report.is_a?(Hash)
|
24
|
+
assert vt_file_report.id.is_a?(String)
|
25
|
+
assert vt_file_report.report_url.is_a?(String)
|
23
26
|
end
|
24
27
|
end
|
25
28
|
|
26
29
|
def test_find
|
27
|
-
|
28
|
-
|
30
|
+
id = '01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b'
|
31
|
+
permalink = "https://www.virustotal.com/api/v3/files/#{id}"
|
32
|
+
|
29
33
|
VCR.use_cassette('file_find') do
|
30
|
-
|
34
|
+
vt_file_report = VirustotalAPI::File.find(@sha256, @api_key)
|
31
35
|
|
32
|
-
|
33
|
-
assert_equal
|
34
|
-
assert
|
35
|
-
assert !
|
36
|
-
assert !
|
36
|
+
assert_equal permalink, vt_file_report.report_url
|
37
|
+
assert_equal id, vt_file_report.id
|
38
|
+
assert vt_file_report.detected_by('Avira')
|
39
|
+
assert !vt_file_report.detected_by('Acronis')
|
40
|
+
assert !vt_file_report.detected_by('Yeyeyeye') # not present in file
|
37
41
|
end
|
38
42
|
end
|
39
43
|
|
40
44
|
def test_upload
|
41
45
|
VCR.use_cassette('file_upload') do
|
42
|
-
|
43
|
-
|
44
|
-
assert virustotal_upload.report.is_a?(Hash)
|
45
|
-
end
|
46
|
-
end
|
47
|
-
|
48
|
-
def test_upload_id
|
49
|
-
VCR.use_cassette('file_upload') do
|
50
|
-
virustotal_upload = VirustotalAPI::File.upload(@file_path, @api_key)
|
46
|
+
vt_file_upload = VirustotalAPI::File.upload(@file_path, @api_key)
|
51
47
|
|
52
|
-
assert
|
48
|
+
assert vt_file_upload.exists?
|
49
|
+
assert vt_file_upload.report.is_a?(Hash)
|
50
|
+
assert vt_file_upload.id.is_a?(String)
|
53
51
|
end
|
54
52
|
end
|
55
53
|
|
56
54
|
def test_analyse
|
57
55
|
VCR.use_cassette('file_analyse') do
|
58
|
-
|
59
|
-
|
60
|
-
assert virustotal_analyse.report.is_a?(Hash)
|
61
|
-
end
|
62
|
-
end
|
63
|
-
|
64
|
-
def test_analyse_id
|
65
|
-
VCR.use_cassette('file_analyse') do
|
66
|
-
virustotal_analyse = VirustotalAPI::File.analyse(@sha256, @api_key)
|
56
|
+
vt_file_analyse = VirustotalAPI::File.analyse(@sha256, @api_key)
|
67
57
|
|
68
|
-
assert
|
58
|
+
assert vt_file_analyse.exists?
|
59
|
+
assert vt_file_analyse.report.is_a?(Hash)
|
60
|
+
assert vt_file_analyse.id.is_a?(String)
|
69
61
|
end
|
70
62
|
end
|
71
63
|
end
|
data/test/group_test.rb
CHANGED
@@ -17,15 +17,10 @@ class VirustotalAPIGroupReportTest < Minitest::Test
|
|
17
17
|
vtgroup_report = VirustotalAPI::Group.find(@group_id, @api_key)
|
18
18
|
|
19
19
|
# Make sure that the JSON was parsed
|
20
|
+
assert vtgroup_report.exists?
|
20
21
|
assert vtgroup_report.is_a?(VirustotalAPI::Group)
|
21
22
|
assert vtgroup_report.report.is_a?(Hash)
|
22
|
-
|
23
|
-
end
|
24
|
-
|
25
|
-
def test_find
|
26
|
-
VCR.use_cassette('group_find') do
|
27
|
-
vtgroup_report = VirustotalAPI::Group.find(@group_id, @api_key)
|
28
|
-
|
23
|
+
assert vtgroup_report.id.is_a?(String)
|
29
24
|
assert vtgroup_report.report_url.is_a?(String)
|
30
25
|
end
|
31
26
|
end
|
data/test/ip_test.rb
CHANGED
@@ -19,6 +19,8 @@ class VirustotalAPIIPReportTest < Minitest::Test
|
|
19
19
|
# Make sure that the JSON was parsed
|
20
20
|
assert vtip_report.is_a?(VirustotalAPI::IP)
|
21
21
|
assert vtip_report.report.is_a?(Hash)
|
22
|
+
assert vtip_report.id.is_a?(String)
|
23
|
+
assert vtip_report.report_url.is_a?(String)
|
22
24
|
end
|
23
25
|
end
|
24
26
|
end
|
data/test/url_test.rb
CHANGED
@@ -18,24 +18,11 @@ class VirustotalAPIURLReportTest < Minitest::Test
|
|
18
18
|
vturl_report = VirustotalAPI::URL.find(@url, @api_key)
|
19
19
|
|
20
20
|
# Make sure that the JSON was parsed
|
21
|
+
assert vturl_report.exists?
|
21
22
|
assert vturl_report.is_a?(VirustotalAPI::URL)
|
22
23
|
assert vturl_report.report.is_a?(Hash)
|
23
|
-
end
|
24
|
-
end
|
25
|
-
|
26
|
-
def test_find
|
27
|
-
VCR.use_cassette('url_find') do
|
28
|
-
vturl_report = VirustotalAPI::URL.find(@url, @api_key)
|
29
|
-
|
30
|
-
assert vturl_report.report_url.is_a?(String)
|
31
|
-
end
|
32
|
-
end
|
33
|
-
|
34
|
-
def test_scan_url
|
35
|
-
VCR.use_cassette('url_find') do
|
36
|
-
vturl_report = VirustotalAPI::URL.find(@url, @api_key)
|
37
|
-
|
38
24
|
assert vturl_report.id.is_a?(String)
|
25
|
+
assert vturl_report.report_url.is_a?(String)
|
39
26
|
end
|
40
27
|
end
|
41
28
|
|
@@ -43,23 +30,18 @@ class VirustotalAPIURLReportTest < Minitest::Test
|
|
43
30
|
VCR.use_cassette('unscanned_url_find') do
|
44
31
|
vturl_report = VirustotalAPI::URL.find(@unscanned_url, @api_key)
|
45
32
|
|
33
|
+
assert !vturl_report.exists?
|
46
34
|
assert_empty vturl_report.report
|
47
35
|
end
|
48
36
|
end
|
49
37
|
|
50
38
|
def test_analyse
|
51
39
|
VCR.use_cassette('url_analyse') do
|
52
|
-
|
53
|
-
|
54
|
-
assert vturl_scan.report.is_a?(Hash)
|
55
|
-
end
|
56
|
-
end
|
57
|
-
|
58
|
-
def test_analyse_id
|
59
|
-
VCR.use_cassette('url_analyse') do
|
60
|
-
vturl_scan = VirustotalAPI::URL.analyse(@url, @api_key)
|
40
|
+
vturl_analyse = VirustotalAPI::URL.analyse(@url, @api_key)
|
61
41
|
|
62
|
-
assert
|
42
|
+
assert vturl_analyse.exists?
|
43
|
+
assert vturl_analyse.report.is_a?(Hash)
|
44
|
+
assert vturl_analyse.id.is_a?(String)
|
63
45
|
end
|
64
46
|
end
|
65
47
|
end
|
data/test/user_test.rb
CHANGED
@@ -16,15 +16,10 @@ class VirustotalAPIUserReportTest < Minitest::Test
|
|
16
16
|
vtuser_report = VirustotalAPI::User.find(@api_key, @api_key)
|
17
17
|
|
18
18
|
# Make sure that the JSON was parsed
|
19
|
+
assert vtuser_report.exists?
|
19
20
|
assert vtuser_report.is_a?(VirustotalAPI::User)
|
20
21
|
assert vtuser_report.report.is_a?(Hash)
|
21
|
-
|
22
|
-
end
|
23
|
-
|
24
|
-
def test_find
|
25
|
-
VCR.use_cassette('user_find') do
|
26
|
-
vtuser_report = VirustotalAPI::User.find(@api_key, @api_key)
|
27
|
-
|
22
|
+
assert vtuser_report.id.is_a?(String)
|
28
23
|
assert vtuser_report.report_url.is_a?(String)
|
29
24
|
end
|
30
25
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: virustotal_api
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.5.
|
4
|
+
version: 0.5.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- pwelch
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-10-
|
11
|
+
date: 2020-10-12 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: json
|