A VT/get_report.sh => VT/get_report.sh +75 -0
@@ 0,0 1,75 @@
+#!/bin/bash
+
+file_hash="$1"
+file_name="$2.json"
+
+touch $file_name
+
+curl --request GET \
+ --url https://www.virustotal.com/api/v3/files/$file_hash \
+ --header 'x-apikey: <API KEY>' >> $file_name
+
+ oname="readable_$file_name"
+ touch $oname
+
+
+
+# Suggested threat label
+
+# Getting it parsing the raw json with jq and cleaning
+# the result so it's only the label name
+
+raw_label=$(jq .data.attributes.popular_threat_classification.suggested_threat_label $file_name)
+clean_label=${raw_label//\"}
+clean_label=${clean_label//.}
+
+# Writing it in the readable
+
+echo -e "Threat label:" >> $oname
+echo $clean_label >> $oname
+echo -e "\n" >> $oname
+
+# Type tags
+
+# Getting it parsing the raw json with jq and cleaning
+# the result so it's only the label name
+
+raw_tags=$(jq .data.attributes.type_tags $file_name)
+cl1_tags=$(echo $raw_tags | tr \[ \( | tr \] \))
+declare -a arr=$cl1_tags
+
+echo "Tags:" >> $oname
+
+for i in "${arr[@]}"; do
+ final=${i//,}
+ echo "$final" >> $oname
+done
+
+echo -e "\n" >> $oname
+
+# Meaningful name
+
+raw_name=$(jq .data.attributes.meaningful_name $file_name)
+clean_name=${raw_name//\"}
+clean_label=${clean_name//.}
+
+# Writing it in the readable
+echo -e "Meaningful name:" >> $oname
+echo $clean_name >> $oname
+echo -e "\n" >> $oname
+
+# Imports
+
+raw_imports=$(jq .data.attributes.pe_info.import_list[].library_name $file_name)
+cl1_imports=$(echo $raw_imports | tr \[ \( | tr \] \))
+declare -a arr2=$cl1_imports
+
+echo "Imports:" >> $oname
+
+for i in "${arr2[@]}"; do
+ final=${i//,}
+ final=${i//\"}
+ echo "$final" >> $oname
+done
+
+echo -e "\n" >> $oname<
\ No newline at end of file
A VT/popular_TC.sh => VT/popular_TC.sh +5 -0
@@ 0,0 1,5 @@
+#!/bin/bash
+
+curl --request GET \
+ --url https://www.virustotal.com/api/v3/popular_threat_categories \
+ --header 'x-apikey: <your API key>'<
\ No newline at end of file