Git Product home page Git Product logo

x-ways-virustotal-extension's Introduction

X-Ways-VirusTotal-Extension

X-Ways Extension to look up hashes in Virus total and identify malicious files

Home of the VirusTotal extension for X-Ways that Polito Inc. developed for use with VirusTotal.

The use of this X-Tension will require VirusTotal API credentials. VirusTotal API credentials can be obtained here: https://www.virustotal.com/gui/join-us

Please see our blog post for detailed instructions about how to use this VirusTotal X-Tension with X-Ways: https://www.politoinc.com/post/enhancing-digital-forensics-with-x-ways-x-tensions-virustotal-plugin

This X-Tension has been tested on X-Ways versions 19.3 to 20.5 (64-bit only). Additional versions are still being tested for compatibility.

The plugin will require you to create a file named vtconfig.txt in the same folder where the X-Tension .DLL file is located. This should contain two fields separated by a colon ":" character. The first field should be your API key for VirusTotal and the second field should be the number of queries per minute that your API key allows. For example:

012345...abcdef:4

This will tell the X-Tension to use your API key that starts with 012345...abcdef at a rate of 4 queries per minute. Note: The file needs to be saved in UTF-8 encoding; if you use UTF-16, notepad.exe will add additional characters to the text file which will cause issues when the X-Tension attempts to read the configuration file.

Polito is not responsible for any issues you encounter related to use of your API key at a rate that is higher than what VirusTotal allows.

NOTE: using a rate of zero (0) tells the X-Tension to go as fast as possible (it will not rate-limit). If you have unlimited queries on VirusTotal this will get your results the fastest.

โ€”

Feel free to open an issue in GitHub or contact us if you encounter any issues or want to suggest a feature. We will do our best to respond in a timely manner.

After running plugin, output of results are in Metadata column:

License

Polito Inc. is providing the VirusTotal hash query extension ("this Software") for free for the benefit of the Digital Forensics community. This Software is provided "as is", without any warranty of any kind, express or implied. You may copy, distribute, and use this Software without charge for commercial or non-commercial purposes, provided that you give full credit to its source and you do not sell, rent, or lease it and do not use it for any illegal purpose. While we are unable to provide support for this Software, feel free to contact us at info(at)politoinc.com with any bug reports or feature requests.

x-ways-virustotal-extension's People

Contributors

fmast avatar

Stargazers

 avatar  avatar  avatar  avatar  avatar  avatar

Watchers

 avatar  avatar  avatar

x-ways-virustotal-extension's Issues

dll

Hi When I try this Extension, there is no dll. file. Can you help me?

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.