A local host client to automate Virus total API calls based on contents of scan dock folder. The program also manages the number of API calls made within 24 hours and checks for 4 files in a row with sleep intervals to follow API rules. Repository contains a CLI terminal-based version, as well as a PyQt GUI version.
The program is licensed under GNU Public License v3.0
This program runs on Windows 10 and Debian-based Linux, written in Python 3.9 and updated to version 3.10.6
- Run the setup.py script to build a virtual environment and install all external packages in the created venv.
Examples:
- Windows:python setup.py venv
- Linux:python3 setup.py venv
- Once virtual env is built traverse to the (Scripts-Windows or bin-Linux) directory in the environment folder just created.
- For Windows, in the venv\Scripts directory, execute
activateoractivate.batscript to activate the virtual environment. - For Linux, in the venv/bin directory, execute
source activateto activate the virtual environment. - If for some reason issues are experienced with the setup script, the alternative is to manually create an environment, activate it, then run pip install -r packages.txt in project root.
- To exit from the virtual environment when finished, execute
deactivate.
- Create Virus Total account
- When logged in, get API key
- Set VTOTAL_API_KEY environment variable with fresh API key before executing the program
Examples:
- Windows:set VTOTAL_API_KEY=<api_key_value>
- Linux:export VTOTAL_API_KEY=<api_key_value>
- Confirm there is data in VTotalScanDock to be scanned
-- CLI --
- Open up Command Prompt (CMD) or terminal and activate program venv
- Enter the directory containing the program and execute in shell
-- GUI --
- Open up graphical file manager
- Find folder containing programming and double click GUI program
-- cli_vtotal_pyclient.py --
main - Gets files from input dir, iterates over them, sending and retrieving json
report of Virus-Total analysis of the item analyzed by the API.
-- gui_vtotal_pyclient.pyw --
MainWindow - Class inherits the attributes of PyQT QMainWindow parent class.
init - Initialize and configure the graphical user interface.
on_press - Executes Virus Total scanner function when button is clicked.
main - Manages the application initialization, configuration, and exit.
-- vtotal_scanner.py --
vtotal_scan - Facilitates Virus Total API scans on contents of VTotalScanDock
directory, sleep 60 seconds per 4 queries.
-- utils.py --
counter_data_input - Reads total number of API queries from data file.
counter_data_output - Stores total number of API queries in data file.
error_query - Looks up the errno message to get description.
get_files - Iterate through files in path and add to list if not the .keep file or not a directory.
hash_send -  Encode passed in file as bytes, perform SHA512 hash, and send hash to Virus Total API. Return the result dictionary.
load_data - Checks if exist program data exists. If so, the data loaded from the files and checked to see if the 24-hour period for the 500 daily API calls is past. If it is past the 24-hour period the data files will be deleted to keep track of the new 24 period.
print_err - Displays error message via standard error.
qt_err - Prints a GUI error message with PyQT.
store_data - Stores the API daily API counter data and execution time if first call within a 24-hour period.
time_csv_input - Reads the time data stored in csv file.
time_csv_output - Stores execution time and data in cvs file.
TimeTracker - Class to group the stored and current execution times.
0 - Successful execution
1 - Unexpected exception occurred
2 - Attempting to access file that does not exist
3 - Attempting to perform operations on file that user does not have
4 - IO error occurred during attempted file operation
5 - Unexpected file error occurred
6 - Time data in CSV file is not of integer data type
7 - Error occurred querying the Virus Total API
8 - If the maximum daily API call limit has been reached
9 - If the request query was invalid
10 - If access to the API is forbidden
11 - If unknown API response code occurred