| Title: | R Client for the VirusTotal API |
|---|---|
| Description: | Provides a comprehensive R interface to the VirusTotal API v3.0, a Google service that analyzes files and URLs for viruses, worms, trojans and other malware. Features include file/URL scanning, domain categorization, passive DNS information, IP reputation analysis, IoC relationships, sandbox analysis, and comment/voting systems. Implements rate limiting, error handling, and response validation for robust security analysis workflows. |
| Authors: | Gaurav Sood [aut, cre] |
| Maintainer: | Gaurav Sood <[email protected]> |
| License: | MIT + file LICENSE |
| Version: | 0.6.0 |
| Built: | 2026-05-31 07:14:34 UTC |
| Source: | https://github.com/themains/virustotal |
Retrieves comprehensive analysis report for a given domain, including WHOIS information, DNS resolutions, detected URLs, and threat intelligence data.
domain_report(domain = NULL, ...)domain_report(domain = NULL, ...)
domain |
Domain name (character string). Required. |
... |
Additional arguments passed to |
A virustotal_domain_report object containing domain analysis
results including WHOIS data, DNS resolutions, detected URLs, categories,
and threat intelligence
https://docs.virustotal.com/reference/domains
set_key for setting the API key
## Not run: # Set API key first set_key('your_api_key_here') # Get domain reports report1 <- domain_report("google.com") report2 <- domain_report("https://www.example.com/path") print(report1) summary(report1) ## End(Not run)## Not run: # Set API key first set_key('your_api_key_here') # Get domain reports report1 <- domain_report("google.com") report2 <- domain_report("https://www.example.com/path") print(report1) summary(report1) ## End(Not run)
Download a file from VirusTotal
download_file(hash = NULL, output_path = NULL, ...)download_file(hash = NULL, output_path = NULL, ...)
hash |
File hash (MD5, SHA1, or SHA256) |
output_path |
Local path to save the downloaded file. Optional. |
... |
Additional arguments passed to |
Raw file content or saves file to specified path
https://docs.virustotal.com/reference
set_key for setting the API key
## Not run: # Before calling the function, set the API key using set_key('api_key_here') download_file(hash='99017f6eebbac24f351415dd410d522d', output_path='/tmp/downloaded_file') ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') download_file(hash='99017f6eebbac24f351415dd410d522d', output_path='/tmp/downloaded_file') ## End(Not run)
Retrieves detailed analysis results for a file from VirusTotal using the v3 API.
file_report(hash, ...)file_report(hash, ...)
hash |
File hash (MD5, SHA1, or SHA256) or analysis ID |
... |
Additional arguments passed to |
A virustotal_file_report object containing file analysis results
including antivirus scans, file metadata, and threat detection information
https://docs.virustotal.com/reference/files
set_key for setting the API key, scan_file for submitting files
## Not run: # Set API key first set_key('your_api_key_here') # Get file report using hash report <- file_report(hash = '99017f6eebbac24f351415dd410d522d') print(report) summary(report) # Work with the rich nested structure returned by v3 API print(report$data$attributes$last_analysis_stats) ## End(Not run)## Not run: # Set API key first set_key('your_api_key_here') # Get file report using hash report <- file_report(hash = '99017f6eebbac24f351415dd410d522d') print(report) summary(report) # Work with the rich nested structure returned by v3 API print(report$data$attributes$last_analysis_stats) ## End(Not run)
Retrieves the results of a file or URL analysis by its analysis ID.
get_analysis(id = NULL, ...)get_analysis(id = NULL, ...)
id |
Analysis ID (character string). Required. |
... |
Additional arguments passed to |
list containing analysis results including status and detection stats
https://docs.virustotal.com/reference/analysis
set_key for setting the API key
## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_analysis(id='NjY0MjRlOTFjMDIyYTkyNWM0NjU2NWQzYWNlMzFmZmI6MTI4NTk') ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_analysis(id='NjY0MjRlOTFjMDIyYTkyNWM0NjU2NWQzYWNlMzFmZmI6MTI4NTk') ## End(Not run)
Retrieves the EVTX (Windows Event Log) file from a sandbox analysis.
get_behaviour_evtx(sandbox_id = NULL, output_path = NULL, ...)get_behaviour_evtx(sandbox_id = NULL, output_path = NULL, ...)
sandbox_id |
Sandbox report ID (character string). Required. |
output_path |
Local path to save the EVTX file. Optional. |
... |
Additional arguments passed to httr::GET. |
Raw EVTX content or saves to file if output_path specified
https://docs.virustotal.com/reference
set_key for setting the API key,
get_behaviour_report for JSON report
## Not run: # Before calling the function, set the API key using set_key('api_key_here') evtx <- get_behaviour_evtx(sandbox_id='hash_sandboxname') get_behaviour_evtx(sandbox_id='hash_sandboxname', output_path='/tmp/events.evtx') ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') evtx <- get_behaviour_evtx(sandbox_id='hash_sandboxname') get_behaviour_evtx(sandbox_id='hash_sandboxname', output_path='/tmp/events.evtx') ## End(Not run)
Retrieves a detailed HTML report from a sandbox analysis.
get_behaviour_html(sandbox_id = NULL, output_path = NULL, ...)get_behaviour_html(sandbox_id = NULL, output_path = NULL, ...)
sandbox_id |
Sandbox report ID (character string). Required. |
output_path |
Local path to save the HTML file. Optional. |
... |
Additional arguments passed to httr::GET. |
Raw HTML content or saves to file if output_path specified
https://docs.virustotal.com/reference
set_key for setting the API key,
get_behaviour_report for JSON report
## Not run: # Before calling the function, set the API key using set_key('api_key_here') html <- get_behaviour_html(sandbox_id='hash_sandboxname') get_behaviour_html(sandbox_id='hash_sandboxname', output_path='/tmp/report.html') ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') html <- get_behaviour_html(sandbox_id='hash_sandboxname') get_behaviour_html(sandbox_id='hash_sandboxname', output_path='/tmp/report.html') ## End(Not run)
Retrieves the memory dump file from a sandbox analysis.
get_behaviour_memdump(sandbox_id = NULL, output_path = NULL, ...)get_behaviour_memdump(sandbox_id = NULL, output_path = NULL, ...)
sandbox_id |
Sandbox report ID (character string). Required. |
output_path |
Local path to save the memory dump file. Optional. |
... |
Additional arguments passed to httr::GET. |
Raw memory dump content or saves to file if output_path specified
https://docs.virustotal.com/reference
set_key for setting the API key,
get_behaviour_report for JSON report
## Not run: # Before calling the function, set the API key using set_key('api_key_here') memdump <- get_behaviour_memdump(sandbox_id='hash_sandboxname') get_behaviour_memdump(sandbox_id='hash_sandboxname', output_path='/tmp/memory.dmp') ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') memdump <- get_behaviour_memdump(sandbox_id='hash_sandboxname') get_behaviour_memdump(sandbox_id='hash_sandboxname', output_path='/tmp/memory.dmp') ## End(Not run)
Retrieves the PCAP (network capture) file from a sandbox analysis.
get_behaviour_pcap(sandbox_id = NULL, output_path = NULL, ...)get_behaviour_pcap(sandbox_id = NULL, output_path = NULL, ...)
sandbox_id |
Sandbox report ID (character string). Required. |
output_path |
Local path to save the PCAP file. Optional. |
... |
Additional arguments passed to httr::GET. |
Raw PCAP content or saves to file if output_path specified
https://docs.virustotal.com/reference
set_key for setting the API key,
get_behaviour_report for JSON report
## Not run: # Before calling the function, set the API key using set_key('api_key_here') pcap <- get_behaviour_pcap(sandbox_id='hash_sandboxname') get_behaviour_pcap(sandbox_id='hash_sandboxname', output_path='/tmp/capture.pcap') ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') pcap <- get_behaviour_pcap(sandbox_id='hash_sandboxname') get_behaviour_pcap(sandbox_id='hash_sandboxname', output_path='/tmp/capture.pcap') ## End(Not run)
Retrieves a specific behaviour report from a sandbox analysis.
get_behaviour_report(sandbox_id = NULL, ...)get_behaviour_report(sandbox_id = NULL, ...)
sandbox_id |
Sandbox report ID (character string). Required. |
... |
Additional arguments passed to |
list containing detailed behaviour report from the sandbox
https://docs.virustotal.com/reference
set_key for setting the API key,
get_file_behaviours for listing all behaviour reports
## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_behaviour_report(sandbox_id='hash_sandboxname') ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_behaviour_report(sandbox_id='hash_sandboxname') ## End(Not run)
Retrieve comments for an Internet domain
get_domain_comments(domain = NULL, limit = NULL, cursor = NULL, ...)get_domain_comments(domain = NULL, limit = NULL, cursor = NULL, ...)
domain |
domain name. String. Required. |
limit |
Number of entries. Integer. Optional. Default is 10. |
cursor |
String. Optional. |
... |
Additional arguments passed to |
list containing domain comment data including comment text, authors, dates, and any associated metadata from the VirusTotal v3.0 API
https://docs.virustotal.com/reference
set_key for setting the API key
## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_domain_comments("http://www.google.com") get_domain_comments("http://www.goodsfwrfw.com") # Domain not found ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_domain_comments("http://www.google.com") get_domain_comments("http://www.goodsfwrfw.com") # Domain not found ## End(Not run)
Retrieve information about an Internet domain
get_domain_info(domain = NULL, limit = NULL, cursor = NULL, ...)get_domain_info(domain = NULL, limit = NULL, cursor = NULL, ...)
domain |
domain name. String. Required. |
limit |
Number of entries. Integer. Optional. Default is 10. |
cursor |
String. Optional. |
... |
Additional arguments passed to |
named list
https://docs.virustotal.com/reference
set_key for setting the API key
## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_domain_info("http://www.google.com") get_domain_info("http://www.goodsfwrfw.com") # Domain not found ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_domain_info("http://www.google.com") get_domain_info("http://www.goodsfwrfw.com") # Domain not found ## End(Not run)
Retrieve related objects to an Internet domain
get_domain_relationship( domain = NULL, relationship = "subdomains", limit = NULL, cursor = NULL, ... )get_domain_relationship( domain = NULL, relationship = "subdomains", limit = NULL, cursor = NULL, ... )
domain |
domain name. String. Required. |
relationship |
relationship name. String. Required. Default is |
limit |
Number of entries. Integer. Optional. Default is 10. |
cursor |
String. Optional. |
... |
Additional arguments passed to |
named list
https://docs.virustotal.com/reference
set_key for setting the API key
## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_domain_relationship("https://www.google.com") get_domain_relationship("https://www.goodsfwrfw.com") # Domain not found ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_domain_relationship("https://www.google.com") get_domain_relationship("https://www.goodsfwrfw.com") # Domain not found ## End(Not run)
Retrieve votes for an Internet domain
get_domain_votes(domain = NULL, limit = NULL, cursor = NULL, ...)get_domain_votes(domain = NULL, limit = NULL, cursor = NULL, ...)
domain |
domain name. String. Required. |
limit |
Number of entries. Integer. Optional. Default is 10. |
cursor |
String. Optional. |
... |
Additional arguments passed to |
named list
https://docs.virustotal.com/reference
set_key for setting the API key
## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_domain_votes("http://www.google.com") get_domain_votes("http://www.goodsfwrfw.com") # Domain not found ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_domain_votes("http://www.google.com") get_domain_votes("http://www.goodsfwrfw.com") # Domain not found ## End(Not run)
Retrieves MITRE ATT&CK techniques observed in file behaviour reports.
get_file_behaviour_mitre_trees(hash = NULL, ...)get_file_behaviour_mitre_trees(hash = NULL, ...)
hash |
File hash (MD5, SHA1, or SHA256). Required. |
... |
Additional arguments passed to |
list containing MITRE ATT&CK technique mappings
https://docs.virustotal.com/reference
set_key for setting the API key,
get_file_behaviour_summary for behaviour summary
## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_file_behaviour_mitre_trees(hash='99017f6eebbac24f351415dd410d522d') ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_file_behaviour_mitre_trees(hash='99017f6eebbac24f351415dd410d522d') ## End(Not run)
Retrieves a summary of all behaviour reports for a file.
get_file_behaviour_summary(hash = NULL, ...)get_file_behaviour_summary(hash = NULL, ...)
hash |
File hash (MD5, SHA1, or SHA256). Required. |
... |
Additional arguments passed to |
list containing behaviour summary from all sandboxes
https://docs.virustotal.com/reference/file-all-behaviours-summary
set_key for setting the API key,
get_file_behaviours for full behaviour reports
## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_file_behaviour_summary(hash='99017f6eebbac24f351415dd410d522d') ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_file_behaviour_summary(hash='99017f6eebbac24f351415dd410d522d') ## End(Not run)
Retrieves all behaviour reports for a file from various sandboxes.
get_file_behaviours(hash = NULL, limit = NULL, cursor = NULL, ...)get_file_behaviours(hash = NULL, limit = NULL, cursor = NULL, ...)
hash |
File hash (MD5, SHA1, or SHA256). Required. |
limit |
Number of reports to retrieve. Integer. Optional. |
cursor |
String for pagination. Optional. |
... |
Additional arguments passed to |
list containing behaviour reports from various sandboxes
https://docs.virustotal.com/reference
set_key for setting the API key,
get_file_behaviour_summary for summary,
get_behaviour_report for individual sandbox reports
## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_file_behaviours(hash='99017f6eebbac24f351415dd410d522d') get_file_behaviours(hash='99017f6eebbac24f351415dd410d522d', limit=5) ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_file_behaviours(hash='99017f6eebbac24f351415dd410d522d') get_file_behaviours(hash='99017f6eebbac24f351415dd410d522d', limit=5) ## End(Not run)
Retrieve comments for a file
get_file_comments(hash = NULL, limit = NULL, cursor = NULL, ...)get_file_comments(hash = NULL, limit = NULL, cursor = NULL, ...)
hash |
File hash (MD5, SHA1, or SHA256) |
limit |
Number of comments to retrieve. Integer. Optional. Default is 10. |
cursor |
String for pagination. Optional. |
... |
Additional arguments passed to |
list containing file comments
https://docs.virustotal.com/reference
set_key for setting the API key
## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_file_comments(hash='99017f6eebbac24f351415dd410d522d') ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_file_comments(hash='99017f6eebbac24f351415dd410d522d') ## End(Not run)
Get download URL for a file
get_file_download_url(hash = NULL, ...)get_file_download_url(hash = NULL, ...)
hash |
File hash (MD5, SHA1, or SHA256) |
... |
Additional arguments passed to |
list containing download URL and metadata
https://docs.virustotal.com/reference
set_key for setting the API key
## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_file_download_url(hash='99017f6eebbac24f351415dd410d522d') ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_file_download_url(hash='99017f6eebbac24f351415dd410d522d') ## End(Not run)
Retrieve relationships for a file
get_file_relationships( hash = NULL, relationship = NULL, limit = NULL, cursor = NULL, ... )get_file_relationships( hash = NULL, relationship = NULL, limit = NULL, cursor = NULL, ... )
hash |
File hash (MD5, SHA1, or SHA256) |
relationship |
Type of relationship: "behaviours", "bundled_files", "compression_parents", "contacted_domains", "contacted_ips", "contacted_urls", "dropped_files", "execution_parents", "itw_domains", "itw_ips", "itw_urls", "overlay_parents", "pcap_parents", "pe_resource_parents", "similar_files", "submissions" |
limit |
Number of relationships to retrieve. Integer. Optional. Default is 10. |
cursor |
String for pagination. Optional. |
... |
Additional arguments passed to |
list containing file relationships
https://docs.virustotal.com/reference
set_key for setting the API key
## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_file_relationships(hash='99017f6eebbac24f351415dd410d522d', relationship='contacted_domains') ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_file_relationships(hash='99017f6eebbac24f351415dd410d522d', relationship='contacted_domains') ## End(Not run)
Get a special URL for uploading files larger than 32MB to VirusTotal for analysis.
get_file_upload_url(...)get_file_upload_url(...)
... |
Additional arguments passed to |
list containing upload URL and other metadata
https://docs.virustotal.com/reference
set_key for setting the API key, scan_file for regular file uploads
## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_file_upload_url() ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_file_upload_url() ## End(Not run)
Retrieve votes for a file
get_file_votes(hash = NULL, limit = NULL, cursor = NULL, ...)get_file_votes(hash = NULL, limit = NULL, cursor = NULL, ...)
hash |
File hash (MD5, SHA1, or SHA256) |
limit |
Number of votes to retrieve. Integer. Optional. Default is 10. |
cursor |
String for pagination. Optional. |
... |
Additional arguments passed to |
list containing file votes
https://docs.virustotal.com/reference
set_key for setting the API key
## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_file_votes(hash='99017f6eebbac24f351415dd410d522d') ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_file_votes(hash='99017f6eebbac24f351415dd410d522d') ## End(Not run)
Retrieve comments for an IP address
get_ip_comments(ip = NULL, limit = NULL, cursor = NULL, ...)get_ip_comments(ip = NULL, limit = NULL, cursor = NULL, ...)
ip |
IP Address. String. Required. |
limit |
Number of entries. Integer. Optional. Default is 10. |
cursor |
String. Optional. |
... |
Additional arguments passed to |
named list
https://docs.virustotal.com/reference
set_key for setting the API key
## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_ip_comments("64.233.160.0") ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_ip_comments("64.233.160.0") ## End(Not run)
Retrieves report on a given IP address.
get_ip_info(ip = NULL, limit = NULL, cursor = NULL, ...)get_ip_info(ip = NULL, limit = NULL, cursor = NULL, ...)
ip |
IP address. Required. |
limit |
Number of entries. Optional. |
cursor |
String. Optional. |
... |
Additional arguments passed to |
named list
https://docs.virustotal.com/reference
set_key for setting the API key
## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_ip_info("64.233.160.0") ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_ip_info("64.233.160.0") ## End(Not run)
Retrieve votes for an IP address
get_ip_votes(ip = NULL, limit = NULL, cursor = NULL, ...)get_ip_votes(ip = NULL, limit = NULL, cursor = NULL, ...)
ip |
IP address. String. Required. |
limit |
Number of entries. Integer. Optional. Default is 10. |
cursor |
String. Optional. |
... |
Additional arguments passed to |
named list
https://docs.virustotal.com/reference
set_key for setting the API key
## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_ip_votes("64.233.160.0") ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_ip_votes("64.233.160.0") ## End(Not run)
Retrieve comments for a URL
get_url_comments(url_id = NULL, limit = NULL, cursor = NULL, ...)get_url_comments(url_id = NULL, limit = NULL, cursor = NULL, ...)
url_id |
URL or URL ID from VirusTotal |
limit |
Number of comments to retrieve. Optional. |
cursor |
String for pagination. Optional. |
... |
Additional arguments passed to |
list containing URL comments
https://docs.virustotal.com/reference
set_key for setting the API key
## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_url_comments(url_id='http://www.google.com') ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_url_comments(url_id='http://www.google.com') ## End(Not run)
Retrieve relationships for a URL
get_url_relationships( url_id = NULL, relationship = NULL, limit = NULL, cursor = NULL, ... )get_url_relationships( url_id = NULL, relationship = NULL, limit = NULL, cursor = NULL, ... )
url_id |
URL or URL ID from VirusTotal |
relationship |
Type of relationship. See VirusTotal docs for options. |
limit |
Number of relationships to retrieve. Optional. |
cursor |
String for pagination. Optional. |
... |
Additional arguments passed to |
list containing URL relationships
https://docs.virustotal.com/reference
set_key for setting the API key
## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_url_relationships(url_id='http://www.google.com', relationship='communicating_files') ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_url_relationships(url_id='http://www.google.com', relationship='communicating_files') ## End(Not run)
Retrieve votes for a URL
get_url_votes(url_id = NULL, limit = NULL, cursor = NULL, ...)get_url_votes(url_id = NULL, limit = NULL, cursor = NULL, ...)
url_id |
URL or URL ID from VirusTotal |
limit |
Number of votes to retrieve. Integer. Optional. Default is 10. |
cursor |
String for pagination. Optional. |
... |
Additional arguments passed to |
list containing URL votes
https://docs.virustotal.com/reference
set_key for setting the API key
## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_url_votes(url_id='http://www.google.com') ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') get_url_votes(url_id='http://www.google.com') ## End(Not run)
Retrieves comprehensive analysis report for an IP address, including geolocation, ASN information, DNS resolutions, and detected URLs.
ip_report(ip = NULL, ...)ip_report(ip = NULL, ...)
ip |
a valid IPv4 or IPv6 address. Required. |
... |
Additional arguments passed to |
list containing IP analysis results including geolocation, ASN information, DNS resolutions, detected URLs, and threat intelligence
https://docs.virustotal.com/reference
set_key for setting the API key
## Not run: # Before calling the function, set the API key using set_key('api_key_here') ip_report(ip="8.8.8.8") ip_report(ip="2001:4860:4860::8888") ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') ip_report(ip="8.8.8.8") ip_report(ip="2001:4860:4860::8888") ## End(Not run)
Add a comment to an Internet domain
post_domain_comments(domain = NULL, comment = NULL, ...)post_domain_comments(domain = NULL, comment = NULL, ...)
domain |
domain name. Required. |
comment |
comment text. Required. Words starting with # become tags. |
... |
Additional arguments passed to |
named list
https://docs.virustotal.com/reference
set_key for setting the API key
## Not run: # Before calling the function, set the API key using set_key('api_key_here') post_domain_comments(domain = "https://google.com", comment = "Great!") ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') post_domain_comments(domain = "https://google.com", comment = "Great!") ## End(Not run)
Add a vote for a hostname or domain
post_domain_votes(domain = NULL, vote = NULL, ...)post_domain_votes(domain = NULL, vote = NULL, ...)
domain |
domain name. Required. |
vote |
vote. Required. |
... |
Additional arguments passed to |
named list
https://docs.virustotal.com/reference
set_key for setting the API key
## Not run: # Before calling the function, set the API key using set_key('api_key_here') post_domain_votes("http://google.com", vote = "malicious") ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') post_domain_votes("http://google.com", vote = "malicious") ## End(Not run)
Add a comment to a file
post_file_comments(hash = NULL, comment = NULL, ...)post_file_comments(hash = NULL, comment = NULL, ...)
hash |
File hash (MD5, SHA1, or SHA256) |
comment |
Comment text to add |
... |
Additional arguments passed to |
list containing response data
https://docs.virustotal.com/reference
set_key for setting the API key
## Not run: # Before calling the function, set the API key using set_key('api_key_here') post_file_comments(hash='99017f6eebbac24f351415dd410d522d', comment='This file appears to be suspicious') ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') post_file_comments(hash='99017f6eebbac24f351415dd410d522d', comment='This file appears to be suspicious') ## End(Not run)
Add a vote to a file
post_file_votes(hash = NULL, verdict = NULL, ...)post_file_votes(hash = NULL, verdict = NULL, ...)
hash |
File hash (MD5, SHA1, or SHA256) |
verdict |
Vote verdict: "harmless" or "malicious" |
... |
Additional arguments passed to |
list containing response data
https://docs.virustotal.com/reference
set_key for setting the API key
## Not run: # Before calling the function, set the API key using set_key('api_key_here') post_file_votes(hash='99017f6eebbac24f351415dd410d522d', verdict='malicious') ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') post_file_votes(hash='99017f6eebbac24f351415dd410d522d', verdict='malicious') ## End(Not run)
Add a comment to an IP address
post_ip_comments(ip = NULL, comment = NULL, ...)post_ip_comments(ip = NULL, comment = NULL, ...)
ip |
IP address. Required. |
comment |
Comment. Required. |
... |
Additional arguments passed to |
named list
https://docs.virustotal.com/reference
set_key for setting the API key
## Not run: # Before calling the function, set the API key using set_key('api_key_here') post_ip_comments(ip = "64.233.160.0", comment = "test") ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') post_ip_comments(ip = "64.233.160.0", comment = "test") ## End(Not run)
Add a vote for an IP address
post_ip_votes(ip = NULL, vote = NULL, ...)post_ip_votes(ip = NULL, vote = NULL, ...)
ip |
IP address. Required. |
vote |
vote. Required. |
... |
Additional arguments passed to |
named list
https://docs.virustotal.com/reference
set_key for setting the API key
## Not run: # Before calling the function, set the API key using set_key('api_key_here') post_ip_votes(ip = "64.233.160.0", vote = "malicious") ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') post_ip_votes(ip = "64.233.160.0", vote = "malicious") ## End(Not run)
Add a comment to a URL
post_url_comments(url_id = NULL, comment = NULL, ...)post_url_comments(url_id = NULL, comment = NULL, ...)
url_id |
URL or URL ID from VirusTotal |
comment |
Comment text to add |
... |
Additional arguments passed to |
list containing response data
https://docs.virustotal.com/reference
set_key for setting the API key
## Not run: # Before calling the function, set the API key using set_key('api_key_here') post_url_comments(url_id='http://www.google.com', comment='This URL appears suspicious') ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') post_url_comments(url_id='http://www.google.com', comment='This URL appears suspicious') ## End(Not run)
Add a vote to a URL
post_url_votes(url_id = NULL, verdict = NULL, ...)post_url_votes(url_id = NULL, verdict = NULL, ...)
url_id |
URL or URL ID from VirusTotal |
verdict |
Vote verdict: "harmless" or "malicious" |
... |
Additional arguments passed to |
list containing response data
https://docs.virustotal.com/reference
set_key for setting the API key
## Not run: # Before calling the function, set the API key using set_key('api_key_here') post_url_votes(url_id='http://www.google.com', verdict='harmless') ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') post_url_votes(url_id='http://www.google.com', verdict='harmless') ## End(Not run)
Request a new analysis of a domain already in VirusTotal's database.
Returns an analysis ID for use with domain_report.
rescan_domain(domain = NULL, ...)rescan_domain(domain = NULL, ...)
domain |
Domain name to rescan. Required. |
... |
Additional arguments passed to |
list containing analysis details and ID
https://docs.virustotal.com/reference
set_key for setting the API key,
domain_report for getting reports
## Not run: # Before calling the function, set the API key using set_key('api_key_here') # Request rescan of a domain rescan_domain("google.com") ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') # Request rescan of a domain rescan_domain("google.com") ## End(Not run)
Request a new analysis of a file already present in VirusTotal's database.
Returns an analysis ID for use with file_report.
rescan_file(hash = NULL, ...)rescan_file(hash = NULL, ...)
hash |
File hash (MD5, SHA1, or SHA256) or file ID. Required. |
... |
Additional arguments passed to |
list containing analysis details and ID
https://docs.virustotal.com/reference
set_key for setting the API key
## Not run: # Before calling the function, set the API key using set_key('api_key_here') rescan_file(hash='99017f6eebbac24f351415dd410d522d') ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') rescan_file(hash='99017f6eebbac24f351415dd410d522d') ## End(Not run)
Request a new analysis of an IP address already in VirusTotal's database.
Returns an analysis ID for use with ip_report.
rescan_ip(ip = NULL, ...)rescan_ip(ip = NULL, ...)
ip |
IP address to rescan (IPv4 or IPv6). Required. |
... |
Additional arguments passed to |
list containing analysis details and ID
https://docs.virustotal.com/reference
set_key for setting the API key,
ip_report for getting reports
## Not run: # Before calling the function, set the API key using set_key('api_key_here') # Request rescan of an IPv4 address rescan_ip("8.8.8.8") # Request rescan of an IPv6 address rescan_ip("2001:4860:4860::8888") ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') # Request rescan of an IPv4 address rescan_ip("8.8.8.8") # Request rescan of an IPv6 address rescan_ip("2001:4860:4860::8888") ## End(Not run)
Request a new analysis of a URL already present in VirusTotal's database.
Returns an analysis ID for use with url_report.
rescan_url(url_id = NULL, ...)rescan_url(url_id = NULL, ...)
url_id |
URL or URL ID (base64 encoded URL without padding). Required. |
... |
Additional arguments passed to |
list containing analysis details and ID
https://docs.virustotal.com/reference
set_key for setting the API key,
url_report for getting reports
## Not run: # Before calling the function, set the API key using set_key('api_key_here') # Request rescan using URL rescan_url("http://www.google.com") # Request rescan using URL ID rescan_url("687474703a2f2f7777772e676f6f676c652e636f6d2f") ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') # Request rescan using URL rescan_url("http://www.google.com") # Request rescan using URL ID rescan_url("687474703a2f2f7777772e676f6f676c652e636f6d2f") ## End(Not run)
Uploads a file to VirusTotal for malware analysis using the v3 API.
scan_file(file_path, ...)scan_file(file_path, ...)
file_path |
Required; Path to the file to be scanned |
... |
Additional arguments passed to |
A virustotal_file_scan object with analysis ID and links
https://docs.virustotal.com/reference/files-scan
set_key for setting the API key,
file_report for retrieving scan results
## Not run: # Set API key first set_key('your_api_key_here') # Scan a file result <- scan_file(file_path = 'suspicious_file.exe') print(result) ## End(Not run)## Not run: # Set API key first set_key('your_api_key_here') # Scan a file result <- scan_file(file_path = 'suspicious_file.exe') print(result) ## End(Not run)
Submit a URL for analysis. Returns analysis details including an ID that
can be used to retrieve the report using url_report
scan_url(url = NULL, ...)scan_url(url = NULL, ...)
url |
URL to scan; string; required |
... |
Additional arguments passed to |
list containing analysis details and ID
https://docs.virustotal.com/reference
set_key for setting the API key
## Not run: # Before calling the function, set the API key using set_key('api_key_here') scan_url("http://www.google.com") ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') scan_url("http://www.google.com") ## End(Not run)
Stores your VirusTotal API key in an environment variable for use by other package functions. Get your API key from https://www.virustotal.com/.
set_key(api_key = NULL)set_key(api_key = NULL)
api_key |
VirusTotal API key (character string). Required. |
Invisibly returns TRUE on success
https://docs.virustotal.com/reference
## Not run: # Set your API key set_key('your_64_character_api_key_here') # Verify it's set Sys.getenv("VirustotalToken") ## End(Not run)## Not run: # Set your API key set_key('your_64_character_api_key_here') # Verify it's set Sys.getenv("VirustotalToken") ## End(Not run)
Retrieve a scan report for a given URL or URL ID from VirusTotal.
url_report(url_id = NULL, ...)url_report(url_id = NULL, ...)
url_id |
URL or URL ID from VirusTotal. String. Required. |
... |
Additional arguments passed to |
list containing URL analysis results including scan details, detection information, and metadata
https://docs.virustotal.com/reference
set_key for setting the API key,
scan_url for submitting URLs
## Not run: # Before calling the function, set the API key using set_key('api_key_here') # Get report using URL url_report("http://www.google.com") # Get report using URL ID (base64 encoded URL without padding) url_report("687474703a2f2f7777772e676f6f676c652e636f6d2f") ## End(Not run)## Not run: # Before calling the function, set the API key using set_key('api_key_here') # Get report using URL url_report("http://www.google.com") # Get report using URL ID (base64 encoded URL without padding) url_report("687474703a2f2f7777772e676f6f676c652e636f6d2f") ## End(Not run)
Print package information and configuration status
virustotal_info()virustotal_info()
Invisible NULL
Other utilities:
cleanup_temp_files(),
create_safe_temp_dir(),
format_file_size(),
is_safe_environment(),
utilities,
validate_vt_response(),
virustotal_version()
Get package version information
virustotal_version()virustotal_version()
Character string with package version
Other utilities:
cleanup_temp_files(),
create_safe_temp_dir(),
format_file_size(),
is_safe_environment(),
utilities,
validate_vt_response(),
virustotal_info()