Use SQL to instantly query file, domain, URL and IP scanning results from VirusTotal.

image

VirusTotal Plugin for Steampipe

Use SQL to query file, domain, URL and IP scanning results from VirusTotal.

Quick start

Install the plugin with Steampipe:

steampipe plugin install virustotal

Run a query:

select
  meaningful_name,
  reputation
from
  virustotal_file
where
  path = '/full/path/to/file'

Developing

Prerequisites:

Clone:

git clone [email protected]:turbot/steampipe-plugin-virustotal
cd steampipe-plugin-virustotal

Build, which automatically installs the new version to your ~/.steampipe/plugins directory:

make

Configure the plugin:

cp config/* ~/.steampipe/config
vi ~/.steampipe/config/virustotal.spc

Try it!

steampipe query
> .inspect virustotal

Further reading:

Contributing

Please see the contribution guidelines and our code of conduct. All contributions are subject to the Apache 2.0 open source license.

help wanted issues:

Owner
Turbot
Get cloud work done with Turbot — Creators of https://turbot.com/v5 and https://steampipe.io
Turbot
https://github.com/turbot/steampipe-plugin-virustotal https://hub.steampipe.io/plugins/turbot/virustotal
Comments
  • Recompile plugin with steampipe-plugin-sdk v4.1.6 and Go version 1.19

    Recompile plugin with steampipe-plugin-sdk v4.1.6 and Go version 1.19 

    select
  analysis.key as scanner,
  analysis.value ->> 'result' as result
from
  virustotal.virustotal_ip,
  jsonb_each(last_analysis_results) as analysis
where
  id = '76.76.21.21'
  and analysis.value ->> 'result' != 'clean'
order by
  scanner
+-------------+---------+
| scanner     | result  |
+-------------+---------+
| 0xSI_f33d   | unrated |
| AutoShun    | unrated |
| Cyan        | unrated |
| Kaspersky   | unrated |
| Lumu        | unrated |
| Netcraft    | unrated |
| NotMining   | unrated |
| PhishLabs   | unrated |
| SafeToOpen  | unrated |
| StopBadware | unrated |
| URLQuery    | unrated |
+-------------+---------+
  • Add CHANGELOG for v0.2.0

    Add CHANGELOG for v0.2.0

    Integration test logs

    Logs 
    Add passing integration test logs here

    Example query results

    Results 
    Add example SQL query results here (please include the input queries as well)
  • Add golangci-lint and stale workflows

    Add golangci-lint and stale workflows

    Integration test logs

    Logs 
    Add passing integration test logs here

    Example query results

    Results 
    Add example SQL query results here (please include the input queries as well)
  • Add CHANGELOG for v0.0.2

    Add CHANGELOG for v0.0.2

    Integration test logs

    Logs 
    Add passing integration test logs here

    Example query results

    Results 
    Add example SQL query results here (please include the input queries as well)
  • Update steampipe-plugin-sdk to v1.6.1 closes #1

    Update steampipe-plugin-sdk to v1.6.1 closes #1

    Integration test logs

    Logs 
    select total_votes from virustotal_domain where id = 'steampipe.io'
+------------------------------+
| total_votes                  |
+------------------------------+
| {"harmless":0,"malicious":0} |
+------------------------------+

    Example query results

    Results 
    Add example SQL query results here (please include the input queries as well)
Related tags
Database tools sql postgresql virustotal virustotal-api steampipe steampipe-plugin postgresql-fdw
Use SQL to instantly query instances, networks, databases, and more from Scaleway. Open source CLI. No DB required.
 Use SQL to instantly query instances, networks, databases, and more from Scaleway. Open source CLI. No DB required.

Scaleway Plugin for Steampipe Use SQL to query infrastructure servers, networks, databases and more from your Scaleway project. Get started → Document

Nov 16, 2022
Use SQL to instantly query resources, data sources and more from Terraform code. Open source CLI. No DB required.
 Use SQL to instantly query resources, data sources and more from Terraform code. Open source CLI. No DB required.

Terraform Plugin for Steampipe Use SQL to query data from Terraform configuration files. Get started → Documentation: Table definitions & examples Com

Dec 22, 2022
Use SQL to instantly query Algolia indexes and configuration. Open source CLI. No DB required

Use SQL to instantly query Algolia indexes and configuration. Open source CLI. No DB required

Oct 1, 2022
Use SQL to instantly query Datadog resources across accounts. Open source CLI. No DB required.

steampipe-plugin-datadog Datadog Plugin for Steampipe Use SQL to query dashboards, users, roles and more from Datadog. Get started → Documentation: Ta

Dec 17, 2022
Use SQL to instantly query Hypothesis resources. Open source CLI. No DB required.

Hypothesis Plugin for Steampipe Prerequisites Steampipe Golang Build $ git clone https://github.com/judell/steampipe-plugin-hypothesis.git $ cd steam

Dec 11, 2022
Simple pgx wrapper to execute and scan query results

pig Simple pgx wrapper to execute and scan query results. Features All-in-one tool; Simple transactions management: You can set idle_in_transaction_se

Dec 5, 2022
OctoSQL is a query tool that allows you to join, analyse and transform data from multiple databases and file formats using SQL.
 OctoSQL is a query tool that allows you to join, analyse and transform data from multiple databases and file formats using SQL.

OctoSQL OctoSQL is a query tool that allows you to join, analyse and transform data from multiple databases, streaming sources and file formats using

Dec 29, 2022
Use SQL to query host, DNS and exploit information using Shodan. Open source CLI. No DB required.

Shodan Plugin for Steampipe Query Shodan with SQL Use SQL to query host, DNS and exploit information using Shodan. For example: select * from shod

Nov 10, 2022
Use SQL to query information including Users, Groups, Clients, Roles and more from Keycloak.

Keycloak Plugin for Steampipe [WIP] THIS IS NOT ACTIVE NOR WORKING YET - DO NOT USE Use SQL to query information including Users, Groups, Clients, Rol

Jan 6, 2023
Use SQL to query instances, domains and more from Prometheus.
 Use SQL to query instances, domains and more from Prometheus.

Use SQL to instantly query Prometheus metrics, alerts, labels and more. Open source CLI. No DB required.

Nov 28, 2022
Use SQL to query databases, logs and more from PlanetScale

Use SQL to instantly query PlanetScale databases, branches and more. Open source CLI. No DB required.

Sep 30, 2022
This is the code example how to use SQL to query data from any relational databases in Go programming language.

Go with SQL example This is the code example how to use SQL to query data from any relational databases in Go programming language. To start, please m

Mar 12, 2022
Parses a file and associate SQL queries to a map. Useful for separating SQL from code logic

goyesql This package is based on nleof/goyesql but is not compatible with it any more. This package introduces support for arbitrary tag types and cha

Oct 20, 2021
Go-Postgresql-Query-Builder - A query builder for Postgresql in Go

Postgresql Query Builder for Go This query builder aims to make complex queries

Nov 17, 2022
A Go SQL query builder and struct mapper.

godb - a Go query builder and struct mapper godb is a simple Go query builder and struct mapper, not a full-featured ORM. godb does not manage relatio

Dec 6, 2022
Query and Provision Cloud Infrastructure using an extensible SQL based grammar
 Query and Provision Cloud Infrastructure using an extensible SQL based grammar

Deploy, Manage and Query Cloud Infrastructure using SQL [Documentation] [Developer Guide] Cloud infrastructure coding using SQL InfraQL allows you to

Oct 25, 2022
Query redis with SQL
 Query redis with SQL

reqlite reqlite makes it possible to query data in Redis with SQL. Queries are executed client-side with SQLite (not on the redis server). This projec

Dec 23, 2022
Library for scanning data from a database into Go structs and more

scany Overview Go favors simplicity, and it's pretty common to work with a database via driver directly without any ORM. It provides great control and

Jan 9, 2023
BQB is a lightweight and easy to use query builder that works with sqlite, mysql, mariadb, postgres, and others.

Basic Query Builder Why Simple, lightweight, and fast Supports any and all syntax by the nature of how it works Doesn't require learning special synta

Dec 7, 2022