Skip to content

DragosRadut/ThreatHub

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
scanner.bat
scanner.bat
 
 
setup.reg
setup.reg
 
 

Repository files navigation

ThreatHub

Description

ThreatHub uses the VirusTotal API to detect known threats on a machine by scanning selected files using right click, Scan with ThreatHub.

Implementation

  • setup.reg: used to add the necessary Windows Registry entries for the right click -> scan funtionality;
  • scanner.bat: the script that performs the call:
	* generate the hash for the selected file using *certutil*;
	* parse the output of *certutil* to store the hash only;
	* query *VirusTotal API*:
		curl -X GET -H "x-apikey: <apikey>" --url https://www.virustotal.com/api/v3/files/<hash>
	* save report option using *choice*

Dependencies

  • Windows Registry entries from setup.reg
  • certutil
  • VirusTotal API key

DEMO

Target: EICAR test file

DEMO_ThreatHub.mp4

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages