Virus Score API

adslk

Overview

The Virus Score API allows you to use our scanning service with your applications. This guide should help you get started quickly and give you an overview of the various functions.

adslk

Getting Started

Before you can use the API you'll have to generate a key. Don't worry, it's really easy.
After generating your key, your API Key and Secret Key will be displayed by clicking on it.
It'll display a window similar to this:

adslk

Authentication

In order to properly authenticate your request, you need to include three parameters with each payload:

  • key - Your API Key
  • nonce - A string that's unique for every call
  • signature - A HMAC_SHA256 encrypted string
Your signature is generated by encrypting the concatenation of your Secret Key and Nonce using your Secret Key.
To illustrate this, let's create a function and return a signature using the information found above:
  1. Generate a string to use as a Nonce. For this example, we use a UNIX Timestamp with a value of 1461371317.
  2. Concatenate your Secret Key and Nonce. This would be 431ca9afd0917c54b7a06cc251490aa91461371317
  3. Your signature is the above string encrypted via HMAC_SHA256 using your Secret Key:
    aedf5c29bc702d0d3dde39b88336d9c1f6c9c3b59e09529de51f21313c752085
  4. Examples

    								
    function sign($nonce,$secretkey){
    	$concat = $secretkey.$nonce;
    	return hash_hmac('sha256', $concat, $secretkey);
    }	
    $rnonce = time();
    // $rnonce == 1461371317
    $signature = sign($rnonce,'431ca9afd0917c54b7a06cc251490aa9');
    								
    import hmac
    import hashlib
    import time
    
    def sign(nonce, secretkey):
        concat = secretkey+nonce
        return hmac.new(secretkey.encode(), concat.encode(), hashlib.sha256).hexdigest()
    rnonce = str(time.time())
    # rnonce == 1461371317
    signature = sign(rnonce,'431ca9afd0917c54b7a06cc251490aa9')
    								

adslk

API Endpoints

Scan Download

POST /api/scan/download

Parameters

  • key
  • nonce
  • signature
  • url - The File's Download link

Returns

Scan File

POST /api/scan/file

Parameters

  • key
  • nonce
  • signature
  • file - base64 encoded binary data

Returns

Scan Website

POST /api/scan/website

Parameters

  • key
  • nonce
  • signature
  • url - The Website's URL

Returns

  • Score
  • Scan result
  • ID
  • Domain
  • MD5
  • SHA1
  • Genesis
  • Mutation
  • Scans
  • Comments

Lookup Hash

POST /api/lookuphash

Parameters

  • key
  • nonce
  • signature
  • hash - The hash you want to search for

Returns

  • Score
  • Scan result
  • ID
  • Name
  • MD5
  • SHA1
  • Type
  • Size
  • Genesis
  • Mutation
  • Scans
  • Comments
adslk

PHP Wrapper

You can also download our PHP Wrapper to interact with the Virus Score API.
All you need to get started is to create a new instance of VirusScore and pass in your API Key and Secret Key. Our code takes care of the rest.
$vs = new VirusScore('ebf81ec050','431ca9afd0917c54b7a06cc251490aa9');
Now you can start using the supported functions:

Scan Download

$vs->scanDownload('http://i.imgur.com/Zll6cPS.jpg');

Parameters

  • url - The File's Download link

Returns

Scan File

$vs->scanFile('text.txt');

Parameters

  • The path of the file you want to scan

Returns

Scan Website

$vs->scanWebSite('https://www.google.ca/');

Parameters

  • url - The Website's URL

Returns

Lookup Hash

$vs->lookuphash('7221a255eeaaabb153d4389f22872daf');

Parameters

  • hash - The MD5 hash you want to search for

Returns

  • Score
  • Scan result
  • ID
  • Name
  • MD5
  • SHA1
  • Type
  • Size
  • Genesis
  • Mutation
  • Scans
  • Comments