Exploring the VirusTotal Public API with JavaScript

If you're interested in exploring data related to viruses and malware, you'll want to check out the VirusTotal Public API! This HTTP-based API allows you to interact with VirusTotal's vast collection of virus samples, URL information, IP addresses, and more.

In this blog post, we'll explore how to use the VirusTotal Public API with JavaScript. We'll walk through some basic examples of how to make HTTP requests to the API using XMLHttpRequest and fetch, and we'll look at how to authenticate your requests using an API key.

Getting Started

Before we get started, we need to make sure you have an API key. If you don't already have one, you can sign up for a free account on VirusTotal's website. Once you create an account, navigate to the API section and click "Get your API key" to generate a new key.

Now that we have our API key, let's start exploring the API!

Making HTTP Requests with XMLHttpRequest

One way to interact with the VirusTotal Public API is by making HTTP requests using XMLHttpRequest. To use this method, we'll create a new XMLHttpRequest object and specify the HTTP verb (GET, POST, etc.) and the URL we want to request. We'll also add any query parameters to the URL.

const endpoint = 'https://www.virustotal.com/vtapi/v2/file/report';
const apiKey = 'YOUR_API_KEY';
const resourceHash = 'HASH_OF_THE_FILE_YOU_WANT_TO_LOOK_UP';

const xhr = new XMLHttpRequest();
const url = `${endpoint}?resource=${resourceHash}&apikey=${apiKey}`;

xhr.open('GET', url, true);
xhr.onreadystatechange = function() {
  if (xhr.readyState === 4 && xhr.status === 200) {
    const response = JSON.parse(xhr.responseText);
    console.log(response);
  }
};
xhr.send();

In this example, we're requesting information about a file with a particular hash (specified by resourceHash). We're passing in our API key as a query parameter, and we're setting the readyStateChange function to log the response to the console.

Authenticating with fetch

Another way to make HTTP requests to the VirusTotal Public API is by using the fetch API. In this example, we'll use the Headers constructor to set our API key as a X-Apikey header on the request.

const endpoint = 'https://www.virustotal.com/vtapi/v2/ip-address/report';
const apiKey = 'YOUR_API_KEY';
const ipAddress = 'IP_ADDRESS_YOU_WANT_TO_LOOK_UP';

fetch(`${endpoint}?ip=${ipAddress}`, {
  headers: new Headers({
    'X-Apikey': apiKey
  })
})
  .then(response => response.json())
  .then(data => console.log(data));

This example fetches information about an IP address. We're passing in our API key as a X-Apikey header, and we're using the json() method to convert the response to a JSON object. Finally, we're logging the result to the console.

Wrapping Up

That's it for our quick tour of the VirusTotal Public API! We've explored how to use both XMLHttpRequest and fetch to interact with the API, and we've looked at how to authenticate our requests using an API key.

To dive deeper into the VirusTotal Public API, check out the official documentation. Happy coding!