Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/crazy-max/ghaction-virustotal
GitHub Action to upload and scan files with VirusTotal
https://github.com/crazy-max/ghaction-virustotal
actions github-actions virustotal
Last synced: 3 days ago
JSON representation
GitHub Action to upload and scan files with VirusTotal
- Host: GitHub
- URL: https://github.com/crazy-max/ghaction-virustotal
- Owner: crazy-max
- License: mit
- Created: 2020-04-27T16:06:21.000Z (over 4 years ago)
- Default Branch: master
- Last Pushed: 2024-10-28T17:51:44.000Z (about 2 months ago)
- Last Synced: 2024-10-29T22:31:11.849Z (about 2 months ago)
- Topics: actions, github-actions, virustotal
- Language: TypeScript
- Homepage: https://github.com/marketplace/actions/virustotal-github-action
- Size: 12 MB
- Stars: 160
- Watchers: 7
- Forks: 20
- Open Issues: 10
-
Metadata Files:
- Readme: README.md
- Contributing: .github/CONTRIBUTING.md
- Funding: .github/FUNDING.yml
- License: LICENSE
- Codeowners: .github/CODEOWNERS
- Support: .github/SUPPORT.md
Awesome Lists containing this project
- awesome-actions - Upload and Scan Files with VirusTotal
- fucking-awesome-actions - Upload and Scan Files with VirusTotal
- awesome-workflows - Upload and Scan Files with VirusTotal
README
## About
GitHub Action to upload and scan files with [VirusTotal](https://www.virustotal.com).
___
* [Usage](#usage)
* [Scan local files](#scan-local-files)
* [Scan assets of a published release](#scan-assets-of-a-published-release)
* [Scan through VirusTotal Monitor](#scan-through-virustotal-monitor)
* [Customizing](#customizing)
* [inputs](#inputs)
* [outputs](#outputs)
* [Contributing](#contributing)
* [License](#license)## Usage
### Scan local files
This action can be used to scan local files with VirusTotal:
![VirusTotal GitHub Action](.github/ghaction-virustotal-files.png)
```yaml
name: buildon:
pull_request:
push:jobs:
build:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: Set up Go
uses: actions/setup-go@v4
-
name: Build
run: |
GOOS=windows GOARCH=386 go build -o ./ghaction-virustotal-win32.exe -v -ldflags "-s -w"
GOOS=windows GOARCH=amd64 go build -o ./ghaction-virustotal-win64.exe -v -ldflags "-s -w"
-
name: VirusTotal Scan
uses: crazy-max/ghaction-virustotal@v4
with:
vt_api_key: ${{ secrets.VT_API_KEY }}
files: |
./ghaction-virustotal-win32.exe
./ghaction-virustotal-win64.exe
```### Scan assets of a published release
You can also use this action to scan assets of a published release on GitHub
when a [release event](https://help.github.com/en/actions/reference/events-that-trigger-workflows#release-event-release)
is triggered:```yaml
name: releasedon:
release:
types: [published]jobs:
virustotal:
runs-on: ubuntu-latest
steps:
-
name: VirusTotal Scan
uses: crazy-max/ghaction-virustotal@v4
with:
vt_api_key: ${{ secrets.VT_API_KEY }}
files: |
.exe$
```If you set `update_release_body: true` input, analysis link(s) will be appended
to the release body and will look like this:![VirusTotal GitHub Action update release body](.github/ghaction-virustotal-release-body.png)
### Scan through VirusTotal Monitor
To scan your assets through VirusTotal Monitor you can use the following
workflow:```yaml
name: buildon:
pull_request:
push:jobs:
build:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: Set up Go
uses: actions/setup-go@v4
-
name: Build
run: |
GOOS=windows GOARCH=386 go build -o ./ghaction-virustotal-win32.exe -v -ldflags "-s -w"
GOOS=windows GOARCH=amd64 go build -o ./ghaction-virustotal-win64.exe -v -ldflags "-s -w"
-
name: VirusTotal Monitor Scan
uses: crazy-max/ghaction-virustotal@v4
with:
vt_api_key: ${{ secrets.VT_API_KEY }}
vt_monitor: true
monitor_path: /ghaction-virustotal
files: |
./ghaction-virustotal-*.exe
```## Customizing
### inputs
Following inputs can be used as `step.with` keys
| Name | Type | Default | Description |
|----------------------------|--------|---------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `vt_api_key` | String | | [VirusTotal API key](https://developers.virustotal.com/v3.0/reference#authentication) to upload assets (**required**) |
| `files` | String | | Newline-delimited list of path globs/patterns for asset files to upload for analysis (**required**) |
| `vt_monitor` | Bool | `false` | If enabled, files will be uploaded to [VirusTotal Monitor](https://developers.virustotal.com/v3.0/reference#monitor) endpoint |
| `monitor_path`**¹** | String | `/` | A path relative to current monitor user root folder to upload files |
| `update_release_body`**²** | Bool | `false` | If enabled, analysis link(s) will be appended to the release body |
| `github_token`**³** | String | | [GitHub Token](https://help.github.com/en/actions/configuring-and-managing-workflows/authenticating-with-the-github_token) used to create an authenticated client for GitHub API as provided by `secrets` |
| `request_rate` | Number | `0` | API request-rate in requests/minute. Set to `4` or lower when using the standard free public API. `0` to disable rate-limit. |> * **¹** Only available if `vt_monitor` is enabled.
> * **²** Only available if [release event is triggered](#scan-assets-of-a-published-release) in your workflow.
> * **³** Required if [release event is triggered](#scan-assets-of-a-published-release) in your workflow.### outputs
The following outputs are available
| Name | Type | Description |
|---------------|---------|----------------------------------------------------------------------------|
| `analysis` | String | Analysis results formatted as `=` (comma separated) |## Contributing
Want to contribute? Awesome! The most basic way to show your support is to star
the project, or to raise issues. You can also support this project by [**becoming a sponsor on GitHub**](https://github.com/sponsors/crazy-max)
or by making a [PayPal donation](https://www.paypal.me/crazyws) to ensure this
journey continues indefinitely!Thanks again for your support, it is much appreciated! :pray:
## License
MIT. See `LICENSE` for more details.