Thursday, December 16, 2021

VT Collections Swiss army knife

Since we announced VirusTotal Collections we are really grateful for the warm adoption we received from the VirusTotal community (please remember to help us gather your feedback using the following form). Indeed, we already observed very interesting content leveraging the potential of collection, like the LOG4SHELL: potential IOC collection by our colleague Jesus Toledano.

Several users contacted us interested in learning an easy way to create a collection using the command line. We just implemented this functionality in our vt-cli utility. In case you are not familiar with it, vt-cli is one of our command line tools and it supports many of the features available in the GUI. Back to creating our collection with the command line, you can use something like:

cat ioc-list.txt | vt-cli collection create -n “Collection Name” -

Vt-cli can also assist you to get relevant information from any existing collection. In the example you can find in the video below, we create a collection starting from two suspicious IP addresses and we later get the last analysis stats from them:

Not only that, we already implemented this functionality for you and you can find it ready to use in the following links both for Python and Go.

Finally, keep in mind there is a fully documented REST API that you can use in the same way you use the rest of VirusTotal APIs.

Happy hunting!