Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Virus Total Hunting - Botconf 2018

Virus Total Hunting - Botconf 2018

This talk is about a tool created with the VT API version 3 to get information about the latest hunting notification. It has been given in December 2018 during the lightening talks.

9103dacbfc728d2a583981e7cf854cc4?s=128

Thomas Roccia

December 05, 2018
Tweet

Transcript

  1. VTHunting A Tiny Tool for Malware Hunting Collaboration Thomas ROCCIA

    Security Researcher, Advanced Threat Research @fr0gger_
  2. 2 Botconf - Thomas Roccia – 2018 What is VThunting?

    • VTHunting is a tiny tool coded in Python • Used to collect Malware Hunting Report from VirusTotal • Centralize reports notification in one place Disclaimer: You need a VirusTotal Intelligence API
  3. 3 Botconf - Thomas Roccia – 2018 What it can

    do? Vthunting.py CLI Report Slack Report Telegram Report Email Report Request VTI
  4. 4 Botconf - Thomas Roccia – 2018 How to use

    it? • Configuring with cron to generate daily, weekly or monthly report
  5. 5 Botconf - Thomas Roccia – 2018 Report Examples

  6. 6 Botconf - Thomas Roccia – 2018 Where to find

    it? https://github.com/fr0gger/vthunting
  7. 7 Botconf - Thomas Roccia – 2018 Happy Hunting! Thomas

    ROCCIA Security Researcher, McAfee Advanced Threat Research @fr0gger_ https://github.com/fr0gger/vthunting