Utility > Upload and Scan Files with VirusTotal
About
GitHub Action to upload and scan files with VirusTotal.
Usage
Scan local files
This action can be used to scan local files with VirusTotal:
- name: VirusTotal Scan
uses: crazy-max/ghaction-virustotal@v5
with:
vt_api_key: ${{ secrets.VT_API_KEY }}
files: |
./foo-win32.exe
./foo-win64.exe
Scan through VirusTotal Monitor
To scan your assets through VirusTotal Monitor you can use the following workflow:
- name: VirusTotal Scan
uses: crazy-max/ghaction-virustotal@v5
with:
vt_api_key: ${{ secrets.VT_API_KEY }}
vt_monitor: true
monitor_path: /ghaction-virustotal
files: |
./foo-win32.exe
./foo-win64.exe
Scan assets of a published release
You can also use this action to scan assets of a published release on GitHub when a release event is triggered:
name: released
permissions:
contents: read
on:
release:
types:
- published
jobs:
virustotal:
runs-on: ubuntu-latest
steps:
-
name: VirusTotal Scan
uses: crazy-max/ghaction-virustotal@v5
with:
vt_api_key: ${{ secrets.VT_API_KEY }}
files: |
.exe$
If you set update_release_body: true input, analysis link(s) will be appended
to the release body:
name: released
permissions:
contents: read
on:
release:
types:
- published
jobs:
virustotal:
runs-on: ubuntu-latest
permissions:
# required to write GitHub Release body
contents: write
steps:
-
name: VirusTotal Scan
uses: crazy-max/ghaction-virustotal@v5
with:
vt_api_key: ${{ secrets.VT_API_KEY }}
update_release_body: true
files: |
.exe$
And will look like this:
Customizing
inputs
Following inputs can be used as step.with keys
| Name | Type | Default | Description |
|---|---|---|---|
vt_api_key |
String | VirusTotal API key to upload assets (required) | |
files |
String | Newline-delimited list of path globs/patterns for asset files to upload for analysis (required) | |
vt_monitor |
Bool | false |
If enabled, files will be uploaded to VirusTotal Monitor endpoint |
monitor_path¹ |
String | / |
A path relative to current monitor user root folder to upload files |
update_release_body² |
Bool | false |
If enabled, analysis link(s) will be appended to the release body |
github_token³ |
String | GitHub Token used to create an authenticated client for GitHub API as provided by secrets |
|
request_rate |
Number | 0 |
API request-rate in requests/minute. Set to 4 or lower when using the standard free public API. 0 to disable rate-limit. |
[!NOTE]
- ¹ Only available if
vt_monitoris enabled.- ² Only available if release event is triggered in your workflow.
- ³ Required if release event is triggered in your workflow.
outputs
The following outputs are available
| Name | Type | Description |
|---|---|---|
analysis |
String | Analysis results formatted as <filename>=<analysisURL> (comma separated) |
Contributing
Want to contribute? Awesome! The most basic way to show your support is to star the project, or to raise issues. You can also support this project by becoming a sponsor on GitHub or by making a PayPal donation to ensure this journey continues indefinitely!
Thanks again for your support, it is much appreciated! :pray:
License
MIT. See LICENSE for more details.