• Stars
    star
    149
  • Rank 248,619 (Top 5 %)
  • Language
    TypeScript
  • License
    MIT License
  • Created over 4 years ago
  • Updated 6 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

GitHub Action to upload and scan files with VirusTotal

GitHub release GitHub marketplace CI workflow Test workflow Codecov
Become a sponsor Donate Paypal

About

GitHub Action to upload and scan files with VirusTotal.


Usage

Scan local files

This action can be used to scan local files with VirusTotal:

VirusTotal GitHub Action

name: build

on:
  pull_request:
  push:

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      -
        name: Checkout
        uses: actions/checkout@v3
      -
        name: Set up Go
        uses: actions/setup-go@v3
      -
        name: Build
        run: |
          GOOS=windows GOARCH=386 go build -o ./ghaction-virustotal-win32.exe -v -ldflags "-s -w"
          GOOS=windows GOARCH=amd64 go build -o ./ghaction-virustotal-win64.exe -v -ldflags "-s -w"
      -
        name: VirusTotal Scan
        uses: crazy-max/ghaction-virustotal@v3
        with:
          vt_api_key: ${{ secrets.VT_API_KEY }}
          files: |
            ./ghaction-virustotal-win32.exe
            ./ghaction-virustotal-win64.exe

Scan assets of a published release

You can also use this action to scan assets of a published release on GitHub when a release event is triggered:

name: released

on:
  release:
    types: [published]

jobs:
  virustotal:
    runs-on: ubuntu-latest
    steps:
      -
        name: VirusTotal Scan
        uses: crazy-max/ghaction-virustotal@v3
        with:
          vt_api_key: ${{ secrets.VT_API_KEY }}
          files: |
            .exe$

If you set update_release_body: true input, analysis link(s) will be appended to the release body and will look like this:

VirusTotal GitHub Action update release body

Scan through VirusTotal Monitor

To scan your assets through VirusTotal Monitor you can use the following workflow:

name: build

on:
  pull_request:
  push:

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      -
        name: Checkout
        uses: actions/checkout@v3
      -
        name: Set up Go
        uses: actions/setup-go@v3
      -
        name: Build
        run: |
          GOOS=windows GOARCH=386 go build -o ./ghaction-virustotal-win32.exe -v -ldflags "-s -w"
          GOOS=windows GOARCH=amd64 go build -o ./ghaction-virustotal-win64.exe -v -ldflags "-s -w"
      -
        name: VirusTotal Monitor Scan
        uses: crazy-max/ghaction-virustotal@v3
        with:
          vt_api_key: ${{ secrets.VT_API_KEY }}
          vt_monitor: true
          monitor_path: /ghaction-virustotal
          files: |
            ./ghaction-virustotal-*.exe

Customizing

inputs

Following inputs can be used as step.with keys

Name Type Default Description
vt_api_key String VirusTotal API key to upload assets (required)
files String Newline-delimited list of path globs/patterns for asset files to upload for analysis (required)
vt_monitor Bool false If enabled, files will be uploaded to VirusTotal Monitor endpoint
monitor_path¹ String / A path relative to current monitor user root folder to upload files
update_release_body² Bool false If enabled, analysis link(s) will be appended to the release body
github_token³ String GitHub Token used to create an authenticated client for GitHub API as provided by secrets
request_rate Number 0 API request-rate in requests/minute. Set to 4 or lower when using the standard free public API. 0 to disable rate-limit.

outputs

Following outputs are available

Name Type Description
analysis String Analysis results formatted as <filename>=<analysisURL> (comma separated)

Contributing

Want to contribute? Awesome! The most basic way to show your support is to star the project, or to raise issues. If you want to open a pull request, please read the contributing guidelines.

You can also support this project by becoming a sponsor on GitHub or by making a Paypal donation to ensure this journey continues indefinitely!

Thanks again for your support, it is much appreciated! 🙏

License

MIT. See LICENSE for more details.

More Repositories

1

WindowsSpyBlocker

Block spying and tracking on Windows
Go
4,186
star
2

diun

Receive notifications when an image is updated on a Docker registry
Go
2,073
star
3

docker-jetbrains-license-server

JetBrains License Server Docker image
Dockerfile
1,241
star
4

swarm-cronjob

Create jobs on a time-based schedule on Docker Swarm
Go
641
star
5

csgo-server-launcher

Counter-Strike Global Offensive Dedicated Server Launcher
Shell
580
star
6

docker-fail2ban

Fail2ban Docker image
Dockerfile
542
star
7

docker-samba

Samba Docker image
Dockerfile
451
star
8

ftpgrab

Grab your files periodically from a remote FTP or SFTP server easily
Go
438
star
9

ghaction-github-pages

:octocat: GitHub Action to deploy to GitHub Pages
TypeScript
408
star
10

nodejs-portable

Node.js portable on Windows
Go
385
star
11

docker-rtorrent-rutorrent

rTorrent and ruTorrent Docker image
Dockerfile
356
star
12

ghaction-import-gpg

GitHub Action to import a GPG key
TypeScript
291
star
13

docker-cloudflared

Cloudflared proxy-dns Docker image
Dockerfile
266
star
14

ghaction-docker-buildx

:octocat: GitHub Action to set up Docker Buildx
TypeScript
233
star
15

docker-nextcloud

Nextcloud Docker image
Dockerfile
213
star
16

ddns-route53

Dynamic DNS for Amazon Route 53 on a time-based schedule
Go
203
star
17

docker-firefox-syncserver

Firefox Sync Server Docker image
Dockerfile
188
star
18

undock

Extract contents of a container image in a local folder
Go
170
star
19

docker-matomo

Matomo (formerly Piwik) Docker image
Dockerfile
161
star
20

docker-flarum

Flarum Docker image
Dockerfile
157
star
21

xgo

Go CGO cross compiler
Shell
145
star
22

ghaction-github-labeler

:octocat: GitHub Action to manage labels on GitHub
TypeScript
123
star
23

firefox-history-merger

Merge Firefox history and repair missing favicons with ease
Go
87
star
24

docker-msmtpd

Lightweight SMTP relay Docker image using msmtpd
Dockerfile
72
star
25

docker-osxcross

MacOSX cross toolchain as Docker image
Dockerfile
71
star
26

ghaction-chocolatey

:octocat: GitHub Action for Chocolatey, the package manager for Windows
Dockerfile
67
star
27

docker-qbittorrent

qBittorrent Docker image
Dockerfile
65
star
28

ghaction-container-scan

GitHub Action to check for vulnerabilities in your container image
TypeScript
58
star
29

ghaction-github-runtime

GitHub Action to expose GitHub runtime to the workflow
Dockerfile
56
star
30

geoip-updater

Download and update MaxMind's GeoIP2 databases on a time-based schedule
Go
55
star
31

dokuwiki-plugin-syntaxhighlighter4

SyntaxHighlighter4 plugin for DokuWiki
PHP
53
star
32

ghaction-xgo

:octocat: GitHub Action for xgo, a Golang CGO cross compiler
TypeScript
52
star
33

docker-unbound

Unbound Docker image
Dockerfile
50
star
34

git-rewrite-author

Rewrite authors / commiters history of a git repository with ease
Go
48
star
35

ghaction-upx

GitHub Action for UPX, the Ultimate Packer for eXecutables
TypeScript
48
star
36

docker-docker

Docker in Docker (DinD) image
Dockerfile
47
star
37

docker-pure-ftpd

Pure-FTPd Docker image based on Alpine Linux with MySQL, PostgreSQL and LDAP support
Dockerfile
47
star
38

goxx

Go CGO cross-compiler Docker image
Shell
43
star
39

CwsMailBounceHandler

📬 PHP class to help webmasters handle bounce-back, feedback loop and ARF mails in standard DSN
PHP
41
star
40

docker-dokuwiki

DokuWiki Docker image
Dockerfile
38
star
41

docker-healthchecks

Healthchecks Docker image
Dockerfile
38
star
42

ghaction-dump-context

GitHub Action composite to dump context
37
star
43

rocketchat-uptimerobot

Uptime Robot integration for Rocket.Chat
JavaScript
34
star
44

goreleaser-xx

Cross compilation helper for GoReleaser
Go
33
star
45

ghaction-github-status

GitHub Action to check GitHub Status in your workflow
TypeScript
33
star
46

aetraymenu

Aestan Tray Menu
Pascal
33
star
47

docker-alpine-s6

Alpine Linux with s6 overlay
Dockerfile
33
star
48

ghaction-dockerhub-mirror

GitHub Action to mirror a DockerHub repo to another registry
30
star
49

docker-linguist

GitHub Linguist Docker image
HCL
27
star
50

artifactory-cleanup

Cleanup artifacts on Jfrog Artifactory with advanced settings
Go
27
star
51

docker-7zip

7-Zip Docker image
Dockerfile
26
star
52

IconsRefresh

Refresh icons on Desktop, Start Menu and Taskbar
Go
26
star
53

ghaction-setup-docker

GitHub Action to set up (download and install) Docker CE
TypeScript
19
star
54

docker-ejtserver

EJT License Server Docker image
Dockerfile
19
star
55

yasu

Yet Another Switch User
Dockerfile
17
star
56

docker-rrdcached

RRDcached Docker image
Dockerfile
17
star
57

travis-wait-enhanced

Prevent Travis CI from thinking a long-running process has stalled
Go
17
star
58

ghaction-setup-containerd

GitHub Action to set up containerd
TypeScript
16
star
59

login-servers-enhanced

Fork of the official login-servers Adminer plugin with enhancements
PHP
16
star
60

docker-n8n

n8n Docker image
Dockerfile
15
star
61

ghaction-hugo

:octocat: GitHub Action for Hugo, the world's fastest framework for building websites
TypeScript
13
star
62

docker-svn2git-mirror

🐳 Docker image to mirror SVN repositories to Git periodically
Dockerfile
13
star
63

CwsShareCount

PHP class to get social share count for Delicious, Facebook, Google+, Linkedin, Pinterest, Reddit, StumbleUpon and Twitter.
PHP
13
star
64

docker-allhands2-buildx-bake

buildx bake demo @ Docker Community All-Hands #2
HCL
13
star
65

crazy-max

12
star
66

gonfig

Lightweight config handling for Go
Go
11
star
67

ghaction-docker-status

GitHub Action to check Docker system status in your workflow
TypeScript
10
star
68

docker-spliit

Spliit Docker image
Dockerfile
10
star
69

docker-artifactory

JFrog Artifactory Docker images
10
star
70

docker-shodan

Shodan Docker image
HCL
10
star
71

echo-ipfilter

Middleware that provides ipfilter support for echo framework
Go
10
star
72

expect-nt

Fork of Expect for Windows NT by Gordon Chaffee
C
8
star
73

gotestlist

List tests in the given Go packages
Go
8
star
74

dockerfile

Official Dockerfile frontend that enables building Dockerfiles with BuildKit
Go
8
star
75

ghaction-github-release

GitHub Action for creating GitHub Releases
TypeScript
7
star
76

CwsCaptcha

PHP class to generate a captcha to avoid spam.
PHP
6
star
77

crazy-max.github.io

Homepage
HTML
6
star
78

CwsDump

PHP class to replace var_dump(), print_r() based on the Xdebug style.
PHP
6
star
79

CwsCrypto

PHP class for password hashing with multi encryption methods
PHP
6
star
80

CwsSession

PHP class to manipulate sessions. Data are securely encrypted and sessions are stored in database.
PHP
5
star
81

buildkit-nofrontend

Go
5
star
82

Killer

Kill a program by process name and clean-up notify and tray icons
C#
5
star
83

rtorrent-launcher

🚀 A simple bash script to launch rtorrent as a daemon
Shell
4
star
84

docker-snmpd

🐳 SNMP daemon Docker image based on Alpine Linux
Dockerfile
4
star
85

dokuwiki-plugin-syntaxhighlighter3

📝 Fork of SyntaxHighlighter3 plugin for DokuWiki
CSS
4
star
86

docker-loop

Simple loop for dummy services
Dockerfile
4
star
87

docker-syntaxhighlighter

🐳 Docker image to build SyntaxHighlighter javascript plugin
Dockerfile
4
star
88

rocketchat-xray

JFrog Xray integration for Rocket.Chat
JavaScript
4
star
89

rocketchat-appveyor

AppVeyor integration for Rocket.Chat
JavaScript
4
star
90

CwsDebug

PHP class to output additional messages for debug
PHP
4
star
91

docker-syspass

🐳 sysPass Docker image based on Alpine Linux
Dockerfile
4
star
92

shares-erasor

A DOS Batch script to remove all shares and disable auto shares on Windows systems.
Shell
4
star
93

IOPriority

Fork of IO Priority
C#
3
star
94

docker-inboxen

🐳 Inboxen Docker image based on Alpine Linux
Dockerfile
3
star
95

rocketchat-microbadger

MicroBadger integration for Rocket.Chat
JavaScript
3
star
96

CwsCurl

A flexible wrapper PHP class for the cURL extension.
PHP
3
star
97

geass

A multi-user front-end client for rTorrent with many features
3
star
98

CwsOvhLogsDownloader

PHP class to download the Apache access and error, FTP, CGI, Out and SSH logs available on http://logs.ovh.net from a shared hosting.
PHP
3
star
99

ama

Ask me Anything!
2
star
100

crossfit-reader

💳 Card reader application for ACR122U device affiliate to the Crossfit Nancy booking application
Java
2
star