ワンクリックで
virustotal
VirusTotal: check file/URL/domain/IP against 70+ AV engines
Codex または Claude でインストール この Prompt をコピーして Codex、Claude、または他のアシスタントに貼り付けると、Skill ページを確認してインストールできます。
メニュー
VirusTotal: check file/URL/domain/IP against 70+ AV engines
Codex または Claude でインストール この Prompt をコピーして Codex、Claude、または他のアシスタントに貼り付けると、Skill ページを確認してインストールできます。
SOC 職業分類に基づく
Search and download arXiv papers (no API key needed)
Delegate coding and file edits to Anthropic Claude Code CLI
Read/write Windows clipboard text, HTML, images, history (PowerShell)
Running scripts and code on Windows
Delegate coding tasks to OpenAI Codex CLI
Windows Defender: scans, threat history, signatures (PowerShell)
| name | virustotal |
| description | VirusTotal: check file/URL/domain/IP against 70+ AV engines |
| category | security |
| version | 1.0.0 |
| license | Apache-2.0 |
| origin | aiden |
| tags | security, virustotal, malware, antivirus, threat-intel, hash, url, domain, ip, incident-response |
| env_required | ["VIRUSTOTAL_API_KEY"] |
VirusTotal aggregates results from 70+ antivirus engines and threat intelligence feeds. Check file hashes, URLs, domains, and IP addresses for known malware, phishing, and suspicious activity.
Requires: VIRUSTOTAL_API_KEY — free at https://www.virustotal.com/gui/my-apikey (4 req/min on free tier).
$hash = "44d88612fea8a8f36de82e1278abb02f" # EICAR test file
$key = $env:VIRUSTOTAL_API_KEY
$url = "https://www.virustotal.com/api/v3/files/$hash"
$result = Invoke-RestMethod -Uri $url -Headers @{ "x-apikey" = $key }
$stats = $result.data.attributes.last_analysis_stats
Write-Host "File: $($result.data.attributes.meaningful_name)"
Write-Host "Malicious: $($stats.malicious) / $($stats.malicious + $stats.undetected + $stats.harmless)"
Write-Host "Suspicious: $($stats.suspicious)"
Write-Host "First seen: $($result.data.attributes.first_submission_date)"
$targetUrl = "https://example.com"
$key = $env:VIRUSTOTAL_API_KEY
# URL id = URL-safe base64 without padding
$bytes = [System.Text.Encoding]::UTF8.GetBytes($targetUrl)
$b64 = [Convert]::ToBase64String($bytes).Replace('+','-').Replace('/','_').TrimEnd('=')
$url = "https://www.virustotal.com/api/v3/urls/$b64"
$result = Invoke-RestMethod -Uri $url -Headers @{ "x-apikey" = $key }
$stats = $result.data.attributes.last_analysis_stats
Write-Host "URL: $targetUrl"
Write-Host "Malicious: $($stats.malicious)"
Write-Host "Phishing: $($result.data.attributes.categories -join ', ')"
Write-Host "Reputation: $($result.data.attributes.reputation)"
$domain = "example.com"
$key = $env:VIRUSTOTAL_API_KEY
$url = "https://www.virustotal.com/api/v3/domains/$domain"
$result = Invoke-RestMethod -Uri $url -Headers @{ "x-apikey" = $key }
$attrs = $result.data.attributes
Write-Host "Domain: $domain"
Write-Host "Reputation: $($attrs.reputation)"
Write-Host "Categories: $($attrs.categories.PSObject.Properties.Value -join ', ')"
$stats = $attrs.last_analysis_stats
Write-Host "Malicious: $($stats.malicious) engines"
$ip = "1.1.1.1"
$key = $env:VIRUSTOTAL_API_KEY
$url = "https://www.virustotal.com/api/v3/ip_addresses/$ip"
$result = Invoke-RestMethod -Uri $url -Headers @{ "x-apikey" = $key }
$attrs = $result.data.attributes
$stats = $attrs.last_analysis_stats
Write-Host "IP: $ip"
Write-Host "AS Owner: $($attrs.as_owner)"
Write-Host "Country: $($attrs.country)"
Write-Host "Reputation: $($attrs.reputation)"
Write-Host "Malicious: $($stats.malicious) engines"
"Is hash 44d88612fea8a8f36de82e1278abb02f malware?" → Use the file hash check — malicious count > 0 means confirmed threats.
"Check if https://suspicious-login.com is phishing"
→ Use the URL check — look at malicious and phishing categories.
"I got an alert for domain evil-c2.net — is it known bad?" → Use the domain check — look at reputation score and malicious engine count.
"This IP keeps hitting our firewall — is it a known attacker?"
→ Use the IP check — reputation < 0 and high malicious count = treat as threat.
Start-Sleep -Seconds 16 between calls when checking multiple IOCsVIRUSTOTAL_API_KEY — free account at https://www.virustotal.com/gui/join-us