RIPVT : Virus Total API Maltego Transform Set For Canari

ripVT is a Maltego Canari transforms for Virus Total private API. Provided AS-IS, no warranties, no guarantees. No jokes in this repo. It’s as serious as you are.

Installation

  1. Requires Canari, specifically this branch/version
  2. Install Malformity

sudo python setup.py install
canari create-profile ripVT

  1. Import generated ripVT.mtz
  2. Import entities stored at:

src/ripVT/resources/external/entities.mtz

  1. Copy src/ripVT/resources/etc/ripVT.conf to ~/.canari/
  2. Pivot

Pivots

Multiple unique entities enable forward & reverse searches. Unique graphically-distinguished icons.

Also Read – PhoneSploit : Using Open ADB Ports We Can Exploit A Android Device

Search (Phrase Entity) ->

  • Generic Search
  • Behavioral
  • Engines
  • ITW

Generic

  • Hash -> Download to Repository

Hash -> VT File Report ->

  • Behavioral (Copied Files, Deleted, Downloaded, Moved, Mutex, Network, Opened, Read, Replaced, Written)
  • Imphash
  • Cert / Certs
  • Compile Time
  • Detections
  • Exports / Imports
  • File Names
  • In-The-Wild (ITW) Locations
  • Parents (Dropped / Created By)
  • PE Resources
  • PE Sections
  • SSDEEP
  • Similar-To

Domain -> VT Domain Report ->

  • Undetected/Detected Communicating Samples
  • Undetected/Detected Domain-Embedding Samples
  • Undetected/Detected Domain-Downloaded Samples
  • PCAP
  • Domain Resolutions
  • Siblings
  • Subdomains
  • Detected URLs

IP Address -> VT IP Report

  • Undetected/Detected Communicating Samples
  • Undetected/Detected Domain-Embedding Samples
  • Undetected/Detected Domain-Downloaded Samples
  • PCAP
  • Domain Resolutions
  • Siblings
  • Subdomains
  • Detected URLs

Detections ->

  • Search Detection Name (Engine Included)
  • Search Detection Name (No Engine

Cuckoo -> (Report ID)

  • Report -> Network
R K

Recent Posts

Bash Arrays Explained Simply: Beginner’s Guide with Examples

If you’re learning Bash scripting, one of the most useful features you’ll come across is…

17 hours ago

Bash For Loop Examples Explained Simply for Beginners

If you are new to Bash scripting or Linux shell scripting, one of the most…

1 day ago

How Does a Firewall Work Step by Step

How Does a Firewall Work Step by Step? What Is a Firewall and How Does…

3 days ago

ROADTools: The Modern Azure AD Exploration Framework

ROADTools is a powerful framework designed for exploring and interacting with Microsoft Azure Active Directory…

6 days ago

How to Enumerate Microsoft 365 Groups Using PowerShell and Python

Microsoft 365 Groups (also known as M365 Groups or Unified Groups) are at the heart…

6 days ago

SeamlessPass: Using Kerberos Tickets to Access Microsoft 365

SeamlessPass is a specialized tool designed to leverage on-premises Active Directory Kerberos tickets to obtain…

7 days ago