Awesome

About

GitHub Action to upload and scan files with VirusTotal.

Usage
Customizing
- inputs
- outputs
Contributing
License

Usage

Scan local files

This action can be used to scan local files with VirusTotal:

VirusTotal GitHub Action

name: build

on:
  pull_request:
  push:

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      -
        name: Checkout
        uses: actions/checkout@v4
      -
        name: Set up Go
        uses: actions/setup-go@v4
      -
        name: Build
        run: |
          GOOS=windows GOARCH=386 go build -o ./ghaction-virustotal-win32.exe -v -ldflags "-s -w"
          GOOS=windows GOARCH=amd64 go build -o ./ghaction-virustotal-win64.exe -v -ldflags "-s -w"
      -
        name: VirusTotal Scan
        uses: crazy-max/ghaction-virustotal@v4
        with:
          vt_api_key: ${{ secrets.VT_API_KEY }}
          files: |
            ./ghaction-virustotal-win32.exe
            ./ghaction-virustotal-win64.exe

Scan assets of a published release

You can also use this action to scan assets of a published release on GitHub when a release event is triggered:

name: released

on:
  release:
    types: [published]

jobs:
  virustotal:
    runs-on: ubuntu-latest
    steps:
      -
        name: VirusTotal Scan
        uses: crazy-max/ghaction-virustotal@v4
        with:
          vt_api_key: ${{ secrets.VT_API_KEY }}
          files: |
            .exe$

If you set update_release_body: true input, analysis link(s) will be appended to the release body and will look like this:

VirusTotal GitHub Action update release body

Scan through VirusTotal Monitor

To scan your assets through VirusTotal Monitor you can use the following workflow:

name: build

on:
  pull_request:
  push:

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      -
        name: Checkout
        uses: actions/checkout@v4
      -
        name: Set up Go
        uses: actions/setup-go@v4
      -
        name: Build
        run: |
          GOOS=windows GOARCH=386 go build -o ./ghaction-virustotal-win32.exe -v -ldflags "-s -w"
          GOOS=windows GOARCH=amd64 go build -o ./ghaction-virustotal-win64.exe -v -ldflags "-s -w"
      -
        name: VirusTotal Monitor Scan
        uses: crazy-max/ghaction-virustotal@v4
        with:
          vt_api_key: ${{ secrets.VT_API_KEY }}
          vt_monitor: true
          monitor_path: /ghaction-virustotal
          files: |
            ./ghaction-virustotal-*.exe

Customizing

inputs

Following inputs can be used as step.with keys

Name	Type	Default	Description
`vt_api_key`	String		VirusTotal API key to upload assets (required)
`files`	String		Newline-delimited list of path globs/patterns for asset files to upload for analysis (required)
`vt_monitor`	Bool	`false`	If enabled, files will be uploaded to VirusTotal Monitor endpoint
`monitor_path`¹	String	`/`	A path relative to current monitor user root folder to upload files
`update_release_body`²	Bool	`false`	If enabled, analysis link(s) will be appended to the release body
`github_token`³	String		GitHub Token used to create an authenticated client for GitHub API as provided by `secrets`
`request_rate`	Number	`0`	API request-rate in requests/minute. Set to `4` or lower when using the standard free public API. `0` to disable rate-limit.

¹ Only available if vt_monitor is enabled.

² Only available if release event is triggered in your workflow.

³ Required if release event is triggered in your workflow.

outputs

The following outputs are available

Name	Type	Description
`analysis`	String	Analysis results formatted as `<filename>=<analysisURL>` (comma separated)

Contributing

Want to contribute? Awesome! The most basic way to show your support is to star the project, or to raise issues. You can also support this project by becoming a sponsor on GitHub or by making a PayPal donation to ensure this journey continues indefinitely!

Thanks again for your support, it is much appreciated! :pray:

License

MIT. See LICENSE for more details.