VirusTotal is a free online service that analyzes files and URLs for viruses, worms, trojans and other kinds of malicious content. It aggregates many antivirus products and online scan engines to check for threats that the user's own antivirus may have missed.
Why this server?
Allows for the submission of observables like IPs and hashes to VirusTotal through Cortex's analysis pipeline for security enrichment.
Why this server?
Provides tools for domain reputation analysis and threat intelligence, allowing AI agents to query VirusTotal for malicious activity detections, URL safety checks, and historical infrastructure records.
Why this server?
Enables checking file hash (MD5/SHA1/SHA256) and IP reputation with detection ratios and vendor verdicts from VirusTotal's threat intelligence database.
Why this server?
Allows querying the VirusTotal API for comprehensive security analysis reports including URL analysis, file analysis, IP analysis, domain analysis, and relationship tools.
Why this server?
Enables checking the reputation of URLs and accessing threat intelligence data through the VirusTotal API to identify malicious activity.
Why this server?
Provides tools for performing malware hash lookups using VirusTotal's database of over 68 antivirus engines to identify and analyze malicious files.
Why this server?
Performs enrichment lookups for IP addresses, domains, and URLs to obtain threat intelligence data from VirusTotal
Why this server?
Leverages the VirusTotal API to provide comprehensive file analysis, sandbox behavior reports, and reputation checking for domains, IP addresses, and URLs.
Why this server?
Integrates with VirusTotal's threat intelligence database to scan extracted Indicators of Compromise (IoCs) from email headers and content, providing detection ratios and threat classifications for domains, IPs, and file hashes.