Name: get_file_report Description: Get a comprehensive file analysis report using its hash (MD5/SHA-1/SHA-256). Returns a concise summary of key threat details including detection stats, threat classification, and important indicators. Parameters: hash (required): The MD5, SHA-1, or SHA-256 hash of the file to analyze....
Name: get_url_report Description: Get a comprehensive URL analysis report including security scan results and key relationships like communicating files, contacted domains/IPs, downloaded files, redirects, and related threat actors. This tool automatically fetches summary information for these key relationships. For detailed, paginated relationship data, use the 'get_url_relationship' tool....
Name: get_domain_report Description: Get a comprehensive domain analysis report including DNS records, WHOIS data, and key relationships like historical SSL certificates, subdomains, resolutions, and related threat actors. This tool automatically fetches summary information for these key relationships. For detailed, paginated relationship data, use the 'get_domain_relationship' tool....
Name: get_ip_report Description: Get a comprehensive IP address analysis report including geolocation, reputation data, and key relationships like communicating/downloaded files, historical certificates/WHOIS, resolutions, and related URLs/threat actors. This tool automatically fetches summary information for these key relationships. For detailed, paginated relationship data, use the 'get_ip_relationship' tool....
Name: get_file_behavior_summary Description: Retrieves a summary of all behavior reports (sandbox execution details) for a specific file hash (MD5/SHA-1/SHA-256). This provides a consolidated view of dynamic analysis results from multiple sandboxes. Parameters: hash (required): The MD5, SHA-1, or SHA-256 hash of the file.
Name: advanced_corpus_search Description: Performs an advanced search across the VirusTotal dataset using VT Intelligence query syntax. This requires a premium VirusTotal API key with Intelligence access. Supports pagination....
Name: get_file_relationship Description: Query a specific relationship type for a file hash (MD5/SHA-1/SHA-256) with pagination support. Use this for in-depth exploration of connections. Parameters: hash (required): MD5, SHA-1 or SHA-256 hash of the file....
Name: get_url_relationship Description: Query a specific relationship type for a URL with pagination support. Use this for in-depth exploration of connections. The tool automatically generates the required VirusTotal URL identifier....
Name: get_domain_relationship Description: Query a specific relationship type for a domain with pagination support. Use this for in-depth exploration of connections. Parameters: domain (required): The domain name to analyze....
Name: get_ip_relationship Description: Query a specific relationship type for an IP address with pagination support. Use this for in-depth exploration of connections. Parameters: ip (required): The IP address to analyze....
VirusTotal API Key required to authenticate API calls.
