It would be nice if the VTMIS-Search plug-in supported the VirusTotal API's "allinfo=true" parameter to pull the larger dataset that offers. Some of the outputs likely overlap those of stoQ (i.e. PE info), but others, like "harmless_votes" and "malicious_votes", can be helpful for analysis.
I tried making a quick edit to a copy...
params = {
'allinfo': 'true', #Should return additional data, but this isn't working out?
'apikey': self.apikey,
key: query
}
...but such didn't work out. I think I'm missing something about how plug-ins work / are updated.
It would be nice if the VTMIS-Search plug-in supported the VirusTotal API's "allinfo=true" parameter to pull the larger dataset that offers. Some of the outputs likely overlap those of stoQ (i.e. PE info), but others, like "harmless_votes" and "malicious_votes", can be helpful for analysis.
I tried making a quick edit to a copy...
...but such didn't work out. I think I'm missing something about how plug-ins work / are updated.