I would like to use the self-issued API key (see How to issue a self-signed API key) to search the database on the public/private instance.
- Download the VxAPI wrappers here: https://github.com/PayloadSecurity/VxAPI
- Install Python 3.4 (or above): https://www.python.org/downloads/
- Take a look at the README.md file or edit the config.py file and specify the API key/secret and application server. Example:
- Print a list of available endpoints for your authorization level: python vxapi.py -h
- To track some campaigns or find samples similar to a given SHA256, use the search endpoint and utilize some of the advanced search queries. For example:
python vxapi.py search similar-to:35047ad869607de0a52d54be5998f268c719bb655e168f9bff8356b1f1239c55
- This will yield some basic results:
- Using the SHA256 and environment ID, retrieve additional information (such as network traffic) from a sample using the get_summary endpoint:
python vxapi.py get_summary 01837d9b63b19d04125dfcce7941f7ac0e388f67b469ba8dea9c910d5cafe363 100
- The most interesting search "prefix" terms can be found in the FAQ at the "Do you have some advanced search options?" section: https://www.hybrid-analysis.com/faq
- Have fun!
Note: the restricted API keys on the public server are limited to 5 queries per minute and 200 per hour.