openapi: 3.0.3
info:
title: VirusTotal API v3 - Private Scanning
version: '3.0'
description: Submit files and URLs for analysis without sharing the artefact with the VirusTotal community. Mirrors the public scanning surface (Files / URLs / Analyses / Behaviours / Zip Files).
contact:
name: VirusTotal / Google Threat Intelligence
url: https://docs.virustotal.com/reference/overview
license:
name: VirusTotal Terms of Service
url: https://www.virustotal.com/gui/terms-of-service
x-generated-from: https://storage.googleapis.com/gtidocresources/guides/GTI_API_v3_openapi_spec_10022025.json
x-last-validated: '2026-05-29'
servers:
- url: https://www.virustotal.com/api/v3
description: VirusTotal / GTI API v3 production.
security:
- VTApiKey: []
tags:
- name: Private Scanning - Analyses
description: Private Scanning - Analyses
- name: Private Scanning - Files
description: Private Scanning - Files
- name: Private Scanning - Files Behaviours
description: Private Scanning - Files Behaviours
- name: Private Scanning - URLs
description: Private Scanning - URLs
- name: Private Scanning - Zipping files
description: Private Scanning - Zipping files
paths:
/private/analyses:
get:
tags:
- Private Scanning - Analyses
deprecated: false
description: "> \U0001F6A7 Special privileges required\n> \n> Private Scanning endpoints are only available to users with [Private Scanning license](https://www.virustotal.com/gui/private-scanning-overview).\n\
\nReturns a list of the last [private analyses](https://gtidocs.virustotal.com/reference/private-analyses-object). The analyses are sorted by most recent first. You can use `?order=date-` to reverse\
\ the order.\n\n```json /api/v3/private/analyses\n{\n \"meta\": {\n \"cursor\": <string>,\n \"count\": <int>\n },\n \"data\": {\n <PRIVATE_ANALYSIS_OBJECT>,\n <PRIVATE_ANALYSIS_OBJECT>,\n\
\ ...\n },\n \"links\": {\n \"self\": <string>,\n \"next\": <string>\n }\n}\n```\n```json\n{\n\t\"meta\": {\n\t\t\"count\": 90,\n\t\t\"cursor\": \"1\"\n\t},\n\t\"data\": [\n\t\t{\n\t\
\t\t\"attributes\": {\n\t\t\t\t\"status\": \"completed\",\n\t\t\t\t\"sandbox_status\": {\n\t\t\t\t\t\"Zenbox\": {\n\t\t\t\t\t\t\"status\": \"finished\",\n\t\t\t\t\t\t\"in_progress_percent\": 100\n\
\t\t\t\t\t}\n\t\t\t\t},\n\t\t\t\t\"sandbox_configuration\": {\n\t\t\t\t\t\"enable_internet\": false,\n\t\t\t\t\t\"command_line\": \"\"\n\t\t\t\t},\n\t\t\t\t\"date\": 1666170912\n\t\t\t},\n\t\t\t\
\"type\": \"private_analysis\",\n\t\t\t\"id\": \"NTJjNTM1MThmMzhiNWRiNGE1ZWQ5ZDhiZjQyNWY2NzM6NTJjMjllYmQ3MThjODM2OWRjNmFiNmIzOTc2MmM3OTY6MTY2NjE3MDkxMg==\",\n\t\t\t\"links\": {\n\t\t\t\t\"item\"\
: \"https://www.virustotal.com/api/v3/private/files/16f6c6439c5b971218b9cd1d616ba40c7cad08c94984ecfde443dfa3c61c6152\",\n\t\t\t\t\"self\": \"https://www.virustotal.com/api/v3/private/analyses/NTJjNTM1MThmMzhiNWRiNGE1ZWQ5ZDhiZjQyNWY2NzM6NTJjMjllYmQ3MThjODM2OWRjNmFiNmIzOTc2MmM3OTY6MTY2NjE3MDkxMg==\"\
\n\t\t\t}\n\t\t}\n\t],\n\t\"links\": {\n\t\t\"self\": \"https://www.virustotal.com/api/v3/private/analyses?limit=1\",\n\t\t\"next\": \"https://www.virustotal.com/api/v3/private/analyses?cursor=1&limit=1\"\
\n\t}\n}\n```\n"
operationId: listPrivateAnalyses
parameters:
- description: Maximum number of files to retrieve (40 max)
in: query
name: limit
schema:
default: 10
format: int32
type: integer
- description: Continuation cursor
in: query
name: cursor
schema:
type: string
- description: Sorting order
in: query
name: order
schema:
default: date-
type: string
responses:
'200':
content:
application/json:
examples:
Result:
value: '{}'
schema:
properties: {}
type: object
description: '200'
'400':
content:
application/json:
examples:
Result:
value: '{}'
schema:
properties: {}
type: object
description: '400'
summary: VirusTotal List Private Analyses
security:
- VTApiKey: []
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/private/analyses/{id}:
get:
tags:
- Private Scanning - Analyses
deprecated: false
description: "> \U0001F6A7 Special privileges required\n> \n> Private Scanning endpoints are only available to users with [Private Scanning license](https://www.virustotal.com/gui/private-scanning-overview).\n\
\nWith this endpoint you can check the status of a private file analysis. It expects the analysis ID returned by the [POST /private/files](https://gtidocs.virustotal.com/reference/upload-file-private-scanning)\
\ endpoint, and will return a private analysis object with information about the analysis.\n\n```json Example response\n{\n \"meta\": {\n \"file_info\": {\n \"size\": 5,\n \"sha256\"\
: \"11a77c3d96c06974b53d7f40a577e6813739eb5c811b2a86f59038ea90add772\",\n \"sha1\": \"7bae8076a5771865123be7112468b79e9d78a640\",\n \"md5\": \"e5828c564f71fea3a12dde8bd5d27063\"\n }\n\
\ },\n \"data\": {\n \"attributes\": {\n \"date\": 1620127014,\n \"status\": \"completed\"\n },\n \"type\": \"private_analysis\",\n \"id\": \"ZTU4MjhjNTY0ZjcxZmVhM2ExMmRkZThiZDVkMjcwNjM6MTYyMDEyNzAxNA==\"\
,\n \"links\": {\n \"self\": \"https://virustotal.com/api/v3/private/analyses/ZTU4MjhjNTY0ZjcxZmVhM2ExMmRkZThiZDVkMjcwNjM6MTYyMDEyNzAxNA==\"\n }\n }\n}\n```\n\nThe `status` attribute\
\ in the private analysis object can be either \"queued\" or \"completed\", once it gets completed, you can use the `sha256` in the `file_info` section with the [GET /private/files/{id}](https://gtidocs.virustotal.com/reference/private-files-info)\
\ for getting all the information that VirusTotal has generated for the analysed file. Alternatively you could use [GET /private/analyses/{id}/item](https://gtidocs.virustotal.com/reference/analysesidrelationship)\
\ for the same purpose.\n"
operationId: privateAnalysis
parameters:
- description: Analysis identifier
in: path
name: id
required: true
schema:
type: string
responses:
'200':
content:
application/json:
examples:
Result:
value: '{}'
schema:
properties: {}
type: object
description: '200'
'400':
content:
application/json:
examples:
Result:
value: '{}'
schema:
properties: {}
type: object
description: '400'
summary: VirusTotal Get a Private Analysis
security:
- VTApiKey: []
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/private/analyses/{id}/relationships/{relationship}:
get:
tags:
- Private Scanning - Analyses
deprecated: false
description: "> \U0001F6A7 Special privileges required\n> \n> Private Scanning endpoints are only available to users with [Private Scanning license](https://www.virustotal.com/gui/private-scanning-overview).\n\
\nThis endpoint is the same as [/private/analyses/{id}/{relationship}](https://gtidocs.virustotal.com/reference/analysesidrelationship) except it returns just the related object's IDs (and context\
\ attributes, if any) instead of returning all attributes.\n"
operationId: analysesidrelationshipsrelationship
parameters:
- description: Analysis identifier
in: path
name: id
required: true
schema:
type: string
- description: Relationship name (see [table](ref:private-analyses-object#relationships))
in: path
name: relationship
required: true
schema:
type: string
responses:
'200':
content:
application/json:
examples:
Result:
value: '{}'
schema:
properties: {}
type: object
description: '200'
'400':
content:
application/json:
examples:
Result:
value: '{}'
schema:
properties: {}
type: object
description: '400'
summary: VirusTotal Get Object Descriptors Related to a Private Analysis
security:
- VTApiKey: []
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/private/analyses/{id}/{relationship}:
get:
tags:
- Private Scanning - Analyses
deprecated: false
description: "> \U0001F6A7 Special privileges required\n> \n> Private Scanning endpoints are only available to users with [Private Scanning license](https://www.virustotal.com/gui/private-scanning-overview).\n\
\nAs mentioned in the [Relationships](https://gtidocs.virustotal.com/reference/relationships) section, those related objects can be retrieved by sending `GET` requests to the relationship URL. \n\
\nAvailable relationships are described in the [private analysis](https://gtidocs.virustotal.com/reference/private-analyses-object) object documentation.\n"
operationId: analysesidrelationship
parameters:
- description: Analysis identifier
in: path
name: id
required: true
schema:
type: string
- description: Relationship name (see [table](ref:private-analyses-object#relationships))
in: path
name: relationship
required: true
schema:
type: string
responses:
'200':
content:
application/json:
examples:
Result:
value: '{}'
schema:
properties: {}
type: object
description: '200'
'400':
content:
application/json:
examples:
Result:
value: '{}'
schema:
properties: {}
type: object
description: '400'
summary: VirusTotal Get Objects Related to a Private Analysis
security:
- VTApiKey: []
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/private/files:
post:
tags:
- Private Scanning - Files
deprecated: false
description: "Upload and analyse a file with Private Scanning\n> \U0001F4D8 File size\n> \n> If the file to be uploaded is bigger than 32MB, please use the [/private/files/upload_url](https://gtidocs.virustotal.com/reference/private-files-upload-url)\
\ endpoint instead which admits files up to 650MB.\n"
operationId: uploadFilePrivateScanning
parameters: []
requestBody:
content:
multipart/form-data:
encoding:
file:
contentType: application/octet-stream
example: /path/to/file
schema:
properties:
command_line:
description: Command line arguments to use when running the file in sandboxes.
type: string
disable_sandbox:
default: false
description: If true, then the file won't be detonated in sandbox environments. False by default.
type: string
enable_internet:
default: false
description: If the file should have internet access when running in sandboxes. False by default.
type: string
file:
format: binary
type: string
intercept_tls:
default: false
description: Intercept HTTPS/TLS/SSL communication. Intercept HTTPS to view encypted URLS, hostnames and HTTP headers. This is detectable by any sample that checks certificates, and makes
JA3 hashes unusable.
type: string
password:
description: Optional, password to decompress and scan a file contained in a protected ZIP file.
type: string
retention_period_days:
description: Optional, number of days the report and file are kept in VT (between 1 and 28). If not set it defaults to the group's retention policy preference (1 day by default).
type: integer
storage_region:
description: Optional, storage region where the file will be stored. By default uses the group's private_scanning.storage_region preference. Allowed values are US, EU.
type: string
interaction_sandbox:
default: cape
description: Select the sandbox desired for interactive use.
type: string
interaction_timeout:
default: '60'
description: 'interaction timeout in seconds, minimum value: 60. (1 minute.) Max value: 1800: (30 minutes)'
type: string
required:
- file
type: object
description: File to scan
required: true
responses:
'200':
content:
application/json:
examples:
Result:
value: "{\n \"data\": {\n \"type\": \"private_analysis\",\n \"id\": \"OTdiYWM4MjI0NGE2ZjhlNTk4NDZmZDY1YTliMWYwYjM6YzlhNzBhNDM1NzlmZjc5M2E2NGI5Mzk0NmJjNjVhOWE6MTczNzYzMjk2MQ==\"\
,\n \"links\": {\n \"self\": \"https://www.virustotal.com/api/v3/private/analyses/OTdiYWM4MjI0NGE2ZjhlNTk4NDZmZDY1YTliMWYwYjM6YzlhNzBhNDM1NzlmZjc5M2E2NGI5Mzk0NmJjNjVhOWE6MTczNzYzMjk2MQ==\"\
\n }\n }}"
schema:
properties:
data:
properties:
id:
type: string
type:
type: string
links:
properties:
self:
type: string
type: object
type: object
description: The analysis ID. Use [/analyses/<analysis_ID>](ref:private-analysis) API call to check the analysis status.
'401':
content:
application/json:
examples:
Result:
value: "{\n \"error\": {\n \"code\": \"WrongCredentialsError\",\n \"message\": \"Wrong API key\"\n }}"
schema:
properties:
error:
properties:
code:
type: string
message:
type: string
type: object
type: object
description: If password was provided and the file isn't a ZIP, it contains more than one file, the password is incorrect, or the file is corrupt.
summary: VirusTotal Upload a File
security:
- VTApiKey: []
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
get:
tags:
- Private Scanning - Files
deprecated: false
description: "> \U0001F6A7 Special privileges required\n> \n> Private Scanning endpoints are only available to users with [Private Scanning license](https://www.virustotal.com/gui/private-scanning-overview).\n\
\nReturns a list of previously analysed [private files](https://gtidocs.virustotal.com/reference/private-files-object). The files are always ordered by SHA256.\n\n```json /api/v3/private/files\n\
{\n \"meta\": {\n \"cursor\": <string>,\n \"count\": <int>\n },\n \"data\": {\n <PRIVATE_FILE_OBJECT>,\n <PRIVATE_FILE_OBJECT>,\n ...\n },\n \"links\": {\n \"self\": <string>,\n\
\ \"next\": <string>\n }\n}\n```\n```json\n{\n\t\"meta\": {\n\t\t\"cursor\": \"079b1db08ac52c94be8fdb5b638134a6109a510bc10a87c15413d6c793985678\",\n\t\t\"count\": 19\n\t},\n\t\"data\": [\n\t\
\t{\n\t\t\t\"attributes\": {\n\t\t\t\t\"type_description\": \"Windows Installer\",\n ...\n },\n \"type\": \"private_file\",\n \"id\": \"079b1db08ac52c94be8fdb5b638134a6109a510bc10a87c15413d6c793985678\"\
,\n \"links\": {\n \"self\": \"https://www.virustotal.com/api/v3/private/files/079b1db08ac52c94be8fdb5b638134a6109a510bc10a87c15413d6c793985678\"\n }\n },\n ...\n ],\n \"\
links\": {\n\t\t\"self\": \"https://www.virustotal.com/api/v3/private/files?limit=1\",\n\t\t\"next\": \"https://www.virustotal.com/api/v3/private/files?cursor=079b1db08ac52c94be8fdb5b638134a6109a510bc10a87c15413d6c793985678&limit=1\"\
\n\t}\n}\n```\n"
operationId: listPrivateFiles
parameters:
- description: Maximum number of files to retrieve (40 max)
in: query
name: limit
schema:
default: 10
format: int32
type: integer
- description: Continuation cursor
in: query
name: cursor
schema:
type: string
responses:
'200':
content:
application/json:
examples:
Result:
value: '{}'
schema:
properties: {}
type: object
description: '200'
'400':
content:
application/json:
examples:
Result:
value: '{}'
schema:
properties: {}
type: object
description: '400'
summary: VirusTotal List Private Files
security:
- VTApiKey: []
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/private/files/upload_url:
get:
tags:
- Private Scanning - Files
parameters: []
deprecated: false
description: "> \U0001F6A7 Special privileges required\n> \n> Private Scanning endpoints are only available to users with [Private Scanning license](https://www.virustotal.com/gui/private-scanning-overview).\n\
\nFor uploading files smaller than 32MB you can simply use the [POST /files](https://gtidocs.virustotal.com/reference/upload-file-private-scanning) endpoint, but for larger files you need to obtain\
\ a special upload URL first, and then send the `POST` request to the upload URL instead of sending it to `/private/files`. The `POST` request should have the same format expected by the [POST\
\ /files](https://gtidocs.virustotal.com/reference/upload-file-private-scanning) endpoint. Each upload URL can be used only once.\n"
operationId: privateFilesUploadUrl
responses:
'200':
content:
application/json:
examples:
Result:
value: '{}'
schema:
properties: {}
type: object
description: '200'
'400':
content:
application/json:
examples:
Result:
value: '{}'
schema:
properties: {}
type: object
description: '400'
summary: VirusTotal Get a URL for Uploading Large Files
security:
- VTApiKey: []
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/private/files/{id}:
delete:
tags:
- Private Scanning - Files
deprecated: false
description: "> \U0001F6A7 Special privileges required\n> \n> Private Scanning endpoints are only available to users with [Private Scanning license](https://www.virustotal.com/gui/private-scanning-overview).\n\
\nThis endpoint deletes a private file from storage, as well as all the PrivateFile and PrivateAnalysis associated with it (unless `only_from_storage=true` is used.\n"
operationId: deleteFilePrivateScanning
parameters:
- description: File's SHA-256
in: path
name: id
required: true
schema:
type: string
- description: If true, only the file will be deleted from storage, but the generated reports and analyses won't.
in: query
name: only_from_storage
schema:
default: false
type: boolean
responses:
'200':
content:
application/json:
examples:
Result:
value: '{}'
schema:
properties: {}
type: object
description: '200'
'400':
content:
application/json:
examples:
Result:
value: '{}'
schema:
properties: {}
type: object
description: '400'
summary: VirusTotal Delete a Private File Report
security:
- VTApiKey: []
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
get:
tags:
- Private Scanning - Files
deprecated: false
description: "> \U0001F6A7 Special privileges required\n> \n> Private Scanning endpoints are only available to users with [Private Scanning license](https://www.virustotal.com/gui/private-scanning-overview).\n\
\nThis endpoint return information about a file scanned privately. Notice that it only accepts SHA-256 as the file's ID, MD5 and SHA-1 are not supported like in its [GET /files/{id}](https://gtidocs.virustotal.com/reference/file-info)\
\ public counterpart. The SHA-256 for the analysed file can be computed by yourself or obtained from the response to the call to [GET /analyses/{id}](https://gtidocs.virustotal.com/reference/private-analysis).\n\
\n```json Example response\n{\n \"data\": {\n \"attributes\": {\n \"sha1\": \"7bae8076a5771865123be7112468b79e9d78a640\",\n \"magic\": \"ASCII text\",\n \"tags\": [\n \"\
text\"\n ],\n \"exiftool\": {\n \"MIMEType\": \"text/plain\",\n \"LineCount\": \"1\",\n \"MIMEEncoding\": \"us-ascii\",\n \"FileTypeExtension\": \"txt\",\n\
\ \"FileType\": \"TXT\",\n \"WordCount\": \"1\",\n \"Newlines\": \"Unix LF\"\n },\n \"trid\": [\n {\n \"file_type\": \"file seems to be plain text/ASCII\"\
,\n \"probability\": 0.0\n }\n ],\n \"vhash\": \"9eecb7db59d16c80417c72d1e1f4fbf1\",\n \"sha256\": \"11a77c3d96c06974b53d7f40a577e6813739eb5c811b2a86f59038ea90add772\"\
,\n \"ssdeep\": \"3:tdn:T\",\n \"md5\": \"e5828c564f71fea3a12dde8bd5d27063\",\n \"size\": 5\n },\n \"type\": \"private_file\",\n \"id\": \"11a77c3d96c06974b53d7f40a577e6813739eb5c811b2a86f59038ea90add772\"\
,\n \"links\": {\n \"self\": \"https://www.virustotal.com/api/v3/private/files/11a77c3d96c06974b53d7f40a577e6813739eb5c811b2a86f59038ea90add772\"\n }\n }\n}\n```\n"
operationId: privateFilesInfo
parameters:
- description: File's SHA-256
in: path
name: id
required: true
schema:
type: string
responses:
'200':
content:
application/json:
examples:
Result:
value: '{}'
schema:
properties: {}
type: object
description: '200'
'400':
content:
application/json:
examples:
Result:
value: '{}'
schema:
properties: {}
type: object
description: '400'
summary: VirusTotal Get a Private File Report
security:
- VTApiKey: []
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/private/files/{id}/relationships/{relationship}:
get:
tags:
- Private Scanning - Files
deprecated: false
description: "> \U0001F6A7 Special privileges required\n> \n> Private Scanning endpoints are only available to users with [Private Scanning license](https://www.virustotal.com/gui/private-scanning-overview).\n\
\nThis endpoint is the same as [/files/{id}/{relationship}](https://gtidocs.virustotal.com/reference/private-files-relationships) except it returns just the related object's IDs (and context attributes,\
\ if any) instead of returning all attributes.\n"
operationId: privatefilesidrelationshipsrelationship
parameters:
- description: File's SHA-256
in: path
name: id
required: true
schema:
type: string
- description: Relationship name (see [table](ref:private-files-object#relationships))
in: path
name: relationship
required: true
schema:
type: string
- description: Maximum number of related objects to retrieve
in: query
name: limit
schema:
default: 10
format: int32
type: integer
- description: Continuation cursor
in: query
name: cursor
schema:
type: string
responses:
'200':
content:
application/json:
examples:
Result:
value: '{}'
schema:
properties: {}
type: object
description: '200'
'400':
content:
application/json:
examples:
Result:
value: '{}'
schema:
properties: {}
type: object
description: '400'
summary: VirusTotal Get Object Descriptors Related to a File
security:
- VTApiKey: []
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/private/files/{id}/{relationship}:
get:
tags:
- Private Scanning - Files
deprecated: false
description: "> \U0001F6A7 Special privileges required\n> \n> Private Scanning endpoints are only available to users with [Private Scanning license](https://www.virustotal.com/gui/private-scanning-overview).\n\
\nAs mentioned in the [Relationships](https://gtidocs.virustotal.com/reference/relationships) section, those related objects can be retrieved by sending `GET` requests to the relationship URL. \n\
\nAvailable relationships are described in the [private file](https://gtidocs.virustotal.com/reference/private-files-object) object documentation.\n"
operationId: privateFilesRelationships
parameters:
- description: File's SHA-256
in: path
name: id
required: true
schema:
type: string
- description: Relationship name (see [table](ref:private-files-object#relationships))
in: path
name: relationship
required: true
schema:
type: string
- description: Maximum number of related objects to retrieve
in: query
name: limit
schema:
default: 10
format: int32
type: integer
- description: Continuation cursor
in: query
name: cursor
schema:
type: string
responses:
'200':
content:
application/json:
examples:
Result:
value: '{}'
schema:
properties: {}
type: object
description: '200'
'400':
content:
application/json:
examples:
Result:
value: '{}'
schema:
properties: {}
type: object
description: '400'
summary: VirusTotal Get Objects Related to a Private File
security:
- VTApiKey: []
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/private/files/{sha256}/analyse:
post:
tags:
- Private Scanning - Files
deprecated: false
description: "> \U0001F6A7 Special privileges required\n> \n> Private Scanning endpoints are only available to users with [Private Scanning license](https://www.virustotal.com/gui/private-scanning-overview).\n\
\nReanalyses a private file. The same params from [/files](https://gtidocs.virustotal.com/reference/post_files) (other than the file) are accepted. Returns a [private analysis](https://gtidocs.virustotal.com/reference/private-analyses-object).\n\
\n```json Example\n{\n\t\"data\": {\n\t\t\"type\": \"private_analysis\",\n\t\t\"id\": \"ZmI5Y2VmNGJmZDIwZTkzNmQ5MzY0NTcwMGI2Nzc2M2Q6Tm9uZToxNjYwODI1NDE1\"\n\t}\n}\n```\n"
operationId: rescanAPrivateFile
parameters:
- description: File's SHA256 hash
in: path
name: sha256
required: true
schema:
type: string
- description: Command line arguments to use when running the file in sandboxes.
in: query
name: command_line
required: false
schema:
type: string
- description: If true, then the file won't be detonated in sandbox environments. False by default.
in: query
name: disable_sandbox
required: false
schema:
type: string
default: 'false'
- description: If the file should have internet access when running in sandboxes. False by default.
in: query
name: enable_internet
required: false
schema:
type: string
default: 'false'
- description: Intercept HTTPS/TLS/SSL communication. Intercept HTTPS to view encypted URLS, hostnames and HTTP headers. This is detectable by any sample that checks certificates, and makes JA3 hashes
unusable.
in: query
name: intercept_tls
required: false
schema:
type: string
default: 'false'
- description: Select the sandbox desired for interactive use.
in: query
name: interaction_sandbox
required: false
schema:
type: string
default: cape
- description: 'Interaction timeout in seconds, minimum value: 60. (1 minute.) Max value: 1800: (30 minutes).'
in: query
name: interaction_timeout
required: false
schema:
type: integer
default: 60
responses:
'200':
content:
application/json:
examples:
Result:
value: '{}'
schema:
properties: {}
type: object
description: '200'
'400':
content:
application/json:
examples:
Result:
value: '{}'
schema:
properties: {}
type: object
description: '400'
summary: VirusTotal Rescan a Private File
security:
- VTApiKey: []
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/private/file/{id}/behaviours:
get:
tags:
- Private Scanning - Files Behaviours
deprecated: false
description: "> \U0001F6A7 Special privileges required\n> \n> Private Scanning endpoints are only available to users with [Private Scanning license](https://www.virustotal.com/gui/private-scanning-overview).\n\
\nFetches all the [Private File Behaviour](https://gtidocs.virustotal.com/reference/private-file-behaviours-object) reports available for a private file.\n"
operationId: getAllBehaviourReportsFromAPrivateFile
parameters:
- in: path
name: id
required: true
schema:
type: string
description: id parameter
responses:
'200':
content:
application/json:
examples:
Result:
value: '{}'
schema
# --- truncated at 32 KB (84 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/virustotal/refs/heads/main/openapi/virustotal-private-scanning-openapi.yml