CLI Commands Reference
Command Structure
python3 -m vt4ai.cli [TARGET] [OPTIONS]
Target Arguments (Mutually Exclusive)
Only one target type can be specified per command:
--hash, -H
Analyze a file by its hash value.
python3 -m vt4ai.cli --hash <HASH_VALUE>
python3 -m vt4ai.cli -H <HASH_VALUE>
Supported hash types:
- MD5 (32 characters)
- SHA1 (40 characters)
- SHA256 (64 characters)
Examples:
python3 -m vt4ai.cli --hash 275a021bbfb6489e54d471899f7db9d1663fc695ec2fe2a2c4538aabf651fd0f
python3 -m vt4ai.cli -H 275a021bbfb6489e54d471899f7db9d1663fc695ec2fe2a2c4538aabf651fd0f
--file, -f
Analyze a file by calculating its hash locally.
python3 -m vt4ai.cli --file <FILE_PATH>
python3 -m vt4ai.cli -f <FILE_PATH>
Examples:
python3 -m vt4ai.cli --file /path/to/suspicious.exe
python3 -m vt4ai.cli -f ./malware_sample.pdf
--domain, -d
Analyze a domain name.
python3 -m vt4ai.cli --domain <DOMAIN_NAME>
python3 -m vt4ai.cli -d <DOMAIN_NAME>
Examples:
python3 -m vt4ai.cli --domain example.com
python3 -m vt4ai.cli -d suspicious-site.net
--ip, -i
Analyze an IP address (IPv4 or IPv6).
python3 -m vt4ai.cli --ip <IP_ADDRESS>
python3 -m vt4ai.cli -i <IP_ADDRESS>
Examples:
python3 -m vt4ai.cli --ip 8.8.8.8
python3 -m vt4ai.cli -i 2001:4860:4860::8888
File-Specific Options
These options only work with --file
or --hash
targets:
--algorithm, -a
Specify the hash algorithm for file analysis.
python3 -m vt4ai.cli --file sample.exe --algorithm <ALGORITHM>
Choices: md5
, sha1
, sha256
(default: sha256
)
Examples:
python3 -m vt4ai.cli --file malware.exe --algorithm md5
python3 -m vt4ai.cli -f sample.pdf -a sha1
--relationship, -r
Get objects related to a file.
python3 -m vt4ai.cli --hash <HASH> --relationship <RELATIONSHIP_TYPE>
Available relationships:
behaviours
- Observed behaviors during analysiscontacted_domains
- Domains contacted during executioncontacted_ips
- IP addresses contactedcontacted_urls
- URLs contacteddropped_files
- Files created/droppedsimilar_files
- Similar files- And many more...
Examples:
python3 -m vt4ai.cli --hash abc123 --relationship contacted_domains
python3 -m vt4ai.cli -H def456 -r similar_files
--limit, -l
Limit the number of results for relationship queries.
python3 -m vt4ai.cli --hash <HASH> --relationship <TYPE> --limit <NUMBER>
Range: 1-100 (default: 10)
Examples:
python3 -m vt4ai.cli --hash abc123 --relationship contacted_domains --limit 50
python3 -m vt4ai.cli -H def456 -r similar_files -l 5
--cursor, -c
Pagination cursor for relationship queries.
vt4ai --hash <HASH> --relationship <TYPE> --cursor <CURSOR_TOKEN>
Examples:
vt4ai --hash abc123 --relationship contacted_domains --cursor "eyJjb250aW51YXRpb25fdG9rZW4iOi4uLn0"
General Options
--format, -fmt
Specify output format.
vt4ai --hash abc123 --format <FORMAT>
Choices:
json
(default) - Structured JSON, AI-optimizedmarkdown
- Human-readable Markdownxml
- XML formatraw
- Unfiltered VirusTotal response
Examples:
vt4ai --domain example.com --format markdown
vt4ai -H abc123 -fmt xml
--template-name, -t
Apply a specific template for filtering.
vt4ai --hash abc123 --template-name <TEMPLATE_NAME>
Available templates:
vt4ai_file_basics
- Essential file informationvt4ai_domain_basics
- Core domain datavt4ai_ip_basics
- Key IP informationvt4ai_url_basics
- Important URL data
Examples:
vt4ai --file malware.exe --template-name vt4ai_file_basics
vt4ai -d suspicious.com -t vt4ai_domain_basics
--api-key, -k
Provide VirusTotal API key directly.
vt4ai --hash abc123 --api-key <YOUR_API_KEY>
Examples:
vt4ai --hash abc123 --api-key "your_virustotal_api_key_here"
vt4ai -H def456 -k "your_key"
--verbose, -v
Enable verbose output for debugging.
vt4ai --hash abc123 --verbose
vt4ai -H def456 -v