Update README-DeepBlueHash.md
This commit is contained in:
Eric Conrad
@ -6,6 +6,13 @@ Parses the Sysmon event logs, grabbing the SHA256 hashes from process creation (
|
||||
|
||||
## VirusTotal and Safelisting setup
|
||||
|
||||
**Note**: Virustotal has changed their free API, and now severelly limits the number of lookups you can do for free. It was one every 15 seconds, but is now:
|
||||
|
||||
- Daily quota 1 lookups / day
|
||||
- Monthly quota 31 lookups / month
|
||||
|
||||
I reached to to them to see how much a paid API will cost for this purpose. I may retire this tool if the cost is prohibitive.
|
||||
|
||||
Setting up VirusTotal hash submissions and safelisting:
|
||||
|
||||
The hash checker requires Post-VirusTotal:
|
||||
|
||||
Reference in New Issue
Block a user