How to Scan a PDF for Viruses & Malware in Node.js

Most of us use PDF documents every day for one reason or another. Unfortunately, the implicit trust we have in opening PDF documents from seemingly trustworthy sources can be easily exploited by threat actors.

Thankfully, using the below code, we can scan individual PDF files for virus and malware threats using a free API. The underlying service leverages a variety of powerful threat detection techniques — including everything from heuristics to signature-based scanning — in order to identify both known & unknown malware. We can scan up to 800 PDFs for free each month with a free-tier API key.

We can structure our API call in a few quick steps. First, let’s install the SDK, either by running this command:

npm install cloudmersive-virus-api-client --save

Or by adding this snippet to our package.json:

  "dependencies": {
    "cloudmersive-virus-api-client": "^1.1.9"
  }

Finally, let’s copy the below code into our file to call the function, and let’s take note of our file input & API key input lines:

var CloudmersiveVirusApiClient = require('cloudmersive-virus-api-client');
var defaultClient = CloudmersiveVirusApiClient.ApiClient.instance;

// Configure API key authorization: Apikey
var Apikey = defaultClient.authentications['Apikey'];
Apikey.apiKey = 'YOUR API KEY';



var apiInstance = new CloudmersiveVirusApiClient.ScanApi();

var inputFile = Buffer.from(fs.readFileSync("C:\\temp\\inputfile").buffer); // File | Input file to perform the operation on.


var callback = function(error, data, response) {
  if (error) {
    console.error(error);
  } else {
    console.log('API called successfully. Returned data: ' + data);
  }
};
apiInstance.scanFile(inputFile, callback);

The main API response is a CleanResult boolean, but if any known viruses can be identified by name, they’ll show up in the response body as well.

Just like that, we have a quick and free way to check PDF files for threats in our Node.js applications.