id: api-virustotal

info:
  name: VirusTotal API Test
  author: daffainfo
  severity: info
  reference:
    - https://developers.virustotal.com/reference
    - https://github.com/daffainfo/all-about-apikey/blob/main/Anti%20Malware/VirusTotal.md
  metadata:
    max-request: 1
  tags: token-spray,virustotal

self-contained: true

http:
  - raw:
      - |
        POST https://www.virustotal.com/vtapi/v2/url/scan HTTP/1.1
        Host: www.virustotal.com
        Content-Type: application/x-www-form-urlencoded
        Content-Length: 86

        apikey={{token}}&url=google.com

    matchers:
      - type: word
        part: body
        words:
          - '"verbose_msg":'
          - '"scan_date":'
          - '"permalink":'
        condition: and

# digest: 4a0a0047304502206f6e83dbc66717b54926126ec584b60835783cb586214f57b93eb61d080e5a42022100d5a22a1ab5a848eb279134bd608e7b8288641d7fd089fe753bffd6de99668f8f:922c64590222798bb761d5b6d8e72950