id: api-blockchain

info:
  name: Blockchain API Test
  author: daffainfo
  severity: info
  reference:
    - https://api.blockchain.com/v3/#/
    - https://github.com/daffainfo/all-about-apikey/blob/main/Cryptocurrency/Blockchain.md
  classification:
    cwe-id: CWE-200
  tags: token-spray,blockchain

self-contained: true
requests:
  - raw:
      - |
        GET https://api.blockchain.com/v3/exchange/accounts HTTP/1.1
        Host: api.blockchain.com
        X-API-Token: {{token}}

    matchers:
      - type: word
        part: body
        words:
          - '"currency"'
          - '"balance"'
          - '"available"'
        condition: and

# Enhanced by cs on 2022/02/28