VirusTotal API shell functions

vtapi.zsh

# Add this to .zshrc

vtapidownload () {
    if [ "$#" -ne 2 ]; then
        echo "Get a download url for a sha256sum via VirusTotal\n\nUsage: vtapidownload <vtapikey> <sha256 sum of file>"
    else;
        curl -H "x-apikey: $1" https://www.virustotal.com/api/v3/files/$2/download_url
    fi
}

vtapisearch () {
    if [ "$#" -ne 2 ]; then
        echo "Search using the VirusToal API\n\nUsage: vtapisearch <vtapikey> \"<query>\""
    else;
        curl -H "x-apikey: $1" "https://www.virustotal.com/api/v3/intelligence/search?query=$2"
    fi
}

vtapikeycheck () {
    if [ "$#" -lt 1 ]; then
        echo "Check a Virustotal API key\n\nUsage vtapikeycheck <vtapikey> <vtapikey>|<vtusername>"
    elif [ "$#" -eq 2 ]; then
        search_term=$1
        curl -H "x-apikey: $1" https://www.virustotal.com/api/v3/users/$2
    else;
         curl -H "x-apikey: $1" https://www.virustotal.com/api/v3/users/$1
    fi
}

vtapiurlsearch () {
    if [ "$#" -ne 2 ]; then
        echo "Search Virustotal for a URL\n\nUsage: vtapiurlsearch <vtapikey> <url to search>"
    else;
        curl -H "x-apikey: $1" --url https://www.virustotal.com/api/v3/urls --form url="$2"
    fi
}

vtapidomainsearch () {
    if [ "$#" -ne 2 ]; then
         echo "Search Virustotal for a Domain\n\nUsage: vtapidomainsearch <vtapikey> <domain to search>"
    else;
        curl -H "x-apikey: $1" --url https://www.virustotal.com/api/v3/domains/$2
    fi
}


vtapiipsearch () {
    if [ "$#" -ne 2 ]; then
         echo "Search Virustotal for an IP Address\n\nUsage: vtapiipsearch <vtapikey> <ip address to search>"
    else;
        curl -H "x-apikey: $1" --url https://www.virustotal.com/api/v3/ip_addresses/$2 
    fi
}


vtapifileinfo () {
    if [ "$#" -ne 2 ]; then
         echo "Search VT for a SHA-256, SHA-1, or MD5 file\n\nUsage: vtapifileinfo <vtapikey> <hash of file>"
    else;
        curl -H "x-apikey: $1" --url https://www.virustotal.com/api/v3/files/$2
    fi
}