Supported Vendors/Actions
| Technology/Vendor | Action Name | Description | References |
|---|---|---|---|
| AbuseIPDB | PostBulkReport | Reports multple IPs at once | AbuseIPDB |
| GetCheck | Executes an AbuseIPDB IP lookup using the IP address you provided. | ||
| GetReports | Get reports about IP address | ||
| GetBlacklist | Depending on the input settings you have chosen, AbuseIPDB will return a list of all reported IP addresses or a list of a specific subset of reported IP addresses. | ||
| PostReport | Based on the IP address and malware category you have chosen, reports a specific IP address that has been linked to malicious online activity to AbuseIPDB. | ||
| GetCheckBlock | Check if the IP is block | ||
| DeleteClearAddress | Clear IP address | ||
| AlienVault | PostIndicatorsSubmitFile | Analyze suspicious files to quickly detect malware and malicious activity. | AlienVault |
| GetUser | Validate your API Key configuration. | ||
| GetUserWithUsernameAndAction | Perform actions like follow/subscribe to other users by username. | ||
| GetUsers | Validate your API Key configuration. | ||
| GetUsersWithUsernameAndAction | Perform actions like follow/subscribe to other users by username. | ||
| GetSearchUsers | Search for users matcing query | ||
| GetSearchPulses | Search for pulses matcing query | ||
| GetPulsesWithID | View or edit of pulse with id pulse_id. When editing a pulse, use PATCH. | ||
| PatchPulsesWithID | View or edit of pulse with id pulse_id. When editing a pulse, use PATCH. | ||
| GetPulsesIndicatorsWithID | Returns paginated list view of the indicators inside the pulse pulse_id. | ||
| GetPulsesRelatedWithID | Return all pulses that share an indicator with this pulse | ||
| GetPulsesRelated | Find pulses related to either an existing pulse, a malware family or an adversary. | ||
| GetPulsesSubscribed | Threat intelligence subscriptions | ||
| GetPulsesSubscribedPulseIDS | List the ids of all pulses you are subscribed to. | ||
| GetPulsesActivity | Activity feed consists of pulses: - All pulse subscriptions (directly subscribed to pulse, and all pulses by subscribed to users) - All pulses created by myself - All pulses by users I am following |
||
| GetPulsesSubscribeWithID | Subscribe to pulse. | ||
| GetPulsesUnsubscribeWithID | Unsubscribe from pulse. | ||
| GetPulsesIndicatorsTypes | Returns string representations of each indicator type (i.e. "domain"), as recognized by OTX. | ||
| GetIndicatorswithDomainandSection | Indicator page api for domain names | ||
| GetPulsesEvents | List events, such as subscribe/unsubscribe to user/pulse. | ||
| GetPulsesUsersWithUsername | Returns authenticated users or passed in user created pulse feed, default sorted by latest modified. | ||
| GetPulsesMy | Returns your feed of pulses you've created, default sorted by latest modified. | ||
| GetIndicatorsCorrelationRuleWithCorrelationRuleAndSection | Indicator page api for Correlation Rules | ||
| PostIndicatorsUpdateSubmittedURLsTLP | Update the TLP level of previously submitted URLs. | ||
| PostIndicatorsSubmitURL | This is an endpoint to submit a single url at once. | ||
| GetIndicatorsNidsWithNidsAndSection | Indicator page api for NIDSs | ||
| GetIndicatorsCVEWithCVEAndSection | Indicator page api for CVEs (MITRE's Common Vulnerability Enumeration) | ||
| GetIndicatorsURLWithURLWithSection | Indicator page api for URLs | ||
| GetIndicatorsFileWithFilehashAndSection | Indicator page api for files (file hashes) | ||
| GetIndicatorsHostnameWithHostnameAndSection | Indicator page api for hostname names | ||
| GetIndicatorsIPv6WithIPAndSection | Indicator page api for IPv6 Addresses | ||
| GetIndicatorsIPv4WithIPAndSection | Indicator page api for IPv4 Addresses | ||
| GetIndicatorsSubmittedURLs | Returns a list of all submitted URLs, along with the status of the submission. | ||
| GetIndicatorsSubmittedFiles | Returns a list of all submitted files, along with the status of the submission. | ||
| ApiVoid | GetThreatLog | This API lets you query ThreatLog.com database of malicious domains. | ApiVoid |
| GetIPReputation | This API lets you check the reputation and geolocation of an IPv4 address. | ||
| GetDomainReputation | This API lets you check if a domain name is blacklisted by trusted sources. | ||
| GetScreenshot | This API lets you take high-quality screenshots of any web page and URL. | ||
| GetURLReputation | This API can help you identify potentially unsafe and phishing URLs. | ||
| GetDomainAge | This API lets you get domain registration date and domain age in days. | ||
| GetSiteTrustworthiness | This API provides you important details about a website to check if it is legit. | ||
| GetParkedDomain | This API lets you check if a domain name is parked/for sale. | ||
| GetURLStatus | This API lets you check if an URL is online or offline (down or not accessible). | ||
| GetDNSPropagation | This API lets you check if DNS records of a domain have propagated globally. | ||
| GetURLtoHTML | This API lets you capture the HTML page source after JavaScript has been executed. | ||
| GetSSLInfo | This API provides you details about a website's SSL certificate. | ||
| GetEmailVerify | This API provides you useful information about an email address. | ||
| GetReverseIP | This API lets you find a list of domains hosted on the same IPv4 address. | ||
| GetSPFValidator | This API lets you check and validate SPF record of any domain. | ||
| GetHTTPTracker | This API lets you check HTTP requests made by an URL or a website. | ||
| GetURLtoPDF | This API lets you convert an URL into a high-quality PDF document. | ||
| GetDNSLookup | This API lets you easily get DNS records of domain names. | ||
| Blocklist.de | GetAllIPAddressesByType | All IP addresses that have attacked one of our customers/servers in the last 48 hours. | Blocklist.de |
| GetLastAddedIPAddresses | Get only the last added IP Adresses | ||
| GetLastAddedIPAddressesApi | The API can currently only issue attacks and reports per user, server or ip-address. | ||
| BOTVRIJ.EU | GetBOTVRIJEU | Botvrij.eu provides different sets of open source IOCs that you can use in your security devices to detect possible malicious activity. | BOTVRIJ.EU |
| CheckPhish | PostSubmitURL | Submit URL for Scan | CheckPhish |
| PostGetResultsByQuery | GetSearchByTerm | ||
| Cymon | PostLogin | Authenticate with username and password to get a JSON Web Token. | Cymon |
| GetSearchByIP | Search threat reports by IP address (IPv4 and IPv6). | ||
| GetSearchByDomain | Search threat reports by domain name. | ||
| GetSearchByHostName | Search threat reports by hostname. | ||
| GetSearchByMD5 | Search threat reports by MD5 hash. | ||
| GetSearchBySHA1 | Search threat reports by SHA1 hash. | ||
| GetSearchBySHA256 | Search threat reports by SHA256 hash. | ||
| GetSearchBySSDEEP* | Search threat reports by SSDEEP hash. | ||
| GetSearchByTerm | Search threat reports by a term. | ||
| GetSearchByFeedID | Get threat reports in a feed. | ||
| GetListAllFeeds | Get paginated list of feeds. | ||
| GetFeedDetails | Get feed object. | ||
| GetUserFeeds | Get paginated list of feeds that user has access to. | ||
| GetReportDocument | Get threat report from feed. | ||
| PostCreateFeed | Create a new feed for threat reports. | ||
| PutUpdateFeed | Update details of an existing feed. | ||
| PostSubmitReport | Upload a threat report with observables. | ||
| PostSubmitReportBulk | Upload multiple threat reports in one request. | ||
| Dshield | GetIP | Returns a summary of the information our database holds for a particular IP address | Dshield |
| GetThreatfeeds | The DShield server is the source of retrieval for open threat feeds. | ||
| Feodo Tracker | GetBotnetC2IPBlocklist | Get IP Blocklist | FeodoTracker |
| GetBotnetC2IPBlocklistCustomFormat | Get IP Blocklist | ||
| GetBotnetC2IndicatorsOfCompromiseSIEM | Get Indicators of Compromise | ||
| GetBotnetC2IndicatorsOfCompromiseAggressive | Get Indicators of Compromise | ||
| FortiOS | GetUserFirewall | Display a list of authenticated users on the firewall. | |
| GetUserBanned | Retrieve a list of all users who have been banned based on their IP addresses. | ||
| GetCollectedEmail | Retrieve a list of email addresses that have been collected from the captive portal. | ||
| GetFortiguardServiceCommunicationStats | Retrieve historical statistics for use with FortiGuard services. | ||
| GetFortiviewStatistics | Get drill-down and summary data for FortiView (both in real time and in the past). | ||
| GetWebfilterMaliciousUrls | Obtain a list of all URLs in the FortiSandbox harmful URL database. | ||
| GetMaliciousUrlsStat | Get FortiSandbox malicious URL database statistics. | ||
| GetRouterIPv4 | List all IPv4 routing table entries that are currently active. | ||
| GetRouterIPv6 | List all IPv6 routing table entries that are currently active. | ||
| GetRouterStatistics | Retrieve routing table statistics, including the number of matched routes. | ||
| FortiOSConfigurationFirewall | SetFirewallPolicyBlockAddress | Is able to configure a FortiOS (FOS) device by allowing the user to set a firewall policy to block the specified address. | |
| HoneyDB | GetBadHosts | Retrieve a list of bad hosts from HoneyDB | HoneyDB |
| GetBadHostsFiltered | Returns the data provided by the user to HoneyDB | ||
| GetBadHostsService | Retrieve a list bad hosts by service name. | ||
| GetBadHostsServiceFiltered | Retreive bad hosts by service name provided by the user to HoneyDB | ||
| GetIPHistoryHost | IP (bad host) history is a summary of all interaction activity for a certain IP address recorded by the HoneyDB network. | ||
| GeSensorDataCount | If you have sensors that log data to HoneyDB, you can use this API to get a count of sensor event data collected for a specified date. | ||
| GetSensorData | If you have sensors that log data to HoneyDB, you may use this endpoint to get all sensor event data collected for a specified date. | ||
| GetSensorDataFiltered | If you have sensors that log data to HoneyDB, you may use this endpoint to get all sensor event data collected for a specified date. | ||
| GetServices | Return a list of services that are used | ||
| GetIPInfoTor | Returns true or false to indicate if the IP provided is a Tor exit node. | ||
| GetStats | Services are the network protocols emulated by honeypot sensors. | ||
| GetStatsAsn | Return a list of asn | ||
| GetTwitterThreatFeed | The Twitter threat feed includes a list of problematic hosts that have connected or attempted to connect to other honeypots on the Internet (including honeypots that do not submit data directly to HoneyDB). | ||
| GetTwitterThreatFeedHost | Twitter threat feed data filtered by host (IP address). | ||
| GeNodes | Honeydb-agent sensors are deployed on nodes. This endpoint delivers all nodes viewed within the last three days. | ||
| GetNodesFiltered | Honeydb-agent sensors are deployed on nodes. This endpoint delivers all nodes viewed within the last three days. Informations provided by the user | ||
| GetPayloadHistoryYear | IP (bad host) history (year) is a list of all interactions recorded by the HoneyDB network for a specific IP address. | ||
| GetPayloadHistoryYearMonth | IP (bad host) history (month with year) is a list of all interactions recorded by the HoneyDB network for a specific IP address. | ||
| GetPayloadHistoryService | IP (bad host) history (service) is a list of all interactions recorded by the HoneyDB network for a specific IP address. | ||
| GetPayloadHistoryHash | IP (bad host) history (hash) is a list of all interactions recorded by the HoneyDB network for a specific IP address. | ||
| GetInternetScanner | Returns true or false depending on if the provided IP address is part of a known Internet scanning service. | ||
| GetInternetScannerInfo | Returns true or false based on whether the supplied IP address is part of a known Internet scanning service, as well as other scanning-related information. | ||
| GetIPInfo | Returns true or false to show whether the provided IP address is on a known IP list. | ||
| GetIPInfoBogon | Returns true or false to indicate if the IP provided is bogon IP address. | ||
| GetIPInfosSansip | Returns true or false to indicate if the IP provided is on the SANS IP list | ||
| GetIPInfoCiarmy | Returns true or false to indicate if the IP provided is on the The CINS Army List. | ||
| GetIPInfoEtCompromised | Returns true or false to indicate if the IP provided is on the Emerging Threats Compromised IP list. | ||
| GetIPInfoProjectHoneypot | Returns true or false to indicate if the IP provided is on the Project Honeypot list and additional threat data. | ||
| GetNetInfoLookup | Returns AS, network information and geolocation for an IP address. | ||
| GetNetInfoNetworkAddresses | Returns all IP addresses as part of a network range. | ||
| GetNetInfoPrefixes | Returns all prefixes advertised for a specific AS network. | ||
| GetNetInfoAsName | Returns the name of the AS network. | ||
| GetNetInfoGeolocation | Geolocation information for an IP address is returned. | ||
| GetDatacenterAWS | Returns AWS IP ranges. | ||
| GetDatacenterAzure | Returns Azure IP ranges. | ||
| GetDatacenterAzureChina | Returns Azure China IP ranges. | ||
| GetDatacenterAzureGermany | Returns Azure Germany IP ranges. | ||
| GetDatacenterAzureGov | Returns Azure Gov IP ranges. | ||
| GetDatacenterGcp | Returns Google Cloud IP ranges. | ||
| GetDatacenterOracle | Returns Oracle Cloud IP ranges. | ||
| Host.io | GetWebDomain | Metadata scraped from a domain homepage. | Host.io |
| GetDNSDomain | Get all the DNS records stored for a domain. | ||
| GetRelatedDomain | Get a count of the number of related domains for all supported lookups offered by Host.io | ||
| GetFullDomain | A single endpoint that includes the data from all APIs from above | ||
| GetDomainsFieldValue | Get all domains associated with a field | ||
| IP-API | GetIPGeolocation | Return Geolocation informations | IP-API |
| Batch IP Geolocation | Batch processing gives you the ability to query multiple IP addresses in one HTTP request | ||
| IPinfo.io | Geolocation Data | It includes country, region, city, and postal code of the target IP | IPinfo.io |
| GetSearchNetRecordsByIPOrIPRange | Return records by IP or IP range | ||
| IPStack | GetStandardIPLookup | Look up for single IPv4 or IPv6 addresses | IPStack |
| GetRequesterIPLookup | Look up for the ip from which the request comes | ||
| Kuudos | GetListOfApplications | List of applications (apks) | Kuudos |
| GetDetailedInformationAboutAnAPK | An apk's detailed information. | ||
| GetUploadUrl | Create a link for an apk upload. | ||
| GetStaticAndDynamicAnalysisReport | Get a copy of the static and dynamic analysis reports. | ||
| MacVendors | GetLookupMacAddress | This API performs a quick and easy vendor lookup for mac addresses. | MacVendors |
| Mailboxlayer | GetEmailCheck | Validates and verifies an email address in order to determine deliverability and quality. | Mailboxlayer |
| GetEmail | Validates and verifies an email address in order to determine deliverability and quality. | ||
| Malshare | GetListHashesJSON | List hashes from the past 24 hours | Malshare |
| GetListHashesForASpecificFormat | List MD5/SHA1/SHA256 hashes of a specific type from the past 24 hours | ||
| GetListSamplesRaw | List of sample sources from the past 24 hours | ||
| GetTypes | Get list of file types & count from the past 24 hours | ||
| GetListHashesRaw | List hashes from the past 24 hours | ||
| GetDownloadFile | Download File | ||
| GetStoredFileDetails | GET stored file details | ||
| GetListSamplesJSON | List of sample sources from the past 24 hours | ||
| GetSearch | Search sample hashes, sources and file names | ||
| GetListOfFileNames | Returns a list of file names from recent uploads. | ||
| OCR | PostConvertImageFromURL | Convert a image from an URL | OCR |
| PostConvertPDFFromURL | Convert a PDF from a URL | ||
| PostConvertImageFromBASE64String | Convert a image from an BASE64 String | ||
| PostCreateSearchablePDFFromImage | Create Searchable PDF from image | ||
| OpenAI | PostCreateChatCompletion | Interaction with ChatGPT API | OpenAI |
| RIPEstat | GetAbuseContactFinder | This data call's primary goal is to return abuse contact information for an Internet number resource. | RIPEstat |
| GetAddressSpaceHierarchy | This data call returns address space objects (inetnum or inet6num) from the RIPE Database related to the queried resource. | ||
| GetAddressSpaceUsage | This data call displays the usage of a prefix or IP range based on the objects currently in the RIPE database. | ||
| GetAllocationHistory | This data call returns information supplied by IANA and RIRs for allocations and direct assignments of prefixes and AS numbers of time. | ||
| GetAnnouncedPrefixes | This API request provides a list of announced IP prefixes associated with a given ASN. The results can be filtered based on a specific time frame if desired. | ||
| GetAsOverview | This data call provides an overview of an ASN, including its announcement status and the name of its holder based on the WHOIS service. | ||
| GetASPatchLength | This data call retrieves AS-path metrics for the queried ASN, such as the shortest or longest AS-path to other ASNs that we are peering with. | ||
| GetASRoutingConsistency | This data call examines the consistency between the registration information for an ASN in the internet routing registry (IRR) and what is observed in RIS' BGP tables. | ||
| GetASNNeighbours | This data call provides information on the network neighbors for a given ASN as observed in RIS. It includes statistical information and the list of observed ASN neighbors. | ||
| GetASNNeighboursHistory | This data call provides information about the neighboring ASNs of a queried ASN, extended with historical data. It includes details about the ASNs that have been observed as neighbors over time. | ||
| GetAtlasProbeDeployment | This data call provides information on the number of RIPE Atlas probes in a region, a country or network (ASN). | ||
| GetAtlasProbes | This data call returns information on RIPE Atlas probes in an ASN, a prefix, or a country. | ||
| GetAtlasTargets | This data call provides information on the RIPE Atlas measurements that target an network (ASN), a prefix or a hostname. | ||
| GetBGPState | This data call delivers the state of BGP routes for a resource as observed by all RIS collectors at a given point in time. | ||
| GetBGPUpdateActivity | The number of BGP updates seen over time is returned by this data request. The aggregated results are shown in time intervals whose length is determined by the input parameters. | ||
| GetBGPUpdates | This data call returns the BGP updates for a resource over a specified time period. | ||
| GetBGPlay | This data call represents the scenario of what occurred to the BGP routes of a resource over a period of time. | ||
| GetBlocklist | This data call returns blocklist related data for a queried resource. | ||
| GetCountryASN | This data call returns information on the registered and routed ASNs of a country. | ||
| GetCountryResourceList | This data call returns information about the Internet resources associated with a country, such as ASNs, IPv4 ranges, and IPv4/6 CIDR prefixes. | ||
| GetCountryResourceStats | This data call returns information about a country's Internet resources. | ||
| GetDNSChain | This data call returns the recursive chain of DNS forward (A/AAAA/CNAME) and reverse (PTR) records starting form either a hostname or an IP address. | ||
| GetWhoisObjectLastUpdated | This data call returns information of when a certain object was last updated in the whois database. | ||
| GetWhois | This data call returns whois information from the relevant Regional Internet Registry and Routing Registry. | ||
| GetWhatsMyIp | This data call returns the IP address of the requester | ||
| GetVisibility | This data call provides information on the visibility of a resource as observed from RIS | ||
| GetSpeedcheckerBandwidthMeasurements | This data call provides bandwidth measurement results collected on the Speedchecker platform. | ||
| GetSearchComplete | This data call returns example resource that are directly or indirectly related to the given input. | ||
| GetRRCInfo | This data call provides (meta) information on collector nodes (RRCs) of the RIS network | ||
| GetRPKIValidationStatus | This data call returns the RPKI validity state for a combination of prefix and Autonomous System. This combination will be used to perform the lookup against the RPKI validator Routinator, and then return its RPKI validity state. | ||
| GetRPKIHistory | This data call returns a timeseries with the count of VRPs (Validated ROA Payload) for the requested resource. The data source of this endpoint are the files hosted in ftp.ripe.net/rpki. | ||
| GetRoutingStatus | This data call returns a summary of the current BGP routing state of a given IP prefix or ASN, as observed by the RIS route collectors | ||
| GetRoutingHistory | This data call shows the history of announcements for prefixes, including the origin ASN and the first hop. | ||
| GetRISPrefixes | This data call provides information on prefixes related to an ASN. The data call distinguishes prefixes in the originated and transited ASN. | ||
| GetRISPeers | This data call provides information on the peers of RIS - ASN, IP address and number of shared routes. The data is grouped by RIS collectors. | ||
| GetRISPeerings | This data call returns routes for advertisements of a given IP resource, or that are originated from a given ASN, as seen by the RIPE NCC route collectors | ||
| GetPeerCount | This data call provides information on the number of peers as seen by RIS | ||
| GetRISFullTableTreshhold | This data call provides the cut-off threshold for the number of prefixes that a BGP full-table peer requires to have. | ||
| GetRISFirstLastSeen | This data call provides information on when a prefix or ASN was first and last seen in RIS data. | ||
| GetRISAsns | This data call provides high-level information on ASNs in RIS | ||
| GetRIRStatsCountry | This data call returns geographical information for Internet resources based on RIR Statistics data. | ||
| GetRIRPrefixSizeDistribution | This data call returns the number of allocations and assignments (below the queried resource) according to registration data provided by Regional Internet Registries. | ||
| GetRIRGeo | This data call returns geographical information for Internet resources based on RIR Statistics data. | ||
| GetRIR | This data call shows which RIR(s) allocated/assigned a resource. Depending on the level of detail ("lod" parameter) this can include additional information like registration status or country of registration. The data is based on RIR stats files | ||
| GetReverseDNSConsistency | This data call returns details on the reverse DNS delegations and its consistency with routed and registered IP space. The input can be a single prefix or an ASN, in which case all routed and registered prefixes for this ASN are used as an input. | ||
| GetReverseDNSIP | This is just a simple lookup for the reverse DNS info against a single IP address. | ||
| GetReverseDNS | This data call returns details of reverse DNS delegations for IP prefixes in the RIPE region. | ||
| GetPrefixSizeDistribution | This data call returns the total amount of prefixes announced by a given ASN per subnet size and IP version. | ||
| GetPrefixRoutingConsistency | This data call compares the given routes (prefix originating from an ASN) between Routing Registries and actual routing behaviour as seen by the RIPE NCC route collectors (RIS). | ||
| GetPrefixOverview | This data call gives a summary of the given prefix, including whether and by whom it is announced. | ||
| GetPrefixCount | This data call shows the number of prefixes announced by a given ASN over time. | ||
| GetNetworkInfo | This data call returns the containing prefix and announcing ASN of a given IP address. | ||
| GetMLabClients | This data call returns a set of all the hosts within a certain resource for which any network tests occurred.The data is based on active host measurements collected by the Measurement Lab platform (M-Lab). | ||
| GetMLabBandwith | This data call returns a set of all the measured network bandwidths for a certain resource. The data is based on active host measurements collected by the Measurement Lab platform (M-Lab). | ||
| GetMLabActivityCount | This data call returns a count of all the hosts within a certain resource for which any network tests occurred. The data is based on active host measurements collected by the Measurement Lab platform (M-Lab). | ||
| GetMeterBandwithMeasuraments | This data call returns bandwidth measurement results based on open data provided by meter.net. | ||
| GetMaxmindGeoLiteAnnouncedByAS | This data call returns geolocation information for prefixes that are announced by an autonomous system. | ||
| GetMaxmindGeoLite | This data call returns geolocation information for the given IP space based on MaxMind's GeoLite2 data source. | ||
| GetLookingGlass | This data call returns information coming from a Looking Glass. | ||
| GetHistoricalWhois | This data call provides information on objects that are stored in the RIPE DB. | ||
| GetExampleResources | This data call returns ASN, IPv4 and IPv6 sample resources. | ||
| ScreenShotMachine | GetScreenShot | This API provide a service to create screenshot or thumbnail of any online web page | ScreenShotMachine |
| Sublime Security | GetEmailRep | EmailRep uses hundreds of data points from social media profiles, professional networking sites, dark web credential leaks, data breaches, phishing kits, phishing emails, spam lists, open mail relays, domain age and reputation, deliverability, and more to predict the risk of an email address. | SublimeSecurity |
| Threat Intelligence Platform | GetAListOfDomainsResolvingToAnIP | Retrieve a list of domain names resolving to a given IP address, including subdomains. | ThreatIntelligence |
| CheckIfADomainIsConsideredDangerous | For a given domain name, check if it is considered to be dangerous in different security data sources. Dangerous domains could be related to a malware distribution network or host a malicious code. | ||
| GetADomainReputationScoreV1 | Evaluate a domain's reputation based on numerous security data sources as well as on an instant host's audit procedure. | ||
| GetADomainReputationScoreV2 | Evaluate a domain's reputation based on numerous security data sources as well as on an instant host's audit procedure. | ||
| GetDomainInfrastructureEntries | Get a list of web, mail, and name servers for a particular domain name. Determine the IP address, geolocation, and subnetwork information for each infrastructure entry. | ||
| GetADomainSSLCertificateChain | For a given domain name, get detailed information about its SSL Certificate and the complete SSL Certificate chain. | ||
| CheckSSLConfiguration | For a given domain name, establish and test SSL connection to the host and analyze how it is configured - to detect common configuration issues potentially leading to vulnerabilities. | ||
| ThreatMiner | GetDomain | Based on the query, this function returns threat analysis details for the provided domain. | ThreatMiner |
| GetIP | Based on the query, this function returns threat analysis details for the provided ip. | ||
| GetSamples | Samples for different query type | ||
| GetImportHash | Retrieves the data that detect the level of similarity between two files at the binary level. | ||
| GetSSDeep | The Binary File Similarity API allows you to retrieve data that measures the degree of similarity between two files at the binary level. This feature provides information on the level of similarity between the contents of the files, helping to identify any resemblances or commonalities between them. | ||
| GetSSL | Based on the query, this function returns hosts or report tagging | ||
| GetEmail | The Email (Reverse WHOIS) functionality enables you to perform domain searches based on the name, address, telephone number, email address, or physical address of the Registrant as listed in both current and historical Whois records. This feature provides a convenient way to retrieve domain information by utilizing various search criteria associated with the Registrant's details. | ||
| GetAVDetection | Based on query, this function return Report tagging or samples | ||
| GetAPTNotes | Based on query, receive different notes | ||
| GetSearchAPTNotes | Based on query, receive different reports | ||
| Twilio | PostMakeUnboundCalltoaPhoneNumber | Twilio is used to make an outgoing call from one phone to another. | Twilio |
| PostSendMessage | Twilio is used to send an SMS message from one phone to another. | Twilio | |
| Unshorten.me | GetUnshorten | Un-shorten URLs created by different services | Unshorten.me |
| Urlscan.io | PostSubmission | The submission API allows you to submit a URL to be scanned and set some options for the scan. | Urlscan.io |
| GetSearch | The result has high-level metadata about the scan result and a link to the API for the full scan result. | ||
| GetResult | Receive results from url submitted | ||
| VulnDB | PostRequest | Get informations about: vulnerabilities, vendors, products (based on what parameters are provided) | VulnDB |
| WhatIsMyBrowser | PostBrowserBotDetection | Detect the requesting software/agent | WhatIsMyBrowser |
| GetUserAgentDatabaseSearch (401) | Search in User Agent Database | ||
| GetUserDatabaseDumpURL (401) | Download User Agent Database | ||
| Chainabuse | GetReports | This API allows users to screen addresses and URLs to verify whether they have been reported as linked to malicious activity on Chainabuse. | Chainabuse |
| GetSingleReport | This API allows users to retrieve a specific report using its ID. | ||
| CISCO | GetMerarkiNetworkSyslogServers | List the syslog servers for a network | CISCO |
| GetMerarkiTrafficAnalysis | Return the traffic analysis settings for a network | ||
| GetMerarkiNetworkTraffic | Return the traffic analysis data for this network. Traffic analysis with hostname visibility must be enabled on the network. | ||
| GetMerarkiNetworkHealth | Get the channel utilization over each radio for all APs in a network | ||
| GetMerarkiNetworkHealthAlerts | Return all global alerts on this network | ||
| PostCreateOrganizationAdaptivePolicyAcl | Creates new adaptive policy ACL | ||
| PutUpdateOrganizationAdaptivePolicyAcl | Updates an adaptive policy ACL | ||
| DeleteOrganizationAdaptivePolicyAcl | Deletes the specified adaptive policy ACL. Note this adaptive policy ACL will also be removed from policies using it | ||
| PostCreateOrganizationAdaptivePolicyGroup | Creates a new adaptive policy group | ||
| PutUpdateOrganizationAdaptivePolicyGroup | Updates an adaptive policy group. If updating Infrastructure, only the SGT is allowed. Cannot update Unknown | ||
| PostCreateOrganizationAdaptivePolicyPolicy | Add an Adaptive Policy | ||
| PutUpdateOrganizationAdaptivePolicyPolicy | Update an Adaptive Policy | ||
| DeleteOrganizationAdaptivePolicyPolicy | Delete an Adaptive Policy | ||
| FireEye | PostSubmitURLsAnalysis | This endpoint submits a list of URLs for analysis. The limit is 5 URLs in a single call. | FireEye |
| GetSingleReportWithReportID | This endpoint fetches the results of a single file submission, known as a report | ||
| GetSingleReportWithMD5orSHA256 | This endpoint fetches the latest results for file submission with the provided md5 or sha256 hash. | ||
| GetArtifacts | This endpoint fetches artifacts, like a screenshot gif file, for the given report_id | ||
| CheckPoint | PostShowLogs | Showing logs according to the given filter. | CheckPoint |
| PostCreateSmartTask | Create a new Smart Task. This command is available only in a Security Management environment or in Multi-Domain environment when logged into local domain. | ||
| PostShowSmartTask | Create a new Smart Task. Retrieve existing object using object name or uid. This command is available only in a Security Management environment or in Multi-Domain environment when logged into local domain. | ||
| PostSetSmartTask | Edit existing object using object name or uid. | ||
| PostAddDomain | Create a new domain in a Multi-Domain-Management environment | ||
| PostShowDomain | Create a new domain in a Multi-Domain-Management environment. In order to allow administrators to connect to this domain using SmartConsole, use add-trusted-client command. | ||
| PostSetDomain | Edit domain object using domain name or UID. When the list of domain servers is edited, the command is handled asynchronously. | ||
| PostAddAccessRule | Create a new access control rule in CheckPoint. | AddAccessRule | |
| PostDeleteAccessRule | Delete an access control rule in CheckPoint. | DeleteAccessRule |