python-apps/ismalicious/1.0.0/api.yaml at ff941c2ec50c2aab6bfb8e9e4dca84072d4ba67b · Shuffle/python-apps · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
walkoff_version: 1.0.0
app_version: 1.0.0
name: ismalicious
description: isMalicious threat intelligence platform - check IPs and domains for malicious activity
tags:
  - Threat Intelligence
  - Security
  - IOC
categories:
  - SIEM
  - Threat Intelligence
contact_info:
  name: "isMalicious"
  url: https://ismalicious.com
  email: "support@ismalicious.com"
authentication:
  required: true
  parameters:
    - name: api_key
      description: isMalicious API Key
      example: "your-api-key"
      required: true
      schema:
        type: string
    - name: api_secret
      description: isMalicious API Secret
      example: "your-api-secret"
      required: true
      schema:
        type: string
    - name: api_url
      description: API Base URL (default https://ismalicious.com)
      example: "https://ismalicious.com"
      required: false
      schema:
        type: string
actions:
  - name: check_ip
    description: Check if an IP address is malicious
    parameters:
      - name: ip
        description: IP address to check
        multiline: false
        example: "8.8.8.8"
        required: true
        schema:
          type: string
      - name: enrichment
        description: Enrichment level (basic, standard, full)
        multiline: false
        options:
          - basic
          - standard
          - full
        required: false
        example: "standard"
        schema:
          type: string
    returns:
      schema:
        type: string
      example: |
        {
          "success": true,
          "malicious": false,
          "riskScore": 15,
          "categories": [],
          "sources": []
        }
  - name: check_domain
    description: Check if a domain is malicious
    parameters:
      - name: domain
        description: Domain to check
        multiline: false
        example: "example.com"
        required: true
        schema:
          type: string
      - name: enrichment
        description: Enrichment level (basic, standard, full)
        multiline: false
        options:
          - basic
          - standard
          - full
        required: false
        example: "standard"
        schema:
          type: string
    returns:
      schema:
        type: string
      example: |
        {
          "success": true,
          "malicious": true,
          "riskScore": 85,
          "categories": ["phishing"],
          "sources": ["VirusTotal", "URLhaus"]
        }
  - name: get_reputation
    description: Get reputation data for an IP or domain
    parameters:
      - name: query
        description: IP address or domain to check
        multiline: false
        example: "8.8.8.8"
        required: true
        schema:
          type: string
    returns:
      schema:
        type: string
      example: |
        {
          "success": true,
          "reputation": {
            "score": 85,
            "category": "trusted"
          }
        }
  - name: get_location
    description: Get geolocation data for an IP address
    parameters:
      - name: ip
        description: IP address to geolocate
        multiline: false
        example: "8.8.8.8"
        required: true
        schema:
          type: string
    returns:
      schema:
        type: string
      example: |
        {
          "success": true,
          "geo": {
            "country": "US",
            "city": "Mountain View",
            "lat": 37.4056,
            "lon": -122.0775
          }
        }
  - name: get_blocklist_stats
    description: Get statistics about available blocklists
    parameters: []
    returns:
      schema:
        type: string
      example: |
        {
          "success": true,
          "stats": {
            "totalIPs": 150000,
            "totalDomains": 200000
          }
        }
large_image: data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAEAAAABACAYAAACqaXHeAAABhGlDQ1BJQ0MgcHJvZmlsZQAAKJF9kT1Iw0AcxV9TpaIVBzuIOGSoThZERRy1CkWoEGqFVh1MLv2CJg1Jiouj4Fpw8GOx6uDirKuDqyAIfoA4OTopukiJ/0sKLWI8OO7Hu3uPu3eAUC8zzeoYBzTdNtPJhJjNrYrBVwQRQhhDGJmZYc5KJQvf8XWPAF/v4jzL/9yfo1fNWwwIiMSzzDBt4g3i6U3b4LxPHGElWSU+Jx4z6YLEj1xXPH7jXHBZ4JkRM52eJ44Qi4UOVjqYlUyNeIo4qmo65QsZj1XOW5y1cpU178lfGM7rK8tcpzmMJBaxBAkiFNRQRgU2YrTqpFhI037Cwz/s+iVyKeQqgZFjAVVokF0/+B/87tbKT054SeEEEHxx3I8RILgLNOuu+33sOM0TIPgMXOltf6UBzH6SXm9r0SOgbxu4uG5r6h5wuQMMPpmKpXhSkKZQKADvZ/RNOaD/FuhZ8/pWSvwECE9eKn1hH+g5kl/pq5cA92X3l/fuv0bT7E1TwEIEIr0I/E4/+1x/g7x6Ao/5LQAAJREREFT7CQAAACEIAAAAAAAAAAIAAE50ZXN0AAAAAQIAAAAAAAAAAABEZWJ1Z01lc3NhZ2UApJQBIAAiH1Rlc3QgSW1hZ2VAAICAgP///wD//wCAgAAA/wAAAP//AP8AAAD/AAD/AP///wAAAAIAAABVbmtub3duAAAAAAAAAAAAAAAAAAD//wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA//8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA//8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD//wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD//wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA