Documentation
¶
Overview ¶
Package threatfox provides convenience methods to access the threatfox.abuse.ch API
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type IOC ¶
type IOC struct { ConfidenceLevel int `json:"confidence_level"` // FirstSeen string `json:"first_seen"` FirstSeen TimeSeen `json:"first_seen"` ID string `json:"id"` Ioc string `json:"ioc"` IocType string `json:"ioc_type"` IocTypeDesc string `json:"ioc_type_desc"` LastSeen *string `json:"last_seen"` Malware string `json:"malware"` MalwareAlias *string `json:"malware_alias"` MalwareMalpedia string `json:"malware_malpedia"` MalwarePrintable string `json:"malware_printable"` Reference *string `json:"reference"` Reporter string `json:"reporter"` Tags []string `json:"tags"` ThreatType string `json:"threat_type"` ThreatTypeDesc string `json:"threat_type_desc"` }
IOC indicator of compromise details returned by 'query' API call
type IOCDetail ¶
type IOCDetail struct { Comment *string `json:"comment"` ConfidenceLevel int `json:"confidence_level"` Credits []struct { CreditsAmount any `json:"credits_amount"` CreditsFrom string `json:"credits_from"` } `json:"credits"` FirstSeen TimeSeen `json:"first_seen"` ID string `json:"id"` Ioc string `json:"ioc"` IocType string `json:"ioc_type"` IocTypeDesc string `json:"ioc_type_desc"` LastSeen *string `json:"last_seen"` Malware string `json:"malware"` MalwareAlias *string `json:"malware_alias"` MalwareMalpedia string `json:"malware_malpedia"` MalwarePrintable string `json:"malware_printable"` MalwareSamples []struct { MalwareBazaar string `json:"malware_bazaar"` Md5Hash string `json:"md5_hash"` Sha256Hash string `json:"sha256_hash"` TimeStamp string `json:"time_stamp"` } `json:"malware_samples"` Reference *string `json:"reference"` Reporter string `json:"reporter"` Tags []string `json:"tags"` ThreatType string `json:"threat_type"` ThreatTypeDesc string `json:"threat_type_desc"` }
type ThreatFox ¶
type ThreatFox struct {
// contains filtered or unexported fields
}
func (*ThreatFox) GetIOCByID ¶
GetIOCByID queries ThreatFox for a particular IOC id sending an HTTP POST request to the Threatfox API
func (*ThreatFox) GetIOCTypes ¶
GetIOCTypes obtains a list of supported IOC / threat types from ThreatFox
Click to show internal directories.
Click to hide internal directories.