diff --git a/Plugins/Community Based Plugins/HaveIBeenPwned/OpenAPI/hibp-openapi.yaml b/Plugins/Community Based Plugins/HaveIBeenPwned/OpenAPI/hibp-openapi.yaml new file mode 100644 index 00000000..4cdfcb8b --- /dev/null +++ b/Plugins/Community Based Plugins/HaveIBeenPwned/OpenAPI/hibp-openapi.yaml @@ -0,0 +1,54 @@ +openapi: 3.0.0 +info: + title: HaveIBeenPwned + version: 1.0.0 +servers: + - url: https://haveibeenpwned.com/api/v3 +paths: + /breachedaccount/{email}: + get: + operationId: HaveIBeenPwned + summary: This path checks if a email address is part of any data breaches from HaveIBeenPwned. + parameters: + - in: path + name: email + schema: + type: string + required: true + - name: User-Agent + in: header + schema: + type: string + default: Default User-Agent + responses: + '200': + description: Successful response + content: + application/json: {} + '400': + description: The account does not comply with an acceptable format + content: + application/json: {} + '401': + description: API Key is missing or invalid + content: + application/json: {} + '403': + description: Unauthorized + content: + application/json: {} + '404': + description: User Not Found in any data breaches + content: + application/json: {} + '429': + description: Rate limit exceeded + content: + application/json: {} + '503': + description: Service unavailable + content: + application/json: {} + default: + description: default + summary: Get list of breaches for an account \ No newline at end of file diff --git a/Plugins/Community Based Plugins/HaveIBeenPwned/README.md b/Plugins/Community Based Plugins/HaveIBeenPwned/README.md new file mode 100644 index 00000000..f3878ca3 --- /dev/null +++ b/Plugins/Community Based Plugins/HaveIBeenPwned/README.md @@ -0,0 +1,29 @@ +# Copilot for Security Custom Plugin - API - Get User Account Breach Information from Have I Been Pwned + +#### Copilot for Security Plugin to gather list of breaches for a user account using Have I Been Pwned + +### Pre-requisites + +* [Copilot for Security Enabled](https://learn.microsoft.com/en-us/security-copilot/get-started-security-copilot#onboarding-to-microsoft-security-copilot) +* [Access to upload custom plugins](https://learn.microsoft.com/en-us/security-copilot/manage-plugins?tabs=securitycopilotplugin#managing-custom-plugins) +* [API Key](https://haveibeenpwned.com/API/Key) from Have I Been Pwned + +### Instructions +#### Upload the Custom Plugin + +1. Obtain the file [hibp-manifest.yaml](https://github.com/Azure/Copilot-For-Security/blob/main/Plugins/Community%20Based%20Plugins/HaveIBeenPwned/hibp-manifest.yaml) from this directory. +2. [Upload the custom plugin](https://learn.microsoft.com/en-us/security-copilot/manage-plugins?tabs=securitycopilotplugin#add-custom-plugins) and verify it's activated. +3. After plugin upload put in your [Have I Been Pwned API Key](https://learn.microsoft.com/en-us/security-copilot/plugin_api#configure-authentication-1). + +![CopilotForSecurity](https://learn.microsoft.com/en-us/security-copilot/media/add-plugin-button.png) + +### Plugin Utilization + +Here's some sample queries you can utilize to trigger this plugin +Note: you can use the keyword 'Have I Been Pwned' or 'HIBP' in your queries + +* Check if the user test@email.com is part of any data breaches from Have I Been Pwned +* Give me the list of breaches for the user test@email.com from Have I Been Pwned as bullet points +* Summarize the list of data breaches for the user test@email.com from Have I Been Pwned +
+ \ No newline at end of file diff --git a/Plugins/Community Based Plugins/HaveIBeenPwned/hibp-manifest.yaml b/Plugins/Community Based Plugins/HaveIBeenPwned/hibp-manifest.yaml new file mode 100644 index 00000000..2592a850 --- /dev/null +++ b/Plugins/Community Based Plugins/HaveIBeenPwned/hibp-manifest.yaml @@ -0,0 +1,16 @@ +Descriptor: + Name: HaveIBeenPwned + DisplayName: HaveIBeenPwned + Description: This tool checks if an email address has been found in any of the data breaches in Have I Been Pwned (HIBP). + SupportedAuthTypes: + - ApiKey + Authorization: + Type: APIKey + Key: hibp-api-key + Location: Header + AuthScheme: '' + +SkillGroups: + - Format: API + Settings: + OpenApiSpecUrl: https://raw.githubusercontent.com/Azure/Copilot-For-Security/main/Plugins/Community%20Based%20Plugins/HaveIBeenPwned/OpenAPI/hibp-openapi.yaml \ No newline at end of file diff --git a/Plugins/Community Based Plugins/IPGeoLocation/OpenAPI/ipgl-openapi.yaml b/Plugins/Community Based Plugins/IPGeoLocation/OpenAPI/ipgl-openapi.yaml new file mode 100644 index 00000000..78d0c102 --- /dev/null +++ b/Plugins/Community Based Plugins/IPGeoLocation/OpenAPI/ipgl-openapi.yaml @@ -0,0 +1,31 @@ +openapi: 3.0.0 +info: + title: IPGeoLocation + version: 1.0.0 +servers: +- url: https://api.ipgeolocation.io +paths: + "/ipgeo/": + get: + operationId: IPGeoLocation + tags: + - default + summary: This path checks an IP address' location and ISP. + parameters: + - name: ip + in: query + schema: + type: string + required: true + responses: + '200': + description: Successful response + content: + application/json: {} + '401': + description: Unauthorized + content: + application/json: {} + default: + description: default +components: {} \ No newline at end of file diff --git a/Plugins/Community Based Plugins/IPGeoLocation/README.md b/Plugins/Community Based Plugins/IPGeoLocation/README.md new file mode 100644 index 00000000..cc4ca130 --- /dev/null +++ b/Plugins/Community Based Plugins/IPGeoLocation/README.md @@ -0,0 +1,30 @@ +# Copilot for Security Custom Plugin - API - Get IP Information from IP Geo Location + +#### Copilot for Security Plugin to gather location and ISP (Organisation) for an IP Address using IP Geo Location + +### Pre-requisites + +* [Copilot for Security Enabled](https://learn.microsoft.com/en-us/security-copilot/get-started-security-copilot#onboarding-to-microsoft-security-copilot) +* [Access to upload custom plugins](https://learn.microsoft.com/en-us/security-copilot/manage-plugins?tabs=securitycopilotplugin#managing-custom-plugins) +* [API Key](https://app.ipgeolocation.io/signup) from IP Geo Location + +### Instructions +#### Upload the Custom Plugin + +1. Obtain the file [ipgl-manifest.yaml](https://github.com/Azure/Copilot-For-Security/blob/main/Plugins/Community%20Based%20Plugins/IPGeoLocation/ipgl-manifest.yaml) from this directory. +2. [Upload the custom plugin](https://learn.microsoft.com/en-us/security-copilot/manage-plugins?tabs=securitycopilotplugin#add-custom-plugins) and verify it's activated. +3. After plugin upload put in your [IP Geo Location API Key](https://learn.microsoft.com/en-us/security-copilot/plugin_api#configure-authentication-1). + +![CopilotForSecurity](https://learn.microsoft.com/en-us/security-copilot/media/add-plugin-button.png) + +### Plugin Utilization + +Here's some sample queries you can utilize to trigger this plugin + +* Summarize the information for the IP 1.1.1.1 from IP Geo Location +* Summarize the information for the IP 4.4.4.4 from IP Geo Location as bullet points +* Give me the location, ISP and reputation score of the IP address 8.8.8.8 from IP Geo Location in form of a table +
+ +
+ \ No newline at end of file diff --git a/Plugins/Community Based Plugins/IPGeoLocation/ipgl-manifest.yaml b/Plugins/Community Based Plugins/IPGeoLocation/ipgl-manifest.yaml new file mode 100644 index 00000000..26cd7cd7 --- /dev/null +++ b/Plugins/Community Based Plugins/IPGeoLocation/ipgl-manifest.yaml @@ -0,0 +1,16 @@ +Descriptor: + Name: IP Geo Location + DisplayName: IP Geo Location + Description: This tool checks an IP address' location and ISP using IP Geo Location. + SupportedAuthTypes: + - ApiKey + Authorization: + Type: APIKey + Key: apiKey + Location: QueryParams + AuthScheme: '' + +SkillGroups: + - Format: API + Settings: + OpenApiSpecUrl: https://raw.githubusercontent.com/Azure/Copilot-For-Security/main/Plugins/Community%20Based%20Plugins/IPGeoLocation/OpenAPI/ipgl-openapi.yaml \ No newline at end of file diff --git a/Plugins/Community Based Plugins/IPQualityScore/OpenAPI/ipqs-openapi.yaml b/Plugins/Community Based Plugins/IPQualityScore/OpenAPI/ipqs-openapi.yaml new file mode 100644 index 00000000..45c88edf --- /dev/null +++ b/Plugins/Community Based Plugins/IPQualityScore/OpenAPI/ipqs-openapi.yaml @@ -0,0 +1,52 @@ +openapi: 3.0.0 +info: + title: IPQualityScore + version: 1.0.0 +servers: + - url: https://ipqualityscore.com +paths: + "/api/json/ip/": + get: + tags: + - default + operationId: IPQualityScore + summary: This path checks an IP address' location, ISP, Type, Reputation Score and Abuse Velocity. + parameters: + - name: ip + in: query + schema: + type: string + required: true + - name: strictness + in: query + schema: + type: integer + example: 0 + - name: allow_public_access_points + in: query + schema: + type: boolean + example: true + - name: fast + in: query + schema: + type: boolean + example: true + - name: lighter_penalties + in: query + schema: + type: boolean + example: true + - name: mobile + in: query + schema: + type: boolean + example: true + responses: + "200": + description: Successful response + content: + application/json: {} + default: + description: default +components: {} \ No newline at end of file diff --git a/Plugins/Community Based Plugins/IPQualityScore/README.md b/Plugins/Community Based Plugins/IPQualityScore/README.md new file mode 100644 index 00000000..67e15f68 --- /dev/null +++ b/Plugins/Community Based Plugins/IPQualityScore/README.md @@ -0,0 +1,30 @@ +# Copilot for Security Custom Plugin - API - Get IP Information from IP Quality Score + +#### Copilot for Security Plugin to gather type, location, reputation score, and abuse velocity for an IP Address using IP Quality Score + +### Pre-requisites + +* [Copilot for Security Enabled](https://learn.microsoft.com/en-us/security-copilot/get-started-security-copilot#onboarding-to-microsoft-security-copilot) +* [Access to upload custom plugins](https://learn.microsoft.com/en-us/security-copilot/manage-plugins?tabs=securitycopilotplugin#managing-custom-plugins) +* [API Key](https://www.ipqualityscore.com/proxy-vpn-tor-detection-service) from IP Quality Score + +### Instructions +#### Upload the Custom Plugin + +1. Obtain the file [ipqs-manifest.yaml](https://github.com/Azure/Copilot-For-Security/blob/main/Plugins/Community%20Based%20Plugins/IPQualityScore/ipqs-manifest.yaml) from this directory. +2. [Upload the custom plugin](https://learn.microsoft.com/en-us/security-copilot/manage-plugins?tabs=securitycopilotplugin#add-custom-plugins) and verify it's activated. +3. After plugin upload put in your [IPQS API Key](https://learn.microsoft.com/en-us/security-copilot/plugin_api#configure-authentication-1). + +![CopilotForSecurity](https://learn.microsoft.com/en-us/security-copilot/media/add-plugin-button.png) + +### Plugin Utilization + +Here's some sample queries you can utilize to trigger this plugin + +* Summarize the information for the IP 1.1.1.1 from IPQS +* Summarize the information for the IP 4.4.4.4 from IPQS as bullet points +* Give me the location, ISP and reputation score of the IP address 8.8.8.8 from IPQS in form of a table +
+ +
+ \ No newline at end of file diff --git a/Plugins/Community Based Plugins/IPQualityScore/ipqs-manifest.yaml b/Plugins/Community Based Plugins/IPQualityScore/ipqs-manifest.yaml new file mode 100644 index 00000000..fda5e490 --- /dev/null +++ b/Plugins/Community Based Plugins/IPQualityScore/ipqs-manifest.yaml @@ -0,0 +1,16 @@ +Descriptor: + Name: IPQS + DisplayName: IP Quality Score + Description: This tool checks an IP address' location, ISP, reputation etc. using IP Quality Score + SupportedAuthTypes: + - ApiKey + Authorization: + Type: APIKey + Key: IPQS-KEY + Location: Header + AuthScheme: '' + +SkillGroups: + - Format: API + Settings: + OpenApiSpecUrl: https://raw.githubusercontent.com/Azure/Copilot-For-Security/main/Plugins/Community%20Based%20Plugins/IPQualityScore/OpenAPI/ipqs-openapi.yaml \ No newline at end of file diff --git a/Plugins/Community Based Plugins/Images/hibp-example-screenshot.png b/Plugins/Community Based Plugins/Images/hibp-example-screenshot.png new file mode 100644 index 00000000..e8f6c1a7 Binary files /dev/null and b/Plugins/Community Based Plugins/Images/hibp-example-screenshot.png differ diff --git a/Plugins/Community Based Plugins/Images/ipgl-example-screenshot-1.png b/Plugins/Community Based Plugins/Images/ipgl-example-screenshot-1.png new file mode 100644 index 00000000..45e41990 Binary files /dev/null and b/Plugins/Community Based Plugins/Images/ipgl-example-screenshot-1.png differ diff --git a/Plugins/Community Based Plugins/Images/ipgl-example-screenshot-2.png b/Plugins/Community Based Plugins/Images/ipgl-example-screenshot-2.png new file mode 100644 index 00000000..1b3f2c79 Binary files /dev/null and b/Plugins/Community Based Plugins/Images/ipgl-example-screenshot-2.png differ diff --git a/Plugins/Community Based Plugins/Images/ipqs-example-screenshot-1.png b/Plugins/Community Based Plugins/Images/ipqs-example-screenshot-1.png new file mode 100644 index 00000000..7b88b3e5 Binary files /dev/null and b/Plugins/Community Based Plugins/Images/ipqs-example-screenshot-1.png differ diff --git a/Plugins/Community Based Plugins/Images/ipqs-example-screenshot-2.png b/Plugins/Community Based Plugins/Images/ipqs-example-screenshot-2.png new file mode 100644 index 00000000..2a5110f7 Binary files /dev/null and b/Plugins/Community Based Plugins/Images/ipqs-example-screenshot-2.png differ