Adding 3 community plugins

Plugins/Community Based Plugins/HaveIBeenPwned/OpenAPI/hibp-openapi.yaml

@@ -0,0 +1,54 @@
+openapi: 3.0.0
+info:
+  title: HaveIBeenPwned
+  version: 1.0.0
+servers:
+  - url: https://haveibeenpwned.com/api/v3
+paths:
+  /breachedaccount/{email}:
+    get:
+      operationId: HaveIBeenPwned
+      summary: This path checks if a email address is part of any data breaches from HaveIBeenPwned.
+      parameters:
+        - in: path
+          name: email
+          schema:
+            type: string
+          required: true
+        - name: User-Agent
+          in: header
+          schema:
+            type: string
+            default: Default User-Agent
+      responses:
+        '200':
+          description: Successful response
+          content:
+            application/json: {}
+        '400':
+          description: The account does not comply with an acceptable format
+          content:
+            application/json: {}
+        '401':
+          description: API Key is missing or invalid
+          content:
+            application/json: {}
+        '403':
+          description: Unauthorized
+          content:
+            application/json: {}
+        '404':
+          description: User Not Found in any data breaches
+          content:
+            application/json: {}
+        '429':
+          description: Rate limit exceeded
+          content:
+            application/json: {}
+        '503':
+          description: Service unavailable
+          content:
+            application/json: {}
+        default:
+          description: default
+      summary: Get list of breaches for an account

Plugins/Community Based Plugins/HaveIBeenPwned/README.md

@@ -0,0 +1,29 @@
+# Copilot for Security Custom Plugin - API - Get User Account Breach Information from Have I Been Pwned
+
+#### Copilot for Security Plugin to gather list of breaches for a user account using Have I Been Pwned
+
+### Pre-requisites
+
+* [Copilot for Security Enabled](https://learn.microsoft.com/en-us/security-copilot/get-started-security-copilot#onboarding-to-microsoft-security-copilot)
+* [Access to upload custom plugins](https://learn.microsoft.com/en-us/security-copilot/manage-plugins?tabs=securitycopilotplugin#managing-custom-plugins)
+* [API Key](https://haveibeenpwned.com/API/Key) from Have I Been Pwned
+
+### Instructions
+#### Upload the Custom Plugin
+
+1. Obtain the file [hibp-manifest.yaml](https://github.com/Azure/Copilot-For-Security/blob/main/Plugins/Community%20Based%20Plugins/HaveIBeenPwned/hibp-manifest.yaml) from this directory.
+2. [Upload the custom plugin](https://learn.microsoft.com/en-us/security-copilot/manage-plugins?tabs=securitycopilotplugin#add-custom-plugins) and verify it's activated.
+3. After plugin upload put in your [Have I Been Pwned API Key](https://learn.microsoft.com/en-us/security-copilot/plugin_api#configure-authentication-1).
+
+![CopilotForSecurity](https://learn.microsoft.com/en-us/security-copilot/media/add-plugin-button.png)
+
+### Plugin Utilization
+
+Here's some sample queries you can utilize to trigger this plugin
+Note: you can use the keyword 'Have I Been Pwned' or 'HIBP' in your queries
+
+* Check if the user test@email.com is part of any data breaches from Have I Been Pwned
+* Give me the list of breaches for the user test@email.com from Have I Been Pwned as bullet points
+* Summarize the list of data breaches for the user test@email.com from Have I Been Pwned
+<br>
+<img src="https://github.com/Azure/Copilot-For-Security/blob/main/Plugins/Community%20Based%20Plugins/Images/hibp-example-screenshot.png"/>

Plugins/Community Based Plugins/HaveIBeenPwned/hibp-manifest.yaml

@@ -0,0 +1,16 @@
+Descriptor:
+  Name: HaveIBeenPwned
+  DisplayName: HaveIBeenPwned
+  Description: This tool checks if an email address has been found in any of the data breaches in Have I Been Pwned (HIBP).
+  SupportedAuthTypes:
+    - ApiKey
+  Authorization:
+    Type: APIKey
+    Key: hibp-api-key
+    Location: Header
+    AuthScheme: ''
+
+SkillGroups:
+  - Format: API
+    Settings:
+      OpenApiSpecUrl: https://raw.githubusercontent.com/Azure/Copilot-For-Security/main/Plugins/Community%20Based%20Plugins/HaveIBeenPwned/OpenAPI/hibp-openapi.yaml

Plugins/Community Based Plugins/IPGeoLocation/OpenAPI/ipgl-openapi.yaml

@@ -0,0 +1,31 @@
+openapi: 3.0.0
+info:
+  title: IPGeoLocation
+  version: 1.0.0
+servers:
+- url: https://api.ipgeolocation.io
+paths:
+  "/ipgeo/":
+    get:
+      operationId: IPGeoLocation
+      tags:
+      - default
+      summary: This path checks an IP address' location and ISP.
+      parameters:
+      - name: ip
+        in: query
+        schema:
+          type: string
+        required: true
+      responses:
+        '200':
+          description: Successful response
+          content:
+            application/json: {}
+        '401':
+          description: Unauthorized
+          content:
+            application/json: {}
+        default:
+          description: default
+components: {}

Plugins/Community Based Plugins/IPGeoLocation/README.md

@@ -0,0 +1,30 @@
+# Copilot for Security Custom Plugin - API - Get IP Information from IP Geo Location
+
+#### Copilot for Security Plugin to gather location and ISP (Organisation) for an IP Address using IP Geo Location
+
+### Pre-requisites
+
+* [Copilot for Security Enabled](https://learn.microsoft.com/en-us/security-copilot/get-started-security-copilot#onboarding-to-microsoft-security-copilot)
+* [Access to upload custom plugins](https://learn.microsoft.com/en-us/security-copilot/manage-plugins?tabs=securitycopilotplugin#managing-custom-plugins)
+* [API Key](https://app.ipgeolocation.io/signup) from IP Geo Location
+
+### Instructions
+#### Upload the Custom Plugin
+
+1. Obtain the file [ipgl-manifest.yaml](https://github.com/Azure/Copilot-For-Security/blob/main/Plugins/Community%20Based%20Plugins/IPGeoLocation/ipgl-manifest.yaml) from this directory.
+2. [Upload the custom plugin](https://learn.microsoft.com/en-us/security-copilot/manage-plugins?tabs=securitycopilotplugin#add-custom-plugins) and verify it's activated.
+3. After plugin upload put in your [IP Geo Location API Key](https://learn.microsoft.com/en-us/security-copilot/plugin_api#configure-authentication-1).
+
+![CopilotForSecurity](https://learn.microsoft.com/en-us/security-copilot/media/add-plugin-button.png)
+
+### Plugin Utilization
+
+Here's some sample queries you can utilize to trigger this plugin
+
+* Summarize the information for the IP 1.1.1.1 from IP Geo Location
+* Summarize the information for the IP 4.4.4.4 from IP Geo Location as bullet points
+* Give me the location, ISP and reputation score of the IP address 8.8.8.8 from IP Geo Location in form of a table
+<br>
+<img src="https://github.com/Azure/Copilot-For-Security/blob/main/Plugins/Community%20Based%20Plugins/Images/ipgl-example-screenshot-1.png"/>
+<br>
+<img src="https://github.com/Azure/Copilot-For-Security/blob/main/Plugins/Community%20Based%20Plugins/Images/ipgl-example-screenshot-2.png"/>

Plugins/Community Based Plugins/IPGeoLocation/ipgl-manifest.yaml

@@ -0,0 +1,16 @@
+Descriptor:
+  Name: IP Geo Location
+  DisplayName: IP Geo Location
+  Description: This tool checks an IP address' location and ISP using IP Geo Location.
+  SupportedAuthTypes:
+    - ApiKey
+  Authorization:
+    Type: APIKey
+    Key: apiKey
+    Location: QueryParams
+    AuthScheme: ''
+
+SkillGroups:
+  - Format: API
+    Settings:
+      OpenApiSpecUrl: https://raw.githubusercontent.com/Azure/Copilot-For-Security/main/Plugins/Community%20Based%20Plugins/IPGeoLocation/OpenAPI/ipgl-openapi.yaml

Plugins/Community Based Plugins/IPQualityScore/OpenAPI/ipqs-openapi.yaml

@@ -0,0 +1,52 @@
+openapi: 3.0.0
+info:
+  title: IPQualityScore
+  version: 1.0.0
+servers:
+  - url: https://ipqualityscore.com
+paths:
+  "/api/json/ip/":
+    get:
+      tags:
+        - default
+      operationId: IPQualityScore 
+      summary: This path checks an IP address' location, ISP, Type, Reputation Score and Abuse Velocity.
+      parameters:
+        - name: ip
+          in: query
+          schema:
+            type: string
+          required: true
+        - name: strictness
+          in: query
+          schema:
+            type: integer
+          example: 0
+        - name: allow_public_access_points
+          in: query
+          schema:
+            type: boolean
+          example: true
+        - name: fast
+          in: query
+          schema:
+            type: boolean
+          example: true
+        - name: lighter_penalties
+          in: query
+          schema:
+            type: boolean
+          example: true
+        - name: mobile
+          in: query
+          schema:
+            type: boolean
+          example: true
+      responses:
+        "200":
+          description: Successful response
+          content:
+            application/json: {}
+        default:
+          description: default
+components: {}

Plugins/Community Based Plugins/IPQualityScore/README.md

@@ -0,0 +1,30 @@
+# Copilot for Security Custom Plugin - API - Get IP Information from IP Quality Score
+
+#### Copilot for Security Plugin to gather type, location, reputation score, and abuse velocity for an IP Address using IP Quality Score
+
+### Pre-requisites
+
+* [Copilot for Security Enabled](https://learn.microsoft.com/en-us/security-copilot/get-started-security-copilot#onboarding-to-microsoft-security-copilot)
+* [Access to upload custom plugins](https://learn.microsoft.com/en-us/security-copilot/manage-plugins?tabs=securitycopilotplugin#managing-custom-plugins)
+* [API Key](https://www.ipqualityscore.com/proxy-vpn-tor-detection-service) from IP Quality Score
+
+### Instructions
+#### Upload the Custom Plugin
+
+1. Obtain the file [ipqs-manifest.yaml](https://github.com/Azure/Copilot-For-Security/blob/main/Plugins/Community%20Based%20Plugins/IPQualityScore/ipqs-manifest.yaml) from this directory.
+2. [Upload the custom plugin](https://learn.microsoft.com/en-us/security-copilot/manage-plugins?tabs=securitycopilotplugin#add-custom-plugins) and verify it's activated.
+3. After plugin upload put in your [IPQS API Key](https://learn.microsoft.com/en-us/security-copilot/plugin_api#configure-authentication-1).
+
+![CopilotForSecurity](https://learn.microsoft.com/en-us/security-copilot/media/add-plugin-button.png)
+
+### Plugin Utilization
+
+Here's some sample queries you can utilize to trigger this plugin
+
+* Summarize the information for the IP 1.1.1.1 from IPQS
+* Summarize the information for the IP 4.4.4.4 from IPQS as bullet points
+* Give me the location, ISP and reputation score of the IP address 8.8.8.8 from IPQS in form of a table
+<br>
+<img src="https://github.com/Azure/Copilot-For-Security/blob/main/Plugins/Community%20Based%20Plugins/Images/ipqs-example-screenshot-1.png"/>
+<br>
+<img src="https://github.com/Azure/Copilot-For-Security/blob/main/Plugins/Community%20Based%20Plugins/Images/ipqs-example-screenshot-2.png"/>

Plugins/Community Based Plugins/IPQualityScore/ipqs-manifest.yaml

@@ -0,0 +1,16 @@
+Descriptor:
+  Name: IPQS
+  DisplayName: IP Quality Score
+  Description: This tool checks an IP address' location, ISP, reputation etc. using IP Quality Score
+  SupportedAuthTypes:
+    - ApiKey
+  Authorization:
+    Type: APIKey
+    Key: IPQS-KEY
+    Location: Header
+    AuthScheme: ''
+
+SkillGroups:
+  - Format: API
+    Settings:
+      OpenApiSpecUrl: https://raw.githubusercontent.com/Azure/Copilot-For-Security/main/Plugins/Community%20Based%20Plugins/IPQualityScore/OpenAPI/ipqs-openapi.yaml