diff --git a/Packs/ReversingLabs_Titanium_Cloud/Integrations/ReversingLabsTitaniumCloudv2/ReversingLabsTitaniumCloudv2.py b/Packs/ReversingLabs_Titanium_Cloud/Integrations/ReversingLabsTitaniumCloudv2/ReversingLabsTitaniumCloudv2.py index 6eebd92b6a63..14de02869b78 100644 --- a/Packs/ReversingLabs_Titanium_Cloud/Integrations/ReversingLabsTitaniumCloudv2/ReversingLabsTitaniumCloudv2.py +++ b/Packs/ReversingLabs_Titanium_Cloud/Integrations/ReversingLabsTitaniumCloudv2/ReversingLabsTitaniumCloudv2.py @@ -30,7 +30,7 @@ YARARetroHunting, ) -VERSION = get_pack_version() or "v2.7.0" +VERSION = f"v{get_pack_version()}" or "v2.7.0" USER_AGENT = f"ReversingLabs XSOAR TitaniumCloud {VERSION}" TICLOUD_URL = demisto.params().get("base") diff --git a/Packs/ReversingLabs_Titanium_Cloud/Integrations/ReversingLabsTitaniumCloudv2/ReversingLabsTitaniumCloudv2_test.py b/Packs/ReversingLabs_Titanium_Cloud/Integrations/ReversingLabsTitaniumCloudv2/ReversingLabsTitaniumCloudv2_test.py index ac1d41d05fac..66bf2f9c9029 100644 --- a/Packs/ReversingLabs_Titanium_Cloud/Integrations/ReversingLabsTitaniumCloudv2/ReversingLabsTitaniumCloudv2_test.py +++ b/Packs/ReversingLabs_Titanium_Cloud/Integrations/ReversingLabsTitaniumCloudv2/ReversingLabsTitaniumCloudv2_test.py @@ -41,7 +41,13 @@ yara_retro_actions_output, yara_retro_matches_feed_output, yara_ruleset_output, + ip_command, + file_command, + domain_command, + url_command ) +from ReversingLabs.SDK.helper import WrongInputError + INTEGRATION_NAME = "ReversingLabs TitaniumCloud v2" test_hash = "21841b32c6165b27dddbd4d6eb3a672defe54271" @@ -400,3 +406,23 @@ def test_customer_data_output(): result = customer_usage_data_output(data_type="MONTHLY USAGE", whole_company=False, response_json=report) assert result.to_context().get("Contents").get("customer_usage_data").get("rl").get("month") == "2024-06" + + +def test_ip_command(): + with pytest.raises(WrongInputError): + ip_command() + + +def test_domain_command(): + with pytest.raises(WrongInputError): + domain_command() + + +def test_url_command(): + with pytest.raises(WrongInputError): + url_command() + + +def test_file_command(): + with pytest.raises(WrongInputError): + file_command() diff --git a/Packs/ReversingLabs_Titanium_Cloud/Integrations/ReversingLabsTitaniumCloudv2/test_data/domain_report.json b/Packs/ReversingLabs_Titanium_Cloud/Integrations/ReversingLabsTitaniumCloudv2/test_data/domain_report.json index bd236fd4df0e..90c4038a7a2f 100644 --- a/Packs/ReversingLabs_Titanium_Cloud/Integrations/ReversingLabsTitaniumCloudv2/test_data/domain_report.json +++ b/Packs/ReversingLabs_Titanium_Cloud/Integrations/ReversingLabsTitaniumCloudv2/test_data/domain_report.json @@ -1 +1 @@ -{"rl": {"last_dns_records": [{"type": "A", "value": "85.187.128.34", "provider": "ReversingLabs"}], "last_dns_records_time": "2023-08-25T09:34:16", "third_party_reputations": {"sources": [{"detection": "undetected", "source": "phishing_database", "update_time": "2023-11-06T02:25:55"}, {"detection": "undetected", "source": "0xSI_f33d", "update_time": "2023-11-06T06:22:03"}, {"detection": "undetected", "source": "cyradar", "update_time": "2023-11-06T08:15:05"}, {"detection": "malicious", "source": "adminus_labs", "update_time": "2023-11-06T13:53:59", "detect_time": "2023-10-22T21:13:34"}, {"detection": "undetected", "source": "apwg", "update_time": "2023-11-02T17:30:36"}, {"detection": "undetected", "source": "netstar", "update_time": "2023-11-06T13:13:59"}, {"detection": "undetected", "source": "threatfox_abuse_ch", "update_time": "2023-11-06T08:20:49"}, {"detection": "undetected", "source": "botvrij", "update_time": "2023-11-06T02:26:03"}, {"detection": "undetected", "source": "alphamountain", "update_time": "2023-11-06T12:59:58"}, {"detection": "undetected", "source": "comodo_valkyrie", "update_time": "2023-11-06T05:53:24"}, {"detection": "undetected", "source": "web_security_guard", "update_time": "2022-01-21T06:56:15"}, {"detection": "undetected", "source": "osint", "update_time": "2023-11-06T01:30:13"}, {"detection": "malicious", "source": "crdf", "update_time": "2023-11-06T08:34:19", "detect_time": "2023-10-23T03:27:25"}], "statistics": {"total": 13, "malicious": 2, "undetected": 11, "clean": 0}}, "top_threats": [{"threat_name": "Win32.Trojan.RedLine", "threat_level": 5, "files_count": 1}], "modified_time": "2023-11-06T13:53:59", "downloaded_files_statistics": {"known": 54, "unknown": 0, "suspicious": 0, "total": 55, "malicious": 1}, "requested_domain": "bloom-artists.com"}} \ No newline at end of file +{"rl": {"requested_domain": "bloom-artists.com", "third_party_reputations": {"statistics": {"malicious": 2, "clean": 0, "suspicious": 0, "undetected": 8, "total": 10}, "sources": [{"source": "cyradar", "update_time": "2025-04-28T12:29:32", "detection": "undetected"}, {"source": "threatfox_abuse_ch", "update_time": "2025-04-28T07:20:37", "detection": "undetected"}, {"source": "0xSI_f33d", "update_time": "2025-04-28T05:21:05", "detection": "undetected"}, {"source": "apwg", "update_time": "2025-04-28T04:57:03", "detection": "undetected"}, {"source": "crdf", "update_time": "2025-04-28T12:44:43", "detection": "undetected", "categories": [], "detect_time": "2025-04-20T02:10:05"}, {"source": "osint", "update_time": "2025-04-28T00:30:40", "detection": "undetected"}, {"source": "netstar", "update_time": "2025-04-28T12:11:20", "detection": "malicious", "categories": ["malware_file"], "detect_time": "2025-03-11T13:50:55"}, {"source": "phishing_database", "update_time": "2025-04-28T01:37:21", "detection": "undetected"}, {"source": "botvrij", "update_time": "2025-04-28T01:24:57", "detection": "undetected"}, {"source": "adminus_labs", "update_time": "2025-04-28T12:44:43", "detection": "malicious", "categories": [], "detect_time": "2025-04-11T21:06:59"}]}, "downloaded_files_statistics": {"unknown": 0, "known": 54, "suspicious": 0, "malicious": 1, "total": 55}, "last_dns_records": [{"type": "A", "value": "85.187.128.34", "provider": "ReversingLabs"}, {"type": "NS", "value": "ns24.domaincontrol.com", "provider": "ReversingLabs"}, {"type": "TXT", "value": "\"google-site-verification=Wj87EBeNi2R6elf6yJDVcocU59YAf1SdrNBjsRwVIPU\"", "provider": "ReversingLabs"}], "top_threats": [{"threat_name": "Win32.Ransomware.RedLine", "threat_level": 5, "files_count": 1}], "last_dns_records_time": "2025-04-26T05:23:38", "last_seen": "2025-04-26T05:23:38", "modified_time": "2025-04-26T05:23:38"}} \ No newline at end of file diff --git a/Packs/ReversingLabs_Titanium_Cloud/Integrations/ReversingLabsTitaniumCloudv2/test_data/domain_report_context.json b/Packs/ReversingLabs_Titanium_Cloud/Integrations/ReversingLabsTitaniumCloudv2/test_data/domain_report_context.json index 2a02309abada..ecd248ab0235 100644 --- a/Packs/ReversingLabs_Titanium_Cloud/Integrations/ReversingLabsTitaniumCloudv2/test_data/domain_report_context.json +++ b/Packs/ReversingLabs_Titanium_Cloud/Integrations/ReversingLabsTitaniumCloudv2/test_data/domain_report_context.json @@ -1 +1 @@ -{"Type": 1, "ContentsFormat": "json", "Contents": {"domain_report": {"rl": {"last_dns_records": [{"type": "A", "value": "85.187.128.34", "provider": "ReversingLabs"}], "last_dns_records_time": "2023-08-25T09:34:16", "third_party_reputations": {"sources": [{"detection": "undetected", "source": "phishing_database", "update_time": "2023-11-06T02:25:55"}, {"detection": "undetected", "source": "0xSI_f33d", "update_time": "2023-11-06T06:22:03"}, {"detection": "undetected", "source": "cyradar", "update_time": "2023-11-06T08:15:05"}, {"detection": "malicious", "source": "adminus_labs", "update_time": "2023-11-06T13:53:59", "detect_time": "2023-10-22T21:13:34"}, {"detection": "undetected", "source": "apwg", "update_time": "2023-11-02T17:30:36"}, {"detection": "undetected", "source": "netstar", "update_time": "2023-11-06T13:13:59"}, {"detection": "undetected", "source": "threatfox_abuse_ch", "update_time": "2023-11-06T08:20:49"}, {"detection": "undetected", "source": "botvrij", "update_time": "2023-11-06T02:26:03"}, {"detection": "undetected", "source": "alphamountain", "update_time": "2023-11-06T12:59:58"}, {"detection": "undetected", "source": "comodo_valkyrie", "update_time": "2023-11-06T05:53:24"}, {"detection": "undetected", "source": "web_security_guard", "update_time": "2022-01-21T06:56:15"}, {"detection": "undetected", "source": "osint", "update_time": "2023-11-06T01:30:13"}, {"detection": "malicious", "source": "crdf", "update_time": "2023-11-06T08:34:19", "detect_time": "2023-10-23T03:27:25"}], "statistics": {"total": 13, "malicious": 2, "undetected": 11, "clean": 0}}, "top_threats": [{"threat_name": "Win32.Trojan.RedLine", "threat_level": 5, "files_count": 1}], "modified_time": "2023-11-06T13:53:59", "downloaded_files_statistics": {"known": 54, "unknown": 0, "suspicious": 0, "total": 55, "malicious": 1}, "requested_domain": "bloom-artists.com"}}}, "HumanReadable": "## ReversingLabs Domain Report for bloom-artists.com\n ### Last DNS records\n|provider|type|value|\n|---|---|---|\n| ReversingLabs | A | 85.187.128.34 |\n\n \n**Last DNS records time**: 2023-08-25T09:34:16\n \n ### Top threats\n|files_count|threat_level|threat_name|\n|---|---|---|\n| 1 | 5 | Win32.Trojan.RedLine |\n\n ### Third party statistics\n **CLEAN**: 0\n **MALICIOUS**: 2\n **UNDETECTED**: 11\n **TOTAL**: 13\n \n ### Third party sources\n|detection|source|update_time|\n|---|---|---|\n| undetected | phishing_database | 2023-11-06T02:25:55 |\n| undetected | 0xSI_f33d | 2023-11-06T06:22:03 |\n| undetected | cyradar | 2023-11-06T08:15:05 |\n| **malicious** | adminus_labs | 2023-11-06T13:53:59 |\n| undetected | apwg | 2023-11-02T17:30:36 |\n| undetected | netstar | 2023-11-06T13:13:59 |\n| undetected | threatfox_abuse_ch | 2023-11-06T08:20:49 |\n| undetected | botvrij | 2023-11-06T02:26:03 |\n| undetected | alphamountain | 2023-11-06T12:59:58 |\n| undetected | comodo_valkyrie | 2023-11-06T05:53:24 |\n| undetected | web_security_guard | 2022-01-21T06:56:15 |\n| undetected | osint | 2023-11-06T01:30:13 |\n| **malicious** | crdf | 2023-11-06T08:34:19 |\n\n ### Downloaded files statistics\n **KNOWN**: 54\n **MALICIOUS**: 1\n **SUSPICIOUS**: 0\n **UNKNOWN**: 0\n **TOTAL**: 55\n ", "EntryContext": {"Domain(val.Name && val.Name == obj.Name)": [{"Name": "bloom-artists.com"}], "DBotScore(val.Indicator && val.Indicator == obj.Indicator && val.Vendor == obj.Vendor && val.Type == obj.Type)": [{"Indicator": "bloom-artists.com", "Type": "domain", "Vendor": "ReversingLabs TitaniumCloud v2", "Score": 0, "Reliability": "C - Fairly reliable"}], "ReversingLabs": {"domain_report": {"rl": {"last_dns_records": [{"type": "A", "value": "85.187.128.34", "provider": "ReversingLabs"}], "last_dns_records_time": "2023-08-25T09:34:16", "third_party_reputations": {"sources": [{"detection": "undetected", "source": "phishing_database", "update_time": "2023-11-06T02:25:55"}, {"detection": "undetected", "source": "0xSI_f33d", "update_time": "2023-11-06T06:22:03"}, {"detection": "undetected", "source": "cyradar", "update_time": "2023-11-06T08:15:05"}, {"detection": "malicious", "source": "adminus_labs", "update_time": "2023-11-06T13:53:59", "detect_time": "2023-10-22T21:13:34"}, {"detection": "undetected", "source": "apwg", "update_time": "2023-11-02T17:30:36"}, {"detection": "undetected", "source": "netstar", "update_time": "2023-11-06T13:13:59"}, {"detection": "undetected", "source": "threatfox_abuse_ch", "update_time": "2023-11-06T08:20:49"}, {"detection": "undetected", "source": "botvrij", "update_time": "2023-11-06T02:26:03"}, {"detection": "undetected", "source": "alphamountain", "update_time": "2023-11-06T12:59:58"}, {"detection": "undetected", "source": "comodo_valkyrie", "update_time": "2023-11-06T05:53:24"}, {"detection": "undetected", "source": "web_security_guard", "update_time": "2022-01-21T06:56:15"}, {"detection": "undetected", "source": "osint", "update_time": "2023-11-06T01:30:13"}, {"detection": "malicious", "source": "crdf", "update_time": "2023-11-06T08:34:19", "detect_time": "2023-10-23T03:27:25"}], "statistics": {"total": 13, "malicious": 2, "undetected": 11, "clean": 0}}, "top_threats": [{"threat_name": "Win32.Trojan.RedLine", "threat_level": 5, "files_count": 1}], "modified_time": "2023-11-06T13:53:59", "downloaded_files_statistics": {"known": 54, "unknown": 0, "suspicious": 0, "total": 55, "malicious": 1}, "requested_domain": "bloom-artists.com"}}}}, "IndicatorTimeline": [], "IgnoreAutoExtract": false, "Note": false, "Relationships": []} \ No newline at end of file +{"Type": 1, "ContentsFormat": "json", "Contents": {"domain_report": {"rl": {"requested_domain": "bloom-artists.com", "third_party_reputations": {"statistics": {"malicious": 2, "clean": 0, "suspicious": 0, "undetected": 8, "total": 10}, "sources": [{"source": "cyradar", "update_time": "2025-04-28T12:29:32", "detection": "undetected"}, {"source": "threatfox_abuse_ch", "update_time": "2025-04-28T07:20:37", "detection": "undetected"}, {"source": "0xSI_f33d", "update_time": "2025-04-28T05:21:05", "detection": "undetected"}, {"source": "apwg", "update_time": "2025-04-28T04:57:03", "detection": "undetected"}, {"source": "crdf", "update_time": "2025-04-28T12:44:43", "detection": "undetected", "categories": [], "detect_time": "2025-04-20T02:10:05"}, {"source": "osint", "update_time": "2025-04-28T00:30:40", "detection": "undetected"}, {"source": "netstar", "update_time": "2025-04-28T12:11:20", "detection": "malicious", "categories": ["malware_file"], "detect_time": "2025-03-11T13:50:55"}, {"source": "phishing_database", "update_time": "2025-04-28T01:37:21", "detection": "undetected"}, {"source": "botvrij", "update_time": "2025-04-28T01:24:57", "detection": "undetected"}, {"source": "adminus_labs", "update_time": "2025-04-28T12:44:43", "detection": "malicious", "categories": [], "detect_time": "2025-04-11T21:06:59"}]}, "downloaded_files_statistics": {"unknown": 0, "known": 54, "suspicious": 0, "malicious": 1, "total": 55}, "last_dns_records": [{"type": "A", "value": "85.187.128.34", "provider": "ReversingLabs"}, {"type": "NS", "value": "ns24.domaincontrol.com", "provider": "ReversingLabs"}, {"type": "TXT", "value": "\"google-site-verification=Wj87EBeNi2R6elf6yJDVcocU59YAf1SdrNBjsRwVIPU\"", "provider": "ReversingLabs"}], "top_threats": [{"threat_name": "Win32.Ransomware.RedLine", "threat_level": 5, "files_count": 1}], "last_dns_records_time": "2025-04-26T05:23:38", "last_seen": "2025-04-26T05:23:38", "modified_time": "2025-04-26T05:23:38"}}}, "HumanReadable": "## ReversingLabs Domain Report for bloom-artists.com\n\n ### Last DNS records\n|provider|type|value|\n|---|---|---|\n| ReversingLabs | A | 85.187.128.34 |\n| ReversingLabs | NS | ns24.domaincontrol.com |\n| ReversingLabs | TXT | \"google-site-verification=Wj87EBeNi2R6elf6yJDVcocU59YAf1SdrNBjsRwVIPU\" |\n\n \n**Last DNS records time**: 2025-04-26T05:23:38\n \n ### Top threats\n|files_count|threat_level|threat_name|\n|---|---|---|\n| 1 | 5 | Win32.Ransomware.RedLine |\n\n ### Third party statistics\n **CLEAN**: 0\n **MALICIOUS**: 2\n **UNDETECTED**: 8\n **TOTAL**: 10\n \n ### Third party sources\n|detection|source|update_time|\n|---|---|---|\n| undetected | cyradar | 2025-04-28T12:29:32 |\n| undetected | threatfox_abuse_ch | 2025-04-28T07:20:37 |\n| undetected | 0xSI_f33d | 2025-04-28T05:21:05 |\n| undetected | apwg | 2025-04-28T04:57:03 |\n| undetected | crdf | 2025-04-28T12:44:43 |\n| undetected | osint | 2025-04-28T00:30:40 |\n| **malicious** | netstar | 2025-04-28T12:11:20 |\n| undetected | phishing_database | 2025-04-28T01:37:21 |\n| undetected | botvrij | 2025-04-28T01:24:57 |\n| **malicious** | adminus_labs | 2025-04-28T12:44:43 |\n\n ### Downloaded files statistics\n **KNOWN**: 54\n **MALICIOUS**: 1\n **SUSPICIOUS**: 0\n **UNKNOWN**: 0\n **TOTAL**: 55\n ", "EntryContext": {"Domain(val.Name && val.Name == obj.Name)": [{"Name": "bloom-artists.com"}], "DBotScore(val.Indicator && val.Indicator == obj.Indicator && val.Vendor == obj.Vendor && val.Type == obj.Type)": [{"Indicator": "bloom-artists.com", "Type": "domain", "Vendor": "ReversingLabs TitaniumCloud v2", "Score": 0, "Reliability": "C - Fairly reliable"}], "ReversingLabs": {"domain_report": {"rl": {"requested_domain": "bloom-artists.com", "third_party_reputations": {"statistics": {"malicious": 2, "clean": 0, "suspicious": 0, "undetected": 8, "total": 10}, "sources": [{"source": "cyradar", "update_time": "2025-04-28T12:29:32", "detection": "undetected"}, {"source": "threatfox_abuse_ch", "update_time": "2025-04-28T07:20:37", "detection": "undetected"}, {"source": "0xSI_f33d", "update_time": "2025-04-28T05:21:05", "detection": "undetected"}, {"source": "apwg", "update_time": "2025-04-28T04:57:03", "detection": "undetected"}, {"source": "crdf", "update_time": "2025-04-28T12:44:43", "detection": "undetected", "categories": [], "detect_time": "2025-04-20T02:10:05"}, {"source": "osint", "update_time": "2025-04-28T00:30:40", "detection": "undetected"}, {"source": "netstar", "update_time": "2025-04-28T12:11:20", "detection": "malicious", "categories": ["malware_file"], "detect_time": "2025-03-11T13:50:55"}, {"source": "phishing_database", "update_time": "2025-04-28T01:37:21", "detection": "undetected"}, {"source": "botvrij", "update_time": "2025-04-28T01:24:57", "detection": "undetected"}, {"source": "adminus_labs", "update_time": "2025-04-28T12:44:43", "detection": "malicious", "categories": [], "detect_time": "2025-04-11T21:06:59"}]}, "downloaded_files_statistics": {"unknown": 0, "known": 54, "suspicious": 0, "malicious": 1, "total": 55}, "last_dns_records": [{"type": "A", "value": "85.187.128.34", "provider": "ReversingLabs"}, {"type": "NS", "value": "ns24.domaincontrol.com", "provider": "ReversingLabs"}, {"type": "TXT", "value": "\"google-site-verification=Wj87EBeNi2R6elf6yJDVcocU59YAf1SdrNBjsRwVIPU\"", "provider": "ReversingLabs"}], "top_threats": [{"threat_name": "Win32.Ransomware.RedLine", "threat_level": 5, "files_count": 1}], "last_dns_records_time": "2025-04-26T05:23:38", "last_seen": "2025-04-26T05:23:38", "modified_time": "2025-04-26T05:23:38"}}}}, "IndicatorTimeline": [], "IgnoreAutoExtract": false, "Note": false, "Relationships": []} \ No newline at end of file diff --git a/Packs/ReversingLabs_Titanium_Cloud/Integrations/ReversingLabsTitaniumCloudv2/test_data/ip_report.json b/Packs/ReversingLabs_Titanium_Cloud/Integrations/ReversingLabsTitaniumCloudv2/test_data/ip_report.json index ce73be469d76..9f9968c53317 100644 --- a/Packs/ReversingLabs_Titanium_Cloud/Integrations/ReversingLabsTitaniumCloudv2/test_data/ip_report.json +++ b/Packs/ReversingLabs_Titanium_Cloud/Integrations/ReversingLabsTitaniumCloudv2/test_data/ip_report.json @@ -1 +1 @@ -{"rl": {"requested_ip": "5.42.64.70", "third_party_reputations": {"sources": [{"detection": "undetected", "source": "adminus_labs", "update_time": "2023-11-06T14:20:53"}, {"detection": "undetected", "source": "apwg", "update_time": "2023-11-01T21:23:52"}, {"detection": "undetected", "source": "threatfox_abuse_ch", "update_time": "2023-11-06T08:20:49"}, {"detection": "undetected", "source": "alphamountain", "update_time": "2023-11-06T12:59:58"}, {"detection": "undetected", "source": "osint", "update_time": "2023-11-06T01:30:13"}, {"detection": "undetected", "source": "feodotracker", "update_time": "2023-11-06T05:28:24"}, {"detection": "malicious", "source": "crdf", "update_time": "2023-11-06T08:34:19", "detect_time": "2023-10-27T03:54:23"}], "statistics": {"total": 7, "malicious": 1, "undetected": 6, "clean": 0}}, "downloaded_files_statistics": {"known": 0, "unknown": 0, "suspicious": 0, "total": 0, "malicious": 0}, "modified_time": "2023-11-06T14:20:53"}} \ No newline at end of file +{"rl": {"requested_ip": "5.42.64.70", "third_party_reputations": {"statistics": {"malicious": 0, "clean": 0, "suspicious": 0, "undetected": 9, "total": 9}, "sources": [{"source": "crdf", "update_time": "2025-04-28T12:44:43", "detection": "undetected", "categories": [], "detect_time": "2025-04-20T09:06:05"}, {"source": "cyradar", "update_time": "2025-04-28T12:29:32", "detection": "undetected"}, {"source": "cyren", "update_time": "2025-04-28T07:59:28", "detection": "undetected"}, {"source": "feodotracker", "update_time": "2025-04-28T04:27:59", "detection": "undetected"}, {"source": "blocklist_de", "update_time": "2025-04-28T11:26:08", "detection": "undetected"}, {"source": "apwg", "update_time": "2025-04-28T08:24:32", "detection": "undetected"}, {"source": "osint", "update_time": "2025-04-28T00:30:40", "detection": "undetected"}, {"source": "threatfox_abuse_ch", "update_time": "2025-04-28T07:20:38", "detection": "undetected", "categories": [], "detect_time": "2024-04-07T07:20:06"}, {"source": "adminus_labs", "update_time": "2025-04-28T12:43:24", "detection": "undetected"}]}, "downloaded_files_statistics": {"unknown": 0, "known": 1, "suspicious": 0, "malicious": 0, "total": 1}, "last_seen": "2025-04-20T09:06:05", "modified_time": "2025-04-20T09:06:05"}} \ No newline at end of file diff --git a/Packs/ReversingLabs_Titanium_Cloud/Integrations/ReversingLabsTitaniumCloudv2/test_data/ip_report_context.json b/Packs/ReversingLabs_Titanium_Cloud/Integrations/ReversingLabsTitaniumCloudv2/test_data/ip_report_context.json index 7eff595122ac..f2e8915da14e 100644 --- a/Packs/ReversingLabs_Titanium_Cloud/Integrations/ReversingLabsTitaniumCloudv2/test_data/ip_report_context.json +++ b/Packs/ReversingLabs_Titanium_Cloud/Integrations/ReversingLabsTitaniumCloudv2/test_data/ip_report_context.json @@ -1 +1 @@ -{"Type": 1, "ContentsFormat": "json", "Contents": {"ip_report": {"rl": {"requested_ip": "5.42.64.70", "third_party_reputations": {"sources": [{"detection": "undetected", "source": "adminus_labs", "update_time": "2023-11-06T14:20:53"}, {"detection": "undetected", "source": "apwg", "update_time": "2023-11-01T21:23:52"}, {"detection": "undetected", "source": "threatfox_abuse_ch", "update_time": "2023-11-06T08:20:49"}, {"detection": "undetected", "source": "alphamountain", "update_time": "2023-11-06T12:59:58"}, {"detection": "undetected", "source": "osint", "update_time": "2023-11-06T01:30:13"}, {"detection": "undetected", "source": "feodotracker", "update_time": "2023-11-06T05:28:24"}, {"detection": "malicious", "source": "crdf", "update_time": "2023-11-06T08:34:19", "detect_time": "2023-10-27T03:54:23"}], "statistics": {"total": 7, "malicious": 1, "undetected": 6, "clean": 0}}, "downloaded_files_statistics": {"known": 0, "unknown": 0, "suspicious": 0, "total": 0, "malicious": 0}, "modified_time": "2023-11-06T14:20:53"}}}, "HumanReadable": "## ReversingLabs IP address report for 5.42.64.70\n ### Downloaded files statistics\n **KNOWN**: 0\n **MALICIOUS**: 0\n **SUSPICIOUS**: 0\n **UNKNOWN**: 0\n **TOTAL**: 0\n \n ### Third party statistics\n **CLEAN**: 0\n **MALICIOUS**: 1\n **UNDETECTED**: 6\n **TOTAL**: 7\n \n ### Third party sources\n|detection|source|update_time|\n|---|---|---|\n| undetected | adminus_labs | 2023-11-06T14:20:53 |\n| undetected | apwg | 2023-11-01T21:23:52 |\n| undetected | threatfox_abuse_ch | 2023-11-06T08:20:49 |\n| undetected | alphamountain | 2023-11-06T12:59:58 |\n| undetected | osint | 2023-11-06T01:30:13 |\n| undetected | feodotracker | 2023-11-06T05:28:24 |\n| **malicious** | crdf | 2023-11-06T08:34:19 |\n", "EntryContext": {"IP(val.Address && val.Address == obj.Address)": [{"Address": "5.42.64.70"}], "DBotScore(val.Indicator && val.Indicator == obj.Indicator && val.Vendor == obj.Vendor && val.Type == obj.Type)": [{"Indicator": "5.42.64.70", "Type": "ip", "Vendor": "ReversingLabs TitaniumCloud v2", "Score": 0, "Reliability": "C - Fairly reliable"}], "ReversingLabs": {"ip_report": {"rl": {"requested_ip": "5.42.64.70", "third_party_reputations": {"sources": [{"detection": "undetected", "source": "adminus_labs", "update_time": "2023-11-06T14:20:53"}, {"detection": "undetected", "source": "apwg", "update_time": "2023-11-01T21:23:52"}, {"detection": "undetected", "source": "threatfox_abuse_ch", "update_time": "2023-11-06T08:20:49"}, {"detection": "undetected", "source": "alphamountain", "update_time": "2023-11-06T12:59:58"}, {"detection": "undetected", "source": "osint", "update_time": "2023-11-06T01:30:13"}, {"detection": "undetected", "source": "feodotracker", "update_time": "2023-11-06T05:28:24"}, {"detection": "malicious", "source": "crdf", "update_time": "2023-11-06T08:34:19", "detect_time": "2023-10-27T03:54:23"}], "statistics": {"total": 7, "malicious": 1, "undetected": 6, "clean": 0}}, "downloaded_files_statistics": {"known": 0, "unknown": 0, "suspicious": 0, "total": 0, "malicious": 0}, "modified_time": "2023-11-06T14:20:53"}}}}, "IndicatorTimeline": [], "IgnoreAutoExtract": false, "Note": false, "Relationships": []} \ No newline at end of file +{"Type": 1, "ContentsFormat": "json", "Contents": {"ip_report": {"rl": {"requested_ip": "5.42.64.70", "third_party_reputations": {"statistics": {"malicious": 0, "clean": 0, "suspicious": 0, "undetected": 9, "total": 9}, "sources": [{"source": "crdf", "update_time": "2025-04-28T12:44:43", "detection": "undetected", "categories": [], "detect_time": "2025-04-20T09:06:05"}, {"source": "cyradar", "update_time": "2025-04-28T12:29:32", "detection": "undetected"}, {"source": "cyren", "update_time": "2025-04-28T07:59:28", "detection": "undetected"}, {"source": "feodotracker", "update_time": "2025-04-28T04:27:59", "detection": "undetected"}, {"source": "blocklist_de", "update_time": "2025-04-28T11:26:08", "detection": "undetected"}, {"source": "apwg", "update_time": "2025-04-28T08:24:32", "detection": "undetected"}, {"source": "osint", "update_time": "2025-04-28T00:30:40", "detection": "undetected"}, {"source": "threatfox_abuse_ch", "update_time": "2025-04-28T07:20:38", "detection": "undetected", "categories": [], "detect_time": "2024-04-07T07:20:06"}, {"source": "adminus_labs", "update_time": "2025-04-28T12:43:24", "detection": "undetected"}]}, "downloaded_files_statistics": {"unknown": 0, "known": 1, "suspicious": 0, "malicious": 0, "total": 1}, "last_seen": "2025-04-20T09:06:05", "modified_time": "2025-04-20T09:06:05"}}}, "HumanReadable": "## ReversingLabs IP address report for 5.42.64.70\n\n ### Downloaded files statistics\n **KNOWN**: 1\n **MALICIOUS**: 0\n **SUSPICIOUS**: 0\n **UNKNOWN**: 0\n **TOTAL**: 1\n \n ### Third party statistics\n **CLEAN**: 0\n **MALICIOUS**: 0\n **UNDETECTED**: 9\n **TOTAL**: 9\n \n ### Third party sources\n|categories|detect_time|detection|source|update_time|\n|---|---|---|---|---|\n| | 2025-04-20T09:06:05 | undetected | crdf | 2025-04-28T12:44:43 |\n| | | undetected | cyradar | 2025-04-28T12:29:32 |\n| | | undetected | cyren | 2025-04-28T07:59:28 |\n| | | undetected | feodotracker | 2025-04-28T04:27:59 |\n| | | undetected | blocklist_de | 2025-04-28T11:26:08 |\n| | | undetected | apwg | 2025-04-28T08:24:32 |\n| | | undetected | osint | 2025-04-28T00:30:40 |\n| | 2024-04-07T07:20:06 | undetected | threatfox_abuse_ch | 2025-04-28T07:20:38 |\n| | | undetected | adminus_labs | 2025-04-28T12:43:24 |\n", "EntryContext": {"IP(val.Address && val.Address == obj.Address)": [{"Address": "5.42.64.70"}], "DBotScore(val.Indicator && val.Indicator == obj.Indicator && val.Vendor == obj.Vendor && val.Type == obj.Type)": [{"Indicator": "5.42.64.70", "Type": "ip", "Vendor": "ReversingLabs TitaniumCloud v2", "Score": 0, "Reliability": "C - Fairly reliable"}], "ReversingLabs": {"ip_report": {"rl": {"requested_ip": "5.42.64.70", "third_party_reputations": {"statistics": {"malicious": 0, "clean": 0, "suspicious": 0, "undetected": 9, "total": 9}, "sources": [{"source": "crdf", "update_time": "2025-04-28T12:44:43", "detection": "undetected", "categories": [], "detect_time": "2025-04-20T09:06:05"}, {"source": "cyradar", "update_time": "2025-04-28T12:29:32", "detection": "undetected"}, {"source": "cyren", "update_time": "2025-04-28T07:59:28", "detection": "undetected"}, {"source": "feodotracker", "update_time": "2025-04-28T04:27:59", "detection": "undetected"}, {"source": "blocklist_de", "update_time": "2025-04-28T11:26:08", "detection": "undetected"}, {"source": "apwg", "update_time": "2025-04-28T08:24:32", "detection": "undetected"}, {"source": "osint", "update_time": "2025-04-28T00:30:40", "detection": "undetected"}, {"source": "threatfox_abuse_ch", "update_time": "2025-04-28T07:20:38", "detection": "undetected", "categories": [], "detect_time": "2024-04-07T07:20:06"}, {"source": "adminus_labs", "update_time": "2025-04-28T12:43:24", "detection": "undetected"}]}, "downloaded_files_statistics": {"unknown": 0, "known": 1, "suspicious": 0, "malicious": 0, "total": 1}, "last_seen": "2025-04-20T09:06:05", "modified_time": "2025-04-20T09:06:05"}}}}, "IndicatorTimeline": [], "IgnoreAutoExtract": false, "Note": false, "Relationships": []} \ No newline at end of file