API Documentation

Please note:

This API is still under development!

API Version:

Beta Version

Status Endpoints

Method	URI	Content Type	Auth Required
GET	`/api/beta/status`	application/json	No

Statistics Endpoints

Method	URI	Content Type	Auth Required
GET	`/api/beta/statistics/{request}[/{days}]`	application/json	No

GET Parameter	Options	Required	Description
`request`	top_malware, top_ioc_types, top_threat_types, top_tags, top_contributors, submissions, submissions_count	Yes	Specify what statistic you want.
`days`	0-90	No	Set number of days to query.

Curl Command	Example Output
`curl https://ioc-app.colombo.technology/api/beta/statistics/submissions_count/14 \| jq '.'`	`{ "count": 12705 }`

Search Endpoints

Method	URI	Content Type	Auth Required
POST	`/api/beta/search[/{days}]`	application/json	No

GET Parameter	Options	Required	Description
`days`	0-90 (default: 90)	No	Set number of days to query.

POST Parameter	Options	Required	Description
`ioc_value`	*	Yes	IOC to search for
`ioc_type`	hash, exclude_hash, sha256_hash, md5_hash, domain, url, ip	No	Specify what ioc_type you want query.
`threat_type`	payload_delivery, botnet_cc, payload, malware_download	No	Specify what threat_type you want query.
`malware`	win.emotet, win.quakbot, win.cobalt_strike *only selected tag list	No	Specify what malware you want query.
`tags`	exe, doc, xls *only selected tag list	No	Specify what tags you want query.
`confidence_level`	(0-100)	No	Specify what minimum confidence_level you want query.
`data_source`	threatfox, urlhaus, malware_bazaar	No	Specify what data_source you want query.
`tlp`	white, green, yellow, red	No	Specify what tlp you want query.

Curl Command	Example Output
`curl -X POST https://ioc-app.colombo.technology/api/beta/search -d 'ioc_value=212.193.30.196&ioc_type=ip' \| jq '.'`	`[{ "id": "threatfox-255751", "ioc": "212.193.30.196:13040", "ioc_type": "ip:port", "threat_type": "botnet_cc", "first_seen_utc": "2021-11-28 04:00:43", "malware": "win.redline_stealer", "tags": "RedLineStealer", "confidence_level": "100", "data_source": "threatfox", "tlp": "white" }]`

Update Endpoints

Method	URI	Content Type	Auth Required
GET	`/api/beta/update`	application/json	Yes

Header Variable	Options	Required	Description
`Authorization`	Bearer Token	Yes	Your API Access Key

Curl Command	Example Output
`curl https://ioc-app.colombo.technology/api/beta/update -H "Authorization: Bearer <API KEY>" \| jq '.'`	`[{ "urlhaus": { "status": "updating", "remote": "1881305", "local_mirror": "1881291", "pulled": 14 }, "threatfox": { "status": "updating", "remote": "275350", "local_mirror": "275349", "pulled": 1 } }]`

Export Endpoints

Method	URI	Content Type	Auth Required
GET	`/api/beta/export`	application/zip	Yes

Header Variable	Options	Required	Description
`Authorization`	Bearer Token	Yes	Your API Access Key

Curl Command	Example Output
`curl https://ioc-app.colombo.technology/api/beta/eport -H "Authorization: Bearer <API KEY>" --output data.zip`	`data.zip (file)`