Cyborg Security

this connector integrates cyborg security's rest api with swimlane turbine asset setup or prerequisites this connector supports the following two types of authentication in order to setup the api key type of asset, you need the following input parameters url api key in order to setup other asset using the http basic type of asset, you need the following input parameters url username password capabilities this connector provides the following capabilities add hunt package by template id create hunt template get es query search get search recent updates get threat actors get threat reports notes for more information on cyborg security is found at https //api hunter cyborgsecurity io/docs/ configurations cyborg security api key authentication authenticates using an api key configuration parameters parameter description type required url a url to the target host string required authorization api key string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional cyborg security http basic authentication authenticates using username and password configuration parameters parameter description type required url a url to the target host string required username hunter account username string required password hunter account password string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional actions add hunt package by template id add hunt package by template id endpoint url /v2/hunt template/{{id}}/add hunt packages method put input argument name type required description path parameters id string required hunt template id huntpackageuuid string optional unique identifier tool string optional parameter for add hunt package by template id category string optional parameter for add hunt package by template id content object optional response content content query string required response content content category string required response content content notes string required response content input example {"json body" {"huntpackageuuid" "","tool" "","category" "","content" {"query" "","category" "","notes" ""}},"path parameters" {"id" "581"}} output parameter type description status code number http status code of the response reason string response reason phrase name string name of the resource id string unique identifier huntpackagesadded number output field huntpackagesadded output example {"status code" 200,"response headers" {"content length" "140","content type" "application/json","date" "mon, 19 feb 2023 20 37 23 gmt"},"reason" "ok","json body" {"name" "string","id" "string","huntpackagesadded" 0}} create hunt template creates a hunt template endpoint url /v2/hunt template method post input argument name type required description name string optional name of the resource hypothesis string optional parameter for create hunt template description string optional parameter for create hunt template priority string optional parameter for create hunt template defaultassignee object optional parameter for create hunt template defaultassignee id string required unique identifier defaultassignee firstname string required name of the resource defaultassignee lastname string required name of the resource defaultassignee email string required parameter for create hunt template defaultassignee role string required parameter for create hunt template defaultassignee isfirstlogin boolean required parameter for create hunt template defaultassignee resetpasswordtoken string optional parameter for create hunt template defaultassignee resetpasswordtokenexpire string optional parameter for create hunt template defaultassignee createdat string required parameter for create hunt template defaultassignee company object required parameter for create hunt template defaultassignee company name string optional name of the resource defaultassignee company industry string optional parameter for create hunt template defaultassignee company city string optional parameter for create hunt template defaultassignee company state string optional parameter for create hunt template defaultassignee company country string optional parameter for create hunt template defaultassignee company expires string optional parameter for create hunt template defaultassignee company membersince string optional parameter for create hunt template defaultassignee company status object optional status value huntpackages array optional parameter for create hunt template input example {"json body" {"name" "","hypothesis" "","description" "","priority" "low","defaultassignee" {"id" "","firstname" "","lastname" "","email" "","role" "administrator","isfirstlogin"\ true,"resetpasswordtoken" "","resetpasswordtokenexpire" "2024 03 11t10 39 29 714z","createdat" "2024 03 11t10 39 29 714z","company" {"name" "","industry" "","city" "","state" "","country" "","expires" "2024 03 11t10 39 29 714z","membersince" "2024 03 11t10 39 29 714z","status" {}}},"huntpackages" \[null]}} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 201,"response headers" {"content length" "140","content type" "application/json","date" "mon, 19 feb 2023 20 37 23 gmt"},"reason" "ok","json body" {}} get es query search searches and fetches the data based on the input query parameters endpoint url /es/query method get input argument name type required description parameters term array optional parameters for the get es query search action parameters indexes array optional parameters for the get es query search action parameters tools array optional parameters for the get es query search action parameters platform types array optional parameters for the get es query search action parameters goals array optional parameters for the get es query search action parameters dependencies array optional parameters for the get es query search action parameters threat names array optional parameters for the get es query search action parameters threat categories array optional parameters for the get es query search action parameters threat types array optional parameters for the get es query search action parameters attack surfaces array optional parameters for the get es query search action parameters target oses array optional parameters for the get es query search action parameters actors array optional parameters for the get es query search action parameters tooling array optional parameters for the get es query search action parameters diamond models array optional parameters for the get es query search action parameters kill chains array optional parameters for the get es query search action parameters mitre technique names array optional parameters for the get es query search action parameters mitre tactic names array optional parameters for the get es query search action parameters mitre technique ids array optional parameters for the get es query search action parameters source countries array optional parameters for the get es query search action parameters source regions array optional parameters for the get es query search action parameters target countries array optional parameters for the get es query search action parameters target regions array optional parameters for the get es query search action parameters target industries array optional parameters for the get es query search action parameters exploit or vulns array optional parameters for the get es query search action parameters motivations array optional parameters for the get es query search action input example {"parameters" {"term" \[""],"indexes" \["cyborg content"],"tools" \[""],"platform types" \[""],"goals" \[""],"dependencies" \[""],"threat names" \[""],"threat categories" \[""],"threat types" \[""],"attack surfaces" \[""],"target oses" \[""],"actors" \[""],"tooling" \[""],"diamond models" \[""],"kill chains" \[""],"mitre technique names" \[""],"mitre tactic names" \[""],"mitre technique ids" \[""],"source countries" \[""],"source regions" \[""],"target countries" \[""],"target regions" \[""],"target industries" \[""],"exploit or vulns" \[""],"motivations" \[""],"severities" \[""],"campaigns" \[""],"days" 1,"sort" "type asc","size" 2,"page" 10}} output parameter type description status code number http status code of the response reason string response reason phrase total number output field total results object result of the operation output example {"status code" 200,"response headers" {"content length" "140","content type" "application/json","date" "mon, 19 feb 2023 20 37 23 gmt"},"reason" "ok","json body" {"total" 0,"results" {}}} get search recent updates get search recent updates endpoint url /es/recent updates method get input argument name type required description parameters days number optional days for getting updated cyborg items parameters size number optional size of recent updated cyborg items parameters index string optional cyborg index input example {"parameters" {"days" 10,"size" 100,"index" "cyborg collections"}} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"response headers" {"date" "tue, 12 mar 2024 09 35 32 gmt","content type" "application/json; charset=utf 8","transfer encoding" "chunked","connection" "keep alive","access control allow origin" " ","x dns prefetch control" "off","x frame options" "sameorigin","strict transport security" "max age=15724800; includesubdomains","x download options" "noopen","x content type options" "nosniff","x xss protection" "1; mode=block","etag" "w/\\"15c8 ko2vhczvs9w0gspey054dw6pzkg\\"","vary" get threat actors get threat actors endpoint url /es/cyborg collection/emergingthreats method get output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"response headers" {"date" "tue, 12 mar 2024 09 20 49 gmt","content type" "application/json; charset=utf 8","transfer encoding" "chunked","connection" "keep alive","access control allow origin" " ","x dns prefetch control" "off","x frame options" "sameorigin","strict transport security" "max age=15724800; includesubdomains","x download options" "noopen","x content type options" "nosniff","x xss protection" "1; mode=block","etag" "w/\\"112f1 wvvna/bu+lbmb+e0wkipjmzlgyw\\"","vary" get threat reports get threat reports endpoint url /es/cyborg threat profile/list method get input argument name type required description parameters uuids array required parameters for the get threat reports action input example {"parameters" {"uuids" \["cyborg threat profiles"]}} output parameter type description status code number http status code of the response reason string response reason phrase profile id string unique identifier profile name string name of the resource profile type string type of the resource status string status value also known as array output field also known as overview string output field overview targeting string output field targeting delivery string output field delivery installation string output field installation persistence string output field persistence modules string output field modules communication string output field communication references array output field references last updated string output field last updated impact array output field impact context object output field context context actors array output field context actors context motivations array output field context motivations context tooling array output field context tooling context operations array output field context operations context target regions array output field context target regions context source regions array output field context source regions context target countries array output field context target countries output example {"status code" 200,"response headers" {"content length" "140","content type" "application/json","date" "mon, 19 feb 2023 20 37 23 gmt"},"reason" "ok","json body" {"profile id" "string","profile name" "string","profile type" "string","status" "string","also known as" \["string"],"overview" "string","targeting" "string","delivery" "string","installation" "string","persistence" "string","modules" "string","communication" "string","references" \["string"],"last updated" "string","impact" \["string"]}} response headers header description example access control allow origin http response header access control allow origin connection http response header connection keep alive content encoding http response header content encoding gzip content length the length of the response body in bytes 140 content type the media type of the resource application/json; charset=utf 8 date the date and time at which the message was originated mon, 19 feb 2023 20 37 23 gmt etag an identifier for a specific version of a resource w/"15c8 ko2vhczvs9w0gspey054dw6pzkg" strict transport security http response header strict transport security max age=15724800; includesubdomains transfer encoding http response header transfer encoding chunked vary http response header vary accept encoding x content type options http response header x content type options nosniff x dns prefetch control http response header x dns prefetch control off x download options http response header x download options noopen x frame options http response header x frame options sameorigin x xss protection http response header x xss protection 1; mode=block