Cyborg Security

this connector integrates cyborg security's rest api with swimlane turbine asset setup or prerequisites this connector supports the following two types of authentication in order to setup the api key type of asset, you need the following input parameters url api key in order to setup other asset using the http basic type of asset, you need the following input parameters url username password capabilities this connector provides the following capabilities add hunt package by template id create hunt template get es query search get search recent updates get threat actors get threat reports configurations cyborg security api key authentication authenticates using an api key configuration parameters parameter description type required url a url to the target host string required authorization api key string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional cyborg security http basic authentication authenticates using username and password configuration parameters parameter description type required url a url to the target host string required username hunter account username string required password hunter account password string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional actions add hunt package by template id add hunt package by template id endpoint url /v2/hunt template/{{id}}/add hunt packages method put input argument name type required description id string required hunt template id huntpackageuuid string required unique identifier tool string required parameter for add hunt package by template id category string required parameter for add hunt package by template id content object required response content query string required parameter for add hunt package by template id category string required parameter for add hunt package by template id notes string required parameter for add hunt package by template id output parameter type description status code number http status code of the response reason string response reason phrase name string name of the resource id string unique identifier huntpackagesadded number output field huntpackagesadded example \[ { "status code" 200, "response headers" { "content length" "140", "content type" "application/json", "date" "mon, 19 feb 2023 20 37 23 gmt" }, "reason" "ok", "json body" { "name" "string", "id" "string", "huntpackagesadded" 0 } } ] create hunt template creates a hunt template endpoint url /v2/hunt template method post input argument name type required description name string required name of the resource hypothesis string required parameter for create hunt template description string required parameter for create hunt template priority string required parameter for create hunt template defaultassignee object required parameter for create hunt template id string required unique identifier firstname string required name of the resource lastname string required name of the resource email string required parameter for create hunt template role string required parameter for create hunt template isfirstlogin boolean required parameter for create hunt template resetpasswordtoken string optional parameter for create hunt template resetpasswordtokenexpire string optional parameter for create hunt template createdat string required parameter for create hunt template company object required parameter for create hunt template name string optional name of the resource industry string optional parameter for create hunt template city string optional parameter for create hunt template state string optional parameter for create hunt template country string optional parameter for create hunt template expires string optional parameter for create hunt template membersince string optional parameter for create hunt template status object optional status value huntpackages array required parameter for create hunt template output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 201, "response headers" { "content length" "140", "content type" "application/json", "date" "mon, 19 feb 2023 20 37 23 gmt" }, "reason" "ok", "json body" {} } ] get es query search searches and fetches the data based on the input query parameters endpoint url /es/query method get input argument name type required description term array optional parameter for get es query search indexes array optional parameter for get es query search tools array optional parameter for get es query search platform types array optional type of the resource goals array optional parameter for get es query search dependencies array optional parameter for get es query search threat names array optional name of the resource threat categories array optional parameter for get es query search threat types array optional type of the resource attack surfaces array optional parameter for get es query search target oses array optional parameter for get es query search actors array optional parameter for get es query search tooling array optional parameter for get es query search diamond models array optional parameter for get es query search kill chains array optional parameter for get es query search mitre technique names array optional name of the resource mitre tactic names array optional name of the resource mitre technique ids array optional unique identifier source countries array optional parameter for get es query search source regions array optional parameter for get es query search target countries array optional parameter for get es query search target regions array optional parameter for get es query search target industries array optional parameter for get es query search exploit or vulns array optional parameter for get es query search motivations array optional parameter for get es query search output parameter type description status code number http status code of the response reason string response reason phrase total number output field total results object result of the operation example \[ { "status code" 200, "response headers" { "content length" "140", "content type" "application/json", "date" "mon, 19 feb 2023 20 37 23 gmt" }, "reason" "ok", "json body" { "total" 0, "results" {} } } ] get search recent updates get search recent updates endpoint url /es/recent updates method get input argument name type required description days number optional days for getting updated cyborg items size number optional size of recent updated cyborg items index string optional cyborg index output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" { "date" "tue, 12 mar 2024 09 35 32 gmt", "content type" "application/json; charset=utf 8", "transfer encoding" "chunked", "connection" "keep alive", "access control allow origin" " ", "x dns prefetch control" "off", "x frame options" "sameorigin", "strict transport security" "max age=15724800; includesubdomains", "x download options" "noopen", "x content type options" "nosniff", "x xss protection" "1; mode=block", "etag" "w/\\"15c8 ko2vhczvs9w0gspey054dw6pzkg\\"", "vary" "accept encoding", "content encoding" "gzip" }, "reason" "ok", "json body" \[ {} ] } ] get threat actors get threat actors endpoint url /es/cyborg collection/emergingthreats method get output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" { "date" "tue, 12 mar 2024 09 20 49 gmt", "content type" "application/json; charset=utf 8", "transfer encoding" "chunked", "connection" "keep alive", "access control allow origin" " ", "x dns prefetch control" "off", "x frame options" "sameorigin", "strict transport security" "max age=15724800; includesubdomains", "x download options" "noopen", "x content type options" "nosniff", "x xss protection" "1; mode=block", "etag" "w/\\"112f1 wvvna/bu+lbmb+e0wkipjmzlgyw\\"", "vary" "accept encoding", "content encoding" "gzip" }, "reason" "ok", "json body" \[ {} ] } ] get threat reports get threat reports endpoint url /es/cyborg threat profile/list method get input argument name type required description uuids array required unique identifier output parameter type description status code number http status code of the response reason string response reason phrase profile id string unique identifier profile name string name of the resource profile type string type of the resource status string status value also known as array output field also known as overview string output field overview targeting string output field targeting delivery string output field delivery installation string output field installation persistence string output field persistence modules string output field modules communication string output field communication references array output field references last updated string output field last updated impact array output field impact context object output field context actors array output field actors motivations array output field motivations tooling array output field tooling operations array output field operations target regions array output field target regions source regions array output field source regions target countries array output field target countries example \[ { "status code" 200, "response headers" { "content length" "140", "content type" "application/json", "date" "mon, 19 feb 2023 20 37 23 gmt" }, "reason" "ok", "json body" { "profile id" "string", "profile name" "string", "profile type" "string", "status" "string", "also known as" \[], "overview" "string", "targeting" "string", "delivery" "string", "installation" "string", "persistence" "string", "modules" "string", "communication" "string", "references" \[], "last updated" "string", "impact" \[] } } ] response headers header description example access control allow origin http response header access control allow origin connection http response header connection keep alive content encoding http response header content encoding gzip content length the length of the response body in bytes 140 content type the media type of the resource application/json date the date and time at which the message was originated mon, 19 feb 2023 20 37 23 gmt etag an identifier for a specific version of a resource w/"112f1 wvvna/bu+lbmb+e0wkipjmzlgyw" strict transport security http response header strict transport security max age=15724800; includesubdomains transfer encoding http response header transfer encoding chunked vary http response header vary accept encoding x content type options http response header x content type options nosniff x dns prefetch control http response header x dns prefetch control off x download options http response header x download options noopen x frame options http response header x frame options sameorigin x xss protection http response header x xss protection 1; mode=block notes for more information on cyborg security is found at cyborg security api documentation https //api hunter cyborgsecurity io/docs/