Silent Push

the silent push connector provides actionable cybersecurity intelligence by offering domain and ip address analysis, infratag retrieval, and risk scoring silent push is a cutting edge platform specializing in domain and ip address analysis, providing detailed enrichment information and risk assessments the silent push turbine connector allows users to retrieve comprehensive domain details, infratags, and risk scores, as well as enrich ipv4 and ipv6 addresses with ease by integrating with swimlane turbine, security teams can automate the ingestion and analysis of domain and ip data, enhancing threat intelligence and accelerating incident response within their security operations limitations none to date supported versions this silent push connector uses the v1 version api additional docs api documentation https //docs silentpush com/index html# configuration prerequisites to effectively utilize the silent push connector within swimlane turbine, ensure you have the following prerequisites api key authentication url the endpoint url for the silent push api api key a valid api key to authenticate requests to the silent push service authentication methods silent push api key authentication to utilize the silent push connector within the swimlane turbine platform, ensure you have the following prerequisites api key authentication url the endpoint url for the silent push api api key your unique identifier to authenticate with the silent push api capabilities this silent push connector provides the following capabilities bulk domain information bulk domain infratags bulk silent push risk score for a list of domains domain enrichment domain information domain infratag ipv4 enrichment ipv6 enrichment silent push risk score for domain bulk domain information get domain information for multiple domains click here https //docs silentpush com/domain html#bulk domain information bulk domain infratags get infratags for multiple domains with optional clustering click here https //docs silentpush com/domain html#bulk domain infratags bulk silent push risk score for a list of domains get silent push risk score for multiple domains click here https //docs silentpush com/domain html#bulk silent push risk score for a list of domains domain enrichment get domain enrichment information click here https //docs silentpush com/enrich html#domain enrichment domain information get domain information click here https //docs silentpush com/domain html#domain information domain infratag get infratag for domain click here https //docs silentpush com/domain html#domain infratag ipv4 enrichment get ipv4 enrichment information click here https //docs silentpush com/enrich html#ipv4 enrichment ipv6 enrichment get ipv6 enrichment information click here https //docs silentpush com/enrich html#ipv6 enrichment silent push risk score for domain get silent push risk score for domain click here https //docs silentpush com/domain html#silent push risk score for domain configurations silent push api key authentication authenticates using an api key configuration parameters parameter description type required url a url to the target host string required x api key api key string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional actions bulk domain information retrieve detailed information for multiple domains simultaneously using the silent push connector endpoint url api/v1/merge api/explore/bulk/domaininfo method post input argument name type required description domains array required list of domains to get information about output parameter type description status code number http status code of the response reason string response reason phrase domaininfo array output field domaininfo age number output field age age score number score value domain string output field domain first seen number output field first seen is new boolean output field is new is new score number score value last seen number output field last seen query string output field query whois age string output field whois age whois created date string date value zone string output field zone info string output field info example \[ { "status code" 200, "response headers" {}, "reason" "ok", "json body" { "domaininfo" \[] } } ] bulk domain infratags retrieve infratags for a list of domains, with the option to include clustering information endpoint url api/v1/merge api/explore/domain/infratags method post input argument name type required description mode string optional build infratags from live lookup data or from padns data match string optional handling of self hosted infrastructure as of string optional build infratags from padns data where the as of timestamp equivalent is between the first seen and the last seen timestamp automatically sets mode to padns clusters number optional build clusters from infratags domains array required list of domains to get infratags for output parameter type description status code number http status code of the response reason string response reason phrase infratags array output field infratags domain string output field domain mode string output field mode tag string output field tag tag clusters array output field tag clusters 25 array output field 25 domains array output field domains match string output field match 50 array output field 50 file name string name of the resource file string output field file 75 array output field 75 domains array output field domains match string output field match 100 array output field 100 file name string name of the resource file string output field file example \[ { "status code" 200, "response headers" {}, "reason" "ok", "json body" { "infratags" \[], "tag clusters" \[] } } ] bulk silent push risk score for a list of domains retrieve silent push risk scores for a list of domains provided in the input json body endpoint url api/v1/merge api/explore/bulk/domain/riskscore method post input argument name type required description domains array required list of domains to get risk scores for output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" {}, "reason" "ok", "json body" \[ {}, {}, {} ] } ] domain enrichment retrieve detailed enrichment information for a specified domain from silent push, requiring the 'domain' path parameter endpoint url api/v1/merge api/explore/enrich/domain/{{domain}} method get input argument name type required description explain number optional show details of data used to calculate the different scores in the response scan data number optional show details of data collected from host scanning domain string required domain name output parameter type description status code number http status code of the response reason string response reason phrase domain string frequency probability object output field domain string frequency probability avg probability number output field avg probability dga probability score number score value domain string output field domain domain string freq probabilities array output field domain string freq probabilities query string output field query domain urls object url endpoint for the request results summary object result of the operation alexa rank object output field alexa rank alexa top10k boolean output field alexa top10k alexa top10k score number score value dynamic domain score number score value is dynamic domain boolean output field is dynamic domain is url shortener boolean url endpoint for the request results number result of the operation url shortener score number url endpoint for the request domaininfo object output field domaininfo age number output field age age score number score value domain string output field domain first seen number output field first seen is new boolean output field is new is new score number score value example \[ { "status code" 200, "response headers" {}, "reason" "ok", "json body" { "domain string frequency probability" {}, "domain urls" {}, "domaininfo" {}, "ip diversity" {}, "listing score" 0, "listing score explain" {}, "ns reputation" {}, "nschanges" {}, "sp risk score" 30, "sp risk score explain" {} } } ] domain information retrieve detailed information for a specified domain from silent push, including path parameters endpoint url api/v1/merge api/explore/domain/domaininfo/{{domain}} method get input argument name type required description domain string required domain to get information about output parameter type description status code number http status code of the response reason string response reason phrase domaininfo object output field domaininfo age number output field age age score number score value domain string output field domain first seen number output field first seen is new boolean output field is new is new score number score value last seen number output field last seen query string output field query whois age number output field whois age whois created date string date value zone string output field zone example \[ { "status code" 200, "response headers" {}, "reason" "ok", "json body" { "domaininfo" {} } } ] domain infratag retrieve the infratag associated with a specified domain in silent push, requiring the domain as a path parameter endpoint url api/v1/merge api/explore/domain/infratag/{{domain}} method get input argument name type required description mode string optional build infratags from live lookup data or from padns data match string optional handling of self hosted infrastructure as of string optional build infratags from padns data where the as of timestamp equivalent is between the first seen and the last seen timestamp automatically sets mode to padns domain string required domain to get infratag for output parameter type description status code number http status code of the response reason string response reason phrase infratag object output field infratag domain string output field domain mode string output field mode tag string output field tag example \[ { "status code" 200, "response headers" {}, "reason" "ok", "json body" { "infratag" {} } } ] ipv4 enrichment retrieve detailed enrichment information for a specified ipv4 address using silent push endpoint url api/v1/merge api/explore/enrich/ipv4/{{ipv4}} method get input argument name type required description explain number optional show details of data used to calculate the different scores in the response scan data number optional show details of data collected from ipv4 scanning ipv4 string required an ipv4 address output parameter type description status code number http status code of the response reason string response reason phrase ip2asn array output field ip2asn asn number output field asn asn allocation age number output field asn allocation age asn allocation date number date value asn rank number output field asn rank asn rank score number score value asn reputation number output field asn reputation asn reputation explain object output field asn reputation explain ips in asn number output field ips in asn ips num active number output field ips num active ips num listed number output field ips num listed asn reputation score number score value asn takedown reputation number output field asn takedown reputation asn takedown reputation explain object output field asn takedown reputation explain asn takedown reputation score number score value asname string name of the resource benign info object output field benign info actor string output field actor known benign boolean output field known benign tags array output field tags file name string name of the resource file string output field file date number date value example \[ { "status code" 200, "response headers" {}, "reason" "ok", "json body" { "ip2asn" \[] } } ] ipv6 enrichment retrieve detailed enrichment information for a specified ipv6 address using silent push endpoint url api/v1/merge api/explore/enrich/ipv6/{{ipv6}} method get input argument name type required description explain number optional show details of data used to calculate the different scores in the response scan data number optional show details of data collected from host scanning ipv6 string required ipv6 address to enrich output parameter type description status code number http status code of the response reason string response reason phrase ip2asn array output field ip2asn asn number output field asn asn allocation age number output field asn allocation age asn allocation date number date value asn rank number output field asn rank asn rank score number score value asn reputation number output field asn reputation asn reputation explain object output field asn reputation explain asn reputation score number score value asn takedown reputation number output field asn takedown reputation asn takedown reputation explain object output field asn takedown reputation explain asn takedown reputation score number score value asname string name of the resource date number date value density number output field density ip string output field ip sp risk score number score value sp risk score explain object output field sp risk score explain sp risk score decider string unique identifier subnet string output field subnet example \[ { "status code" 200, "response headers" {}, "reason" "ok", "json body" { "ip2asn" \[] } } ] silent push risk score for domain retrieve the risk score for a specified domain from silent push, requiring the domain as a path parameter endpoint url api/v1/merge api/explore/domain/riskscore/{{domain}} method get input argument name type required description domain string required domain to get risk score for output parameter type description status code number http status code of the response reason string response reason phrase domain string output field domain sp risk score number score value example \[ { "status code" 200, "response headers" {}, "reason" "ok", "json body" { "domain" "regardlessnotice top", "sp risk score" 95 } } ]