Generic Reputation Commands

Background and motivation

XSOAR has an abudance of integrations with reputation providers for example VirusTotal, AlienVault OTX, MISP etc. Every Integration that returns a reputation about an indicator must implement the generic repuation commands and calculate DBot Score

Generic reputation commands

file file=

Description: Runs reputation on files.

- name: file
arguments:
- name: file
default: true
description: List of Files.
isArray: true

ip ip=

- name: ip
arguments:
- name: ip
default: true
description: List of IPs.
isArray: true

Description: Runs reputation on IPs.

url url=

Description: Runs reputation on URLs.

- name: url
arguments:
- name: url
default: true
description: List of URLs.
isArray: true

domain domain=

Description: Runs reputation on Domains.

- name: domain
arguments:
- name: domain
default: true
description: List of Domains.
isArray: true

email email=

Description: Runs reputation on Emails.

- name: email
arguments:
- name: email
default: true
description: List of emails.
isArray: true

cve cve=

Description: Runs reputation on CVEs.

- name: cve
arguments:
- name: cve
default: true
description: List of CVEs.
isArray: true

Integrations for reference

AutoFocus MISP DeHashed

Edit this page
Last updated on
Report an Issue