QutteraWebsiteMalwareScanner
This Integration is part of the Quttera Website Malware Scanner Pack.#
Supported versions
Supported Cortex XSOAR versions: 6.0.0 and later.
Quttera Website Malware Scanner This integration was integrated and tested with version v3 of QutteraWebsiteMalwareScanner
Configure QutteraWebsiteMalwareScanner on Cortex XSOAR#
Navigate to Settings > Integrations > Servers & Services.
Search for QutteraWebsiteMalwareScanner.
Click Add instance to create and configure a new integration instance.
Parameter Required API Key True Quttera Scanner URL True Click Test to validate the URLs, token, and connection.
Commands#
You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.
quttera-scan-start#
Start to scan a given domain
Notice: Submitting indicators using this command might make the indicator data publicly available. See the vendor’s documentation for more details.
Base Command#
quttera-scan-start
Input#
| Argument Name | Description | Required |
|---|---|---|
| domain | The name of the domain to scan. | Required |
Context Output#
| Path | Type | Description |
|---|---|---|
| QutteraWebsiteMalwareScanning.Start.error | Number | HTTP response from the scanner |
| QutteraWebsiteMalwareScanning.Start.errorstr | String | Status of the scan request |
quttera-rescan-status#
Retrieve status of submitted domain
Base Command#
quttera-rescan-status
Input#
| Argument Name | Description | Required |
|---|---|---|
| domain | The name of the domain to retrieve its status. | Required |
Context Output#
| Path | Type | Description |
|---|---|---|
| QutteraWebsiteMalwareScanning.Status.error | Number | Scan result request status |
| QutteraWebsiteMalwareScanning.Status.errorstr | String | Scan result request description |
| QutteraWebsiteMalwareScanning.Status.status.blacklisted | String | Is the domain blacklisted |
| QutteraWebsiteMalwareScanning.Status.status.files | Number | Amount of scanned files |
| QutteraWebsiteMalwareScanning.Status.status.scanner_result | String | Scan result |
| QutteraWebsiteMalwareScanning.Status.status.sensitivity | String | Sensitivity |
| QutteraWebsiteMalwareScanning.Status.status.state | String | Is scanning done |
| QutteraWebsiteMalwareScanning.Status.status.time | String | Time |
| QutteraWebsiteMalwareScanning.Status.status.url | String | Scanned URL |
quttera-scan-report#
Retrieve report of submitted domain
Base Command#
quttera-scan-report
Input#
| Argument Name | Description | Required |
|---|---|---|
| domain | The name of the domain to retrieve its report. | Required |
Context Output#
| Path | Type | Description |
|---|---|---|
| QutteraWebsiteMalwareScanning.report.error | Number | Retrieving domain scan return code |
| QutteraWebsiteMalwareScanning.report.errorstr | String | Retrieving domain scan report state |
| QutteraWebsiteMalwareScanning.report.status | Dict | Detailed domain scan report |
| QutteraWebsiteMalwareScanning.report.status.blacklisted | String | Is domain blacklisted |
| QutteraWebsiteMalwareScanning.report.status.files | Number | How many files were scanned |
| QutteraWebsiteMalwareScanning.report.status.scanner_result | String | Scanner result |
| QutteraWebsiteMalwareScanning.report.status.sensitivity | String | Domain sensitivity |
| QutteraWebsiteMalwareScanning.report.status.state | String | State of the domain |
| QutteraWebsiteMalwareScanning.report.status.time | String | Scan time |
| QutteraWebsiteMalwareScanning.report.status.url | String | Scanned URL |
quttera-report-malware#
Retrieve url blacklist and reputation
Notice: Submitting indicators using this command might make the indicator data publicly available. See the vendor’s documentation for more details.
Base Command#
quttera-report-malware
Input#
| Argument Name | Description | Required |
|---|---|---|
| url | URL to retrieve its blacklist and reputation. | Required |
Context Output#
| Path | Type | Description |
|---|---|---|
| QutteraWebsiteMalwareScanning.report | Dict | Retrieving url blacklist and reputation |
quttera-status-blacklist#
Retrieve domain blacklist and reputation
Base Command#
quttera-status-blacklist
Input#
| Argument Name | Description | Required |
|---|---|---|
| domain | The name of the domain to retrieve its blacklist and reputation. | Required |
Context Output#
| Path | Type | Description |
|---|---|---|
| QutteraWebsiteMalwareScanning.report | Dict | Retrieving domain blacklist and reputation |