Skip to main content

WhatIsMyBrowser

This Integration is part of the WhatIsMyBrowser Pack.#

WhatIsMyBrowser parses user agent strings and gives insight into known user agents. For example, if the user agent string is malicious, WhatIsMyBrowser will indicate that the user agent is known to be malicious.

Configure WhatIsMyBrowser on Cortex XSOAR

  1. Navigate to Settings > Integrations > Servers & Services .
  2. Search for WhatsMyBrowser.
  3. Click Add instance to create and configure a new integration instance.
    • Name : a textual name for the integration instance.
    • API Key : your API key
    • Use system proxy settings :
    • Trust any certificate (insecure)
    • URL for WhatIsMyBrowser : The URL endpoint for the WhatIsMyBrowser
  4. Click Test to validate the URLs, token, and connection.

Commands

You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

  1. Parse a User Agent string: ua-parse

1. Parse a User Agent string

Parses a User Agent string.

Base Command

ua-parse

Input
Argument Name Description Required
UserAgent User Agent string Required

Context Output
Path Type Description
UA.Parse.Software string Software extracted from UA string.
UA.Parse.SoftwareName string Software Name extracted from UA string.
UA.Parse.OperatingSystem string Operating System extracted from UA string.
UA.Parse.Abusive boolean Whether or not the UA has been identified as abusive.
UA.Parse.OperatingSystemName string Operating System Name extracted from UA string.
UA.Parse.UserAgent string User agent string.
UA.Parse.HardwareType string Hardware Type as extracted from UA string.
UA.Parse.HardwareSubType string Hardware Sub Type as extracted from UA string.

Command Example

!ua-parse UserAgent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.96 Safari/537.36"

Context Example 
{
    "DBotScore": {
        "Vendor": "WhatIsMyBrowser",
        "Indicator": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.96 Safari/537.36",
        "Score": 1,
        "Type": "UserAgent"
    },
    "UA": {
        "Parse": {
            "Abusive": false,
            "HardwareType": "computer",
            "SoftwareName": "Chrome",
            "OperatingSystemName": "macOS",
            "UserAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.96 Safari/537.36",
            "OperatingSystem": "macOS (Mojave)",
            "Software": "Chrome 72"
        }
    }
}
Human Readable Output
screen shot 2019-02-11 at 15 19 29
Edit this page
Report an Issue