43 docs tagged with "api"

Submit a certificate common name or partial name to TCA-0503 and receive matching common names with their associated MD5, SHA1, and SHA256 thumbprints.

Submit a certificate thumbprint to TCA-0501 and receive a list of signed samples with reputation data, metadata, classification, and download availability.

Spectra Intelligence Certificate Threat Intelligence APIs for investigating code signing certificates, finding signed samples, and detecting certificate misuse.

Submit certificate thumbprints to TCA-0502 and receive analytics including sample counts by classification, blacklist status, trust factor, threat level, and chain-of-trust data.

Spectra Intelligence Customer Administration APIs for managing users, licenses, usage quotas, and automated email alerts on your account.

Manage Spectra Intelligence accounts with TCA-9999: view and create users, monitor license and API usage limits, and configure automated email usage alerts.

Delete user-owned samples from the Spectra Intelligence repository using tca-0204; accepts single or bulk hash requests (MD5, SHA1, SHA256) of up to 100 hashes.

Submit a URI SHA1 or plain-text value to TCA-0401 and receive SHA1 hashes of files that referenced the URI (email, URL, IPv4, or domain) during static analysis.

Query TCA-0405 for domain reports with reputation, DNS records, certificates, related URLs, and subdomains from Spectra Intelligence.

Retrieve dynamic analysis reports from TCA-0106 for files and URLs detonated in the ReversingLabs sandbox, including behavior, network traffic, and malware configuration data.

Submit files or URLs to Spectra Intelligence tca-0207 for sandbox detonation on Win11, Win10, Win7, macOS, Linux, or Android; retrieve results via tca-0106.

Submit advanced search queries to TCA-0320 to filter Spectra Intelligence samples by classification, threat level, malware family, file type, and network indicators.

Retrieve comprehensive file analysis from Spectra Intelligence tca-0104: static analysis, dynamic behavior, AV scans, certificates, URLs, and IP/domain IOCs by hash.

Submit a SHA1 hash to TCA-0321 and receive real-time statistics on malicious, suspicious, and known files that are functionally similar at a selected RHA1 precision level.

Download file samples from the Spectra Intelligence repository by MD5, SHA1, or SHA256 hash using tca-0201; supports multi-threaded downloads at up to 100 req/min.

Query malware status, threat level, trust factor, and malware family for MD5, SHA1, or SHA256 hashes using the Spectra Intelligence tca-0101 File Reputation API.

Override file classifications to malicious, suspicious, or known using Spectra Intelligence tca-0102; manage false positives and list org-wide overrides by hash.

Upload file samples and metadata to Spectra Intelligence using tca-0202 and tca-0203; triggers automatic analysis pipeline and supports archive password and privacy settings.

Find functionally similar files using Spectra Intelligence tca-0301 and the RHA1 algorithm; query by SHA1 hash at 25% or 50% precision for PE, MachO, and ELF files.

Retrieve trust factor, hashes, relationships, size, and sources for known-good files only using Spectra Intelligence tca-0105; returns 404 for malicious hashes.

Retrieve current and historical multi-AV scan records for file hashes using Spectra Intelligence tca-0103; supports single and bulk queries of up to 100 hashes.

Find Windows PE files sharing the same import hash (imphash) using Spectra Intelligence tca-0302; returns SHA1 hashes paginated at up to 1000 records per page.

Submit a URI SHA1 to TCA-0402 and receive counts of known, malicious, and suspicious files associated with that URI (email, URL, IPv4, or domain) from static analysis.

Query TCA-0406 for IP address reports with reputation, WHOIS, GeoIP, hosted files, and domain resolutions from Spectra Intelligence.

Query TCA-0330 for structured IoC data on samples and URLs with filtering by classification, threat level, malware family, platform, and vertical; returns paginated JSON.

Spectra Intelligence Network Threat Intelligence APIs for investigating URLs, domains, and IP addresses, querying reputation data, and correlating network IOCs with files.

Trigger rescanning of file samples with updated AV signatures in Spectra Intelligence using tca-0205; supports single and bulk hash requests of up to 100 hashes.

Use TCA-0408 to override URL classifications within your organization and manage existing overrides in Spectra Intelligence.

Subscribe to up to 1 billion file and URL hashes in Spectra Intelligence via tca-0206 and receive Data Change Feed notifications when classification or metadata changes.

Learn how to authenticate, format requests, and interpret rate limits and response codes for Spectra Intelligence TCA and TCF endpoints.

Upload, download, delete, and monitor file samples in the Spectra Intelligence repository using tca-0201 through tca-0206 Automation APIs.

Query file reputation, retrieve multi-AV scan results, and get detailed malware analysis reports by hash using Spectra Intelligence tca-0101 through tca-0105.

Hunt threats using Spectra Intelligence Malware Hunting APIs: YARA rules, advanced search, RHA1 similarity, IoC retrieval, and industry-specific malware statistics.

Get API credentials, authenticate with HTTP Basic Auth, and run your first Spectra Intelligence file reputation lookup using tca-0101.

Submit files and URLs for sandbox detonation and retrieve behavioral reports using Spectra Intelligence tca-0207 and tca-0106 RL Cloud Sandbox APIs.

Resolve Spectra Intelligence API errors: fix 401 Unauthorized, 429 rate limit exceeded, feed timeout issues, and unexpected file classification results.

Submit a URL to TCA-0403 and receive a threat report including ReversingLabs classification, third-party reputation, analysis history, and associated malicious files.

Submit URLs to TCA-0404 for analysis including content download, screenshots, and dynamic analysis in Spectra Intelligence.

Query TCA-0407 for reputation data on URLs, domains, and IP addresses with third-party detections from Spectra Intelligence.

Search industry-specific malware feeds in Spectra Intelligence by family name using tca-0312 to tca-0316 and tca-0318; covers APT, Financial, Ransomware, and CVE Exploit feeds.

Query weekly malware family statistics by industry category using Spectra Intelligence tca-0307 to tca-0311 and tca-0317 — APT, Financial, Ransomware, Retail, and CVE.

Upload YARA rulesets to Spectra Intelligence tca-0303 to match text or binary patterns against newly ingested samples; supports PE, ELF, Dex, Macho, and Dotnet modules.

Run YARA rulesets retroactively against the last 90 days of Spectra Intelligence samples using tca-0319; manage retro hunts with retro-admin and fetch matches via retro-matches.