From c40731e3cded4fe0e8c8fb04f456ae24288de449 Mon Sep 17 00:00:00 2001 From: Sebastien Deschambault Date: Wed, 9 Jul 2025 15:54:09 -0400 Subject: [PATCH] Public API: Create action for identifier recommendations --- .../spec/firework-v2-openapi.json | 135 +--- .../spec/firework-v2-swagger.json | 135 +--- .../spec/firework-v3-openapi.json | 4 +- .../spec/firework-v3-swagger.json | 4 +- .../spec/firework-v4-openapi.json | 735 +++++++++++++++++- ...-action-for-identifier-recommendations.mdx | 4 + docs/docs.json | 5 +- 7 files changed, 800 insertions(+), 222 deletions(-) create mode 100644 docs/api-reference/v4/endpoints/create-action-for-identifier-recommendations.mdx diff --git a/docs/api-reference/spec/firework-v2-openapi.json b/docs/api-reference/spec/firework-v2-openapi.json index 76c029c..866ba7d 100644 --- a/docs/api-reference/spec/firework-v2-openapi.json +++ b/docs/api-reference/spec/firework-v2-openapi.json @@ -1831,7 +1831,7 @@ } }, { - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: bot, seller, forum_profile, forum_topic, ransomleak, chat_message, blog_post, forum_post, stealer_log, financial_data, listing\n- open_web: stack_exchange, bucket, social_media_account, service, bucket_object, source_code_files, source_code_secrets, google, paste\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, forum_profile, listing, seller, financial_data, ransomleak, forum_topic, bot, blog_post, stealer_log, chat_message\n- open_web: social_media_account, google, service, source_code_secrets, paste, stack_exchange, source_code_files, bucket_object, bucket\n- leaks: leak\n- domains: domain\n", "explode": true, "in": "query", "name": "types", @@ -2150,7 +2150,7 @@ } }, { - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: bot, seller, forum_profile, forum_topic, ransomleak, chat_message, blog_post, forum_post, stealer_log, financial_data, listing\n- open_web: stack_exchange, bucket, social_media_account, service, bucket_object, source_code_files, source_code_secrets, google, paste\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, forum_profile, listing, seller, financial_data, ransomleak, forum_topic, bot, blog_post, stealer_log, chat_message\n- open_web: social_media_account, google, service, source_code_secrets, paste, stack_exchange, source_code_files, bucket_object, bucket\n- leaks: leak\n- domains: domain\n", "explode": true, "in": "query", "name": "types", @@ -2720,7 +2720,7 @@ } }, { - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: bot, seller, forum_profile, forum_topic, ransomleak, chat_message, blog_post, forum_post, stealer_log, financial_data, listing\n- open_web: stack_exchange, bucket, social_media_account, service, bucket_object, source_code_files, source_code_secrets, google, paste\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, forum_profile, listing, seller, financial_data, ransomleak, forum_topic, bot, blog_post, stealer_log, chat_message\n- open_web: social_media_account, google, service, source_code_secrets, paste, stack_exchange, source_code_files, bucket_object, bucket\n- leaks: leak\n- domains: domain\n", "explode": true, "in": "query", "name": "types", @@ -3039,7 +3039,7 @@ } }, { - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: bot, seller, forum_profile, forum_topic, ransomleak, chat_message, blog_post, forum_post, stealer_log, financial_data, listing\n- open_web: stack_exchange, bucket, social_media_account, service, bucket_object, source_code_files, source_code_secrets, google, paste\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, forum_profile, listing, seller, financial_data, ransomleak, forum_topic, bot, blog_post, stealer_log, chat_message\n- open_web: social_media_account, google, service, source_code_secrets, paste, stack_exchange, source_code_files, bucket_object, bucket\n- leaks: leak\n- domains: domain\n", "explode": true, "in": "query", "name": "types", @@ -3436,7 +3436,7 @@ } }, { - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: bot, seller, forum_profile, forum_topic, ransomleak, chat_message, blog_post, forum_post, stealer_log, financial_data, listing\n- open_web: stack_exchange, bucket, social_media_account, service, bucket_object, source_code_files, source_code_secrets, google, paste\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, forum_profile, listing, seller, financial_data, ransomleak, forum_topic, bot, blog_post, stealer_log, chat_message\n- open_web: social_media_account, google, service, source_code_secrets, paste, stack_exchange, source_code_files, bucket_object, bucket\n- leaks: leak\n- domains: domain\n", "explode": true, "in": "query", "name": "types", @@ -3777,7 +3777,7 @@ } }, { - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: bot, seller, forum_profile, forum_topic, ransomleak, chat_message, blog_post, forum_post, stealer_log, financial_data, listing\n- open_web: stack_exchange, bucket, social_media_account, service, bucket_object, source_code_files, source_code_secrets, google, paste\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, forum_profile, listing, seller, financial_data, ransomleak, forum_topic, bot, blog_post, stealer_log, chat_message\n- open_web: social_media_account, google, service, source_code_secrets, paste, stack_exchange, source_code_files, bucket_object, bucket\n- leaks: leak\n- domains: domain\n", "explode": true, "in": "query", "name": "types", @@ -4055,7 +4055,7 @@ } }, { - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: bot, seller, forum_profile, forum_topic, ransomleak, chat_message, blog_post, forum_post, stealer_log, financial_data, listing\n- open_web: stack_exchange, bucket, social_media_account, service, bucket_object, source_code_files, source_code_secrets, google, paste\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, forum_profile, listing, seller, financial_data, ransomleak, forum_topic, bot, blog_post, stealer_log, chat_message\n- open_web: social_media_account, google, service, source_code_secrets, paste, stack_exchange, source_code_files, bucket_object, bucket\n- leaks: leak\n- domains: domain\n", "explode": true, "in": "query", "name": "types", @@ -5088,7 +5088,7 @@ } }, { - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: bot, seller, forum_profile, forum_topic, ransomleak, chat_message, blog_post, forum_post, stealer_log, financial_data, listing\n- open_web: stack_exchange, bucket, social_media_account, service, bucket_object, source_code_files, source_code_secrets, google, paste\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, forum_profile, listing, seller, financial_data, ransomleak, forum_topic, bot, blog_post, stealer_log, chat_message\n- open_web: social_media_account, google, service, source_code_secrets, paste, stack_exchange, source_code_files, bucket_object, bucket\n- leaks: leak\n- domains: domain\n", "explode": true, "in": "query", "name": "types", @@ -5387,7 +5387,7 @@ } }, { - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: bot, seller, forum_profile, forum_topic, ransomleak, chat_message, blog_post, forum_post, stealer_log, financial_data, listing\n- open_web: stack_exchange, bucket, social_media_account, service, bucket_object, source_code_files, source_code_secrets, google, paste\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, forum_profile, listing, seller, financial_data, ransomleak, forum_topic, bot, blog_post, stealer_log, chat_message\n- open_web: social_media_account, google, service, source_code_secrets, paste, stack_exchange, source_code_files, bucket_object, bucket\n- leaks: leak\n- domains: domain\n", "explode": true, "in": "query", "name": "types", @@ -6370,57 +6370,6 @@ ], "type": "object" }, - "GitSecretDetectionRule": { - "properties": { - "id": { - "type": "integer" - }, - "name": { - "type": "string" - }, - "patterns": { - "items": { - "$ref": "#/components/schemas/GitSecretDetectionRulePattern" - }, - "type": "array" - }, - "risk_score": { - "type": "integer" - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "GitSecretDetectionRulePattern": { - "properties": { - "comment": { - "type": "string" - }, - "content_type": { - "type": "string" - }, - "id": { - "type": "integer" - }, - "pattern_type": { - "type": "string" - }, - "rule_id": { - "type": "integer" - }, - "value": { - "type": "string" - } - }, - "required": [ - "content_type", - "pattern_type", - "value" - ], - "type": "object" - }, "GroupedFeedAlerts": { "properties": { "alerts": { @@ -6518,28 +6467,28 @@ "search_types": { "items": { "enum": [ - "leak", - "stack_exchange", - "seller", + "google", "forum_profile", - "forum_topic", - "social_media_account", - "service", + "financial_data", + "paste", + "bot", "stealer_log", - "listing", - "source_code_files", - "google", + "social_media_account", + "forum_post", "domain", "ransomleak", - "financial_data", - "chat_message", - "bot", "bucket", - "forum_post", - "bucket_object", + "service", + "leak", + "listing", "source_code_secrets", + "source_code_files", + "forum_topic", + "bucket_object", "blog_post", - "paste", + "seller", + "stack_exchange", + "chat_message", "illicit_networks", "open_web", "buckets", @@ -6552,7 +6501,7 @@ "infected_devices", "social_media" ], - "example": "leak", + "example": "google", "type": "string" }, "type": "array" @@ -6630,29 +6579,29 @@ "search_types": { "items": { "enum": [ - "leak", - "stack_exchange", - "seller", + "google", "forum_profile", - "forum_topic", - "social_media_account", - "service", + "financial_data", + "paste", + "bot", "stealer_log", - "listing", - "source_code_files", - "google", + "social_media_account", + "forum_post", "domain", - "ad", "ransomleak", - "financial_data", - "chat_message", - "bot", "bucket", - "forum_post", - "bucket_object", + "service", + "leak", + "listing", "source_code_secrets", + "source_code_files", + "forum_topic", + "bucket_object", "blog_post", - "paste", + "seller", + "stack_exchange", + "ad", + "chat_message", "illicit_networks", "open_web", "buckets", @@ -6666,7 +6615,7 @@ "infected_devices", "social_media" ], - "example": "leak", + "example": "google", "type": "string" }, "type": "array" diff --git a/docs/api-reference/spec/firework-v2-swagger.json b/docs/api-reference/spec/firework-v2-swagger.json index 7f23be8..d6c827e 100644 --- a/docs/api-reference/spec/firework-v2-swagger.json +++ b/docs/api-reference/spec/firework-v2-swagger.json @@ -535,57 +535,6 @@ ], "type": "object" }, - "GitSecretDetectionRule": { - "properties": { - "id": { - "type": "integer" - }, - "name": { - "type": "string" - }, - "patterns": { - "items": { - "$ref": "#/definitions/GitSecretDetectionRulePattern" - }, - "type": "array" - }, - "risk_score": { - "type": "integer" - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "GitSecretDetectionRulePattern": { - "properties": { - "comment": { - "type": "string" - }, - "content_type": { - "type": "string" - }, - "id": { - "type": "integer" - }, - "pattern_type": { - "type": "string" - }, - "rule_id": { - "type": "integer" - }, - "value": { - "type": "string" - } - }, - "required": [ - "content_type", - "pattern_type", - "value" - ], - "type": "object" - }, "GroupedFeedAlerts": { "properties": { "alerts": { @@ -696,28 +645,28 @@ "search_types": { "items": { "enum": [ - "leak", - "stack_exchange", - "seller", + "google", "forum_profile", - "forum_topic", - "social_media_account", - "service", + "financial_data", + "paste", + "bot", "stealer_log", - "listing", - "source_code_files", - "google", + "social_media_account", + "forum_post", "domain", "ransomleak", - "financial_data", - "chat_message", - "bot", "bucket", - "forum_post", - "bucket_object", + "service", + "leak", + "listing", "source_code_secrets", + "source_code_files", + "forum_topic", + "bucket_object", "blog_post", - "paste", + "seller", + "stack_exchange", + "chat_message", "illicit_networks", "open_web", "buckets", @@ -730,7 +679,7 @@ "infected_devices", "social_media" ], - "example": "leak", + "example": "google", "type": "string" }, "type": "array" @@ -807,29 +756,29 @@ "search_types": { "items": { "enum": [ - "leak", - "stack_exchange", - "seller", + "google", "forum_profile", - "forum_topic", - "social_media_account", - "service", + "financial_data", + "paste", + "bot", "stealer_log", - "listing", - "source_code_files", - "google", + "social_media_account", + "forum_post", "domain", - "ad", "ransomleak", - "financial_data", - "chat_message", - "bot", "bucket", - "forum_post", - "bucket_object", + "service", + "leak", + "listing", "source_code_secrets", + "source_code_files", + "forum_topic", + "bucket_object", "blog_post", - "paste", + "seller", + "stack_exchange", + "ad", + "chat_message", "illicit_networks", "open_web", "buckets", @@ -843,7 +792,7 @@ "infected_devices", "social_media" ], - "example": "leak", + "example": "google", "type": "string" }, "type": "array" @@ -3812,7 +3761,7 @@ }, { "collectionFormat": "multi", - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: bot, seller, forum_profile, forum_topic, ransomleak, chat_message, blog_post, forum_post, stealer_log, financial_data, listing\n- open_web: stack_exchange, bucket, social_media_account, service, bucket_object, source_code_files, source_code_secrets, google, paste\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, forum_profile, listing, seller, financial_data, ransomleak, forum_topic, bot, blog_post, stealer_log, chat_message\n- open_web: social_media_account, google, service, source_code_secrets, paste, stack_exchange, source_code_files, bucket_object, bucket\n- leaks: leak\n- domains: domain\n", "enum": [ "attachment", "listing", @@ -4075,7 +4024,7 @@ }, { "collectionFormat": "multi", - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: bot, seller, forum_profile, forum_topic, ransomleak, chat_message, blog_post, forum_post, stealer_log, financial_data, listing\n- open_web: stack_exchange, bucket, social_media_account, service, bucket_object, source_code_files, source_code_secrets, google, paste\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, forum_profile, listing, seller, financial_data, ransomleak, forum_topic, bot, blog_post, stealer_log, chat_message\n- open_web: social_media_account, google, service, source_code_secrets, paste, stack_exchange, source_code_files, bucket_object, bucket\n- leaks: leak\n- domains: domain\n", "enum": [ "attachment", "listing", @@ -4508,7 +4457,7 @@ }, { "collectionFormat": "multi", - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: bot, seller, forum_profile, forum_topic, ransomleak, chat_message, blog_post, forum_post, stealer_log, financial_data, listing\n- open_web: stack_exchange, bucket, social_media_account, service, bucket_object, source_code_files, source_code_secrets, google, paste\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, forum_profile, listing, seller, financial_data, ransomleak, forum_topic, bot, blog_post, stealer_log, chat_message\n- open_web: social_media_account, google, service, source_code_secrets, paste, stack_exchange, source_code_files, bucket_object, bucket\n- leaks: leak\n- domains: domain\n", "enum": [ "attachment", "listing", @@ -4771,7 +4720,7 @@ }, { "collectionFormat": "multi", - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: bot, seller, forum_profile, forum_topic, ransomleak, chat_message, blog_post, forum_post, stealer_log, financial_data, listing\n- open_web: stack_exchange, bucket, social_media_account, service, bucket_object, source_code_files, source_code_secrets, google, paste\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, forum_profile, listing, seller, financial_data, ransomleak, forum_topic, bot, blog_post, stealer_log, chat_message\n- open_web: social_media_account, google, service, source_code_secrets, paste, stack_exchange, source_code_files, bucket_object, bucket\n- leaks: leak\n- domains: domain\n", "enum": [ "attachment", "listing", @@ -5079,7 +5028,7 @@ }, { "collectionFormat": "multi", - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: bot, seller, forum_profile, forum_topic, ransomleak, chat_message, blog_post, forum_post, stealer_log, financial_data, listing\n- open_web: stack_exchange, bucket, social_media_account, service, bucket_object, source_code_files, source_code_secrets, google, paste\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, forum_profile, listing, seller, financial_data, ransomleak, forum_topic, bot, blog_post, stealer_log, chat_message\n- open_web: social_media_account, google, service, source_code_secrets, paste, stack_exchange, source_code_files, bucket_object, bucket\n- leaks: leak\n- domains: domain\n", "enum": [ "attachment", "listing", @@ -5378,7 +5327,7 @@ }, { "collectionFormat": "multi", - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: bot, seller, forum_profile, forum_topic, ransomleak, chat_message, blog_post, forum_post, stealer_log, financial_data, listing\n- open_web: stack_exchange, bucket, social_media_account, service, bucket_object, source_code_files, source_code_secrets, google, paste\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, forum_profile, listing, seller, financial_data, ransomleak, forum_topic, bot, blog_post, stealer_log, chat_message\n- open_web: social_media_account, google, service, source_code_secrets, paste, stack_exchange, source_code_files, bucket_object, bucket\n- leaks: leak\n- domains: domain\n", "enum": [ "attachment", "listing", @@ -5611,7 +5560,7 @@ }, { "collectionFormat": "multi", - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: bot, seller, forum_profile, forum_topic, ransomleak, chat_message, blog_post, forum_post, stealer_log, financial_data, listing\n- open_web: stack_exchange, bucket, social_media_account, service, bucket_object, source_code_files, source_code_secrets, google, paste\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, forum_profile, listing, seller, financial_data, ransomleak, forum_topic, bot, blog_post, stealer_log, chat_message\n- open_web: social_media_account, google, service, source_code_secrets, paste, stack_exchange, source_code_files, bucket_object, bucket\n- leaks: leak\n- domains: domain\n", "enum": [ "attachment", "listing", @@ -6433,7 +6382,7 @@ }, { "collectionFormat": "multi", - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: bot, seller, forum_profile, forum_topic, ransomleak, chat_message, blog_post, forum_post, stealer_log, financial_data, listing\n- open_web: stack_exchange, bucket, social_media_account, service, bucket_object, source_code_files, source_code_secrets, google, paste\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, forum_profile, listing, seller, financial_data, ransomleak, forum_topic, bot, blog_post, stealer_log, chat_message\n- open_web: social_media_account, google, service, source_code_secrets, paste, stack_exchange, source_code_files, bucket_object, bucket\n- leaks: leak\n- domains: domain\n", "enum": [ "attachment", "listing", @@ -6680,7 +6629,7 @@ }, { "collectionFormat": "multi", - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: bot, seller, forum_profile, forum_topic, ransomleak, chat_message, blog_post, forum_post, stealer_log, financial_data, listing\n- open_web: stack_exchange, bucket, social_media_account, service, bucket_object, source_code_files, source_code_secrets, google, paste\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, forum_profile, listing, seller, financial_data, ransomleak, forum_topic, bot, blog_post, stealer_log, chat_message\n- open_web: social_media_account, google, service, source_code_secrets, paste, stack_exchange, source_code_files, bucket_object, bucket\n- leaks: leak\n- domains: domain\n", "enum": [ "attachment", "listing", diff --git a/docs/api-reference/spec/firework-v3-openapi.json b/docs/api-reference/spec/firework-v3-openapi.json index 3eb554f..4ade9b8 100644 --- a/docs/api-reference/spec/firework-v3-openapi.json +++ b/docs/api-reference/spec/firework-v3-openapi.json @@ -473,7 +473,7 @@ } }, { - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: financial_data, blog_post, bot, forum_profile, forum_topic, listing, seller, ransomleak, stealer_log, forum_post, chat_message\n- open_web: source_code_files, paste, source_code_secrets, service, bucket_object, stack_exchange, google, social_media_account, bucket\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, forum_profile, chat_message, seller, listing, financial_data, ransomleak, blog_post, stealer_log, forum_topic, bot\n- open_web: stack_exchange, paste, social_media_account, google, service, source_code_secrets, source_code_files, bucket_object, bucket\n- leaks: leak\n- domains: domain\n", "explode": true, "in": "query", "name": "types", @@ -792,7 +792,7 @@ } }, { - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: financial_data, blog_post, bot, forum_profile, forum_topic, listing, seller, ransomleak, stealer_log, forum_post, chat_message\n- open_web: source_code_files, paste, source_code_secrets, service, bucket_object, stack_exchange, google, social_media_account, bucket\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, forum_profile, chat_message, seller, listing, financial_data, ransomleak, blog_post, stealer_log, forum_topic, bot\n- open_web: stack_exchange, paste, social_media_account, google, service, source_code_secrets, source_code_files, bucket_object, bucket\n- leaks: leak\n- domains: domain\n", "explode": true, "in": "query", "name": "types", diff --git a/docs/api-reference/spec/firework-v3-swagger.json b/docs/api-reference/spec/firework-v3-swagger.json index db2b393..da01c3b 100644 --- a/docs/api-reference/spec/firework-v3-swagger.json +++ b/docs/api-reference/spec/firework-v3-swagger.json @@ -1308,7 +1308,7 @@ }, { "collectionFormat": "multi", - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: financial_data, blog_post, bot, forum_profile, forum_topic, listing, seller, ransomleak, stealer_log, forum_post, chat_message\n- open_web: source_code_files, paste, source_code_secrets, service, bucket_object, stack_exchange, google, social_media_account, bucket\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, forum_profile, chat_message, seller, listing, financial_data, ransomleak, blog_post, stealer_log, forum_topic, bot\n- open_web: stack_exchange, paste, social_media_account, google, service, source_code_secrets, source_code_files, bucket_object, bucket\n- leaks: leak\n- domains: domain\n", "enum": [ "attachment", "listing", @@ -1571,7 +1571,7 @@ }, { "collectionFormat": "multi", - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: financial_data, blog_post, bot, forum_profile, forum_topic, listing, seller, ransomleak, stealer_log, forum_post, chat_message\n- open_web: source_code_files, paste, source_code_secrets, service, bucket_object, stack_exchange, google, social_media_account, bucket\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, chat_message/telegram, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets, source_code_files, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, stealer_log_cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, forum_profile, chat_message, seller, listing, financial_data, ransomleak, blog_post, stealer_log, forum_topic, bot\n- open_web: stack_exchange, paste, social_media_account, google, service, source_code_secrets, source_code_files, bucket_object, bucket\n- leaks: leak\n- domains: domain\n", "enum": [ "attachment", "listing", diff --git a/docs/api-reference/spec/firework-v4-openapi.json b/docs/api-reference/spec/firework-v4-openapi.json index 24f6b3c..56a90c1 100644 --- a/docs/api-reference/spec/firework-v4-openapi.json +++ b/docs/api-reference/spec/firework-v4-openapi.json @@ -663,6 +663,24 @@ } } }, + "/actors/{actor_name}/heatmap": { + "get": { + "summary": "Get Actor Heatmap", + "operationId": "get_actor_heatmap_actors__actor_name__heatmap_get", + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ActorHeatmapData" + } + } + } + } + } + } + }, "/alerts/": { "get": { "summary": "Tenant Alerts", @@ -2470,6 +2488,42 @@ } } }, + "/identifier-recommendations/actions": { + "post": { + "summary": "Create Action For Identifier Recommendations", + "operationId": "create_action_for_identifier_recommendations_identifier_recommendations_actions_post", + "requestBody": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/IdentifierRecommendationActionsBody" + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": {} + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, "/identities/{asset_uuid}/recent_activities/_count": { "get": { "summary": "Get Recent Activities Count", @@ -2515,7 +2569,7 @@ "in": "query", "required": true, "schema": { - "$ref": "#/components/schemas/RecentActivitySearchType" + "$ref": "#/components/schemas/SearchType" } }, { @@ -2614,7 +2668,7 @@ "in": "query", "required": true, "schema": { - "$ref": "#/components/schemas/RecentActivitySearchType" + "$ref": "#/components/schemas/SearchType" } }, { @@ -3732,7 +3786,7 @@ "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/CreateTenantIntegration" + "$ref": "#/components/schemas/CreateTenantIntegrationPayload" } } } @@ -3830,7 +3884,7 @@ "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/UpdateTenantIntegration" + "$ref": "#/components/schemas/UpdateTenantIntegrationPayload" } } } @@ -3857,6 +3911,92 @@ } } }, + "/integrations/tenant_integrations/{tenant_integration_id}/idp/disable_account": { + "post": { + "summary": "Disable Account", + "operationId": "disable_account_integrations_tenant_integrations__tenant_integration_id__idp_disable_account_post", + "parameters": [ + { + "name": "tenant_integration_id", + "in": "path", + "required": true, + "schema": { + "type": "string", + "format": "uuid", + "title": "Tenant Integration Id" + } + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/DisableAccountPayload" + } + } + } + }, + "responses": { + "204": { + "description": "Successful Response" + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/integrations/tenant_integrations/{tenant_integration_id}/idp/revoke_sessions": { + "post": { + "summary": "Revoke Sessions", + "operationId": "revoke_sessions_integrations_tenant_integrations__tenant_integration_id__idp_revoke_sessions_post", + "parameters": [ + { + "name": "tenant_integration_id", + "in": "path", + "required": true, + "schema": { + "type": "string", + "format": "uuid", + "title": "Tenant Integration Id" + } + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/RevokeSessionsPayload" + } + } + } + }, + "responses": { + "204": { + "description": "Successful Response" + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, "/threat_flow/reports/": { "get": { "summary": "List Reports", @@ -4492,6 +4632,7 @@ "cc_bases", "chat_message", "cookie", + "docker_image", "document", "domain", "driller", @@ -4508,9 +4649,9 @@ "forum_topic", "host", "leak", + "leaked_credential", "leaked_data", "leaked_file", - "leaked_credential", "listing", "lookalike", "paste", @@ -4520,6 +4661,7 @@ "seller", "service", "social_media_account", + "source_code_secret", "stealer_log", "attachment/telegram", "chat_message/telegram", @@ -4566,6 +4708,18 @@ ], "title": "ActivityNode" }, + "ActivityTenantMetadataEventAction": { + "type": "string", + "enum": [ + "default", + "ignored", + "remediated", + "risk_score_edited", + "exclude_ignored", + "ignored_or_remediated" + ], + "title": "ActivityTenantMetadataEventAction" + }, "ActivityUid": { "properties": { "model_name": { @@ -4616,6 +4770,27 @@ ], "title": "ActorEvent" }, + "ActorHeatmapData": { + "properties": { + "per_hour": { + "items": { + "$ref": "#/components/schemas/HourData" + }, + "type": "array", + "title": "Per Hour" + }, + "total_count": { + "type": "integer", + "title": "Total Count" + } + }, + "type": "object", + "required": [ + "per_hour", + "total_count" + ], + "title": "ActorHeatmapData" + }, "ActorMetadata": { "properties": { "first_seen": { @@ -5777,7 +5952,9 @@ "accept_recommendation", "reject_recommendation", "remediate", + "unremediate", "ignore", + "unignore", "validate_with_idp" ], "title": "BulkActionType" @@ -5820,7 +5997,7 @@ } ], "title": "Created After", - "default": "2025-07-02T23:30:01.593613Z" + "default": "2025-07-08T19:29:38.977447Z" }, "from": { "anyOf": [ @@ -6205,8 +6382,13 @@ ], "title": "CreateAlertChannel" }, - "CreateTenantIntegration": { + "CreateTenantIntegrationPayload": { "properties": { + "name": { + "type": "string", + "title": "Name", + "default": "Entra ID" + }, "tenant_id": { "type": "integer", "title": "Tenant Id" @@ -6225,7 +6407,137 @@ "tenant_id", "params" ], - "title": "CreateTenantIntegration" + "title": "CreateTenantIntegrationPayload" + }, + "CredentialBulkActionFilters": { + "properties": { + "query_type": { + "$ref": "#/components/schemas/CredentialsQueryType", + "default": "domain" + }, + "term": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "Term" + }, + "source_term": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "Source Term" + }, + "search_after": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "Search After" + }, + "time": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "Time" + }, + "source_id": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "Source Id" + }, + "ignored_source_id": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "Ignored Source Id" + }, + "size": { + "type": "integer", + "title": "Size", + "default": 10 + }, + "states": { + "anyOf": [ + { + "items": { + "$ref": "#/components/schemas/ActivityTenantMetadataEventAction" + }, + "type": "array" + }, + { + "type": "null" + } + ], + "title": "States" + }, + "password_policies": { + "anyOf": [ + { + "items": { + "$ref": "#/components/schemas/PasswordPolicy" + }, + "type": "array" + }, + { + "type": "null" + } + ], + "title": "Password Policies" + }, + "password_policy_operator": { + "anyOf": [ + { + "$ref": "#/components/schemas/PasswordPolicyOperator" + }, + { + "type": "null" + } + ] + }, + "include_validations": { + "type": "boolean", + "title": "Include Validations", + "default": false + }, + "feed_definition": { + "$ref": "#/components/schemas/FeedDefinition" + } + }, + "type": "object", + "required": [ + "feed_definition" + ], + "title": "CredentialBulkActionFilters" }, "CredentialBulkActionRequestBody": { "properties": { @@ -6238,15 +6550,151 @@ }, "type": "array", "title": "Ids" - } - }, - "type": "object", + }, + "filters": { + "anyOf": [ + { + "$ref": "#/components/schemas/CredentialBulkActionFilters" + }, + { + "type": "null" + } + ] + }, + "action_params": { + "anyOf": [ + { + "$ref": "#/components/schemas/ValidateByIDPActionParams" + }, + { + "type": "null" + } + ] + } + }, + "type": "object", "required": [ "type", - "ids" + "ids", + "filters", + "action_params" ], "title": "CredentialBulkActionRequestBody" }, + "CredentialFilters": { + "properties": { + "query_string": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "Query String" + }, + "type": { + "type": "string", + "const": "credential", + "title": "Type", + "default": "credential" + }, + "query_type": { + "anyOf": [ + { + "$ref": "#/components/schemas/CredentialsQueryType" + }, + { + "type": "null" + } + ] + }, + "time": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "Time" + }, + "source_id": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "Source Id" + }, + "ignored_source_id": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "Ignored Source Id" + }, + "password_policies": { + "anyOf": [ + { + "items": { + "$ref": "#/components/schemas/PasswordPolicy" + }, + "type": "array" + }, + { + "type": "null" + } + ], + "title": "Password Policies" + }, + "password_policy_operator": { + "anyOf": [ + { + "$ref": "#/components/schemas/PasswordPolicyOperator" + }, + { + "type": "null" + } + ] + }, + "feed_definition": { + "anyOf": [ + { + "$ref": "#/components/schemas/FeedDefinition" + }, + { + "type": "null" + } + ] + }, + "states": { + "anyOf": [ + { + "items": { + "$ref": "#/components/schemas/ActivityTenantMetadataEventAction" + }, + "type": "array" + }, + { + "type": "null" + } + ], + "title": "States" + } + }, + "type": "object", + "title": "CredentialFilters" + }, "CredentialValidationReponse": { "properties": { "tenant_integration_id": { @@ -6366,6 +6814,51 @@ ], "title": "CredentialsQuery" }, + "CredentialsQueryType": { + "type": "string", + "enum": [ + "email", + "username", + "domain", + "password", + "url" + ], + "title": "CredentialsQueryType" + }, + "DayOfWeekData": { + "properties": { + "day_of_week": { + "type": "integer", + "maximum": 7.0, + "minimum": 1.0, + "title": "Day Of Week", + "description": "The day of the week, from 1 to 7, where 1 is Monday and 7 is Sunday." + }, + "count": { + "type": "integer", + "title": "Count" + } + }, + "type": "object", + "required": [ + "day_of_week", + "count" + ], + "title": "DayOfWeekData" + }, + "DisableAccountPayload": { + "properties": { + "credential_hash": { + "type": "string", + "title": "Credential Hash" + } + }, + "type": "object", + "required": [ + "credential_hash" + ], + "title": "DisableAccountPayload" + }, "DomainAssetEnrichment": { "properties": { "type": { @@ -6610,11 +7103,15 @@ }, { "$ref": "#/components/schemas/IdentifierFilters" + }, + { + "$ref": "#/components/schemas/CredentialFilters" } ], "discriminator": { "propertyName": "type", "mapping": { + "credential": "#/components/schemas/CredentialFilters", "group": "#/components/schemas/GroupFilters", "identifier": "#/components/schemas/IdentifierFilters", "identifier_recommendation": "#/components/schemas/IdentifierRecommendationFilters", @@ -7749,6 +8246,35 @@ "type": "object", "title": "HTTPValidationError" }, + "HourData": { + "properties": { + "hour": { + "type": "integer", + "maximum": 23.0, + "minimum": 0.0, + "title": "Hour", + "description": "The hour of the day, from 0 to 23." + }, + "count": { + "type": "integer", + "title": "Count" + }, + "per_day": { + "items": { + "$ref": "#/components/schemas/DayOfWeekData" + }, + "type": "array", + "title": "Per Day" + } + }, + "type": "object", + "required": [ + "hour", + "count", + "per_day" + ], + "title": "HourData" + }, "IPData": { "properties": { "type": { @@ -8197,6 +8723,59 @@ ], "title": "IdentifierProperty" }, + "IdentifierRecommendationAction": { + "properties": { + "type": { + "$ref": "#/components/schemas/IdentifierRecommendationActionType" + } + }, + "type": "object", + "required": [ + "type" + ], + "title": "IdentifierRecommendationAction" + }, + "IdentifierRecommendationActionTarget": { + "properties": { + "id": { + "type": "integer", + "title": "Id" + } + }, + "type": "object", + "required": [ + "id" + ], + "title": "IdentifierRecommendationActionTarget" + }, + "IdentifierRecommendationActionType": { + "type": "string", + "enum": [ + "accept", + "reject" + ], + "title": "IdentifierRecommendationActionType" + }, + "IdentifierRecommendationActionsBody": { + "properties": { + "targets": { + "items": { + "$ref": "#/components/schemas/IdentifierRecommendationActionTarget" + }, + "type": "array", + "maxItems": 100, + "title": "Targets" + }, + "action": { + "$ref": "#/components/schemas/IdentifierRecommendationAction" + } + }, + "type": "object", + "required": [ + "action" + ], + "title": "IdentifierRecommendationActionsBody" + }, "IdentifierRecommendationFilters": { "properties": { "query_string": { @@ -9588,6 +10167,25 @@ ], "title": "PartialAlertChannel" }, + "PasswordPolicy": { + "type": "string", + "enum": [ + "min_eight_chars", + "special_symbols", + "uppercase", + "lowercase", + "number" + ], + "title": "PasswordPolicy" + }, + "PasswordPolicyOperator": { + "type": "string", + "enum": [ + "include", + "exclude" + ], + "title": "PasswordPolicyOperator" + }, "QueryStringQuery": { "properties": { "type": { @@ -9610,7 +10208,7 @@ "RecentActivityCookies": { "properties": { "type": { - "$ref": "#/components/schemas/RecentActivitySearchType" + "$ref": "#/components/schemas/SearchType" }, "uid": { "type": "string", @@ -9674,7 +10272,7 @@ "RecentActivityExposedPII": { "properties": { "type": { - "$ref": "#/components/schemas/RecentActivitySearchType" + "$ref": "#/components/schemas/SearchType" }, "uid": { "type": "string", @@ -9712,7 +10310,7 @@ "RecentActivityLeakedCredential": { "properties": { "type": { - "$ref": "#/components/schemas/RecentActivitySearchType" + "$ref": "#/components/schemas/SearchType" }, "uid": { "type": "string", @@ -9747,6 +10345,44 @@ ], "title": "RecentActivityLeakedCredential" }, + "RecentActivityOpenWebIllicitNetwork": { + "properties": { + "type": { + "$ref": "#/components/schemas/SearchType" + }, + "uid": { + "type": "string", + "title": "Uid" + }, + "creation_date": { + "type": "string", + "format": "date-time", + "title": "Creation Date" + }, + "attribute": { + "type": "string", + "title": "Attribute" + }, + "event_type": { + "type": "string", + "title": "Event Type" + }, + "source_name": { + "type": "string", + "title": "Source Name" + } + }, + "type": "object", + "required": [ + "type", + "uid", + "creation_date", + "attribute", + "event_type", + "source_name" + ], + "title": "RecentActivityOpenWebIllicitNetwork" + }, "RecentActivityResponse": { "properties": { "items": { @@ -9763,6 +10399,9 @@ }, { "$ref": "#/components/schemas/RecentActivityExposedPII" + }, + { + "$ref": "#/components/schemas/RecentActivityOpenWebIllicitNetwork" } ] }, @@ -9787,22 +10426,10 @@ ], "title": "RecentActivityResponse" }, - "RecentActivitySearchType": { - "type": "string", - "enum": [ - "pii", - "leaked_credential", - "stealer_log", - "stealer_log_cookie", - "open_web", - "illicit_networks" - ], - "title": "RecentActivitySearchType" - }, "RecentActivityStealerLog": { "properties": { "type": { - "$ref": "#/components/schemas/RecentActivitySearchType" + "$ref": "#/components/schemas/SearchType" }, "uid": { "type": "string", @@ -10089,6 +10716,11 @@ "type": "string", "minLength": 1, "title": "Author" + }, + "time_zone": { + "type": "string", + "title": "Time Zone", + "default": "Etc/UTC" } }, "type": "object", @@ -10468,6 +11100,19 @@ ], "title": "RequestStatus" }, + "RevokeSessionsPayload": { + "properties": { + "credential_hash": { + "type": "string", + "title": "Credential Hash" + } + }, + "type": "object", + "required": [ + "credential_hash" + ], + "title": "RevokeSessionsPayload" + }, "RiskScore": { "type": "integer", "enum": [ @@ -10719,6 +11364,10 @@ "format": "uuid", "title": "Id" }, + "name": { + "type": "string", + "title": "Name" + }, "tenant_id": { "type": "integer", "title": "Tenant Id" @@ -10754,6 +11403,7 @@ "type": "object", "required": [ "id", + "name", "tenant_id", "type", "params", @@ -11265,8 +11915,13 @@ ], "title": "UpdateReportParameters" }, - "UpdateTenantIntegration": { + "UpdateTenantIntegrationPayload": { "properties": { + "name": { + "type": "string", + "title": "Name", + "default": "Entra ID" + }, "is_enabled": { "type": "boolean", "title": "Is Enabled", @@ -11280,7 +11935,7 @@ "required": [ "params" ], - "title": "UpdateTenantIntegration" + "title": "UpdateTenantIntegrationPayload" }, "UserTenantAccess": { "properties": { @@ -11363,6 +12018,26 @@ ], "title": "UsernameQuery" }, + "ValidateByIDPActionParams": { + "properties": { + "type": { + "type": "string", + "const": "validate_with_idp", + "title": "Type" + }, + "tenant_integration_id": { + "type": "string", + "format": "uuid", + "title": "Tenant Integration Id" + } + }, + "type": "object", + "required": [ + "type", + "tenant_integration_id" + ], + "title": "ValidateByIDPActionParams" + }, "ValidationError": { "properties": { "loc": { diff --git a/docs/api-reference/v4/endpoints/create-action-for-identifier-recommendations.mdx b/docs/api-reference/v4/endpoints/create-action-for-identifier-recommendations.mdx new file mode 100644 index 0000000..3c992e8 --- /dev/null +++ b/docs/api-reference/v4/endpoints/create-action-for-identifier-recommendations.mdx @@ -0,0 +1,4 @@ +--- +openapi: firework-v4-openapi post /identifier-recommendations/actions +title: Identifier Recommendation Actions (accept, reject) +--- \ No newline at end of file diff --git a/docs/docs.json b/docs/docs.json index 89aafaa..206eb73 100644 --- a/docs/docs.json +++ b/docs/docs.json @@ -149,7 +149,8 @@ { "group": "Identifier Recommendations", "pages": [ - "api-reference/v4/endpoints/fetch-identifier-recommendations" + "api-reference/v4/endpoints/fetch-identifier-recommendations", + "api-reference/v4/endpoints/create-action-for-identifier-recommendations" ] }, { @@ -333,4 +334,4 @@ "youtube": "https://www.youtube.com/@flarecybersecurity" } } -} +} \ No newline at end of file