### Installation and Initialization Source: https://context7.com/alienvault-otx/otx-node-sdk/llms.txt Instructions on how to install and initialize the OTX Node SDK with your API key. ```APIDOC ## Installation and Initialization Initialize the SDK with your OTX API key obtained from the AlienVault OTX portal. The SDK automatically configures HTTPS connections to the OTX API endpoint. ### Method ```javascript var OTX = require('otx-node-sdk'); // Initialize with your API key from https://otx.alienvault.com/api/ var otx = new OTX('your-otx-api-key-here'); // Check SDK version and configuration console.log('SDK Version:', otx.version); console.log('User Agent:', otx.agent); ``` ### Parameters #### Request Body - **api_key** (string) - Required - Your AlienVault OTX API key. ``` -------------------------------- ### OTX-Node-SDK Initialization Source: https://github.com/alienvault-otx/otx-node-sdk/blob/master/README.md Instructions on how to install and initialize the OTX-Node-SDK with your API key. ```APIDOC ## Installation and Usage OTX-Node-SDK will soon be added to npm. Until then follow the instructions below: * Register at https://otx.alienvault.com/ and obtain your DirectConnect OTX Key found on https://otx.alienvault.com/api/ * clone this repo * Require 'otx-node-sdk/index.js' in your file ```javascript var otxSdk = require('otx-node-sdk/index.js'); ``` * Initialize with your OTX API KEY ```javascript var otx = new otxSdk(''); ``` * Have Fun! ### Usage Docs All functions require a callback. ``` -------------------------------- ### Users API - Get Current User Info Source: https://context7.com/alienvault-otx/otx-node-sdk/llms.txt Retrieve information about the currently authenticated user. ```APIDOC ## Get Current User Info ### Description Retrieve information about the authenticated user (yourself). ### Method GET ### Endpoint `/api/v1/users/me/` ### Parameters None ### Request Example ```javascript var OTX = require('otx-node-sdk'); var otx = new OTX('your-otx-api-key'); otx.users.me(function(error, response) { if (error) { console.error('Error:', error); return; } console.log('Username:', response.username); }); ``` ### Response #### Success Response (200) - **username** (string) - The username of the authenticated user. - **member_since** (string) - The date the user joined OTX. - **pulse_count** (integer) - The number of pulses created by the user. - **follower_count** (integer) - The number of users following this user. - **following_count** (integer) - The number of users this user is following. #### Response Example ```json { "username": "CurrentUser", "member_since": "2020-01-15T10:00:00Z", "pulse_count": 75, "follower_count": 120, "following_count": 80 } ``` ``` -------------------------------- ### Pulses API - Get Indicator Types Source: https://context7.com/alienvault-otx/otx-node-sdk/llms.txt Retrieves a list of all valid indicator types supported by OTX, including their names and descriptions. ```APIDOC ## GET /pulses/indicator_types ### Description Retrieve a list of all valid indicator types supported by OTX. ### Method GET ### Endpoint `/pulses/indicator_types` ### Parameters None ### Request Example ```javascript var OTX = require('otx-node-sdk'); var otx = new OTX('your-otx-api-key'); // Get all supported indicator types otx.pulses.indicatorsTypes(function(error, response) { if (error) { console.error('Error:', error); return; } console.log('Supported Indicator Types:'); response.forEach(function(type) { console.log('-', type.name, ':', type.description); }); }); ``` ### Response #### Success Response (200) - **(array)** - An array of indicator type objects, each containing: - **name** (string) - The name of the indicator type. - **description** (string) - A description of the indicator type. #### Response Example ```json [ { "name": "domain", "description": "Domain Name" }, { "name": "IPv4", "description": "IPv4 Address" } ] ``` ``` -------------------------------- ### Get Pulse Indicators (JavaScript) Source: https://context7.com/alienvault-otx/otx-node-sdk/llms.txt Retrieve all indicators of compromise within a specific pulse using the OTX Node.js SDK. Supports pagination. Requires an OTX API key. ```javascript var OTX = require('otx-node-sdk'); var otx = new OTX('your-otx-api-key'); // Get indicators from a pulse var pulseId = '5a5b5c5d5e5f5g5h5i5j5k5l'; otx.pulses.indicators(pulseId, function(error, response) { if (error) { console.error('Error:', error); return; } response.results.forEach(function(indicator) { console.log('Type:', indicator.type, '- Value:', indicator.indicator); }); }); // With pagination (limit 50, page 1) otx.pulses.indicators(pulseId, 50, 1, function(error, response) { if (error) { console.error('Error:', error); return; } console.log('Total Indicators:', response.count); console.log('Indicators on this page:', response.results.length); }); ``` -------------------------------- ### Get Supported Indicator Types - JavaScript Source: https://context7.com/alienvault-otx/otx-node-sdk/llms.txt Retrieves a list of all valid indicator types supported by OTX. This is useful for ensuring correct formatting when adding indicators to pulses. Requires an OTX API key. ```javascript var OTX = require('otx-node-sdk'); var otx = new OTX('your-otx-api-key'); // Get all supported indicator types otx.pulses.indicatorsTypes(function(error, response) { if (error) { console.error('Error:', error); return; } console.log('Supported Indicator Types:'); response.forEach(function(type) { console.log('-', type.name, ':', type.description); }); }); ``` -------------------------------- ### Get Current Authenticated User Info (JavaScript) Source: https://context7.com/alienvault-otx/otx-node-sdk/llms.txt Retrieves information about the currently authenticated user. Requires an OTX API key. Returns user details like username, member since date, and pulse count. ```javascript var OTX = require('otx-node-sdk'); var otx = new OTX('your-otx-api-key'); // Get your user information otx.users.me(function(error, response) { if (error) { console.error('Error:', error); return; } console.log('Username:', response.username); console.log('Member Since:', response.member_since); console.log('Pulse Count:', response.pulse_count); console.log('Follower Count:', response.follower_count); console.log('Following Count:', response.following_count); }); ``` -------------------------------- ### Initialize OTX-Node-SDK Client Source: https://github.com/alienvault-otx/otx-node-sdk/blob/master/README.md Demonstrates how to require the OTX-Node-SDK and initialize it with a provided OTX API Key. This is the first step before making any API calls. ```javascript var otxSdk = require('otx-node-sdk/index.js'); var otx = new otxSdk(''); ``` -------------------------------- ### Pulses API - Get Pulse Details Source: https://context7.com/alienvault-otx/otx-node-sdk/llms.txt Retrieve detailed information about a specific pulse by its ID. ```APIDOC ## Pulses API - Get Pulse Details ### Description Retrieve detailed information about a specific pulse by its ID. ### Method GET ### Endpoint /pulses/{id} ### Parameters #### Path Parameters - **id** (string) - Required - The ID of the pulse. ### Request Example ```javascript var OTX = require('otx-node-sdk'); var otx = new OTX('your-otx-api-key'); // Get full details of a specific pulse var pulseId = '5a5b5c5d5e5f5g5h5i5j5k5l'; otx.pulses.details(pulseId, function(error, response) { if (error) { console.error('Error:', error); return; } console.log('Pulse Name:', response.name); }); ``` ### Response #### Success Response (200) - **name** (string) - Name of the pulse. - **description** (string) - Description of the pulse. - **created** (string) - Creation date (ISO 8601 format). - **modified** (string) - Modification date (ISO 8601 format). - **TLP** (string) - Traffic Light Protocol level. - **tags** (array) - List of tags associated with the pulse. - **indicator_count** (integer) - Number of indicators in the pulse. #### Response Example ```json { "id": "5a5b5c5d5e5f5g5h5i5j5k5l", "name": "Example Malware Campaign", "description": "Details about a recent malware campaign.", "created": "2024-01-15T10:00:00Z", "modified": "2024-01-15T12:30:00Z", "TLP": "AMBER", "tags": ["malware", "campaign", "trojan"], "indicator_count": 25 } ``` ``` -------------------------------- ### Initialize OTX Node SDK Source: https://context7.com/alienvault-otx/otx-node-sdk/llms.txt Initializes the OTX Node SDK with your API key. The SDK automatically configures HTTPS connections to the OTX API endpoint and exposes version and user agent information. ```javascript var OTX = require('otx-node-sdk'); // Initialize with your API key from https://otx.alienvault.com/api/ var otx = new OTX('your-otx-api-key-here'); // Check SDK version and configuration console.log('SDK Version:', otx.version); console.log('User Agent:', otx.agent); ``` -------------------------------- ### Indicators API Source: https://github.com/alienvault-otx/otx-node-sdk/blob/master/README.md Documentation for retrieving various types of indicators from OTX. ```APIDOC ## Indicators Refer to https://otx.alienvault.com/api/ API Docs for parameter options and response examples. ### IPv4 Indicator #### Method ``` otx.indicators.ipv4( ipv4, section, callback ); ``` #### Parameters * **ipv4** (string) - Required - The IPv4 address to query. * **section** (string) - Required - The section of the pulse to retrieve (e.g., 'general', 'reputation'). * **callback** (function) - Required - A callback function `(error, response)` to handle the result. ### IPv6 Indicator #### Method ``` otx.indicators.ipv6( ipv6, section, callback ); ``` #### Parameters * **ipv6** (string) - Required - The IPv6 address to query. * **section** (string) - Required - The section of the pulse to retrieve (e.g., 'general', 'reputation'). * **callback** (function) - Required - A callback function `(error, response)` to handle the result. ### Domain Indicator #### Method ``` otx.indicators.domain( domain, section, callback ); ``` #### Parameters * **domain** (string) - Required - The domain name to query. * **section** (string) - Required - The section of the pulse to retrieve (e.g., 'general', 'reputation'). * **callback** (function) - Required - A callback function `(error, response)` to handle the result. ### Hostname Indicator #### Method ``` otx.indicators.hostname( hostname, section, callback ); ``` #### Parameters * **hostname** (string) - Required - The hostname to query. * **section** (string) - Required - The section of the pulse to retrieve (e.g., 'general', 'reputation'). * **callback** (function) - Required - A callback function `(error, response)` to handle the result. ### File Indicator #### Method ``` otx.indicators.file( file, section, callback ); ``` #### Parameters * **file** (string) - Required - The file hash (MD5, SHA1, SHA256) to query. * **section** (string) - Required - The section of the pulse to retrieve (e.g., 'general', 'reputation'). * **callback** (function) - Required - A callback function `(error, response)` to handle the result. ### URL Indicator #### Method ``` otx.indicators.url( url, section, callback ); ``` #### Parameters * **url** (string) - Required - The URL to query. * **section** (string) - Required - The section of the pulse to retrieve (e.g., 'general', 'reputation'). * **callback** (function) - Required - A callback function `(error, response)` to handle the result. ### CVE Indicator #### Method ``` otx.indicators.cve( cve, section, callback ); ``` #### Parameters * **cve** (string) - Required - The CVE ID to query. * **section** (string) - Required - The section of the pulse to retrieve (e.g., 'general', 'reputation'). * **callback** (function) - Required - A callback function `(error, response)` to handle the result. ``` -------------------------------- ### Pulses API - Get Pulse Indicators Source: https://context7.com/alienvault-otx/otx-node-sdk/llms.txt Retrieve all indicators of compromise contained within a specific pulse. ```APIDOC ## Pulses API - Get Pulse Indicators ### Description Retrieve all indicators of compromise contained within a specific pulse. ### Method GET ### Endpoint /pulses/{id}/indicators ### Parameters #### Path Parameters - **id** (string) - Required - The ID of the pulse. #### Query Parameters - **limit** (integer) - Optional - Number of results per page (default 50). - **page** (integer) - Optional - Page number for pagination (default 1). ### Request Example ```javascript var OTX = require('otx-node-sdk'); var otx = new OTX('your-otx-api-key'); // Get indicators from a pulse var pulseId = '5a5b5c5d5e5f5g5h5i5j5k5l'; otx.pulses.indicators(pulseId, function(error, response) { if (error) { console.error('Error:', error); return; } response.results.forEach(function(indicator) { console.log('Indicator:', indicator.indicator); }); }); // With pagination (limit 50, page 1) otx.pulses.indicators(pulseId, 50, 1, function(error, response) { if (error) { console.error('Error:', error); return; } console.log('Indicators on this page:', response.results.length); }); ``` ### Response #### Success Response (200) - **count** (integer) - Total number of indicators in the pulse. - **results** (array) - Array of indicator objects. - **type** (string) - Type of the indicator (e.g., 'hostname', 'ipv4'). - **indicator** (string) - The indicator value. #### Response Example ```json { "count": 25, "results": [ { "type": "hostname", "indicator": "malicious-domain.com" }, { "type": "ipv4", "indicator": "192.168.1.1" } ] } ``` ``` -------------------------------- ### Pulses API - Get Subscribed Pulses Source: https://context7.com/alienvault-otx/otx-node-sdk/llms.txt Retrieve all threat pulses you have subscribed to. Supports pagination and filtering by modification date. ```APIDOC ## Pulses API - Get Subscribed Pulses ### Description Retrieve all threat pulses you have subscribed to. Supports pagination and filtering by modification date. ### Method GET ### Endpoint /pulses/subscribed ### Parameters #### Query Parameters - **modified_since** (string) - Optional - Filter pulses modified after this date (ISO 8601 format). - **limit** (integer) - Optional - Number of results per page (default 50). - **page** (integer) - Optional - Page number for pagination (default 1). ### Request Example ```javascript var OTX = require('otx-node-sdk'); var otx = new OTX('your-otx-api-key'); // Get all subscribed pulses (basic call) otx.pulses.subscribed(function(error, response) { if (error) { console.error('Error:', error); return; } console.log('Subscribed Pulses:', response.results); }); // Get pulses modified since a specific date with pagination var modifiedSince = '2024-01-01T00:00:00'; otx.pulses.subscribed(modifiedSince, 10, 1, function(error, response) { if (error) { console.error('Error:', error); return; } response.results.forEach(function(pulse) { console.log('Pulse:', pulse.name); }); }); ``` ### Response #### Success Response (200) - **count** (integer) - Total number of subscribed pulses. - **results** (array) - Array of pulse objects. - **name** (string) - Name of the pulse. - **indicator_count** (integer) - Number of indicators in the pulse. #### Response Example ```json { "count": 120, "results": [ { "id": "5a5b5c5d5e5f5g5h5i5j5k5l", "name": "Example Malware Campaign", "indicator_count": 25 } ] } ``` ``` -------------------------------- ### Query File Indicators with OTX-Node-SDK Source: https://github.com/alienvault-otx/otx-node-sdk/blob/master/README.md Retrieves file indicators from OTX. Requires the file hash or identifier, a section, and a callback function to handle the response. Refer to OTX API documentation for available sections. ```javascript otx.indicators.file( file, section, callback ); ``` -------------------------------- ### Pulses API - Get Related Pulses Source: https://context7.com/alienvault-otx/otx-node-sdk/llms.txt Find pulses that are related to a specific pulse based on shared indicators or tags. ```APIDOC ## Pulses API - Get Related Pulses ### Description Find pulses that are related to a specific pulse based on shared indicators or tags. ### Method GET ### Endpoint /pulses/{id}/related ### Parameters #### Path Parameters - **id** (string) - Required - The ID of the pulse. ### Request Example ```javascript var OTX = require('otx-node-sdk'); var otx = new OTX('your-otx-api-key'); // Get related pulses var pulseId = '5a5b5c5d5e5f5g5h5i5j5k5l'; otx.pulses.related(pulseId, function(error, response) { if (error) { console.error('Error:', error); return; } console.log('Related Pulses:'); response.results.forEach(function(pulse) { console.log('-', pulse.name, 'by', pulse.author_name); }); }); ``` ### Response #### Success Response (200) - **results** (array) - Array of related pulse objects. - **name** (string) - Name of the related pulse. - **author_name** (string) - Name of the author of the related pulse. #### Response Example ```json { "results": [ { "id": "6a6b6c6d6e6f6g6h6i6j6k6l", "name": "Related Campaign X", "author_name": "Threat Analyst" } ] } ``` ``` -------------------------------- ### Perform Generic User Action (JavaScript) Source: https://context7.com/alienvault-otx/otx-node-sdk/llms.txt Performs a generic action (follow, unfollow, subscribe, unsubscribe) on an OTX user. Requires an OTX API key and the username. Returns the action response. ```javascript var OTX = require('otx-node-sdk'); var otx = new OTX('your-otx-api-key'); // Generic user action otx.users.action('AlienVault', function(error, response) { if (error) { console.error('Error:', error); return; } console.log('Action completed:', response); }); ``` -------------------------------- ### Manage OTX User Profiles: Me, Action, Follow, Unfollow Source: https://github.com/alienvault-otx/otx-node-sdk/blob/master/README.md Interact with user profile data. 'me' retrieves the current user's information. 'action', 'follow', and 'unfollow' require a username and a callback function to process the user-specific action. ```javascript otx.users.me( callback ); ``` ```javascript otx.users.action( username, callback ); ``` ```javascript otx.users.follow( username, callback ); ``` ```javascript otx.users.unfollow( username, callback ); ``` -------------------------------- ### Pulses API - Get User Pulses Source: https://context7.com/alienvault-otx/otx-node-sdk/llms.txt Retrieves all pulses created by a specific user. Requires the username of the user whose pulses you want to fetch. ```APIDOC ## GET /users/{username}/pulses ### Description Retrieve all pulses created by a specific user. ### Method GET ### Endpoint `/users/{username}/pulses` ### Parameters #### Path Parameters - **username** (string) - Required - The username of the user whose pulses to retrieve. ### Request Example ```javascript var OTX = require('otx-node-sdk'); var otx = new OTX('your-otx-api-key'); // Get pulses from a specific user otx.pulses.user('AlienVault', function(error, response) { if (error) { console.error('Error:', error); return; } console.log('Pulses by AlienVault:'); response.results.forEach(function(pulse) { console.log('-', pulse.name, '(', pulse.indicator_count, 'indicators)'); }); }); ``` ### Response #### Success Response (200) - **results** (array) - An array of pulse objects created by the user. - **count** (integer) - The total number of pulses found for the user. #### Response Example ```json { "results": [ { "id": "65a5a5a5a5a5a5a5a5a5a5a5", "name": "Example Pulse", "indicator_count": 5 } ], "count": 10 } ``` ``` -------------------------------- ### Indicators API - File Hash Lookup Source: https://context7.com/alienvault-otx/otx-node-sdk/llms.txt Query threat intelligence for file hashes (MD5, SHA1, SHA256). Available sections: general, analysis. ```APIDOC ## Indicators API - File Hash Lookup ### Description Query threat intelligence for file hashes (MD5, SHA1, SHA256). Available sections: general, analysis. ### Method GET ### Endpoint /indicators/file/{hash}/{section} ### Parameters #### Path Parameters - **hash** (string) - Required - The file hash (MD5, SHA1, or SHA256). - **section** (string) - Required - The section to retrieve ('general' or 'analysis'). ### Request Example ```javascript var OTX = require('otx-node-sdk'); var otx = new OTX('your-otx-api-key'); // Look up a file by SHA256 hash var sha256 = 'd7a8fbb307d7809469ca9abcb0082e4f8d5651e46d3cdb762d02d0bf37c9e592'; otx.indicators.file(sha256, 'general', function(error, response) { if (error) { console.error('Error:', error); return; } console.log('File Info:', response); }); // Get detailed analysis of a suspicious file otx.indicators.file(sha256, 'analysis', function(error, response) { if (error) { console.error('Error:', error); return; } console.log('Analysis Results:', response.analysis); }); ``` ### Response #### Success Response (200) - **type_title** (string) - The title of the file type. - **malware** (array) - List of malware associated with the file. - **analysis** (object) - Detailed analysis results (if requested). #### Response Example ```json { "type_title": "PE", "malware": [ { "name": "Trojan.Generic", "family": "Trojan" } ], "analysis": { "total_votes": 100, "votes": 95 } } ``` ``` -------------------------------- ### Get Pulse Details (JavaScript) Source: https://context7.com/alienvault-otx/otx-node-sdk/llms.txt Retrieve detailed information about a specific pulse by its ID using the OTX Node.js SDK. Requires an OTX API key. ```javascript var OTX = require('otx-node-sdk'); var otx = new OTX('your-otx-api-key'); // Get full details of a specific pulse var pulseId = '5a5b5c5d5e5f5g5h5i5j5k5l'; otx.pulses.details(pulseId, function(error, response) { if (error) { console.error('Error:', error); return; } console.log('Pulse Name:', response.name); console.log('Description:', response.description); console.log('Created:', response.created); console.log('Modified:', response.modified); console.log('TLP:', response.TLP); console.log('Tags:', response.tags); console.log('Indicator Count:', response.indicator_count); }); ``` -------------------------------- ### Manage OTX Pulses: Create, Details, Indicators, Related Source: https://github.com/alienvault-otx/otx-node-sdk/blob/master/README.md Functions for creating, retrieving details of, managing indicators for, and finding related information for OTX pulses. 'Create' requires detailed pulse object, 'details' needs an ID, 'indicators' needs a pulse ID, and 'related' needs a pulse ID. All require a callback. ```javascript otx.pulses.create( pulse, callback ); ``` ```javascript otx.pulses.details( id, callback ); ``` ```javascript otx.pulses.indicators( id, limit, page, callback ); ``` ```javascript otx.pulses.related( id, callback ); ``` -------------------------------- ### Get User Specific Pulse Information Source: https://github.com/alienvault-otx/otx-node-sdk/blob/master/README.md Retrieve pulse information associated with a specific user. This function requires the username and a callback function to handle the response. ```javascript otx.pulses.user( username, callback ); ``` -------------------------------- ### Users API Source: https://github.com/alienvault-otx/otx-node-sdk/blob/master/README.md Endpoints for managing user-related actions and retrieving user information. ```APIDOC ## GET /users/me ### Description Retrieves information about the currently authenticated user. ### Method GET ### Endpoint /users/me ### Response #### Success Response (200) - **response** (object) - Contains the details of the current user. #### Response Example { "example": "response body" } ``` ```APIDOC ## GET /users/action/{username} ### Description Retrieves actions performed by a specific user. ### Method GET ### Endpoint /users/action/{username} ### Path Parameters - **username** (string) - Required - The username of the user whose actions to retrieve. ### Response #### Success Response (200) - **response** (object) - Contains the list of actions performed by the user. #### Response Example { "example": "response body" } ``` ```APIDOC ## POST /users/follow ### Description Follows a specified user. ### Method POST ### Endpoint /users/follow ### Request Body - **username** (string) - Required - The username of the user to follow. ### Request Example { "example": "{\"username\": \"target_user\"}" } ### Response #### Success Response (200) - **response** (object) - Indicates the success of the follow action. #### Response Example { "example": "response body" } ``` ```APIDOC ## POST /users/unfollow ### Description Unfollows a specified user. ### Method POST ### Endpoint /users/unfollow ### Request Body - **username** (string) - Required - The username of the user to unfollow. ### Request Example { "example": "{\"username\": \"target_user\"}" } ### Response #### Success Response (200) - **response** (object) - Indicates the success of the unfollow action. #### Response Example { "example": "response body" } ``` ```APIDOC ## POST /users/subscribe ### Description Subscribes to a specified user's pulses. ### Method POST ### Endpoint /users/subscribe ### Request Body - **username** (string) - Required - The username of the user to subscribe to. ### Request Example { "example": "{\"username\": \"target_user\"}" } ### Response #### Success Response (200) - **response** (object) - Indicates the success of the subscribe action. #### Response Example { "example": "response body" } ``` ```APIDOC ## POST /users/unsubscribe ### Description Unsubscribes from a specified user's pulses. ### Method POST ### Endpoint /users/unsubscribe ### Request Body - **username** (string) - Required - The username of the user to unsubscribe from. ### Request Example { "example": "{\"username\": \"target_user\"}" } ### Response #### Success Response (200) - **response** (object) - Indicates the success of the unsubscribe action. #### Response Example { "example": "response body" } ``` -------------------------------- ### Query Domain Indicators with OTX Node SDK Source: https://context7.com/alienvault-otx/otx-node-sdk/llms.txt Queries threat intelligence for a domain name using the OTX Node SDK. Available sections include 'general', 'geo', 'malware', 'passive_dns', and 'whois'. Handles errors and logs domain-specific information. ```javascript var OTX = require('otx-node-sdk'); var otx = new OTX('your-otx-api-key'); // Check if a domain is associated with malicious activity otx.indicators.domain('example.com', 'general', function(error, response) { if (error) { console.error('Error:', error); return; } console.log('Domain Info:', response); console.log('Alexa Rank:', response.alexa); console.log('Whois:', response.whois); }); // Get passive DNS records for a domain otx.indicators.domain('suspicious-domain.com', 'passive_dns', function(error, response) { if (error) { console.error('Error:', error); return; } console.log('Passive DNS Records:', response.passive_dns); }); ``` -------------------------------- ### Query Hostname Indicators with OTX Node SDK Source: https://context7.com/alienvault-otx/otx-node-sdk/llms.txt Queries threat intelligence for a specific hostname, including subdomains, using the OTX Node SDK. Supports sections like 'general' and 'url_list', returning hostname details and related information. ```javascript var OTX = require('otx-node-sdk'); var otx = new OTX('your-otx-api-key'); // Look up a specific hostname otx.indicators.hostname('mail.example.com', 'general', function(error, response) { if (error) { console.error('Error:', error); return; } console.log('Hostname Info:', response); console.log('Related Pulses:', response.pulse_info); }); // Get URLs associated with hostname otx.indicators.hostname('cdn.malware-site.com', 'url_list', function(error, response) { if (error) { console.error('Error:', error); return; } console.log('Associated URLs:', response.url_list); }); ``` -------------------------------- ### Get Subscribed Pulses (JavaScript) Source: https://context7.com/alienvault-otx/otx-node-sdk/llms.txt Retrieve all threat pulses subscribed to using the OTX Node.js SDK. Supports pagination and filtering by modification date. Requires an OTX API key. ```javascript var OTX = require('otx-node-sdk'); var otx = new OTX('your-otx-api-key'); // Get all subscribed pulses (basic call) otx.pulses.subscribed(function(error, response) { if (error) { console.error('Error:', error); return; } console.log('Subscribed Pulses:', response.results); console.log('Total Count:', response.count); }); // Get pulses modified since a specific date with pagination var modifiedSince = '2024-01-01T00:00:00'; otx.pulses.subscribed(modifiedSince, 10, 1, function(error, response) { if (error) { console.error('Error:', error); return; } response.results.forEach(function(pulse) { console.log('Pulse:', pulse.name, '- Indicators:', pulse.indicator_count); }); }); ``` -------------------------------- ### Get Related Pulses (JavaScript) Source: https://context7.com/alienvault-otx/otx-node-sdk/llms.txt Find pulses related to a specific pulse based on shared indicators or tags using the OTX Node.js SDK. Requires an OTX API key. ```javascript var OTX = require('otx-node-sdk'); var otx = new OTX('your-otx-api-key'); // Get related pulses var pulseId = '5a5b5c5d5e5f5g5h5i5j5k5l'; otx.pulses.related(pulseId, function(error, response) { if (error) { console.error('Error:', error); return; } console.log('Related Pulses:'); response.results.forEach(function(pulse) { console.log('-', pulse.name, 'by', pulse.author_name); }); }); ``` -------------------------------- ### Lookup File Hash Indicators (JavaScript) Source: https://context7.com/alienvault-otx/otx-node-sdk/llms.txt Query threat intelligence for file hashes (MD5, SHA1, SHA256) using the OTX Node.js SDK. Supports 'general' and 'analysis' sections. Requires an OTX API key. ```javascript var OTX = require('otx-node-sdk'); var otx = new OTX('your-otx-api-key'); // Look up a file by SHA256 hash var sha256 = 'd7a8fbb307d7809469ca9abcb0082e4f8d5651e46d3cdb762d02d0bf37c9e592'; otx.indicators.file(sha256, 'general', function(error, response) { if (error) { console.error('Error:', error); return; } console.log('File Info:', response); console.log('File Type:', response.type_title); console.log('Malware:', response.malware); }); // Get detailed analysis of a suspicious file otx.indicators.file(sha256, 'analysis', function(error, response) { if (error) { console.error('Error:', error); return; } console.log('Analysis Results:', response.analysis); }); ``` -------------------------------- ### Get Recent Activity Feed - JavaScript Source: https://context7.com/alienvault-otx/otx-node-sdk/llms.txt Retrieves recent activity from pulses the user is subscribed to or from the community. It requires an OTX API key for authentication and returns a list of recent activities. ```javascript var OTX = require('otx-node-sdk'); var otx = new OTX('your-otx-api-key'); // Get recent activity otx.pulses.activity(function(error, response) { if (error) { console.error('Error:', error); return; } console.log('Recent Activity:', response.results); }); // Get activity since a specific date var since = '2024-01-15T00:00:00'; otx.pulses.activity(since, 20, 1, function(error, response) { if (error) { console.error('Error:', error); return; } response.results.forEach(function(activity) { console.log('Activity:', activity); }); }); ``` -------------------------------- ### Query Hostname Indicators with OTX-Node-SDK Source: https://github.com/alienvault-otx/otx-node-sdk/blob/master/README.md Retrieves hostname indicators from OTX. Requires the hostname, a section, and a callback function to handle the response. Refer to OTX API documentation for available sections. ```javascript otx.indicators.hostname( hostname, section, callback ); ``` -------------------------------- ### Get User Pulses - JavaScript Source: https://context7.com/alienvault-otx/otx-node-sdk/llms.txt Retrieves all threat pulses created by a specific user. This function requires the username and an OTX API key for authentication. It returns a list of pulses associated with the user. ```javascript var OTX = require('otx-node-sdk'); var otx = new OTX('your-otx-api-key'); // Get pulses from a specific user otx.pulses.user('AlienVault', function(error, response) { if (error) { console.error('Error:', error); return; } console.log('Pulses by AlienVault:'); response.results.forEach(function(pulse) { console.log('-', pulse.name, '(', pulse.indicator_count, 'indicators)'); }); }); ``` -------------------------------- ### Indicators API - URL Lookup Source: https://context7.com/alienvault-otx/otx-node-sdk/llms.txt Query threat intelligence for a specific URL. Sections available: general, url_list. ```APIDOC ## Indicators API - URL Lookup ### Description Query threat intelligence for a specific URL. Sections available: general, url_list. ### Method GET ### Endpoint /indicators/url/{url}/{section} ### Parameters #### Path Parameters - **url** (string) - Required - The URL to query. - **section** (string) - Required - The section to retrieve ('general' or 'url_list'). ### Request Example ```javascript var OTX = require('otx-node-sdk'); var otx = new OTX('your-otx-api-key'); // Check if a URL is known to be malicious var suspiciousUrl = 'http://malicious-site.com/payload.exe'; otx.indicators.url(suspiciousUrl, 'general', function(error, response) { if (error) { console.error('Error:', error); return; } console.log('URL Info:', response); }); ``` ### Response #### Success Response (200) - **pulse_info** (object) - Information about associated pulses, including count. #### Response Example ```json { "pulse_info": { "count": 5, "pulses": [ { "id": "5a5b5c5d5e5f5g5h5i5j5k5l", "name": "Malicious Domain Campaign" } ] } } ``` ``` -------------------------------- ### Indicators API - Domain Lookup Source: https://context7.com/alienvault-otx/otx-node-sdk/llms.txt Query threat intelligence for a domain name. Available sections: general, geo, malware, url_list, passive_dns, whois, http_scans. ```APIDOC ## Indicators API - Domain Lookup Query threat intelligence for a domain name. Available sections: general, geo, malware, url_list, passive_dns, whois, http_scans. ### Method ```javascript otx.indicators.domain(domain_name, section, callback); ``` ### Parameters #### Path Parameters - **domain_name** (string) - Required - The domain name to query. - **section** (string) - Required - The section of data to retrieve (e.g., 'general', 'passive_dns'). #### Query Parameters None #### Request Body None ### Request Example ```javascript // Check if a domain is associated with malicious activity otx.indicators.domain('example.com', 'general', function(error, response) { if (error) { console.error('Error:', error); return; } console.log('Domain Info:', response); console.log('Alexa Rank:', response.alexa); console.log('Whois:', response.whois); }); // Get passive DNS records for a domain otx.indicators.domain('suspicious-domain.com', 'passive_dns', function(error, response) { if (error) { console.error('Error:', error); return; } console.log('Passive DNS Records:', response.passive_dns); }); ``` ### Response #### Success Response (200) - **response** (object) - Contains threat intelligence data for the specified domain and section. #### Response Example ```json { "indicator": "example.com", "type": "domain", "alexa": 1000, "whois": { "creation_date": "1995-08-14T04:00:00.000Z" }, "sections": { "general": { "reputation": 0.7 } } } ``` ``` -------------------------------- ### Get Events Feed - JavaScript Source: https://context7.com/alienvault-otx/otx-node-sdk/llms.txt Retrieves events related to subscribed pulses. This function can fetch recent events or events filtered by date, count, and page number. An OTX API key is necessary. ```javascript var OTX = require('otx-node-sdk'); var otx = new OTX('your-otx-api-key'); // Get recent events otx.pulses.events(function(error, response) { if (error) { console.error('Error:', error); return; } console.log('Events:', response.results); }); // Get events with filters otx.pulses.events('2024-01-01T00:00:00', 50, 1, function(error, response) { if (error) { console.error('Error:', error); return; } console.log('Event Count:', response.count); }); ``` -------------------------------- ### Query URL Indicators with OTX-Node-SDK Source: https://github.com/alienvault-otx/otx-node-sdk/blob/master/README.md Retrieves URL indicators from OTX. Requires the URL, a section, and a callback function to handle the response. Refer to OTX API documentation for available sections. ```javascript otx.indicators.url( url, section, callback ); ``` -------------------------------- ### Follow an OTX User (JavaScript) Source: https://context7.com/alienvault-otx/otx-node-sdk/llms.txt Follows a specified OTX user to receive their activity updates. Requires an OTX API key and the username of the user to follow. Returns a success message. ```javascript var OTX = require('otx-node-sdk'); var otx = new OTX('your-otx-api-key'); // Follow a user otx.users.follow('AlienVault', function(error, response) { if (error) { console.error('Error:', error); return; } console.log('Successfully followed user'); console.log('Response:', response); }); ``` -------------------------------- ### Users API - Follow User Source: https://context7.com/alienvault-otx/otx-node-sdk/llms.txt Follow another OTX user to receive updates on their activity. ```APIDOC ## Follow User ### Description Follow another OTX user to receive updates on their activity. ### Method POST ### Endpoint `/api/v1/users/{username}/follow/` ### Parameters #### Path Parameters - **username** (string) - Required - The username of the user to follow. ### Request Example ```javascript var OTX = require('otx-node-sdk'); var otx = new OTX('your-otx-api-key'); otx.users.follow('AlienVault', function(error, response) { if (error) { console.error('Error:', error); return; } console.log('Successfully followed user'); }); ``` ### Response #### Success Response (200) - **message** (string) - Confirmation message. #### Response Example ```json { "message": "User followed successfully." } ``` ``` -------------------------------- ### Query Domain Indicators with OTX-Node-SDK Source: https://github.com/alienvault-otx/otx-node-sdk/blob/master/README.md Retrieves domain indicators from OTX. Requires the domain name, a section, and a callback function to handle the response. Refer to OTX API documentation for available sections. ```javascript otx.indicators.domain( domain, section, callback ); ``` -------------------------------- ### Lookup URL Indicators (JavaScript) Source: https://context7.com/alienvault-otx/otx-node-sdk/llms.txt Query threat intelligence for a specific URL using the OTX Node.js SDK. Supports 'general' and 'url_list' sections. Requires an OTX API key. ```javascript var OTX = require('otx-node-sdk'); var otx = new OTX('your-otx-api-key'); // Check if a URL is known to be malicious var suspiciousUrl = 'http://malicious-site.com/payload.exe'; otx.indicators.url(suspiciousUrl, 'general', function(error, response) { if (error) { console.error('Error:', error); return; } console.log('URL Info:', response); console.log('Associated Pulses:', response.pulse_info.count); }); ``` -------------------------------- ### Create New Pulse - JavaScript Source: https://context7.com/alienvault-otx/otx-node-sdk/llms.txt Creates a new threat pulse with specified details, including name, description, public status, TLP, tags, indicators, and references. Requires an OTX API key. ```javascript var OTX = require('otx-node-sdk'); var otx = new OTX('your-otx-api-key'); // Create a new pulse var newPulse = { name: 'Phishing Campaign Targeting Financial Sector', description: 'Indicators related to a phishing campaign observed targeting financial institutions in Q1 2024.', public: true, TLP: 'green', tags: ['phishing', 'financial', 'credential-theft'], indicators: [ { type: 'domain', indicator: 'malicious-bank-login.com', description: 'Phishing domain' }, { type: 'email', indicator: 'support@malicious-bank-login.com', description: 'Sender email' }, { type: 'IPv4', indicator: '203.0.113.50', description: 'Hosting server IP' }, { type: 'URL', indicator: 'http://malicious-bank-login.com/login.php', description: 'Phishing URL' } ], references: [ 'https://example.com/threat-report-2024' ] }; otx.pulses.create(newPulse, function(error, response) { if (error) { console.error('Error creating pulse:', error); return; } console.log('Pulse created successfully!'); console.log('Pulse ID:', response.id); console.log('Pulse URL: https://otx.alienvault.com/pulse/' + response.id); }); ```