### GET /malware/{guid} Source: https://context7.com/jul10l1r4/x-force/llms.txt Retrieves detailed information about a specific malware sample by its GUID. ```APIDOC ## GET /malware/{guid} ### Description Retrieves detailed information about a specific malware sample by its GUID. ### Method GET ### Endpoint details.malware(guid, api_key) ### Parameters #### Path Parameters - **guid** (string) - Required - The unique identifier for the malware. - **api_key** (string) - Required - The API authentication key. ### Response #### Success Response (200) - **family** (string) - Malware family name. - **type** (string) - Malware type. - **url** (string) - URL to the X-Force Exchange entry. #### Response Example { "family": "...", "type": "...", "url": "https://exchange.xforce.ibmcloud.com/malware_analysis/def456-guid-example" } ``` -------------------------------- ### Get Detailed Malware Analysis by GUID Source: https://context7.com/jul10l1r4/x-force/llms.txt Use this function to retrieve comprehensive details about a specific malware sample using its GUID. Ensure you have a valid API key. ```python from XForce import details API_KEY = "ZDJmNWYwZjktMjk5NS00MmM2LWIxZGQtNGM5MjI1MmRhMTI5OjA2YzQxZDVlLTA2MDQtNGM3Yy1hNTk5LTMwMGMzNjdkMjA5MA==" # Get detailed malware analysis by GUID malware_data = details.malware("def456-guid-example", API_KEY) print(malware_data) # Returns dict with full malware details plus 'url' key # {'family': '...', 'type': '...', 'url': 'https://exchange.xforce.ibmcloud.com/malware_analysis/def456-guid-example'} ``` -------------------------------- ### Install IBM X-Force Exchange Library Source: https://github.com/jul10l1r4/x-force/blob/main/README.md Install the library using pip. Ensure you are using pip3 for Python 3. ```bash pip3 install XForce ``` -------------------------------- ### Get Threat Activity Details by GUID Source: https://context7.com/jul10l1r4/x-force/llms.txt Retrieves detailed information about a specific threat activity using its GUID. Requires the 'details' module and an API key. Returns a dictionary with full activity details and a URL. ```python from XForce import details API_KEY = "ZDJmNWYwZjktMjk5NS00MmM2LWIxZGQtNGM5MjI1MmRhMTI5OjA2YzQxZDVlLTA2MDQtNGM3Yy1hNTk5LTMwMGMzNjdkMjA5MA==" # Get detailed threat activity info by GUID activity_data = details.activity("abc123-guid-example", API_KEY) print(activity_data) # Returns dict with full activity details plus 'url' key pointing to X-Force Exchange panel # {'title': '...', 'description': '...', 'url': 'https://exchange.xforce.ibmcloud.com/threats/abc123-guid-example'} ``` -------------------------------- ### GET /industries/{guid} Source: https://context7.com/jul10l1r4/x-force/llms.txt Retrieves detailed industry-specific threat intelligence by its GUID. ```APIDOC ## GET /industries/{guid} ### Description Retrieves detailed industry-specific threat intelligence by its GUID. ### Method GET ### Endpoint details.industry(guid, api_key) ### Parameters #### Path Parameters - **guid** (string) - Required - The unique identifier for the industry. - **api_key** (string) - Required - The API authentication key. ### Response #### Success Response (200) - **sector** (string) - Industry sector name. - **threats** (array) - List of associated threats. - **url** (string) - URL to the X-Force Exchange entry. #### Response Example { "sector": "...", "threats": [...], "url": "https://exchange.xforce.ibmcloud.com/industries/jkl012-guid-example" } ``` -------------------------------- ### Get Detailed Industry Threat Info by GUID Source: https://context7.com/jul10l1r4/x-force/llms.txt Fetch detailed threat intelligence specific to an industry sector using its GUID. An API key is necessary for this operation. ```python from XForce import details API_KEY = "ZDJmNWYwZjktMjk5NS00MmM2LWIxZGQtNGM5MjI1MmRhMTI5OjA2YzQxZDVlLTA2MDQtNGM3Yy1hNTk5LTMwMGMzNjdkMjA5MA==" # Get detailed industry threat info by GUID industry_data = details.industry("jkl012-guid-example", API_KEY) print(industry_data) # Returns dict with full industry details plus 'url' key # {'sector': '...', 'threats': [...], 'url': 'https://exchange.xforce.ibmcloud.com/industries/jkl012-guid-example'} ``` -------------------------------- ### Get Malware Analysis Details by GUID Source: https://context7.com/jul10l1r4/x-force/llms.txt Retrieves detailed malware analysis information for a specific malware entry using its GUID. Requires the 'details' module and an API key. ```python from XForce import details API_KEY = "ZDJmNWYwZjktMjk5NS00MmM2LWIxZGQtNGM5MjI1MmRhMTI5OjA2YzQxZDVlLTA2MDQtNGM3Yy1hNTk5LTMwMGMzNjdkMjA5MA==" ``` -------------------------------- ### GET /threat-group/{guid} Source: https://context7.com/jul10l1r4/x-force/llms.txt Retrieves detailed information about a specific threat group by its GUID. ```APIDOC ## GET /threat-group/{guid} ### Description Retrieves detailed information about a specific threat group by its GUID. ### Method GET ### Endpoint details.group(guid, api_key) ### Parameters #### Path Parameters - **guid** (string) - Required - The unique identifier for the threat group. - **api_key** (string) - Required - The API authentication key. ### Response #### Success Response (200) - **name** (string) - Name of the threat group. - **aliases** (array) - List of known aliases. - **url** (string) - URL to the X-Force Exchange entry. #### Response Example { "name": "...", "aliases": [...], "url": "https://exchange.xforce.ibmcloud.com/threat-group/ghi789-guid-example" } ``` -------------------------------- ### Get Detailed Threat Group Info by GUID Source: https://context7.com/jul10l1r4/x-force/llms.txt Retrieve in-depth information about a threat group using its unique GUID. This requires a valid API key for authentication. ```python from XForce import details API_KEY = "ZDJmNWYwZjktMjk5NS00MmM2LWIxZGQtNGM5MjI1MmRhMTI5OjA2YzQxZDVlLTA2MDQtNGM3Yy1hNTk5LTMwMGMzNjdkMjA5MA==" # Get detailed threat group info by GUID group_data = details.group("ghi789-guid-example", API_KEY) print(group_data) # Returns dict with full group details plus 'url' key # {'name': '...', 'aliases': [...], 'url': 'https://exchange.xforce.ibmcloud.com/threat-group/ghi789-guid-example'} ``` -------------------------------- ### Retrieve Detailed X-Force Exchange Data Source: https://github.com/jul10l1r4/x-force/blob/main/README.md Fetch detailed information for specific intelligence items using their GUID. Ensure the GUID corresponds to the correct category. ```python3 from XForce import details # Args: 1 - GUID, 2 - API KEY # IMPORTANT: all GUID are correspondent to category # All function of details have: # url → with x-force exchange panel details.activity(Id, API_KEY) details.group(Id, API_KEY) details.malware(Id, API_KEY) details.industry(Id, API_KEY) ``` -------------------------------- ### Get Detailed Collector/Casefile Info by ID Source: https://context7.com/jul10l1r4/x-force/llms.txt Retrieve detailed information about a public case file, also known as a collector, using its unique ID. Requires a valid API key. ```python from XForce import details API_KEY = "ZDJmNWYwZjktMjk5NS00MmM2LWIxZGQtNGM5MjI1MmRhMTI5OjA2YzQxZDVlLTA2MDQtNGM3Yy1hNTk5LTMwMGMzNjdkMjA5MA==" # Get detailed collector/casefile info by ID collector_data = details.collector("mno345-collector-id", API_KEY) print(collector_data) # Returns dict with full casefile details plus 'url' key # {'title': '...', 'contents': [...], 'url': 'https://exchange.xforce.ibmcloud.com/collector/mno345-collector-id'} ``` -------------------------------- ### GET /collector/{id} Source: https://context7.com/jul10l1r4/x-force/llms.txt Retrieves detailed information about a public case file (collector) by its ID. ```APIDOC ## GET /collector/{id} ### Description Retrieves detailed information about a public case file (collector) by its ID. ### Method GET ### Endpoint details.collector(id, api_key) ### Parameters #### Path Parameters - **id** (string) - Required - The unique identifier for the collector/casefile. - **api_key** (string) - Required - The API authentication key. ### Response #### Success Response (200) - **title** (string) - Title of the case file. - **contents** (array) - List of contents within the case file. - **url** (string) - URL to the X-Force Exchange entry. #### Response Example { "title": "...", "contents": [...], "url": "https://exchange.xforce.ibmcloud.com/collector/mno345-collector-id" } ``` -------------------------------- ### Call X-Force Exchange Functions Source: https://github.com/jul10l1r4/x-force/blob/main/README.md Use the XForce library to search for threat intelligence data. Replace 'Term' with your search query and 'API_KEY' with your actual API key. ```python3 import XForce # Args: 1 - Term of search, 2 - API KEY # Threat activity search return in string XForce.threat_activities(Term, API_KEY) # Malware analysis search return in string XForce.malware_analysis(Term, API_KEY) # Threat groups search return in string XForce.threat_groups(Term, API_KEY) # Industries search return in string XForce.industries(Term, API_KEY) # All categories search return in list with dict XForce.industries(Term, API_KEY) ``` -------------------------------- ### Search Malware Analysis with XForce Source: https://context7.com/jul10l1r4/x-force/llms.txt Searches the malware analysis database for information on known malware. Requires an API key and a malware name. Returns detailed malware intelligence. ```python import XForce API_KEY = "ZDJmNWYwZjktMjk5NS00MmM2LWIxZGQtNGM5MjI1MmRhMTI5OjA2YzQxZDVlLTA2MDQtNGM3Yy1hNTk5LTMwMGMzNjdkMjA5MA==" # Search for Emotet malware intelligence result = XForce.malware_analysis("emotet", API_KEY) print(result) # Returns JSON: {"total_rows": 45, "rows": [{"family": "Emotet", "guid": "...", ...}]} ``` -------------------------------- ### Search Threat Activities with XForce Source: https://context7.com/jul10l1r4/x-force/llms.txt Searches for threat activity reports using the XForce library. Requires an API key and a search term. Returns JSON results. ```python import XForce # Generate API key: printf "api_key:api_password" | base64 API_KEY = "ZDJmNWYwZjktMjk5NS00MmM2LWIxZGQtNGM5MjI1MmRhMTI5OjA2YzQxZDVlLTA2MDQtNGM3Yy1hNTk5LTMwMGMzNjdkMjA5MA==" # Search for threat activities related to ransomware result = XForce.threat_activities("ransomware", API_KEY) print(result) # Returns JSON: {"total_rows": 150, "rows": [{"title": "...", "guid": "...", ...}]} ``` -------------------------------- ### Comprehensive Search Across All Categories with XForce Source: https://context7.com/jul10l1r4/x-force/llms.txt Performs a comprehensive search across all threat intelligence categories. Requires an API key and a search term. Returns aggregated results as a list of dictionaries. ```python import XForce API_KEY = "ZDJmNWYwZjktMjk5NS00MmM2LWIxZGQtNGM5MjI1MmRhMTI5OjA2YzQxZDVlLTA2MDQtNGM3Yy1hNTk5LTMwMGMzNjdkMjA5MA==" # Search all categories for a specific threat results = XForce.all("cobalt strike", API_KEY) print(f"Found {len(results)} total results across all categories") for item in results: print(item) # Returns list of dicts from threat_activities, malware_analysis, threat_groups, collector, and industries ``` -------------------------------- ### Generate Base64 Encoded API Key Source: https://github.com/jul10l1r4/x-force/blob/main/README.md Generate a base64 encoded string for basic authentication using your API key. This format is required for API calls. ```sh printf "d2f5f0f9-2995-42c6-b1dd-4c92252da129:06c41d5e-0604-4c7c-a599-300c367d2090" | base64 # ZDJmNWYwZjktMjk5NS00MmM2LWIxZGQtNGM5MjI1MmRhMTI5OjA2YzQxZDVlLTA2MDQtNGM3Yy1hNTk5LTMwMGMzNjdkMjA5MAo= ``` -------------------------------- ### Search Collectors (Public Case Files) with XForce Source: https://context7.com/jul10l1r4/x-force/llms.txt Searches public case files (collectors) in X-Force Exchange for curated threat intelligence. Requires an API key and a search term. Returns JSON results. ```python import XForce API_KEY = "ZDJmNWYwZjktMjk5NS00MmM2LWIxZGQtNGM5MjI1MmRhMTI5OjA2YzQxZDVlLTA2MDQtNGM3Yy1hNTk5LTMwMGMzNjdkMjA5MA==" # Search public collections for phishing campaigns result = XForce.collector("phishing", API_KEY) print(result) # Returns JSON: {"casefiles": [{"title": "...", "id": "...", ...}]} ``` -------------------------------- ### Search Threat Groups with XForce Source: https://context7.com/jul10l1r4/x-force/llms.txt Searches for information about known threat actor groups and cybercriminal organizations. Requires an API key and a search term. Returns JSON results. ```python import XForce API_KEY = "ZDJmNWYwZjktMjk5NS00MmM2LWIxZGQtNGM5MjI1MmRhMTI5OjA2YzQxZDVlLTA2MDQtNGM3Yy1hNTk5LTMwMGMzNjdkMjA5MA==" # Search for APT threat groups result = XForce.threat_groups("APT", API_KEY) print(result) # Returns JSON: {"total_rows": 80, "rows": [{"name": "APT28", "guid": "...", ...}]} ``` -------------------------------- ### Search Industries with XForce Source: https://context7.com/jul10l1r4/x-force/llms.txt Searches for threat intelligence related to specific industry sectors. Requires an API key and an industry name. Returns targeted security insights. ```python import XForce API_KEY = "ZDJmNWYwZjktMjk5NS00MmM2LWIxZGQtNGM5MjI1MmRhMTI5OjA2YzQxZDVlLTA2MDQtNGM3Yy1hNTk5LTMwMGMzNjdkMjA5MA==" # Search for healthcare industry threats result = XForce.industries("healthcare", API_KEY) print(result) # Returns JSON: {"total_rows": 25, "rows": [{"industry": "Healthcare", "guid": "...", ...}]} ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.