curl --request GET \
--url https://app.cotool.ai/items \
--header 'Authorization: Bearer <token>'{
"items": [
{
"id": "<string>",
"externalId": "<string>",
"source": {
"url": "<string>",
"name": "<string>",
"publisher": "<string>",
"publishTime": "<string>",
"tlp": "CLEAR",
"license": "<string>",
"language": "<string>"
},
"event": {
"title": "<string>",
"eventFirstSeen": "<string>",
"eventLastSeen": "<string>",
"severity": "none",
"confidence": 0.5,
"status": "active"
},
"summary": "<string>",
"abstract": "<string>",
"tldr": "<string>",
"attackPath": [
"<string>"
],
"classification": {
"attack": [
{
"technique": "<string>",
"subTechnique": "<string>",
"techniqueName": "<string>",
"confidence": 0.5,
"evidenceRef": "<string>"
}
],
"killChain": [
"reconnaissance"
],
"malware": [
{
"name": "<string>",
"confidence": 0.5,
"aliases": [
"<string>"
]
}
],
"actor": [
{
"name": "<string>",
"confidence": 0.5,
"aliases": [
"<string>"
]
}
],
"platforms": [
"windows"
],
"mappings": [
{
"framework": "<string>",
"id": "<string>",
"confidence": 0.5
}
]
},
"affectedProducts": [
{
"vendor": "<string>",
"product": "<string>",
"versions": [
"<string>"
],
"confidence": 0.5
}
],
"iocs": {
"ipv4": [
{
"type": "<string>",
"value": "<string>",
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123,
"status": "active",
"confidence": 0.5
}
],
"ipv6": [
{
"type": "<string>",
"value": "<string>",
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123,
"status": "active",
"confidence": 0.5
}
],
"domains": [
{
"type": "<string>",
"value": "<string>",
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123,
"status": "active",
"confidence": 0.5
}
],
"urls": [
{
"type": "<string>",
"value": "<string>",
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123,
"status": "active",
"confidence": 0.5
}
],
"hashes": [
{
"type": "<string>",
"value": "<string>",
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123,
"status": "active",
"confidence": 0.5
}
],
"files": [
{
"type": "<string>",
"value": "<string>",
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123,
"status": "active",
"confidence": 0.5
}
],
"registryKeys": [
{
"type": "<string>",
"value": "<string>",
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123,
"status": "active",
"confidence": 0.5
}
],
"processes": [
{
"type": "<string>",
"value": "<string>",
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123,
"status": "active",
"confidence": 0.5
}
],
"certs": [
{
"type": "<string>",
"value": "<string>",
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123,
"status": "active",
"confidence": 0.5
}
],
"cloudIds": [
{
"type": "<string>",
"value": "<string>",
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123,
"status": "active",
"confidence": 0.5
}
],
"mobileIds": [
{
"type": "<string>",
"value": "<string>",
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123,
"status": "active",
"confidence": 0.5
}
]
},
"provenance": {
"supportingPassages": [
{
"text": "<string>",
"sourceUrl": "<string>",
"charSpan": {
"start": 123,
"end": 123
}
}
]
},
"version": 1,
"lastUpdated": "<string>",
"createdAt": "<string>",
"addedToFeedAt": "<string>",
"canonicalKey": "<string>",
"duplicateOf": "<string>",
"tenantOverrides": "<any>"
}
],
"total": 123,
"page": 123,
"perPage": 123,
"hasNext": true
}Retrieves a paginated list of threat intelligence items with support for filtering by severity, platform, status, source, and text search
curl --request GET \
--url https://app.cotool.ai/items \
--header 'Authorization: Bearer <token>'{
"items": [
{
"id": "<string>",
"externalId": "<string>",
"source": {
"url": "<string>",
"name": "<string>",
"publisher": "<string>",
"publishTime": "<string>",
"tlp": "CLEAR",
"license": "<string>",
"language": "<string>"
},
"event": {
"title": "<string>",
"eventFirstSeen": "<string>",
"eventLastSeen": "<string>",
"severity": "none",
"confidence": 0.5,
"status": "active"
},
"summary": "<string>",
"abstract": "<string>",
"tldr": "<string>",
"attackPath": [
"<string>"
],
"classification": {
"attack": [
{
"technique": "<string>",
"subTechnique": "<string>",
"techniqueName": "<string>",
"confidence": 0.5,
"evidenceRef": "<string>"
}
],
"killChain": [
"reconnaissance"
],
"malware": [
{
"name": "<string>",
"confidence": 0.5,
"aliases": [
"<string>"
]
}
],
"actor": [
{
"name": "<string>",
"confidence": 0.5,
"aliases": [
"<string>"
]
}
],
"platforms": [
"windows"
],
"mappings": [
{
"framework": "<string>",
"id": "<string>",
"confidence": 0.5
}
]
},
"affectedProducts": [
{
"vendor": "<string>",
"product": "<string>",
"versions": [
"<string>"
],
"confidence": 0.5
}
],
"iocs": {
"ipv4": [
{
"type": "<string>",
"value": "<string>",
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123,
"status": "active",
"confidence": 0.5
}
],
"ipv6": [
{
"type": "<string>",
"value": "<string>",
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123,
"status": "active",
"confidence": 0.5
}
],
"domains": [
{
"type": "<string>",
"value": "<string>",
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123,
"status": "active",
"confidence": 0.5
}
],
"urls": [
{
"type": "<string>",
"value": "<string>",
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123,
"status": "active",
"confidence": 0.5
}
],
"hashes": [
{
"type": "<string>",
"value": "<string>",
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123,
"status": "active",
"confidence": 0.5
}
],
"files": [
{
"type": "<string>",
"value": "<string>",
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123,
"status": "active",
"confidence": 0.5
}
],
"registryKeys": [
{
"type": "<string>",
"value": "<string>",
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123,
"status": "active",
"confidence": 0.5
}
],
"processes": [
{
"type": "<string>",
"value": "<string>",
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123,
"status": "active",
"confidence": 0.5
}
],
"certs": [
{
"type": "<string>",
"value": "<string>",
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123,
"status": "active",
"confidence": 0.5
}
],
"cloudIds": [
{
"type": "<string>",
"value": "<string>",
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123,
"status": "active",
"confidence": 0.5
}
],
"mobileIds": [
{
"type": "<string>",
"value": "<string>",
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123,
"status": "active",
"confidence": 0.5
}
]
},
"provenance": {
"supportingPassages": [
{
"text": "<string>",
"sourceUrl": "<string>",
"charSpan": {
"start": 123,
"end": 123
}
}
]
},
"version": 1,
"lastUpdated": "<string>",
"createdAt": "<string>",
"addedToFeedAt": "<string>",
"canonicalKey": "<string>",
"duplicateOf": "<string>",
"tenantOverrides": "<any>"
}
],
"total": 123,
"page": 123,
"perPage": 123,
"hasNext": true
}API Key authentication for programmatic access. Include your API key in the Authorization header as: Bearer your_api_key_here
x >= 11 <= x <= 100none, low, medium, high, critical active, corrected, retracted