cURL
Copy
Ask AI
curl -X GET "https://app.cotool.ai/items" \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json"Copy
Ask AI
{
"items": [
{
"id": "<string>",
"source": {
"url": "<string>",
"publisher": "<string>",
"publishTime": "<string>",
"language": "<string>",
"name": "<string>",
"tlp": "CLEAR",
"license": "<string>"
},
"event": {
"title": "<string>",
"severity": "none",
"confidence": 0.5,
"status": "active",
"eventFirstSeen": "<string>",
"eventLastSeen": "<string>"
},
"summary": "<string>",
"tldr": "<string>",
"attackPath": [
"<string>"
],
"classification": {
"attack": [
{
"technique": "<string>",
"confidence": 0.5,
"subTechnique": "<string>",
"techniqueName": "<string>",
"evidenceRef": "<string>"
}
],
"killChain": [
"reconnaissance"
],
"malware": [
{
"name": "<string>",
"confidence": 0.5,
"aliases": [
"<string>"
]
}
],
"actor": [
{
"name": "<string>",
"confidence": 0.5,
"aliases": [
"<string>"
]
}
],
"platforms": [
"windows"
],
"mappings": [
{
"framework": "<string>",
"id": "<string>",
"confidence": 0.5
}
]
},
"affectedProducts": [
{
"vendor": "<string>",
"product": "<string>",
"versions": [
"<string>"
],
"confidence": 0.5
}
],
"iocs": {
"ipv4": [
{
"type": "<string>",
"value": "<string>",
"status": "active",
"confidence": 0.5,
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123
}
],
"ipv6": [
{
"type": "<string>",
"value": "<string>",
"status": "active",
"confidence": 0.5,
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123
}
],
"domains": [
{
"type": "<string>",
"value": "<string>",
"status": "active",
"confidence": 0.5,
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123
}
],
"urls": [
{
"type": "<string>",
"value": "<string>",
"status": "active",
"confidence": 0.5,
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123
}
],
"hashes": [
{
"type": "<string>",
"value": "<string>",
"status": "active",
"confidence": 0.5,
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123
}
],
"files": [
{
"type": "<string>",
"value": "<string>",
"status": "active",
"confidence": 0.5,
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123
}
],
"registryKeys": [
{
"type": "<string>",
"value": "<string>",
"status": "active",
"confidence": 0.5,
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123
}
],
"processes": [
{
"type": "<string>",
"value": "<string>",
"status": "active",
"confidence": 0.5,
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123
}
],
"certs": [
{
"type": "<string>",
"value": "<string>",
"status": "active",
"confidence": 0.5,
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123
}
],
"cloudIds": [
{
"type": "<string>",
"value": "<string>",
"status": "active",
"confidence": 0.5,
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123
}
],
"mobileIds": [
{
"type": "<string>",
"value": "<string>",
"status": "active",
"confidence": 0.5,
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123
}
]
},
"provenance": {
"supportingPassages": [
{
"text": "<string>",
"sourceUrl": "<string>",
"charSpan": {
"start": 123,
"end": 123
}
}
]
},
"version": 123,
"externalId": "<string>",
"abstract": "<string>",
"lastUpdated": "<string>",
"createdAt": "<string>",
"addedToFeedAt": "<string>",
"canonicalKey": "<string>",
"duplicateOf": "<string>",
"tenantOverrides": "<unknown>"
}
],
"total": 123,
"page": 123,
"perPage": 123,
"hasNext": true
}API Reference
List threat intelligence items
Retrieves a paginated list of threat intelligence items with support for filtering by severity, platform, status, source, and text search
GET
/
items
cURL
Copy
Ask AI
curl -X GET "https://app.cotool.ai/items" \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json"Copy
Ask AI
{
"items": [
{
"id": "<string>",
"source": {
"url": "<string>",
"publisher": "<string>",
"publishTime": "<string>",
"language": "<string>",
"name": "<string>",
"tlp": "CLEAR",
"license": "<string>"
},
"event": {
"title": "<string>",
"severity": "none",
"confidence": 0.5,
"status": "active",
"eventFirstSeen": "<string>",
"eventLastSeen": "<string>"
},
"summary": "<string>",
"tldr": "<string>",
"attackPath": [
"<string>"
],
"classification": {
"attack": [
{
"technique": "<string>",
"confidence": 0.5,
"subTechnique": "<string>",
"techniqueName": "<string>",
"evidenceRef": "<string>"
}
],
"killChain": [
"reconnaissance"
],
"malware": [
{
"name": "<string>",
"confidence": 0.5,
"aliases": [
"<string>"
]
}
],
"actor": [
{
"name": "<string>",
"confidence": 0.5,
"aliases": [
"<string>"
]
}
],
"platforms": [
"windows"
],
"mappings": [
{
"framework": "<string>",
"id": "<string>",
"confidence": 0.5
}
]
},
"affectedProducts": [
{
"vendor": "<string>",
"product": "<string>",
"versions": [
"<string>"
],
"confidence": 0.5
}
],
"iocs": {
"ipv4": [
{
"type": "<string>",
"value": "<string>",
"status": "active",
"confidence": 0.5,
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123
}
],
"ipv6": [
{
"type": "<string>",
"value": "<string>",
"status": "active",
"confidence": 0.5,
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123
}
],
"domains": [
{
"type": "<string>",
"value": "<string>",
"status": "active",
"confidence": 0.5,
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123
}
],
"urls": [
{
"type": "<string>",
"value": "<string>",
"status": "active",
"confidence": 0.5,
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123
}
],
"hashes": [
{
"type": "<string>",
"value": "<string>",
"status": "active",
"confidence": 0.5,
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123
}
],
"files": [
{
"type": "<string>",
"value": "<string>",
"status": "active",
"confidence": 0.5,
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123
}
],
"registryKeys": [
{
"type": "<string>",
"value": "<string>",
"status": "active",
"confidence": 0.5,
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123
}
],
"processes": [
{
"type": "<string>",
"value": "<string>",
"status": "active",
"confidence": 0.5,
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123
}
],
"certs": [
{
"type": "<string>",
"value": "<string>",
"status": "active",
"confidence": 0.5,
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123
}
],
"cloudIds": [
{
"type": "<string>",
"value": "<string>",
"status": "active",
"confidence": 0.5,
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123
}
],
"mobileIds": [
{
"type": "<string>",
"value": "<string>",
"status": "active",
"confidence": 0.5,
"normalizedValue": "<string>",
"firstSeen": "<string>",
"lastSeen": "<string>",
"ttlDays": 123
}
]
},
"provenance": {
"supportingPassages": [
{
"text": "<string>",
"sourceUrl": "<string>",
"charSpan": {
"start": 123,
"end": 123
}
}
]
},
"version": 123,
"externalId": "<string>",
"abstract": "<string>",
"lastUpdated": "<string>",
"createdAt": "<string>",
"addedToFeedAt": "<string>",
"canonicalKey": "<string>",
"duplicateOf": "<string>",
"tenantOverrides": "<unknown>"
}
],
"total": 123,
"page": 123,
"perPage": 123,
"hasNext": true
}Authorizations
API Key authentication for programmatic access. Include your API key in the Authorization header as: Bearer your_api_key_here
Query Parameters
Required range:
x >= 1Required range:
1 <= x <= 100Available options:
none, low, medium, high, critical Available options:
active, corrected, retracted Was this page helpful?
⌘I