├── 01_authentication.py ├── 02_get_org_samples.py ├── 03_get_user_samples.py ├── 04_submission_search.py ├── 05_specific_submission_search.py ├── 06_submit_sample.py ├── 07_submit_url.py ├── 08_get_vms.py ├── 09_submit_sample_vm.py ├── 10_get_network_exits.py ├── 11_submit_sample_network_exit.py ├── 12_get_playbooks.py ├── 13_submit_sample_playbook.py └── README.md /01_authentication.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | api_key = 'asdf1234asdf1234asdf1234' 4 | 5 | url = 'https://panacea.threatgrid.com/api/v3/session/whoami?api_key={}'.format(api_key) 6 | 7 | r = requests.get(url) 8 | 9 | print(r.json()) 10 | -------------------------------------------------------------------------------- /02_get_org_samples.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | api_key = 'asdf1234asdf1234asdf1234' 4 | 5 | url = 'https://panacea.threatgrid.com/api/v2/search/submissions?org_only=True&api_key={}'.format(api_key) 6 | 7 | r = requests.get(url) 8 | 9 | print(r.json()) 10 | -------------------------------------------------------------------------------- /03_get_user_samples.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | api_key = 'asdf1234asdf1234asdf1234' 4 | 5 | url = 'https://panacea.threatgrid.com/api/v2/search/submissions?user_only=True&api_key={}'.format(api_key) 6 | 7 | r = requests.get(url) 8 | 9 | print(r.json()) 10 | -------------------------------------------------------------------------------- /04_submission_search.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | api_key = 'asdf1234asdf1234asdf1234' 4 | 5 | q = 'cisco.com' 6 | 7 | url = 'https://panacea.threatgrid.com/api/v2/search/submissions?q={}&api_key={}'.format(q, api_key) 8 | 9 | r = requests.get(url) 10 | 11 | print(r.json()) 12 | -------------------------------------------------------------------------------- /05_specific_submission_search.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | api_key = 'asdf1234asdf1234asdf1234' 4 | 5 | q = 'cisco.com' 6 | 7 | url = 'https://panacea.threatgrid.com/api/v2/search/submissions?term=path&q={}&api_key={}'.format(q, api_key) 8 | 9 | r = requests.get(url) 10 | 11 | print(r.json()) 12 | -------------------------------------------------------------------------------- /06_submit_sample.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | api_key = 'asdf1234asdf1234asdf1234' 4 | 5 | url = 'https://panacea.threatgrid.com/api/v2/samples' 6 | 7 | file_name = 'file.exe' 8 | 9 | parameters = {'api_key': api_key} 10 | 11 | with open(file_name, 'rb') as sample: 12 | r = requests.post(url, files={'sample': sample}, params=parameters) 13 | 14 | print(r.json()) 15 | -------------------------------------------------------------------------------- /07_submit_url.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | api_key = 'asdf1234asdf1234asdf1234' 4 | 5 | url = 'https://panacea.threatgrid.com/api/v2/samples' 6 | 7 | sample_url = 'https://www.cisco.com' 8 | 9 | parameters = {'api_key': api_key, 10 | 'url': sample_url} 11 | 12 | r = requests.post(url, params=parameters) 13 | 14 | print(r.json()) 15 | -------------------------------------------------------------------------------- /08_get_vms.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | api_key = 'asdf1234asdf1234asdf1234' 4 | 5 | url = 'https://panacea.threatgrid.com/api/v3/configuration/vms?api_key={}'.format(api_key) 6 | 7 | r = requests.get(url) 8 | 9 | print(r.json()) 10 | -------------------------------------------------------------------------------- /09_submit_sample_vm.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | api_key = 'asdf1234asdf1234asdf1234' 4 | 5 | url = 'https://panacea.threatgrid.com/api/v2/samples' 6 | 7 | file_name = 'file.exe' 8 | 9 | parameters = {'api_key': api_key, 'vm':'win10'} 10 | 11 | with open(file_name, 'rb') as sample: 12 | r = requests.post(url, files={'sample': sample}, params=parameters) 13 | 14 | print(r.json()) 15 | -------------------------------------------------------------------------------- /10_get_network_exits.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | api_key = 'asdf1234asdf1234asdf1234' 4 | 5 | url = 'https://panacea.threatgrid.com/api/v3/configuration/network-exits?api_key={}'.format(api_key) 6 | 7 | r = requests.get(url) 8 | 9 | print(r.json()) 10 | -------------------------------------------------------------------------------- /11_submit_sample_network_exit.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | api_key = 'asdf1234asdf1234asdf1234' 4 | 5 | url = 'https://panacea.threatgrid.com/api/v2/samples' 6 | 7 | file_name = 'file.exe' 8 | 9 | parameters = {'api_key': api_key, 'network_exit': 'ny-ven'} 10 | 11 | with open(file_name, 'rb') as sample: 12 | r = requests.post(url, files={'sample': sample}, params=parameters) 13 | 14 | print(r.json()) 15 | -------------------------------------------------------------------------------- /12_get_playbooks.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | api_key = 'asdf1234asdf1234asdf1234' 4 | 5 | url = 'https://panacea.threatgrid.com/api/v3/configuration/playbooks?api_key={}'.format(api_key) 6 | 7 | r = requests.get(url) 8 | 9 | print(r.json()) 10 | -------------------------------------------------------------------------------- /13_submit_sample_playbook.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | api_key = 'asdf1234asdf1234asdf1234' 4 | 5 | url = 'https://panacea.threatgrid.com/api/v2/samples' 6 | 7 | file_name = 'file.exe' 8 | 9 | parameters = {'api_key': api_key, 'playbook':'open_word_embedded_object'} 10 | 11 | with open(file_name, 'rb') as sample: 12 | r = requests.post(url, files={'sample': sample}, params=parameters) 13 | 14 | print(r.json()) 15 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | [![Gitter chat](https://img.shields.io/badge/gitter-join%20chat-brightgreen.svg)](https://gitter.im/CiscoSecurity/Threat-Grid "Gitter chat") 2 | 3 | ### Threat Grid API Basics: 4 | 5 | This collection of scripts cover the basics of interacting with the Threat Grid API. Each script covers one API endpoint. These are intented to show the bare minimum required to interact with the API endpoint. 6 | 7 | ### Before using you must update the following: 8 | - api_key 9 | 10 | ### Usage: 11 | ``` 12 | python 01_authentication.py 13 | ``` 14 | 15 | ### Example script output: 16 | ``` 17 | {'api_version': 3, 'id': 5510618, 'data': {'role': 'user', 'properties': {}, 'integration_id': 'h7od', 'email': 'jdoe@example.com', 'organization_id': 1, 'name': 'John Doe', 'login': 'jdoe', 'title': 'SOC Analyst', 'api_key': 'asdf1234asdf1234asdf1234', 'device': False}} 18 | ``` 19 | --------------------------------------------------------------------------------