Malware Domain List

Overview

This integration provides tools to interact with the Malware Domain List database, allowing you to check URLs against known malicious domains.

Available Tools

Ping

Tool Name: malware_domain_list_ping

Description: Test Connectivity

Arguments:

  • case_id (string, required): The ID of the case.

  • alert_group_identifiers (List[string], required): Identifiers for the alert groups.

  • target_entities (List[TargetEntity], optional): Optional list of specific target entities (Identifier, EntityType) to run the action on. Defaults to empty list.

  • scope (string, optional): Defines the scope for the action. Defaults to “All entities”.

Returns:

  • dict: A dictionary containing the result of the action execution.

Check URL

Tool Name: malware_domain_list_check_url

Description: This action fetches a URL and searches for it in the Malware Domain list database

Arguments:

  • case_id (string, required): The ID of the case.

  • alert_group_identifiers (List[string], required): Identifiers for the alert groups.

  • target_entities (List[TargetEntity], optional): Optional list of specific target entities (Identifier, EntityType) to run the action on. Typically runs on URL entities. Defaults to empty list.

  • scope (string, optional): Defines the scope for the action. Defaults to “All entities”.

Returns:

  • dict: A dictionary containing the result of the action execution, indicating if the URL was found in the database and associated details.