Skip to content

DomainTools#

DomainTools_WhoisLookup#

Author: CERT-BDF
License: AGPL-V3
Version: 2.0
Supported observables types:
- domain
- ip
Registration required: N/A
Subscription required: N/A
Free subscription: N/A
Third party service: N/A

Description#

Use DomainTools to get the ownership record for a domain or an IP address with basic registration details parsed.

Configuration#

username DomainTools API credentials
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values False
Is required True
key DomainTools API credentials
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values False
Is required True

Templates samples for TheHive#

No template samples to display.

DomainTools_ReverseIPWhois#

Author: ANSSI
License: AGPL-V3
Version: 2.0
Supported observables types:
- mail
- ip
- domain
- other
Registration required: N/A
Subscription required: N/A
Free subscription: N/A
Third party service: N/A

Description#

Use DomainTools to get a list of IP addresses which share the same registrant information.

Configuration#

username DomainTools API credentials
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values False
Is required True
key DomainTools API credentials
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values False
Is required True

Templates samples for TheHive#

No template samples to display.

DomainTools_HostingHistory#

Author: ANSSI
License: AGPL-V3
Version: 2.0
Supported observables types:
- domain
Registration required: N/A
Subscription required: N/A
Free subscription: N/A
Third party service: N/A

Description#

Use DomainTools to get a list of historical registrant, name servers and IP addresses for a domain name.

Configuration#

username DomainTools API credentials
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values False
Is required True
key DomainTools API credentials
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values False
Is required True

Templates samples for TheHive#

No template samples to display.

DomainTools_Risk#

Author: CERT-BDF
License: AGPL-V3
Version: 2.0
Supported observables types:
- domain
- fqdn
Registration required: N/A
Subscription required: N/A
Free subscription: N/A
Third party service: N/A

Description#

Use DomainTools to get a risk score and evidence details on a domain or fqdn

Configuration#

username DomainTools API credentials
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values False
Is required True
key DomainTools API credentials
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values False
Is required True

Templates samples for TheHive#

No template samples to display.

DomainTools_ReverseIP#

Author: CERT-BDF
License: AGPL-V3
Version: 2.0
Supported observables types:
- ip
- domain
- fqdn
Registration required: N/A
Subscription required: N/A
Free subscription: N/A
Third party service: N/A

Description#

Use DomainTools to get a list of domain names sharing the same IP address.

Configuration#

username DomainTools API credentials
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values False
Is required True
key DomainTools API credentials
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values False
Is required True

Templates samples for TheHive#

No template samples to display.

DomainTools_WhoisLookupUnparsed#

Author: CERT-BDF
License: AGPL-V3
Version: 2.0
Supported observables types:
- ip
- domain
Registration required: N/A
Subscription required: N/A
Free subscription: N/A
Third party service: N/A

Description#

Use DomainTools to get the ownership record for an IP address or a domain without parsing.

Configuration#

username DomainTools API credentials
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values False
Is required True
key DomainTools API credentials
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values False
Is required True

Templates samples for TheHive#

No template samples to display.

DomainTools_ReverseWhois#

Author: CERT-BDF
License: AGPL-V3
Version: 2.0
Supported observables types:
- mail
- ip
- domain
- other
Registration required: N/A
Subscription required: N/A
Free subscription: N/A
Third party service: N/A

Description#

Use DomainTools to get a list of domain names which share the same registrant information.

Configuration#

username DomainTools API credentials
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values False
Is required True
key DomainTools API credentials
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values False
Is required True

Templates samples for TheHive#

No template samples to display.

DomainTools_ReverseNameServer#

Author: CERT-BDF
License: AGPL-V3
Version: 2.0
Supported observables types:
- domain
Registration required: N/A
Subscription required: N/A
Free subscription: N/A
Third party service: N/A

Description#

Use DomainTools to get a list of domain names that share the same primary or secondary name server.

Configuration#

username DomainTools API credentials
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values False
Is required True
key DomainTools API credentials
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values False
Is required True

Templates samples for TheHive#

No template samples to display.

DomainTools_WhoisHistory#

Author: CERT-BDF
License: AGPL-V3
Version: 2.0
Supported observables types:
- domain
Registration required: N/A
Subscription required: N/A
Free subscription: N/A
Third party service: N/A

Description#

Use DomainTools to get a list of historical Whois records associated with a domain name.

Configuration#

username DomainTools API credentials
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values False
Is required True
key DomainTools API credentials
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values False
Is required True

Templates samples for TheHive#

No template samples to display.

DomainTools_Reputation#

Author: CERT-BDF
License: AGPL-V3
Version: 2.0
Supported observables types:
- domain
- fqdn
Registration required: N/A
Subscription required: N/A
Free subscription: N/A
Third party service: N/A

Description#

Use DomainTools to get a reputation score on a domain or fqdn

Configuration#

username DomainTools API credentials
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values False
Is required True
key DomainTools API credentials
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values False
Is required True

Templates samples for TheHive#

No template samples to display.