API Reference
If you're looking to simply browse the API, you're in the right place, all supported endpoints can be found on this page.
Alternatively, if you have a specific use case in mind, please see the API Guides on the left hand side to see if one of the guides fits your needs.
This is an alphabetical listing of all supported endpoints. If you're looking for a specific endpoint, you can use the search bar to find it.
Authorizations
Body
namestringRequired
Responses
200
Successful Response
application/json
Responseany
404
Not found
422
Validation Error
application/json
post
POST /api-keys/ HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 15
{
"name": "text"
}No content
Authorizations
Path parameters
api_key_uuidstringRequired
Responses
200
Successful Response
application/json
Responseany
404
Not found
422
Validation Error
application/json
delete
DELETE /api-keys/{api_key_uuid} HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*
No content
Endpoint to browse for threat actors, with filters on some criteria.
Authorizations
Query parameters
filterstringOptional
A string used to filter threat actors. It can start with specific prefixes to indicate the type of filter:
name:: Filter by Name.uuid:: Filter by UUID.- If no prefix is provided, it defaults to a name filter.
offsetintegerOptionalDefault:
The number of items to skip before starting to collect the result set.
0sortstringOptionalDefault:
Field to sort by - either name, created_at or updated_at
created_atPattern: ^(name|created_at|updated_at)$orderstringOptionalDefault:
Sort order - either asc or desc
descPattern: ^(asc|desc)$limitinteger · min: 1OptionalDefault:
The maximum number of items to return.
100Responses
200
Successful Response
application/json
404
Not found
422
Validation Error
application/json
get
GET /v1/actors HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*
{
"data": [
{
"created_at": "2025-06-27T13:10:15.754Z",
"display_name": "text",
"enriched_at": "2025-06-27T13:10:15.754Z",
"gen_description": "text",
"misp_uuid": "text",
"name": "text",
"updated_at": "2025-06-27T13:10:15.754Z",
"uuid": "text"
}
],
"limit": 1,
"message": "text",
"offset": 1,
"total": 1
}Authorizations
Path parameters
identifierstringRequired
The unique UUID or name of the threat actor to retrieve
Responses
200
Successful Response
application/json
404
Not found
422
Validation Error
application/json
get
GET /v1/actors/{identifier} HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*
{
"created_at": "2025-06-27T13:10:15.754Z",
"display_name": "text",
"enriched_at": "2025-06-27T13:10:15.754Z",
"gen_description": "text",
"mentions": [
{
"context": "text",
"created_at": "2025-06-27T13:10:15.754Z",
"overview": "text",
"published_at": "2025-06-27T13:10:15.754Z",
"reference_source": "text",
"reference_topic": "text",
"reference_url": "text",
"reference_user_generated_content": true,
"reference_uuid": "text",
"threat_actor_display_name": "text",
"threat_actor_name": "text",
"threat_actor_uuid": "text",
"updated_at": "2025-06-27T13:10:15.754Z",
"uuid": "text"
}
],
"mentions_count": 0,
"misp_uuid": "text",
"name": "text",
"synonyms": [
{
"created_at": "2025-06-27T13:10:15.754Z",
"display_name": "text",
"enriched_at": "2025-06-27T13:10:15.754Z",
"gen_description": "text",
"misp_uuid": "text",
"name": "text",
"updated_at": "2025-06-27T13:10:15.754Z",
"uuid": "text"
}
],
"synonyms_count": 0,
"updated_at": "2025-06-27T13:10:15.754Z",
"uuid": "text"
}Retrieve a reference by its identifier.
identifier: The unique hash of the URL or UUID to retrieve the reference for.
This endpoint returns the reference object associated with the given URL hash. If no reference is found, a 404 error is returned.
Authorizations
Path parameters
identifierstringRequired
The unique hash of the URL or UUID to retrieve the reference for
Responses
200
Successful Response
application/json
404
Not found
422
Validation Error
application/json
get
GET /v1/content_chunks/{identifier} HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*
{
"analysis_object": {
"complete": false,
"content_channels": {
"agentic_ai_security": true,
"ai_security": true,
"analysis_type": "text",
"application_security": true,
"browser_security": true,
"cloud_security": true,
"data_breach": true,
"exploitation": true,
"indicator_of_compromise": true,
"iot_security": true,
"law_enforcement": true,
"malware": true,
"network_security": true,
"new_product": true,
"patch": true,
"phishing": true,
"ransomware": true,
"red_team": true,
"regulatory_body": true,
"threat_actor": true,
"ttp": true,
"venture_capital": true,
"version": 1,
"vulnerability": true,
"windows_security": true
},
"content_hash": "text",
"meta": {
"analysis_type": "text",
"code_repository": true,
"content_shape": [
"text"
],
"cyber_intel_content": true,
"cyber_marketing_content": true,
"disparate_topics": true,
"exploit_code": true,
"mailing_list_discussion": true,
"software_advisory": true,
"version": 1
},
"regex_entity": {
"analysis_type": "regex_entity",
"threat_actors": [
"text"
]
},
"regex_ioc": {
"analysis_type": "regex_ioc",
"asns": [
"text"
],
"attack_mitigations": {
"ANY_ADDITIONAL_PROPERTY": [
"text"
]
},
"attack_tactics": {
"ANY_ADDITIONAL_PROPERTY": [
"text"
]
},
"attack_techniques": {
"ANY_ADDITIONAL_PROPERTY": [
"text"
]
},
"authentihashes": [
"text"
],
"bitcoin_addresses": [
"text"
],
"cves": [
"text"
],
"domains": [
"text"
],
"email_addresses": [
"text"
],
"email_addresses_complete": [
"text"
],
"file_paths": [
"text"
],
"google_adsense_publisher_ids": [
"text"
],
"google_analytics_tracker_ids": [
"text"
],
"imphashes": [
"text"
],
"ipv4_cidrs": [
"text"
],
"ipv4s": [
"text"
],
"ipv6s": [
"text"
],
"mac_addresses": [
"text"
],
"md5s": [
"text"
],
"monero_addresses": [
"text"
],
"registry_key_paths": [
"text"
],
"sha1s": [
"text"
],
"sha256s": [
"text"
],
"sha512s": [
"text"
],
"ssdeeps": [
"text"
],
"tlp_labels": [
"text"
],
"urls": [
"text"
],
"user_agents": [
"text"
],
"xmpp_addresses": [
"text"
]
},
"source": "text",
"summary_and_fact_extraction": {
"analysis_type": "text",
"facts": [
"text"
],
"synopsis": "text",
"version": 1
},
"targeted_analysis": [
{
"analysis_type": "text",
"co_investors": [
"text"
],
"funded_organizations": [
"text"
],
"funding_amount": "text",
"funding_date": "text",
"funding_details": "text",
"funding_purpose": "text",
"funding_round": "text",
"investors": [
"text"
],
"lead_investor": "text",
"previous_funding": "text",
"version": 1
}
],
"triage": {
"analysis_type": "text",
"breach_entities": [
"text"
],
"campaign_entities": [
"text"
],
"detailed_ttps_discussed": true,
"funding_mention": true,
"investment_firm_entities": [
"text"
],
"ioc_mention": true,
"law_enforcement_entities": [
"text"
],
"location_entities": [
"text"
],
"malware_entities": [
"text"
],
"organization_entities": [
"text"
],
"patch_entities": [
"text"
],
"person_entities": [
"text"
],
"product_entities": [
"text"
],
"references": [
"text"
],
"regulatory_body_entities": [
"text"
],
"technique_or_tactic_entities": [
"text"
],
"threat_actor_entities": [
"text"
],
"version": 1,
"vulnerability_entities": [
"text"
]
},
"url_hash": "text"
},
"analyzed_at": "2025-06-27T13:10:15.754Z",
"content_type": "text",
"created_at": "2025-06-27T13:10:15.754Z",
"extracted_content": {
"authors": [
"text"
],
"collected_date": "2025-06-27T13:10:15.754Z",
"content": "text",
"content_hash": "text",
"content_type": "text",
"published_date": "text",
"published_date_str": "text",
"source": "text",
"topic": "text",
"url": "text",
"url_hash": "text"
},
"hash": "text",
"updated_at": "2025-06-27T13:10:15.754Z",
"uuid": "text"
}Authorizations
Query parameters
filterstringOptional
A string used to filter content chunks. The filter will be conducted within the content chunk embeddings.
offsetintegerOptionalDefault:
The number of items to skip before starting to collect the result set.
0limitinteger · min: 1OptionalDefault:
The maximum number of items to return.
100Responses
200
Successful Response
application/json
404
Not found
422
Validation Error
application/json
get
GET /v1/content_chunks HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*
{
"data": [
{
"analyzed_at": "2025-06-27T13:10:15.754Z",
"content_type": "text",
"created_at": "2025-06-27T13:10:15.754Z",
"hash": "text",
"updated_at": "2025-06-27T13:10:15.754Z",
"uuid": "text"
}
],
"limit": 1,
"message": "text",
"offset": 1,
"total": 1
}Authorizations
Query parameters
sortstringOptionalDefault:
Field to sort by - either created_at or updated_at
created_atPattern: ^(created_at|updated_at)$orderstringOptionalDefault:
Sort order - either asc or desc
descPattern: ^(asc|desc)$offsetintegerOptionalDefault:
The number of items to skip before starting to collect the result set.
0limitinteger · min: 1OptionalDefault:
The maximum number of items to return.
100Responses
200
Successful Response
application/json
404
Not found
422
Validation Error
application/json
get
GET /v1/dashboards/threat-actors HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*
{
"data": [
{
"content": {
"raw": {
"ANY_ADDITIONAL_PROPERTY": "anything"
},
"slack": "text",
"version": "text"
},
"created_at": "2025-06-27T13:10:15.754Z",
"formats": [
"text"
],
"id": 1,
"report_type": "text",
"title": "text",
"updated_at": "2025-06-27T13:10:15.754Z",
"uuid": "123e4567-e89b-12d3-a456-426614174000"
}
],
"limit": 1,
"message": "text",
"offset": 1,
"total": 1
}Authorizations
Query parameters
sortstringOptionalDefault:
Field to sort by - either created_at or updated_at
created_atPattern: ^(created_at|updated_at)$orderstringOptionalDefault:
Sort order - either asc or desc
descPattern: ^(asc|desc)$offsetintegerOptionalDefault:
The number of items to skip before starting to collect the result set.
0limitinteger · min: 1OptionalDefault:
The maximum number of items to return.
100Responses
200
Successful Response
application/json
404
Not found
422
Validation Error
application/json
get
GET /v1/dashboards/vulnerabilities HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*
{
"data": [
{
"content": {
"raw": {
"ANY_ADDITIONAL_PROPERTY": "anything"
},
"slack": "text",
"version": "text"
},
"created_at": "2025-06-27T13:10:15.754Z",
"formats": [
"text"
],
"id": 1,
"report_type": "text",
"title": "text",
"updated_at": "2025-06-27T13:10:15.754Z",
"uuid": "123e4567-e89b-12d3-a456-426614174000"
}
],
"limit": 1,
"message": "text",
"offset": 1,
"total": 1
}Endpoint to browse for detection signatures, with filters on some criteria.
Authorizations
Query parameters
offsetintegerOptionalDefault:
The number of items to skip before starting to collect the result set.
0limitinteger · min: 1OptionalDefault:
The maximum number of items to return.
100sortstringOptionalDefault:
Field to sort by - either name, created_at or updated_at
created_atPattern: ^(name|created_at|updated_at)$orderstringOptionalDefault:
Sort order - either asc or desc
descPattern: ^(asc|desc)$Responses
200
Successful Response
application/json
404
Not found
422
Validation Error
application/json
get
GET /v1/detection_signatures HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*
{
"data": [
{
"created_at": "2025-06-27T13:10:15.754Z",
"description": "text",
"method": "text",
"name": "text",
"source": "text",
"updated_at": "2025-06-27T13:10:15.754Z",
"upstream_id": "text",
"uuid": "text"
}
],
"limit": 1,
"message": "text",
"offset": 1,
"total": 1
}Authorizations
Path parameters
identifierstringRequired
The unique UUID of the detection signature to retrieve
Responses
200
Successful Response
application/json
404
Not found
422
Validation Error
application/json
get
GET /v1/detection_signatures/{identifier} HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*
{
"created_at": "2025-06-27T13:10:15.754Z",
"cve_ids": [
"text"
],
"description": "text",
"method": "text",
"name": "text",
"source": "text",
"updated_at": "2025-06-27T13:10:15.754Z",
"upstream_id": "text",
"uuid": "text",
"vulnerability_uuids": [
"text"
]
}Endpoint to browse for exploitations.
Authorizations
Query parameters
offsetintegerOptionalDefault:
The number of items to skip before starting to collect the result set.
0limitinteger · min: 1OptionalDefault:
The maximum number of items to return.
100sortstringOptionalDefault:
Field to sort by - either count, created_at or updated_at
created_atPattern: ^(count|created_at|updated_at)$orderstringOptionalDefault:
Sort order - either asc or desc
descPattern: ^(asc|desc)$Responses
200
Successful Response
application/json
404
Not found
422
Validation Error
application/json
get
GET /v1/exploitations HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*
{
"data": [
{
"begins_at": "2025-06-27T13:10:15.754Z",
"count": 1,
"created_at": "2025-06-27T13:10:15.754Z",
"ends_at": "2025-06-27T13:10:15.754Z",
"updated_at": "2025-06-27T13:10:15.754Z",
"uuid": "text"
}
],
"limit": 1,
"message": "text",
"offset": 1,
"total": 1
}Authorizations
Path parameters
identifierstringRequired
The unique UUID of the exploitation to retrieve
Responses
200
Successful Response
application/json
404
Not found
422
Validation Error
application/json
get
GET /v1/exploitations/{identifier} HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*
{
"begins_at": "2025-06-27T13:10:15.754Z",
"count": 1,
"created_at": "2025-06-27T13:10:15.754Z",
"detection_signature_method": "text",
"detection_signature_name": "text",
"detection_signature_source": "text",
"detection_signature_uuid": "text",
"ends_at": "2025-06-27T13:10:15.754Z",
"updated_at": "2025-06-27T13:10:15.754Z",
"uuid": "text"
}Endpoint to browse exploits, with filters on some criteria.
Authorizations
Query parameters
filterstringOptional
A string used to filter exploits. It can start with specific prefixes to indicate the type of filter:
uuid:: Filter by UUID.url:: Filter by url.authors:: Filter by authors.maturity:: Filter by maturity.- If the filter string matches a UUID pattern, it will be treated as a specific filter.
- If no prefix is provided, it defaults to a url filter.
offsetintegerOptionalDefault:
The number of items to skip before starting to collect the result set.
0sortstringOptionalDefault:
Field to sort by - either url, authors, maturity, created_at or updated_at
created_atPattern: ^(url|authors|maturity|created_at|updated_at)$orderstringOptionalDefault:
Sort order - either asc or desc
descPattern: ^(asc|desc)$limitinteger · min: 1OptionalDefault:
The maximum number of items to return.
100Responses
200
Successful Response
application/json
404
Not found
422
Validation Error
application/json
get
GET /v1/exploits HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*
{
"data": [
{
"authors": "text",
"created_at": "2025-06-27T13:10:15.754Z",
"description": "text",
"disclosed_at": "2025-06-27T13:10:15.754Z",
"maturity": "UNKNOWN",
"updated_at": "2025-06-27T13:10:15.754Z",
"url": "text",
"uuid": "text",
"vulnerabilities": [
"text"
]
}
],
"limit": 1,
"message": "text",
"offset": 1,
"total": 1
}Authorizations
Query parameters
offsetintegerOptionalDefault:
The number of items to skip before starting to collect the result set.
0limitinteger · min: 1OptionalDefault:
The maximum number of items to return.
100sortstringOptionalDefault:
Field to sort by - either created_at, updated_at, published_at, or collected_at
published_atPattern: ^(created_at|updated_at|published_at|collected_at)$orderstringOptionalDefault:
Sort order - either asc or desc
descResponses
200
Successful Response
application/json
404
Not found
422
Validation Error
application/json
get
GET /v1/mentions/actors HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*
{
"data": [
{
"context": "text",
"created_at": "2025-06-27T13:10:15.754Z",
"overview": "text",
"published_at": "2025-06-27T13:10:15.754Z",
"reference_source": "text",
"reference_topic": "text",
"reference_url": "text",
"reference_user_generated_content": true,
"reference_uuid": "text",
"threat_actor_display_name": "text",
"threat_actor_name": "text",
"threat_actor_uuid": "text",
"updated_at": "2025-06-27T13:10:15.754Z",
"uuid": "text"
}
],
"limit": 1,
"message": "text",
"offset": 1,
"total": 1
}Authorizations
Path parameters
identifierstringRequired
The unique UUID of the exploit to retrieve
Responses
200
Successful Response
application/json
404
Not found
422
Validation Error
application/json
get
GET /v1/exploits/{identifier} HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*
{
"authors": "text",
"created_at": "2025-06-27T13:10:15.754Z",
"cve_ids": [
"text"
],
"description": "text",
"disclosed_at": "2025-06-27T13:10:15.754Z",
"maturity": "UNKNOWN",
"updated_at": "2025-06-27T13:10:15.754Z",
"url": "text",
"uuid": "text",
"vulnerabilities": [
"text"
]
}Authorizations
Query parameters
offsetintegerOptionalDefault:
The number of items to skip before starting to collect the result set.
0limitinteger · min: 1OptionalDefault:
The maximum number of items to return.
100sortstringOptionalDefault:
Field to sort by - either created_at, updated_at, published_at, or collected_at
published_atPattern: ^(created_at|updated_at|published_at|collected_at)$orderstringOptionalDefault:
Sort order - either asc or desc
descPattern: ^(asc|desc)$Responses
200
Successful Response
application/json
404
Not found
422
Validation Error
application/json
get
GET /v1/mentions/vulnerabilities HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*
{
"data": [
{
"context": "text",
"created_at": "2025-06-27T13:10:15.754Z",
"cve_id": "text",
"overview": "text",
"published_at": "2025-06-27T13:10:15.754Z",
"reference_source": "text",
"reference_topic": "text",
"reference_url": "text",
"reference_user_generated_content": true,
"reference_uuid": "text",
"updated_at": "2025-06-27T13:10:15.754Z",
"uuid": "text",
"vulnerability_gen_name": "text",
"vulnerability_uuid": "text"
}
],
"limit": 1,
"message": "text",
"offset": 1,
"total": 1
}Endpoint to search for products based on search criteria.
Authorizations
Query parameters
offsetintegerOptionalDefault:
The number of items to skip before starting to collect the result set.
0limitinteger · min: 1OptionalDefault:
The maximum number of items to return.
100sortstringOptionalDefault:
Field to sort by - either name, created_at or updated_at
created_atPattern: ^(name|created_at|updated_at)$orderstringOptionalDefault:
Sort order - either asc or desc
descPattern: ^(asc|desc)$Body
The search criteria for products
cpestring | nullableOptional
Common Platform Enumeration (CPE) 2.3 string. Overrides type, vendor, and product if provided.
productstring | nullableOptional
The name of the product.
search_typestringOptionalDefault:
The type of search to perform. Options are: 'standard', 'did_you_mean'. Defaults to 'standard'.
standardExample: ["standard","did_you_mean"]typestring | nullableOptional
The type of the product (e.g., application, operating system). Defaults to 'application'.
vendorstring | nullableOptional
The vendor of the product.
Responses
200
Successful Response
application/json
404
Not found
422
Validation Error
application/json
post
POST /v1/products/search HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 103
{
"cpe": "text",
"product": "text",
"search_type": [
"standard",
"did_you_mean"
],
"type": "text",
"vendor": "text"
}{
"data": [
{
"created_at": "2025-06-27T13:10:15.754Z",
"description": "text",
"display_name": "text",
"name": "text",
"type": "text",
"updated_at": "2025-06-27T13:10:15.754Z",
"upstream_id": "text",
"uuid": "text",
"website": "text"
}
],
"limit": 1,
"message": "text",
"offset": 1,
"total": 1
}Endpoint to browse for products.
Authorizations
Query parameters
filterstringOptionalDefault:
Filter the products by name
""offsetintegerOptionalDefault:
The number of items to skip before starting to collect the result set.
0limitinteger · min: 1OptionalDefault:
The maximum number of items to return.
100sortstringOptionalDefault:
Field to sort by - either name, created_at or updated_at
created_atPattern: ^(name|created_at|updated_at)$orderstringOptionalDefault:
Sort order - either asc or desc
descPattern: ^(asc|desc)$Responses
200
Successful Response
application/json
404
Not found
422
Validation Error
application/json
get
GET /v1/products HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*
{
"data": [
{
"created_at": "2025-06-27T13:10:15.754Z",
"description": "text",
"display_name": "text",
"name": "text",
"type": "text",
"updated_at": "2025-06-27T13:10:15.754Z",
"upstream_id": "text",
"uuid": "text",
"website": "text"
}
],
"limit": 1,
"message": "text",
"offset": 1,
"total": 1
}Authorizations
Path parameters
identifierstringRequired
The unique UUID of the technology product to retrieve
Responses
200
Successful Response
application/json
404
Not found
422
Validation Error
application/json
get
GET /v1/products/{identifier} HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*
{
"created_at": "2025-06-27T13:10:15.754Z",
"description": "text",
"display_name": "text",
"name": "text",
"type": "text",
"updated_at": "2025-06-27T13:10:15.754Z",
"upstream_id": "text",
"uuid": "text",
"vendor_display_name": "text",
"vendor_name": "text",
"website": "text"
}Authorizations
Query parameters
filterstringOptional
A string used to filter references. Allowed filter terms:
source:: filter by source. (exact match - lowercase)domain:: filter by domain. (case insensitive substring filter)url:: filter by url. (case insensitive substring filter)title:: filter the title for a string. (case insensitive substring filter)embedding:: filter by content chunk embeddingtype:: filter by type. (exact match - converted to uppercase)- If no prefix is provided, the filter will be conducted on the url.
sortstringOptionalDefault:
Field to sort by - either created_at, updated_at, published_at, or collected_at
published_atPattern: ^(published_at|collected_at|created_at|updated_at)$orderstringOptionalDefault:
Sort order - either asc or desc
descPattern: ^(asc|desc)$offsetintegerOptionalDefault:
The number of items to skip before starting to collect the result set.
0user_generated_contentbooleanOptionalDefault:
Whether to include user-generated content in the response.
falselimitinteger · min: 1OptionalDefault:
The maximum number of items to return.
100Responses
200
Successful Response
application/json
404
Not found
422
Validation Error
application/json
get
GET /v1/references HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*
{
"data": [
{
"authors": [
"text"
],
"collected_at": "2025-06-27T13:10:15.754Z",
"content_chunk_uuids": [
"text"
],
"content_type": "text",
"created_at": "2025-06-27T13:10:15.754Z",
"published_at": "2025-06-27T13:10:15.754Z",
"screenshotted_at": "2025-06-27T13:10:15.754Z",
"source": "text",
"topic": "text",
"type": "STRUCTURED",
"updated_at": "2025-06-27T13:10:15.754Z",
"url": "text",
"url_hash": "text",
"user_generated_content": true,
"uuid": "text"
}
],
"limit": 1,
"message": "text",
"offset": 1,
"total": 1
}Create new references from a list of URLs.
reference_data: A JSON object containing a urls field with an array of URLs.
This endpoint creates new references from the provided URLs. If any reference already exists, returns the existing reference for that URL. Returns an array of created/existing references.
Authorizations
Body
Other propertiesanyOptional
Responses
200
Successful Response
application/json
Responsestring[]
404
Not found
422
Validation Error
application/json
post
POST /v1/references HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 76
{
"urls": [
"https://example1.com/blog/post",
"https://example2.com/blog/post"
]
}[
"text"
]Retrieve a reference by its identifier.
identifier: The unique hash of the URL or UUID to retrieve the reference for.
This endpoint returns the reference object associated with the given URL hash. If no reference is found, a 404 error is returned.
Authorizations
Path parameters
identifierstringRequired
The unique hash of the URL or UUID to retrieve the reference for
Responses
200
Successful Response
application/json
404
Not found
422
Validation Error
application/json
get
GET /v1/references/{identifier} HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*
{
"authors": [
"text"
],
"collected_at": "2025-06-27T13:10:15.754Z",
"content_chunk_uuids": [
"text"
],
"content_chunks": [
{
"analysis_object": {
"complete": false,
"content_channels": {
"agentic_ai_security": true,
"ai_security": true,
"analysis_type": "text",
"application_security": true,
"browser_security": true,
"cloud_security": true,
"data_breach": true,
"exploitation": true,
"indicator_of_compromise": true,
"iot_security": true,
"law_enforcement": true,
"malware": true,
"network_security": true,
"new_product": true,
"patch": true,
"phishing": true,
"ransomware": true,
"red_team": true,
"regulatory_body": true,
"threat_actor": true,
"ttp": true,
"venture_capital": true,
"version": 1,
"vulnerability": true,
"windows_security": true
},
"content_hash": "text",
"meta": {
"analysis_type": "text",
"code_repository": true,
"content_shape": [
"text"
],
"cyber_intel_content": true,
"cyber_marketing_content": true,
"disparate_topics": true,
"exploit_code": true,
"mailing_list_discussion": true,
"software_advisory": true,
"version": 1
},
"regex_entity": {
"analysis_type": "regex_entity",
"threat_actors": [
"text"
]
},
"regex_ioc": {
"analysis_type": "regex_ioc",
"asns": [
"text"
],
"attack_mitigations": {
"ANY_ADDITIONAL_PROPERTY": [
"text"
]
},
"attack_tactics": {
"ANY_ADDITIONAL_PROPERTY": [
"text"
]
},
"attack_techniques": {
"ANY_ADDITIONAL_PROPERTY": [
"text"
]
},
"authentihashes": [
"text"
],
"bitcoin_addresses": [
"text"
],
"cves": [
"text"
],
"domains": [
"text"
],
"email_addresses": [
"text"
],
"email_addresses_complete": [
"text"
],
"file_paths": [
"text"
],
"google_adsense_publisher_ids": [
"text"
],
"google_analytics_tracker_ids": [
"text"
],
"imphashes": [
"text"
],
"ipv4_cidrs": [
"text"
],
"ipv4s": [
"text"
],
"ipv6s": [
"text"
],
"mac_addresses": [
"text"
],
"md5s": [
"text"
],
"monero_addresses": [
"text"
],
"registry_key_paths": [
"text"
],
"sha1s": [
"text"
],
"sha256s": [
"text"
],
"sha512s": [
"text"
],
"ssdeeps": [
"text"
],
"tlp_labels": [
"text"
],
"urls": [
"text"
],
"user_agents": [
"text"
],
"xmpp_addresses": [
"text"
]
},
"source": "text",
"summary_and_fact_extraction": {
"analysis_type": "text",
"facts": [
"text"
],
"synopsis": "text",
"version": 1
},
"targeted_analysis": [
{
"analysis_type": "text",
"co_investors": [
"text"
],
"funded_organizations": [
"text"
],
"funding_amount": "text",
"funding_date": "text",
"funding_details": "text",
"funding_purpose": "text",
"funding_round": "text",
"investors": [
"text"
],
"lead_investor": "text",
"previous_funding": "text",
"version": 1
}
],
"triage": {
"analysis_type": "text",
"breach_entities": [
"text"
],
"campaign_entities": [
"text"
],
"detailed_ttps_discussed": true,
"funding_mention": true,
"investment_firm_entities": [
"text"
],
"ioc_mention": true,
"law_enforcement_entities": [
"text"
],
"location_entities": [
"text"
],
"malware_entities": [
"text"
],
"organization_entities": [
"text"
],
"patch_entities": [
"text"
],
"person_entities": [
"text"
],
"product_entities": [
"text"
],
"references": [
"text"
],
"regulatory_body_entities": [
"text"
],
"technique_or_tactic_entities": [
"text"
],
"threat_actor_entities": [
"text"
],
"version": 1,
"vulnerability_entities": [
"text"
]
},
"url_hash": "text"
},
"analyzed_at": "2025-06-27T13:10:15.754Z",
"content_type": "text",
"created_at": "2025-06-27T13:10:15.754Z",
"extracted_content": {
"authors": [
"text"
],
"collected_date": "2025-06-27T13:10:15.754Z",
"content": "text",
"content_hash": "text",
"content_type": "text",
"published_date": "text",
"published_date_str": "text",
"source": "text",
"topic": "text",
"url": "text",
"url_hash": "text"
},
"hash": "text",
"updated_at": "2025-06-27T13:10:15.754Z",
"uuid": "text"
}
],
"content_type": "text",
"created_at": "2025-06-27T13:10:15.754Z",
"published_at": "2025-06-27T13:10:15.754Z",
"screenshot_url": "text",
"screenshotted_at": "2025-06-27T13:10:15.754Z",
"source": "text",
"topic": "text",
"type": "STRUCTURED",
"updated_at": "2025-06-27T13:10:15.754Z",
"url": "text",
"url_hash": "text",
"user_generated_content": true,
"uuid": "text"
}Authorizations
Path parameters
identifierstringRequired
The unique hash of the URL or UUID to retrieve the reference for
Responses
200
Successful Response
application/json
404
Not found
422
Validation Error
application/json
get
GET /v1/references/{identifier}/threat-actor-mentions HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*
{
"data": [
{
"context": "text",
"created_at": "2025-06-27T13:10:15.754Z",
"overview": "text",
"published_at": "2025-06-27T13:10:15.754Z",
"reference_source": "text",
"reference_topic": "text",
"reference_url": "text",
"reference_user_generated_content": true,
"reference_uuid": "text",
"threat_actor_display_name": "text",
"threat_actor_name": "text",
"threat_actor_uuid": "text",
"updated_at": "2025-06-27T13:10:15.754Z",
"uuid": "text"
}
],
"limit": 1,
"message": "text",
"offset": 1,
"total": 1
}Retrieve threat actors associated with a reference.
identifier: The unique hash of the URL or UUID to retrieve the reference for.
Authorizations
Path parameters
identifierstringRequired
The unique hash of the URL or UUID to retrieve the reference for
Responses
200
Successful Response
application/json
404
Not found
422
Validation Error
application/json
get
GET /v1/references/{identifier}/threat-actors HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*
{
"data": [
{
"created_at": "2025-06-27T13:10:15.754Z",
"display_name": "text",
"enriched_at": "2025-06-27T13:10:15.754Z",
"gen_description": "text",
"misp_uuid": "text",
"name": "text",
"updated_at": "2025-06-27T13:10:15.754Z",
"uuid": "text"
}
],
"limit": 1,
"message": "text",
"offset": 1,
"total": 1
}Retrieve vulnerabilities associated with a reference.
identifier: The unique hash of the URL or UUID to retrieve the reference for.
Authorizations
Path parameters
identifierstringRequired
The unique hash of the URL or UUID to retrieve the reference for
Responses
200
Successful Response
application/json
404
Not found
422
Validation Error
application/json
get
GET /v1/references/{identifier}/vulnerabilities HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*
{
"data": [
{
"cisa_kev_added_at": "2025-06-27T13:10:15.754Z",
"created_at": "2025-06-27T13:10:15.754Z",
"cve_id": "text",
"cvss_base_score": 1,
"cvss_data": [
{
"ANY_ADDITIONAL_PROPERTY": "anything"
}
],
"cvss_source": "text",
"cvss_type": "text",
"cvss_vector": "text",
"cvss_version": 1,
"description": "text",
"enriched_at": "2025-06-27T13:10:15.754Z",
"epss_percentile": 1,
"epss_score": 1,
"gen_cwe_id": "text",
"gen_description": "text",
"gen_impact": "text",
"gen_mitigations": "text",
"gen_name": "text",
"gen_remediation": "text",
"nvd_references": [
{
"ANY_ADDITIONAL_PROPERTY": "anything"
}
],
"state": "text",
"updated_at": "2025-06-27T13:10:15.754Z",
"uuid": "text"
}
],
"limit": 1,
"message": "text",
"offset": 1,
"total": 1
}Authorizations
Path parameters
identifierstringRequired
The unique hash of the URL or UUID to retrieve the reference for
Responses
200
Successful Response
application/json
404
Not found
422
Validation Error
application/json
get
GET /v1/references/{identifier}/vulnerability-mentions HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*
{
"data": [
{
"context": "text",
"created_at": "2025-06-27T13:10:15.754Z",
"cve_id": "text",
"overview": "text",
"published_at": "2025-06-27T13:10:15.754Z",
"reference_source": "text",
"reference_topic": "text",
"reference_url": "text",
"reference_user_generated_content": true,
"reference_uuid": "text",
"updated_at": "2025-06-27T13:10:15.754Z",
"uuid": "text",
"vulnerability_gen_name": "text",
"vulnerability_uuid": "text"
}
],
"limit": 1,
"message": "text",
"offset": 1,
"total": 1
}Retrieve a list of all source configurations.
Authorizations
Responses
200
Successful Response
application/json
404
Not found
get
GET /v1/sources HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*
{
"count": 1,
"sources": [
{
"description": "text",
"first_reference_created_at": "2025-06-27T13:10:15.754Z",
"last_reference_created_at": "2025-06-27T13:10:15.754Z",
"options": {
"match_url_patterns": [
"text"
],
"reference_type": "text",
"reliability": 1,
"type_hint": "text"
},
"reference_count": 1,
"slug": "text"
}
]
}Endpoint to browse vendors based on various criteria.
Authorizations
Query parameters
filterstringOptionalDefault:
Filter the vendors by name
""offsetintegerOptionalDefault:
The number of items to skip before starting to collect the result set.
0limitinteger · min: 1OptionalDefault:
The maximum number of items to return.
100sortstringOptionalDefault:
Field to sort by - either name, created_at or updated_at
created_atPattern: ^(name|created_at|updated_at)$orderstringOptionalDefault:
Sort order - either asc or desc
descPattern: ^(asc|desc)$Responses
200
Successful Response
application/json
404
Not found
422
Validation Error
application/json
get
GET /v1/vendors HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*
{
"data": [
{
"created_at": "2025-06-27T13:10:15.754Z",
"description": "text",
"display_name": "text",
"id": 1,
"name": "text",
"products": [
{
"created_at": "2025-06-27T13:10:15.754Z",
"description": "text",
"display_name": "text",
"name": "text",
"type": "text",
"updated_at": "2025-06-27T13:10:15.754Z",
"upstream_id": "text",
"uuid": "text",
"website": "text"
}
],
"updated_at": "2025-06-27T13:10:15.754Z",
"uuid": "text",
"website": "text"
}
],
"limit": 1,
"message": "text",
"offset": 1,
"total": 1
}Endpoint to browse vulnerabilities, with filters on some criteria.
Authorizations
Query parameters
filterstringOptional
A string used to filter vulnerabilities. It can start with specific prefixes to indicate the type of filter:
cve:: Filter by CVE ID.uuid:: Filter by UUID.desc:: Filter by description.gen_description:: Filter by gen_description.gen_name:: Filter by gen_name.cisa_kev:: Filter by cisa_kev.- If the filter string matches the pattern
CVE-or a UUID pattern, it will be treated as a specific filter. - If no prefix is provided, it defaults to a description filter.
sortstringOptionalDefault:
Field to sort by - either cve_id, created_at, updated_at, cvss_base_score, cvss_version, epss_score, epss_percentile
created_atPattern: ^(cve_id|created_at|updated_at|cvss_base_score|cvss_version|epss_score|epss_percentile)$orderstringOptionalDefault:
Sort order - either asc or desc
descPattern: ^(asc|desc)$offsetintegerOptionalDefault:
The number of items to skip before starting to collect the result set.
0limitinteger · min: 1OptionalDefault:
The maximum number of items to return.
100Responses
200
Successful Response
application/json
404
Not found
422
Validation Error
application/json
get
GET /v1/vulnerabilities HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*
{
"data": [
{
"cisa_kev_added_at": "2025-06-27T13:10:15.754Z",
"created_at": "2025-06-27T13:10:15.754Z",
"cve_id": "text",
"cvss_base_score": 1,
"cvss_data": [
{
"ANY_ADDITIONAL_PROPERTY": "anything"
}
],
"cvss_source": "text",
"cvss_type": "text",
"cvss_vector": "text",
"cvss_version": 1,
"description": "text",
"enriched_at": "2025-06-27T13:10:15.754Z",
"epss_percentile": 1,
"epss_score": 1,
"gen_cwe_id": "text",
"gen_description": "text",
"gen_impact": "text",
"gen_mitigations": "text",
"gen_name": "text",
"gen_remediation": "text",
"nvd_references": [
{
"ANY_ADDITIONAL_PROPERTY": "anything"
}
],
"state": "text",
"updated_at": "2025-06-27T13:10:15.754Z",
"uuid": "text"
}
],
"limit": 1,
"message": "text",
"offset": 1,
"total": 1
}Authorizations
Path parameters
identifierstringRequired
The unique UUID of the technology vendor to retrieve
Responses
200
Successful Response
application/json
404
Not found
422
Validation Error
application/json
get
GET /v1/vendors/{identifier} HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*
{
"created_at": "2025-06-27T13:10:15.754Z",
"description": "text",
"display_name": "text",
"id": 1,
"name": "text",
"products": [
{
"created_at": "2025-06-27T13:10:15.754Z",
"description": "text",
"display_name": "text",
"name": "text",
"type": "text",
"updated_at": "2025-06-27T13:10:15.754Z",
"upstream_id": "text",
"uuid": "text",
"website": "text"
}
],
"updated_at": "2025-06-27T13:10:15.754Z",
"uuid": "text",
"website": "text"
}Authorizations
Path parameters
identifierstringRequired
The unique CVE ID or UUID of the vulnerability to retrieve
Responses
200
Successful Response
application/json
404
Not found
422
Validation Error
application/json
get
GET /v1/vulnerabilities/{identifier} HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*
{
"cisa_kev_added_at": "2025-06-27T13:10:15.754Z",
"created_at": "2025-06-27T13:10:15.754Z",
"cve_id": "text",
"cvss_base_score": 1,
"cvss_data": [
{
"ANY_ADDITIONAL_PROPERTY": "anything"
}
],
"cvss_source": "text",
"cvss_type": "text",
"cvss_vector": "text",
"cvss_version": 1,
"description": "text",
"detection_signatures_count": 0,
"enriched_at": "2025-06-27T13:10:15.754Z",
"epss_percentile": 1,
"epss_score": 1,
"exploitations_count": 0,
"exploits_count": 0,
"gen_cwe_id": "text",
"gen_description": "text",
"gen_impact": "text",
"gen_mitigations": "text",
"gen_name": "text",
"gen_remediation": "text",
"mentions_count": 0,
"nvd_references": [
{
"ANY_ADDITIONAL_PROPERTY": "anything"
}
],
"state": "text",
"updated_at": "2025-06-27T13:10:15.754Z",
"uuid": "text",
"vulnerable_configurations_count": 0,
"weaknesses": [
"text"
]
}Authorizations
Path parameters
identifierstringRequired
The unique CVE ID or UUID of the vulnerability to retrieve
Responses
200
Successful Response
application/json
404
Not found
422
Validation Error
application/json
get
GET /v1/vulnerabilities/{identifier}/configurations HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*
[
{
"cpe23_uri": "text",
"cpe_id": "text",
"created_at": "2025-06-27T13:10:15.754Z",
"cve_id": "text",
"edition": "text",
"is_vulnerable": true,
"language": "text",
"other": "text",
"product_display_name": "text",
"product_name": "text",
"product_type": "text",
"set_id": "text",
"sw_edition": "text",
"target_hw": "text",
"target_sw": "text",
"updateEndIncluding": "text",
"updateStartIncluding": "text",
"updated_at": "2025-06-27T13:10:15.754Z",
"uuid": "text",
"vendor": "text",
"vendor_display_name": "text",
"versionEndExcluding": "text",
"versionEndIncluding": "text",
"versionStartExcluding": "text",
"versionStartIncluding": "text"
}
]Authorizations
Path parameters
identifierstringRequired
The unique CVE ID or UUID of the vulnerability to retrieve
Responses
200
Successful Response
application/json
404
Not found
422
Validation Error
application/json
get
GET /v1/vulnerabilities/{identifier}/detection_signatures HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*
[
{
"created_at": "2025-06-27T13:10:15.754Z",
"description": "text",
"method": "text",
"name": "text",
"source": "text",
"updated_at": "2025-06-27T13:10:15.754Z",
"upstream_id": "text",
"uuid": "text"
}
]Authorizations
Path parameters
identifierstringRequired
The unique CVE ID or UUID of the vulnerability to retrieve
Responses
200
Successful Response
application/json
404
Not found
422
Validation Error
application/json
get
GET /v1/vulnerabilities/{identifier}/exploitations HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*
[
{
"begins_at": "2025-06-27T13:10:15.754Z",
"count": 1,
"created_at": "2025-06-27T13:10:15.754Z",
"detection_signature_method": "text",
"detection_signature_name": "text",
"detection_signature_source": "text",
"detection_signature_uuid": "text",
"ends_at": "2025-06-27T13:10:15.754Z",
"updated_at": "2025-06-27T13:10:15.754Z",
"uuid": "text"
}
]Authorizations
Path parameters
identifierstringRequired
The unique CVE ID or UUID of the vulnerability to retrieve
Responses
200
Successful Response
application/json
404
Not found
422
Validation Error
application/json
get
GET /v1/vulnerabilities/{identifier}/exploits HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*
[
{
"authors": "text",
"created_at": "2025-06-27T13:10:15.754Z",
"description": "text",
"disclosed_at": "2025-06-27T13:10:15.754Z",
"maturity": "UNKNOWN",
"updated_at": "2025-06-27T13:10:15.754Z",
"url": "text",
"uuid": "text",
"vulnerabilities": [
"text"
]
}
]Authorizations
Path parameters
identifierstringRequired
The unique CVE ID or UUID of the vulnerability to retrieve
Responses
200
Successful Response
application/json
404
Not found
422
Validation Error
application/json
get
GET /v1/vulnerabilities/{identifier}/mentions HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*
[
{
"context": "text",
"created_at": "2025-06-27T13:10:15.754Z",
"cve_id": "text",
"overview": "text",
"published_at": "2025-06-27T13:10:15.754Z",
"reference_source": "text",
"reference_topic": "text",
"reference_url": "text",
"reference_user_generated_content": true,
"reference_uuid": "text",
"updated_at": "2025-06-27T13:10:15.754Z",
"uuid": "text",
"vulnerability_gen_name": "text",
"vulnerability_uuid": "text"
}
]Endpoint to browse weaknesses based on various criteria.
Authorizations
Query parameters
filterstringOptionalDefault:
Filter the weaknesses by name
""offsetintegerOptionalDefault:
The number of items to skip before starting to collect the result set.
0limitinteger · min: 1OptionalDefault:
The maximum number of items to return.
100sortstringOptionalDefault:
Field to sort by - either name, created_at or updated_at
created_atPattern: ^(name|created_at|updated_at)$orderstringOptionalDefault:
Sort order - either asc or desc
descPattern: ^(asc|desc)$Responses
200
Successful Response
application/json
404
Not found
422
Validation Error
application/json
get
GET /v1/weaknesses HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*
{
"data": [
{
"description": "text",
"extended_description": "text",
"likelihood_of_exploit": "text",
"name": "text",
"uuid": "text"
}
],
"limit": 1,
"message": "text",
"offset": 1,
"total": 1
}Endpoint to lookup a weakness by its unique identifier. Can use either CWE-ID (e.g., CWE-79) or UUID.
Authorizations
Path parameters
identifierstringRequired
The unique identifier of the weakness to retrieve (CWE-ID or UUID)
Responses
200
Successful Response
application/json
404
Not found
422
Validation Error
application/json
get
GET /v1/weaknesses/{identifier} HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*
{
"description": "text",
"extended_description": "text",
"likelihood_of_exploit": "text",
"name": "text",
"uuid": "text"
}Last updated