API Reference

Last updated 2 months ago

Threat Actors Index

get

Endpoint to browse for threat actors, with filters on some criteria.

Authorizations

Query parameters

filterstringOptional

A string used to filter threat actors. It can start with specific prefixes to indicate the type of filter:

name:: Filter by Name.
uuid:: Filter by UUID.
If no prefix is provided, it defaults to a name filter.

offsetintegerOptional

The number of items to skip before starting to collect the result set.

Default: 0

sortstringOptional

Field to sort by - either name, created_at or updated_at

Default: created_atPattern: ^(name|created_at|updated_at)$

orderstringOptional

Sort order - either asc or desc

Default: descPattern: ^(asc|desc)$

limitinteger · min: 1Optional

The maximum number of items to return.

Default: 100

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

GET /v1/v1/actors HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*

{
  "data": [
    {
      "created_at": "2025-05-04T04:04:24.177Z",
      "display_name": "text",
      "enriched_at": "2025-05-04T04:04:24.177Z",
      "gen_description": "text",
      "misp_uuid": "text",
      "name": "text",
      "updated_at": "2025-05-04T04:04:24.177Z",
      "uuid": "text"
    }
  ],
  "limit": 1,
  "message": "text",
  "offset": 1,
  "total": 1
}

Lookup Threat Actor

get

Authorizations

Path parameters

identifierstringRequired

The unique UUID or name of the threat actor to retrieve

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

GET /v1/v1/actors/{identifier} HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*

{
  "created_at": "2025-05-04T04:04:24.177Z",
  "display_name": "text",
  "enriched_at": "2025-05-04T04:04:24.177Z",
  "gen_description": "text",
  "mentions": [
    {
      "context": "text",
      "created_at": "2025-05-04T04:04:24.177Z",
      "overview": "text",
      "published_at": "2025-05-04T04:04:24.177Z",
      "reference_source": "text",
      "reference_url": "text",
      "reference_user_generated_content": true,
      "reference_uuid": "text",
      "threat_actor_display_name": "text",
      "threat_actor_name": "text",
      "threat_actor_uuid": "text",
      "updated_at": "2025-05-04T04:04:24.177Z",
      "uuid": "text"
    }
  ],
  "mentions_count": 1,
  "misp_uuid": "text",
  "name": "text",
  "synonyms": [
    {
      "created_at": "2025-05-04T04:04:24.177Z",
      "display_name": "text",
      "enriched_at": "2025-05-04T04:04:24.177Z",
      "gen_description": "text",
      "misp_uuid": "text",
      "name": "text",
      "updated_at": "2025-05-04T04:04:24.177Z",
      "uuid": "text"
    }
  ],
  "synonyms_count": 1,
  "updated_at": "2025-05-04T04:04:24.177Z",
  "uuid": "text"
}

Bulletins Index

get

Endpoint to retrieve a list of bulletins.

Authorizations

Query parameters

offsetintegerOptional

The number of items to skip before starting to collect the result set.

Default: 0

limitinteger · min: 1Optional

The maximum number of items to return.

Default: 7

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

GET /v1/v1/bulletins HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*

{
  "data": [
    {
      "content": {
        "raw": {},
        "slack": "text",
        "version": "text"
      },
      "created_at": "2025-05-04T04:04:24.177Z",
      "formats": [
        "text"
      ],
      "id": 1,
      "report_type": "text",
      "title": "text",
      "updated_at": "2025-05-04T04:04:24.177Z",
      "uuid": "text"
    }
  ],
  "limit": 1,
  "message": "text",
  "offset": 1,
  "total": 1
}

Get Bulletin

get

Authorizations

Path parameters

identifierstringRequired

UUID of the bulletin to retrieve

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

GET /v1/v1/bulletins/{identifier} HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*

{
  "content": {
    "raw": {},
    "slack": "text",
    "version": "text"
  },
  "created_at": "2025-05-04T04:04:24.177Z",
  "formats": [
    "text"
  ],
  "id": 1,
  "report_type": "text",
  "title": "text",
  "updated_at": "2025-05-04T04:04:24.177Z",
  "uuid": "text"
}

Content Chunks Index

get

Authorizations

Query parameters

filterstringOptional

A string used to filter content chunks. The filter will be conducted within the content chunk embeddings.

offsetintegerOptional

The number of items to skip before starting to collect the result set.

Default: 0

limitinteger · min: 1Optional

The maximum number of items to return.

Default: 100

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

GET /v1/v1/content_chunks HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*

{
  "data": [
    {
      "analyzed_at": "2025-05-04T04:04:24.177Z",
      "content_type": "text",
      "created_at": "2025-05-04T04:04:24.177Z",
      "hash": "text",
      "updated_at": "2025-05-04T04:04:24.177Z",
      "uuid": "text"
    }
  ],
  "limit": 1,
  "message": "text",
  "offset": 1,
  "total": 1
}

Lookup Content Chunk

get

Retrieve a reference by its identifier.

identifier: The unique hash of the URL or UUID to retrieve the reference for.

This endpoint returns the reference object associated with the given URL hash. If no reference is found, a 404 error is returned.

Authorizations

Path parameters

identifierstringRequired

The unique hash of the URL or UUID to retrieve the reference for

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

GET /v1/v1/content_chunks/{identifier} HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*

{
  "analysis_object": {
    "complete": true,
    "content_hash": "text",
    "meta": {
      "cyber_intel_content": true,
      "cyber_marketing_content": true,
      "disparate_topics": true,
      "software_advisory": true,
      "version": 1
    },
    "regex_entity": {},
    "regex_ioc": {},
    "source": "text",
    "summary_and_fact_extraction": {
      "facts": [
        "text"
      ],
      "synopsis": "text",
      "version": 1
    },
    "targeted_analysis": [
      {}
    ],
    "triage": {
      "breach_entities": [
        "text"
      ],
      "campaign_entities": [
        "text"
      ],
      "detailed_ttps_discussed": true,
      "funding_mention": true,
      "investment_firm_entities": [
        "text"
      ],
      "ioc_mention": true,
      "law_enforcement_entities": [
        "text"
      ],
      "location_entities": [
        "text"
      ],
      "malware_entities": [
        "text"
      ],
      "organization_entities": [
        "text"
      ],
      "patch_entities": [
        "text"
      ],
      "person_entities": [
        "text"
      ],
      "product_entities": [
        "text"
      ],
      "references": [
        "text"
      ],
      "regulatory_body_entities": [
        "text"
      ],
      "technique_or_tactic_entities": [
        "text"
      ],
      "threat_actor_entities": [
        "text"
      ],
      "version": 1,
      "vulnerability_entities": [
        "text"
      ]
    },
    "url_hash": "text"
  },
  "analyzed_at": "2025-05-04T04:04:24.177Z",
  "content_type": "text",
  "created_at": "2025-05-04T04:04:24.177Z",
  "extracted_content": {
    "authors": [
      "text"
    ],
    "collected_date": "2025-05-04T04:04:24.177Z",
    "content": "text",
    "content_hash": "text",
    "content_type": "text",
    "published_date": "text",
    "published_date_str": "text",
    "source": "text",
    "topic": "text",
    "url": "text",
    "url_hash": "text"
  },
  "hash": "text",
  "updated_at": "2025-05-04T04:04:24.177Z",
  "uuid": "text"
}

Detection Signature Index

get

Endpoint to browse for detection signatures, with filters on some criteria.

Authorizations

Query parameters

offsetintegerOptional

The number of items to skip before starting to collect the result set.

Default: 0

limitinteger · min: 1Optional

The maximum number of items to return.

Default: 100

sortstringOptional

Field to sort by - either name, created_at or updated_at

Default: created_atPattern: ^(name|created_at|updated_at)$

orderstringOptional

Sort order - either asc or desc

Default: descPattern: ^(asc|desc)$

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

GET /v1/v1/detection_signatures HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*

{
  "data": [
    {
      "created_at": "2025-05-04T04:04:24.177Z",
      "description": "text",
      "method": "text",
      "name": "text",
      "source": "text",
      "updated_at": "2025-05-04T04:04:24.177Z",
      "upstream_id": "text",
      "uuid": "text"
    }
  ],
  "limit": 1,
  "message": "text",
  "offset": 1,
  "total": 1
}

Lookup Detection Signature

get

Authorizations

Path parameters

identifierstringRequired

The unique UUID of the detection signature to retrieve

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

GET /v1/v1/detection_signatures/{identifier} HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*

{
  "created_at": "2025-05-04T04:04:24.177Z",
  "cve_ids": [
    "text"
  ],
  "description": "text",
  "method": "text",
  "name": "text",
  "source": "text",
  "updated_at": "2025-05-04T04:04:24.177Z",
  "upstream_id": "text",
  "uuid": "text",
  "vulnerability_uuids": [
    "text"
  ]
}

Exploitations Index

get

Endpoint to browse for exploitations.

Authorizations

Query parameters

offsetintegerOptional

The number of items to skip before starting to collect the result set.

Default: 0

limitinteger · min: 1Optional

The maximum number of items to return.

Default: 100

sortstringOptional

Field to sort by - either count, created_at or updated_at

Default: created_atPattern: ^(count|created_at|updated_at)$

orderstringOptional

Sort order - either asc or desc

Default: descPattern: ^(asc|desc)$

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

GET /v1/v1/exploitations HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*

{
  "data": [
    {
      "begins_at": "2025-05-04T04:04:24.177Z",
      "count": 1,
      "created_at": "2025-05-04T04:04:24.177Z",
      "ends_at": "2025-05-04T04:04:24.177Z",
      "updated_at": "2025-05-04T04:04:24.177Z",
      "uuid": "text"
    }
  ],
  "limit": 1,
  "message": "text",
  "offset": 1,
  "total": 1
}

Lookup Exploitation

get

Authorizations

Path parameters

identifierstringRequired

The unique UUID of the exploitation to retrieve

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

GET /v1/v1/exploitations/{identifier} HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*

{
  "begins_at": "2025-05-04T04:04:24.177Z",
  "count": 1,
  "created_at": "2025-05-04T04:04:24.177Z",
  "detection_signature_method": "text",
  "detection_signature_name": "text",
  "detection_signature_source": "text",
  "detection_signature_uuid": "text",
  "ends_at": "2025-05-04T04:04:24.177Z",
  "updated_at": "2025-05-04T04:04:24.177Z",
  "uuid": "text"
}

Exploits Index

get

Endpoint to browse exploits, with filters on some criteria.

Authorizations

Query parameters

filterstringOptional

A string used to filter exploits. It can start with specific prefixes to indicate the type of filter:

uuid:: Filter by UUID.
url:: Filter by url.
authors:: Filter by authors.
maturity:: Filter by maturity.
If the filter string matches a UUID pattern, it will be treated as a specific filter.
If no prefix is provided, it defaults to a url filter.

offsetintegerOptional

The number of items to skip before starting to collect the result set.

Default: 0

sortstringOptional

Field to sort by - either url, authors, maturity, created_at or updated_at

Default: created_atPattern: ^(url|authors|maturity|created_at|updated_at)$

orderstringOptional

Sort order - either asc or desc

Default: descPattern: ^(asc|desc)$

limitinteger · min: 1Optional

The maximum number of items to return.

Default: 100

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

GET /v1/v1/exploits HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*

{
  "data": [
    {
      "authors": "text",
      "created_at": "2025-05-04T04:04:24.177Z",
      "description": "text",
      "disclosed_at": "2025-05-04T04:04:24.177Z",
      "maturity": "UNKNOWN",
      "updated_at": "2025-05-04T04:04:24.177Z",
      "url": "text",
      "uuid": "text",
      "vulnerabilities": [
        "text"
      ]
    }
  ],
  "limit": 1,
  "message": "text",
  "offset": 1,
  "total": 1
}

Lookup Exploit

get

Authorizations

Path parameters

identifierstringRequired

The unique UUID of the exploit to retrieve

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

GET /v1/v1/exploits/{identifier} HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*

{
  "authors": "text",
  "created_at": "2025-05-04T04:04:24.177Z",
  "cve_ids": [
    "text"
  ],
  "description": "text",
  "disclosed_at": "2025-05-04T04:04:24.177Z",
  "maturity": "UNKNOWN",
  "updated_at": "2025-05-04T04:04:24.177Z",
  "url": "text",
  "uuid": "text",
  "vulnerabilities": [
    "text"
  ]
}

Actor Mentions Index

get

Authorizations

Query parameters

offsetintegerOptional

The number of items to skip before starting to collect the result set.

Default: 0

limitinteger · min: 1Optional

The maximum number of items to return.

Default: 100

sortstringOptional

Field to sort by - either created_at, updated_at, published_at, or collected_at

Default: published_atPattern: ^(created_at|updated_at|published_at|collected_at)$

orderstringOptional

Sort order - either asc or desc

Default: desc

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

GET /v1/v1/mentions/actors HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*

{
  "data": [
    {
      "context": "text",
      "created_at": "2025-05-04T04:04:24.177Z",
      "overview": "text",
      "published_at": "2025-05-04T04:04:24.177Z",
      "reference_source": "text",
      "reference_url": "text",
      "reference_user_generated_content": true,
      "reference_uuid": "text",
      "threat_actor_display_name": "text",
      "threat_actor_name": "text",
      "threat_actor_uuid": "text",
      "updated_at": "2025-05-04T04:04:24.177Z",
      "uuid": "text"
    }
  ],
  "limit": 1,
  "message": "text",
  "offset": 1,
  "total": 1
}

Vulnerability Mentions Index

get

Authorizations

Query parameters

offsetintegerOptional

The number of items to skip before starting to collect the result set.

Default: 0

limitinteger · min: 1Optional

The maximum number of items to return.

Default: 100

sortstringOptional

Field to sort by - either created_at, updated_at, published_at, or collected_at

Default: published_atPattern: ^(created_at|updated_at|published_at|collected_at)$

orderstringOptional

Sort order - either asc or desc

Default: descPattern: ^(asc|desc)$

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

GET /v1/v1/mentions/vulnerabilities HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*

{
  "data": [
    {
      "context": "text",
      "created_at": "2025-05-04T04:04:24.177Z",
      "cve_id": "text",
      "overview": "text",
      "published_at": "2025-05-04T04:04:24.177Z",
      "reference_source": "text",
      "reference_url": "text",
      "reference_user_generated_content": true,
      "reference_uuid": "text",
      "updated_at": "2025-05-04T04:04:24.177Z",
      "uuid": "text",
      "vulnerability_gen_name": "text",
      "vulnerability_uuid": "text"
    }
  ],
  "limit": 1,
  "message": "text",
  "offset": 1,
  "total": 1
}

Product Index

get

Endpoint to browse for products.

Authorizations

Query parameters

filterstringOptional

Filter the products by name

Default: ""

offsetintegerOptional

The number of items to skip before starting to collect the result set.

Default: 0

limitinteger · min: 1Optional

The maximum number of items to return.

Default: 100

sortstringOptional

Field to sort by - either name, created_at or updated_at

Default: created_atPattern: ^(name|created_at|updated_at)$

orderstringOptional

Sort order - either asc or desc

Default: descPattern: ^(asc|desc)$

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

GET /v1/v1/products HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*

{
  "data": [
    {
      "created_at": "2025-05-04T04:04:24.177Z",
      "description": "text",
      "display_name": "text",
      "name": "text",
      "type": "text",
      "updated_at": "2025-05-04T04:04:24.177Z",
      "upstream_id": "text",
      "uuid": "text",
      "website": "text"
    }
  ],
  "limit": 1,
  "message": "text",
  "offset": 1,
  "total": 1
}

Lookup Product

get

Authorizations

Path parameters

identifierstringRequired

The unique UUID of the technology product to retrieve

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

GET /v1/v1/products/{identifier} HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*

{
  "created_at": "2025-05-04T04:04:24.177Z",
  "description": "text",
  "display_name": "text",
  "name": "text",
  "type": "text",
  "updated_at": "2025-05-04T04:04:24.177Z",
  "upstream_id": "text",
  "uuid": "text",
  "vendor_display_name": "text",
  "vendor_name": "text",
  "website": "text"
}

References Index

get

Authorizations

Query parameters

filterstringOptional

A string used to filter references. Allowed filter terms:

source:: filter by source. (exact match - lowercase)
domain:: filter by domain. (case insensitive substring filter)
url:: filter by url. (case insensitive substring filter)
title:: filter the title for a string. (case insensitive substring filter)
embedding:: filter by content chunk embedding
If no prefix is provided, the filter will be conducted on the source.

sortstringOptional

Field to sort by - either created_at, updated_at, published_at, or collected_at

Default: published_atPattern: ^(published_at|collected_at|created_at|updated_at)$

orderstringOptional

Sort order - either asc or desc

Default: descPattern: ^(asc|desc)$

offsetintegerOptional

The number of items to skip before starting to collect the result set.

Default: 0

user_generated_contentbooleanOptional

Whether to include user-generated content in the response.

Default: false

limitinteger · min: 1Optional

The maximum number of items to return.

Default: 100

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

GET /v1/v1/references HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*

{
  "data": [
    {
      "authors": [
        "text"
      ],
      "collected_at": "2025-05-04T04:04:24.177Z",
      "content_chunk_uuids": [
        "text"
      ],
      "content_type": "text",
      "created_at": "2025-05-04T04:04:24.177Z",
      "published_at": "2025-05-04T04:04:24.177Z",
      "screenshotted_at": "2025-05-04T04:04:24.177Z",
      "source": "text",
      "topic": "text",
      "updated_at": "2025-05-04T04:04:24.177Z",
      "url": "text",
      "url_hash": "text",
      "user_generated_content": true,
      "uuid": "text"
    }
  ],
  "limit": 1,
  "message": "text",
  "offset": 1,
  "total": 1
}

Lookup Reference

get

Retrieve a reference by its identifier.

identifier: The unique hash of the URL or UUID to retrieve the reference for.

This endpoint returns the reference object associated with the given URL hash. If no reference is found, a 404 error is returned.

Authorizations

Path parameters

identifierstringRequired

The unique hash of the URL or UUID to retrieve the reference for

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

GET /v1/v1/references/{identifier} HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*

{
  "authors": [
    "text"
  ],
  "collected_at": "2025-05-04T04:04:24.177Z",
  "content_chunk_uuids": [
    "text"
  ],
  "content_chunks": [
    {
      "analysis_object": {
        "complete": true,
        "content_hash": "text",
        "meta": {
          "cyber_intel_content": true,
          "cyber_marketing_content": true,
          "disparate_topics": true,
          "software_advisory": true,
          "version": 1
        },
        "regex_entity": {},
        "regex_ioc": {},
        "source": "text",
        "summary_and_fact_extraction": {
          "facts": [
            "text"
          ],
          "synopsis": "text",
          "version": 1
        },
        "targeted_analysis": [
          {}
        ],
        "triage": {
          "breach_entities": [
            "text"
          ],
          "campaign_entities": [
            "text"
          ],
          "detailed_ttps_discussed": true,
          "funding_mention": true,
          "investment_firm_entities": [
            "text"
          ],
          "ioc_mention": true,
          "law_enforcement_entities": [
            "text"
          ],
          "location_entities": [
            "text"
          ],
          "malware_entities": [
            "text"
          ],
          "organization_entities": [
            "text"
          ],
          "patch_entities": [
            "text"
          ],
          "person_entities": [
            "text"
          ],
          "product_entities": [
            "text"
          ],
          "references": [
            "text"
          ],
          "regulatory_body_entities": [
            "text"
          ],
          "technique_or_tactic_entities": [
            "text"
          ],
          "threat_actor_entities": [
            "text"
          ],
          "version": 1,
          "vulnerability_entities": [
            "text"
          ]
        },
        "url_hash": "text"
      },
      "analyzed_at": "2025-05-04T04:04:24.177Z",
      "content_type": "text",
      "created_at": "2025-05-04T04:04:24.177Z",
      "extracted_content": {
        "authors": [
          "text"
        ],
        "collected_date": "2025-05-04T04:04:24.177Z",
        "content": "text",
        "content_hash": "text",
        "content_type": "text",
        "published_date": "text",
        "published_date_str": "text",
        "source": "text",
        "topic": "text",
        "url": "text",
        "url_hash": "text"
      },
      "hash": "text",
      "updated_at": "2025-05-04T04:04:24.177Z",
      "uuid": "text"
    }
  ],
  "content_type": "text",
  "created_at": "2025-05-04T04:04:24.177Z",
  "published_at": "2025-05-04T04:04:24.177Z",
  "screenshotted_at": "2025-05-04T04:04:24.177Z",
  "source": "text",
  "topic": "text",
  "updated_at": "2025-05-04T04:04:24.177Z",
  "url": "text",
  "url_hash": "text",
  "user_generated_content": true,
  "uuid": "text"
}

Sources Index

get

Retrieve a list of all source configurations.

Authorizations

Responses

200

Successful Response

application/json

404

Not found

get

GET /v1/v1/sources HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*

{
  "count": 1,
  "sources": [
    {
      "description": "text",
      "options": {
        "match_url_patterns": [
          "text"
        ],
        "reliability": 1,
        "type_hint": "text"
      },
      "slug": "text"
    }
  ]
}

Vendor Index

get

Endpoint to browse vendors based on various criteria.

Authorizations

Query parameters

filterstringOptional

Filter the vendors by name

Default: ""

offsetintegerOptional

The number of items to skip before starting to collect the result set.

Default: 0

limitinteger · min: 1Optional

The maximum number of items to return.

Default: 100

sortstringOptional

Field to sort by - either name, created_at or updated_at

Default: created_atPattern: ^(name|created_at|updated_at)$

orderstringOptional

Sort order - either asc or desc

Default: descPattern: ^(asc|desc)$

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

GET /v1/v1/vendors HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*

{
  "data": [
    {
      "created_at": "2025-05-04T04:04:24.177Z",
      "description": "text",
      "display_name": "text",
      "id": 1,
      "name": "text",
      "products": [
        {
          "created_at": "2025-05-04T04:04:24.177Z",
          "description": "text",
          "display_name": "text",
          "name": "text",
          "type": "text",
          "updated_at": "2025-05-04T04:04:24.177Z",
          "upstream_id": "text",
          "uuid": "text",
          "website": "text"
        }
      ],
      "updated_at": "2025-05-04T04:04:24.177Z",
      "uuid": "text",
      "website": "text"
    }
  ],
  "limit": 1,
  "message": "text",
  "offset": 1,
  "total": 1
}

Lookup Vendor

get

Authorizations

Path parameters

identifierstringRequired

The unique UUID of the technology vendor to retrieve

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

GET /v1/v1/vendors/{identifier} HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*

{
  "created_at": "2025-05-04T04:04:24.177Z",
  "description": "text",
  "display_name": "text",
  "id": 1,
  "name": "text",
  "products": [
    {
      "created_at": "2025-05-04T04:04:24.177Z",
      "description": "text",
      "display_name": "text",
      "name": "text",
      "type": "text",
      "updated_at": "2025-05-04T04:04:24.177Z",
      "upstream_id": "text",
      "uuid": "text",
      "website": "text"
    }
  ],
  "updated_at": "2025-05-04T04:04:24.177Z",
  "uuid": "text",
  "website": "text"
}

Vulnerabilities Index

get

Endpoint to browse vulnerabilities, with filters on some criteria.

Authorizations

Query parameters

filterstringOptional

A string used to filter vulnerabilities. It can start with specific prefixes to indicate the type of filter:

cve:: Filter by CVE ID.
uuid:: Filter by UUID.
desc:: Filter by description.
gen_description:: Filter by gen_description.
gen_name:: Filter by gen_name.
If the filter string matches the pattern CVE- or a UUID pattern, it will be treated as a specific filter.
If no prefix is provided, it defaults to a description filter.

sortstringOptional

Field to sort by - either cve_id, created_at, updated_at, cvss_3_base_score, epss_score, epss_percentile

orderstringOptional

Sort order - either asc or desc

Default: descPattern: ^(asc|desc)$

offsetintegerOptional

The number of items to skip before starting to collect the result set.

Default: 0

limitinteger · min: 1Optional

The maximum number of items to return.

Default: 100

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

GET /v1/v1/vulnerabilities HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*

{
  "data": [
    {
      "cisa_kev_added_at": "2025-05-04T04:04:24.177Z",
      "created_at": "2025-05-04T04:04:24.177Z",
      "cve_id": "text",
      "cvss_base_score": 1,
      "cvss_data": [
        {}
      ],
      "cvss_source": "text",
      "cvss_type": "text",
      "cvss_vector": "text",
      "cvss_version": 1,
      "description": "text",
      "enriched_at": "2025-05-04T04:04:24.177Z",
      "epss_percentile": 1,
      "epss_score": 1,
      "gen_description": "text",
      "gen_name": "text",
      "updated_at": "2025-05-04T04:04:24.177Z",
      "uuid": "text"
    }
  ],
  "limit": 1,
  "message": "text",
  "offset": 1,
  "total": 1
}

Single Vulnerability

get

Authorizations

Path parameters

identifierstringRequired

The unique CVE ID or UUID of the vulnerability to retrieve

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

GET /v1/v1/vulnerabilities/{identifier} HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*

{
  "cisa_kev_added_at": "2025-05-04T04:04:24.177Z",
  "created_at": "2025-05-04T04:04:24.177Z",
  "cve_id": "text",
  "cvss_base_score": 1,
  "cvss_data": [
    {}
  ],
  "cvss_source": "text",
  "cvss_type": "text",
  "cvss_vector": "text",
  "cvss_version": 1,
  "description": "text",
  "detection_signatures_count": 1,
  "enriched_at": "2025-05-04T04:04:24.177Z",
  "epss_percentile": 1,
  "epss_score": 1,
  "exploitations_count": 1,
  "exploits_count": 1,
  "gen_description": "text",
  "gen_name": "text",
  "mentions_count": 1,
  "updated_at": "2025-05-04T04:04:24.177Z",
  "uuid": "text",
  "vulnerable_configurations_count": 1,
  "weaknesses": [
    "text"
  ]
}

Single Vulnerability Configurations

get

Authorizations

Path parameters

identifierstringRequired

The unique CVE ID or UUID of the vulnerability to retrieve

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

GET /v1/v1/vulnerabilities/{identifier}/configurations HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*

[
  {
    "cpe_id": "text",
    "created_at": "2025-05-04T04:04:24.177Z",
    "cve_id": "text",
    "edition": "text",
    "is_vulnerable": true,
    "language": "text",
    "other": "text",
    "product_display_name": "text",
    "product_name": "text",
    "product_type": "text",
    "set_id": "text",
    "sw_edition": "text",
    "target_hw": "text",
    "target_sw": "text",
    "updateEndIncluding": "text",
    "updateStartIncluding": "text",
    "updated_at": "2025-05-04T04:04:24.177Z",
    "uuid": "text",
    "vendor": "text",
    "vendor_display_name": "text",
    "versionEndExcluding": "text",
    "versionEndIncluding": "text",
    "versionStartExcluding": "text",
    "versionStartIncluding": "text"
  }
]

Single Vulnerability Detection Signatures

get

Authorizations

Path parameters

identifierstringRequired

The unique CVE ID or UUID of the vulnerability to retrieve

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

GET /v1/v1/vulnerabilities/{identifier}/detection_signatures HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*

[
  {
    "created_at": "2025-05-04T04:04:24.177Z",
    "description": "text",
    "method": "text",
    "name": "text",
    "source": "text",
    "updated_at": "2025-05-04T04:04:24.177Z",
    "upstream_id": "text",
    "uuid": "text"
  }
]

Single Vulnerability Exploitations

get

Authorizations

Path parameters

identifierstringRequired

The unique CVE ID or UUID of the vulnerability to retrieve

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

GET /v1/v1/vulnerabilities/{identifier}/exploitations HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*

[
  {
    "begins_at": "2025-05-04T04:04:24.177Z",
    "count": 1,
    "created_at": "2025-05-04T04:04:24.177Z",
    "detection_signature_method": "text",
    "detection_signature_name": "text",
    "detection_signature_source": "text",
    "detection_signature_uuid": "text",
    "ends_at": "2025-05-04T04:04:24.177Z",
    "updated_at": "2025-05-04T04:04:24.177Z",
    "uuid": "text"
  }
]

Single Vulnerability Exploits

get

Authorizations

Path parameters

identifierstringRequired

The unique CVE ID or UUID of the vulnerability to retrieve

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

GET /v1/v1/vulnerabilities/{identifier}/exploits HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*

[
  {
    "authors": "text",
    "created_at": "2025-05-04T04:04:24.177Z",
    "description": "text",
    "disclosed_at": "2025-05-04T04:04:24.177Z",
    "maturity": "UNKNOWN",
    "updated_at": "2025-05-04T04:04:24.177Z",
    "url": "text",
    "uuid": "text",
    "vulnerabilities": [
      "text"
    ]
  }
]

Single Vulnerability Mentions

get

Authorizations

Path parameters

identifierstringRequired

The unique CVE ID or UUID of the vulnerability to retrieve

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

GET /v1/v1/vulnerabilities/{identifier}/mentions HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Accept: */*

[
  {
    "context": "text",
    "created_at": "2025-05-04T04:04:24.177Z",
    "cve_id": "text",
    "overview": "text",
    "published_at": "2025-05-04T04:04:24.177Z",
    "reference_source": "text",
    "reference_url": "text",
    "reference_user_generated_content": true,
    "reference_uuid": "text",
    "updated_at": "2025-05-04T04:04:24.177Z",
    "uuid": "text",
    "vulnerability_gen_name": "text",
    "vulnerability_uuid": "text"
  }
]

Search Products

post

Endpoint to search for products based on search criteria.

Authorizations

Query parameters

offsetintegerOptional

The number of items to skip before starting to collect the result set.

Default: 0

limitinteger · min: 1Optional

The maximum number of items to return.

Default: 100

sortstringOptional

Field to sort by - either name, created_at or updated_at

Default: created_atPattern: ^(name|created_at|updated_at)$

orderstringOptional

Sort order - either asc or desc

Default: descPattern: ^(asc|desc)$

Body

The search criteria for products

cpestring | nullableOptional

Common Platform Enumeration (CPE) 2.3 string. Overrides type, vendor, and product if provided.

productstring | nullableOptional

The name of the product.

search_typestringOptional

The type of search to perform. Options are: 'standard', 'did_you_mean'. Defaults to 'standard'.

Default: standardExample: ["standard","did_you_mean"]

typestring | nullableOptional

The type of the product (e.g., application, operating system). Defaults to 'application'.

vendorstring | nullableOptional

The vendor of the product.

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

post

POST /v1/v1/products/search HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 103

{
  "cpe": "text",
  "product": "text",
  "search_type": [
    "standard",
    "did_you_mean"
  ],
  "type": "text",
  "vendor": "text"
}

{
  "data": [
    {
      "created_at": "2025-05-04T04:04:24.177Z",
      "description": "text",
      "display_name": "text",
      "name": "text",
      "type": "text",
      "updated_at": "2025-05-04T04:04:24.177Z",
      "upstream_id": "text",
      "uuid": "text",
      "website": "text"
    }
  ],
  "limit": 1,
  "message": "text",
  "offset": 1,
  "total": 1
}

Create References

post

Create new references from a list of URLs.

reference_data: A JSON object containing a urls field with an array of URLs.

This endpoint creates new references from the provided URLs. If any reference already exists, returns the existing reference for that URL. Returns an array of created/existing references.

Authorizations

Body

object · ReferenceDataOptionalExample: {"urls":["https://example1.com/blog/post","https://example2.com/blog/post"]}

Responses

200

Successful Response

application/json

Responsestring[]

404

Not found

422

Validation Error

application/json

post

POST /v1/v1/references HTTP/1.1
Host: api.mallory.ai
Authorization: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 76

{
  "urls": [
    "https://example1.com/blog/post",
    "https://example2.com/blog/post"
  ]
}

[
  "text"
]