Documentation has moved to https://github.com/The-Shadowserver-Foundation/api_utils/wiki
API: Trusted Programs Query
Sample
{
"product_name": "Microsoft Windows Operating System",
"source": "AppInfo",
"os_version": "6.1",
"fileversion": "6.1.7600.16385",
"crc32": "23897C4C",
"trusted_signature": "1",
"description": "DDODiag is a tool that collects Device Display Object (DDO) information from the system and logs it",
"binary": "1",
"sig_trustfile": "C:\\Windows\\system32\\CatRoot\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\ntexe.cat",
"os_name": "Microsoft Windows 7 Ultimate Service Pack 1 (build 7601), 64-bit",
"language": "English",
"filename": "ddodiag.exe",
"reference": "os",
"product_version": "6.1.7600.16385",
"mfg_name": "Microsoft Corporation",
"dirname": "c:\\Windows\\winsxs\\x86_microsoft-windows-ddodiag_31bf3856ad364e35_6.1.7600.16385_none_362ce835fe42421b",
"os_mfg": "Microsoft Corporation",
"application_type": "exe",
"filesize": "36864",
"signer": "Microsoft Windows",
"sig_timestamp": "07/14/2009 03:17:39",
"filetimestamp": "07/14/2009 01:14:16",
"strongname_signed": "0",
"source_version": "1.3",
"bit": "32"
}Our 134 Report Types
- API: ASN and Network Queries
- API: Documentation
- API: Malware Query
- API: Reports Query
- API: Research
- API: Scan/SSL
- API: Trusted Programs Query
- Accessible ADB Report
- Accessible AFP Report
- Accessible AMQP Report
- Accessible Apple Remote Desktop (ARD) Report
- Accessible Cisco Smart Install Report
- Accessible CoAP Report
- Accessible CouchDB Report
- Accessible Docker Service Report
- Accessible Erlang Port Mapper Daemon Report
- Accessible FTP Report
- Accessible HTTP Report
- Accessible Hadoop Report
- Accessible ICS Report
- Accessible Kubernetes API Server Report
- Accessible MS-RDPEUDP
- Accessible MySQL Server Report
- Accessible PostgreSQL Server Report
- Accessible QUIC Report
- Accessible RDP Report
- Accessible Radmin Report
- Accessible Rsync Report
- Accessible SIP Report
- Accessible SLP Service Report
- Accessible SMB Report
- Accessible SMTP Report
- Accessible SOCKS 4/5 Proxy Report
- Accessible SSH Report
- Accessible SSL Report
- Accessible STUN Service Report
- Accessible Telnet Report
- Accessible VNC Report
- Accessible WS-Discovery Service Report
- Accessible XDMCP Service Report
- Amplification DDoS Victim Report
- Block List Report
- Compromised Website Report
- DDoS Participant Report
- DNS Open Resolvers Report
- Darknet Events Report
- Device Identification Report
- Exposed F5 iControl REST API Special Report
- HAFNIUM Exchange Victim Special Report
- Honeypot DDoS Target Events Report
- Honeypot Amplification DDoS Events Report
- Honeypot Brute Force Events Report
- Honeypot DDoS Events Report
- Honeypot HTTP Scanner Events Report
- Honeypot ICS Scanner Events Report
- IP Spoofer Events Report
- LEGACY: Botnet URL Report
- LEGACY: Command and Control Report
- LEGACY: IRC Port Summary Report
- LEGACY: Sinkhole DNS report
- LEGACY: Accessible Modbus Report
- LEGACY: Botnet Drone Hadoop Report
- LEGACY: Brute Force Attack Report
- LEGACY: CAIDA IP Spoofer report
- LEGACY: Click-Fraud Report
- LEGACY: Compromised Host Report
- LEGACY: DDoS Report
- LEGACY: Darknet Report
- LEGACY: Drone/Botnet-Drone Report
- LEGACY: HTTP Scanners Report
- LEGACY: Honeypot URL Report
- LEGACY: ICS Scanners Report
- LEGACY: Microsoft Sinkhole Report
- LEGACY: Open Proxy Report
- LEGACY: Proxy Report
- LEGACY: Scan Report
- LEGACY: Sinkhole HTTP Drone Report
- LEGACY: Sinkhole HTTP Referrer Report
- LEGACY: Sinkhole6 HTTP Drone Report
- Malware URL Report
- Microsoft Sinkhole Events Report
- Microsoft Sinkhole HTTP Events Report
- NTP Monitor Report
- NTP Version Report
- Netcore/Netis Router Vulnerability Scan Report
- OPTIONAL: Sandbox Connection Report
- OPTIONAL: Sandbox IRC Report
- OPTIONAL: Sandbox SMTP Report
- OPTIONAL: Sandbox URL Report
- Open CWMP Report
- Open CharGen Report
- Open DB2 Discovery Service
- Open DVR DHCPDiscover Report
- Open Elasticsearch Report
- Open IPMI Report
- Open IPP Report
- Open LDAP Report
- Open LDAP TCP Report
- Open MQTT Report
- Open MS-SQL Server Resolution Service Report
- Open Memcached Report
- Open MongoDB Report
- Open NAT-PMP Report
- Open NetBIOS Report
- Open Portmapper Report
- Open QOTD Report
- Open Redis Report
- Open SNMP Report
- Open SSDP Report
- Open Ubiquiti Report
- Open mDNS Report
- Open/Accessible TFTP
- Outdated DNSSEC Key IPv6 Report
- Outdated DNSSEC Key Report
- SSL FREAK Report
- SSL POODLE Report
- Sinkhole DNS Events Report
- Sinkhole Events Report
- Sinkhole HTTP Events Report
- Sinkhole HTTP Referer Events Report
- Spam URL Report
- Synful Scan Report
- Vulnerable DDoS Middlebox Report
- Vulnerable Exchange Server Report
- Vulnerable Exchange Servers Special Report #1
- Vulnerable Exchange Servers Special Report #2
- Vulnerable Exchange Servers Special Report #3
- Vulnerable Exchange Servers Special Report #4
- Vulnerable Exchange Servers Special Report #5
- Vulnerable Fortinet Special Report
- Vulnerable HTTP Report
- Vulnerable ISAKMP Report
- Vulnerable Log4j Servers Special Report
- Vulnerable SMTP Report