List Retrieval API Description The List Retrieval API allows users to fetch different types of lists (public, private, and organization-based lists) associated with a given API key. The API returns metadata about each list, including its category, creation date, and number of Indicators of Compromise (IOCs).
Endpoint 1 GET https://api.cybercheck360.com/v1/list/get-all/?public=true&private=true&organization=trueQuery Parameters Parameter Type Required Description api_keystring Yes The API key required for authentication. publicboolean No Set to true to retrieve public lists. Defaults to false. privateboolean No Set to true to retrieve private lists. Defaults to false. organizationboolean No Set to true to retrieve organization-specific lists. Defaults to false.
Authentication
This API requires an API key to be passed in the request header.
Header Name Type Required Description X-API-KEYstring Yes Api key token
Sample Request 1 GET https://api.cybercheck360.com/v1/list/get-all/?public=true&private=true&organization=trueThe API response is structured into three sections: private, public, and organization. Depending on the query parameters, one or more of these sections will be included in the response.
Full Response Example (All Parameters Enabled) 1 {
2 "private": [
3 {
4 "list_id": "d4e9209b-1c5c-4a12-9238-4fbe7b1d2fca",
5 "title": "Private List Example",
6 "tags": "Internal",
7 "description": "Internal security list",
8 "category": "Whitelist-IPs",
9 "created_on": "2025-02-15",
10 "updated_on": "2025-02-18",
11 "iocs_expires_in": 180,
12 "total_iocs": 15
13 }
14 ],
15 "public": [
16 {
17 "list_id": "b3a8305b-c5c5-4f22-9278-8f4c035dd0bf",
18 "title": "Public List Example",
19 "tags": "Testing",
20 "description": "Testing",
21 "category": "Blacklist-Malware",
22 "created_on": "2025-02-18",
23 "updated_on": "2025-02-18",
24 "iocs_expires_in": 100,
25 "total_iocs": 5
26 }
27 ],
28 "organization": [
29 {
30 "list_id": "ef0998f1-996a-44bd-8943-587faf302fc9",
31 "title": "Org Security List",
32 "tags": "Security, Threat Intel",
33 "description": "Internal organization security list",
34 "category": "Blacklist-Phishing",
35 "created_on": "2025-01-12",
36 "updated_on": "2025-02-17",
37 "iocs_expires_in": 120,
38 "total_iocs": 20
39 }
40 ]
41 }Field Descriptions Field Type Description list_idstring Unique identifier for the list. titlestring Name of the list. tagsstring Tags associated with the list. descriptionstring Short description of the list. categorystring Classification of the list (e.g., Blacklist-Malware, Whitelist-IPs). created_onstring Date when the list was created (YYYY-MM-DD). updated_onstring Date when the list was last updated (YYYY-MM-DD). iocs_expires_ininteger Number of days before the IOCs in this list expire. total_iocsinteger Total number of Indicators of Compromise (IOCs) in the list.
Error Responses Status Code Description 400Bad request. Ensure parameters are formatted correctly. 401Unauthorized. Invalid or missing API key. 403Forbidden. Access to the requested resource is denied. 404Not Found. The requested list does not exist. 500Internal Server Error. An unexpected error occurred.
Search IOC in Lists API
Description
The Search IOC in Lists API enables users to search for specific Indicators of Compromise (IOCs) within public and private threat intelligence lists.
Endpoint
1 GET https://api.cybercheck360.com/v1/list/search-ioc/?ioc=8.8.8.8Query Parameters
Parameter Type Required Description list_idstring Yes The unique identifier of the list where the IOC is searched. iocstring Yes The IOC value to search for (e.g., an IP address like 8.8.8.8).
Authentication
This API requires an API key to be passed in the request header.
Header Name Type Required Description X-API-KEYstring Yes Api key token
Sample Request
1 GET https://api.cybercheck360.com/v1/list/search-ioc/?list_id=f10a8172-d2e9-433a-bfe5-08b500c4fd52&ioc=8.8.8.8
2 Response
The API returns a JSON array with details about the searched IOC if it exists within a list.
Example Response
1 [
2 {
3 "list_id": "7e897a73-e917-4d06-8b38-cb7e493e6348",
4 "list_title": "Example List",
5 "list_type": "Public",
6 "list_category": "Whitelist",
7 "list_created_on": "2025-02-18",
8 "list_owner": "Example Name",
9 "ioc": "8.8.8.8",
10 "ioc_type": "ipv4",
11 "ioc_added_on": "2025-02-18",
12 "ioc_updated_on": "2025-02-18",
13 "ioc_tags": "Google",
14 "ioc_description": "Testing"
15 }
16 ]Response Field Descriptions
Field Type Description list_idstring Unique identifier of the list containing the IOC. list_titlestring The title or name of the list. list_typestring Indicates whether the list is Public or Private . list_categorystring The category of the list (e.g., Whitelist, Blacklist). list_created_onstring The date when the list was created (YYYY-MM-DD). list_ownerstring The owner or creator of the list. iocstring The IOC value that was searched (e.g., an IP address). ioc_typestring The type of IOC (e.g., ipv4, domain, hash). ioc_added_onstring The date when the IOC was added to the list (YYYY-MM-DD). ioc_updated_onstring The date when the IOC was last updated (YYYY-MM-DD). ioc_tagsstring Tags related to the IOC for classification. ioc_descriptionstring Description or additional information about the IOC.
Error Responses
Status Code Description 400Bad request. Ensure all required parameters are provided. 401Unauthorized. Invalid or missing API key. 403Forbidden. You do not have access to this list. 404Not found. The requested IOC was not found in the specified list. 500Internal Server Error. An unexpected error occurred.
Add or Update IOC in Lists API
Description
The Add or Update IOC in Lists API allows users to add new Indicators of Compromise (IOCs) to a threat intelligence list or update existing ones.
Endpoint
1 POST https://api.cybercheck360.com/v1/list/add-update-iocRequest Parameters
Parameter Type Required Description iocobject Yes The IOCs to be added or updated, structured in JSON format.
Authentication
This API requires an API key to be passed in the request header.
Header Name Type Required Description X-API-KEYstring Yes Api key token
Sample Request
1 POST https://api.cybercheck360.com/v1/list/add-update-ioc
2
3
4 {
5 "ioc": {
6 "14.103.115.12": ["Example Public List"],
7 "14.103.135.12": ["Example Public List"],
8 "8.8.8.8": ["Example Public List"],
9 "125.87.85.99": ["Example Public List"],
10 "125.244.113.178": ["Example Public List"]
11 }
12 }Response
The API returns a JSON object containing details about successfully added or updated IOCs, as well as any errors encountered.
Example Response
1 {
2 "success": {
3 "14.103.115.12": [
4 {
5 "l_name": "Example Public List",
6 "status_message": "Updated"
7 }
8 ],
9 "14.103.135.12": [
10 {
11 "l_name": "Example Public List",
12 "status_message": "Updated"
13 }
14 ],
15 "8.8.8.8": [
16 {
17 "l_name": "Example Public List",
18 "status_message": "Created"
19 }
20 ],
21 "125.87.85.99": [
22 {
23 "l_name": "Example Public List",
24 "status_message": "Created"
25 }
26 ],
27 "125.244.113.178": [
28 {
29 "l_name": "Example Public List",
30 "status_message": "Created"
31 }
32 ]
33 },
34 "error": {}
35 }Response Field Descriptions
Field Type Description successobject Contains the details of successfully added or updated IOCs. errorobject Contains details of any errors encountered while processing the request. l_namestring The name of the list where the IOC was added or updated. status_messagestring Indicates whether the IOC was Created (new entry) or Updated (already existed).
Status Messages
Status Message Description CreatedThe IOC was successfully added to the specified list. UpdatedThe IOC already existed and was successfully updated.
Error Responses
Status Code Description 400Bad request. Ensure all required parameters are provided in the correct format. 401Unauthorized. Invalid or missing API key. 403Forbidden. You do not have permission to modify this list. 404Not found. The specified list does not exist. 500Internal Server Error. An unexpected error occurred.
API Documentation for add-update-ioc
Endpoint
URL: https://api.cybercheck360.com/v1/list/add-update-ioc
Description
This API allows users to add or update Indicators of Compromise (IOCs) in a list. IOCs can be IP addresses, domains, or URLs. The API returns a response containing the list IDs and added IOCs.
Request Parameters
Parameter Type Required Description list_idsArray Yes A list of unique identifiers for the lists where the IOCs will be added or updated. iocArray Yes A list of IOCs (IP addresses, domains, or URLs) to be added or updated. ioc_typeString Yes The type of IOCs provided. Allowed values: ip, domain, url. tlpInteger No Traffic Light Protocol (TLP) classification of the IOCs. Accepted values: 0, 1, 2, 3, 4. Default is 2. tagsString No Tags associated with the IOCs. Can be used to classify them (e.g., Whitelist, Blacklist, Suspicious). descriptionString No A description of the IOCs being added or updated.
Authentication
This API requires an API key to be passed in the request header.
Header Name Type Required Description X-API-KEYstring Yes Api key token
Sample Request
1 {
2 "list_ids": ["876f855f-23f2-4111-9d58-6fb571a32890"],
3 "ioc": [
4 "8.8.8.8"
5 ],
6 "ioc_type": "ip",
7 "tlp": 2,
8 "tags": "Whitelist",
9 "description": "Whitelist IOCs"
10 }Response
The response structure varies based on the provided parameters.
Base Response
1 {
2 "list_ids": ["876f855f-23f2-4111-9d58-6fb571a32890"],
3 "ioc": [
4 "8.8.8.8"
5 ],
6 "ioc_type": "ip",
7 "tlp": 2,
8 "tags": "Whitelist",
9 "description": "Whitelist IOCs"
10 }Response When list_ids Parameter is Enabled
1 {
2 "list_ids": ["876f855f-23f2-4111-9d58-6fb571a32890"]
3 }Response When ioc Parameter is Enabled
1 {
2 "ioc": [
3 "8.8.8.8", "125.90.72.18", "14.29.110.219"
4 ]
5 }Response When ioc_type Parameter is Enabled
1 {
2 "ioc_type": "ip"
3 }Response When tlp Parameter is Enabled
1 {
2 "tags": "Whitelist"
3 }Response When description Parameter is Enabled
1 {
2 "description": "Whitelist IOCs"
3 }Error Responses
Status Code Message Description 400Bad RequestInvalid request parameters or missing required fields. 401UnauthorizedInvalid API key or authentication failure. 403ForbiddenAccess to the endpoint is denied. 404Not FoundThe requested resource does not exist. 500Internal Server ErrorA server-side error occurred.
Notes
Ensure that the API key ({{X-API-KEY}}) is valid and authorized for this request.
The ioc_type parameter must be correctly set (ip, domain, or url).
tlp classification follows standard TLP guidelines (0 - Clear, 1 - Green, 2 - Amber, 3 - Red, 4 - White).The API supports bulk operations by providing multiple list_ids and ioc values.
Remove IOC from Lists API
Description
The Remove IOC from Lists API allows users to delete Indicators of Compromise (IOCs) from a threat intelligence list.
Endpoint
1 DELETE https://api.cybercheck360.com/v1/list/remove-iocRequest Parameters
Parameter Type Required Description iocobject Yes The IOCs to be removed, structured in JSON format.
Authentication
This API requires an API key to be passed in the request header.
Header Name Type Required Description X-API-KEYstring Yes Api key token
Sample Request
1 DELETE https://api.cybercheck360.com/v1/list/remove-ioc
2 Content-Type: application/json
3
4 {
5 "ioc": {
6 "125.90.72.18": ["Example Public List"],
7 "14.29.214.161": ["Example Public List"],
8 "2.2.2.2": ["Example Public List"],
9 "8.8.8.8": ["Example Public List"]
10 }
11 }Response
The API returns a JSON object containing details about successfully removed IOCs, as well as any errors encountered.
Example Response
1 {
2 "success": {
3 "125.90.72.18": [
4 {
5 "l_name": "Example Public List",
6 "status_message": "Deleted"
7 }
8 ],
9 "14.29.214.161": [
10 {
11 "l_name": "Example Public List",
12 "status_message": "Deleted"
13 }
14 ],
15 "2.2.2.2": [
16 {
17 "l_name": "Example Public List",
18 "status_message": "Deleted"
19 }
20 ],
21 "8.8.8.8": [
22 {
23 "l_name": "Example Public List",
24 "status_message": "Deleted"
25 }
26 ]
27 "error": {},
28 }
29 }Response Field Descriptions
Field Type Description successobject Contains the details of successfully removed IOCs (empty in case of errors). errorobject Contains details of any errors encountered while processing the request. l_namestring The name of the list from which the IOC was attempted to be removed. status_messagestring Indicates whether the IOC was successfully deleted or not.
Status Messages
Status Message Description Not DeletedThe IOC could not be removed from the specified list.
Error Responses
Status Code Description 400Bad request. Ensure all required parameters are provided in the correct format. 401Unauthorized. Invalid or missing API key. 403Forbidden. You do not have permission to modify this list. 404Not found. The specified list or IOC does not exist. 500Internal Server Error. An unexpected error occurred.
Get All Indicators API
Description
The Get All Indicators API retrieves a list of indicators from a specific threat intelligence list, filtered by type and pagination options.
Endpoint
1 GET https://api.cybercheck360.com/v1/list/get-all/indicators/?ipv4=True&page_size=10&page_number=1&list_id=790d90c2-30c0-4341-a02a-3c556d3c656f
2 Query Parameters
Parameter Type Required Description ipv4boolean No Set to True to retrieve only IPv4 indicators. ipv6boolean No Set to True to retrieve only IPv6 indicators. domainboolean No Set to True to retrieve only domain-based indicators. urlboolean No Set to True to retrieve only URL-based indicators. page_sizeint No The number of indicators per page (default: 10). page_numberint No The page number to retrieve (default: 1). list_idstring Yes The unique identifier of the list to fetch indicators from.
Authentication
This API requires an API key to be passed in the request header.
Header Name Type Required Description X-API-KEYstring Yes Api key token
Sample Request
1 GET https://api.cybercheck360.com/v1/list/get-all/indicators/?ipv4=True&page_size=10&page_number=1&list_id=fb5f8bd2-1706-4412-b569-0115528b4254Response
The API returns a JSON object containing the list details and associated indicators.
Example Response
1 {
2 "list_name": "Example Name",
3 "type": "Public",
4 "category": "Whitelist",
5 "tags": "Google",
6 "description": "testing",
7 "total_iocs": 8,
8 "ipv4": 2,
9 "ipv6": 0,
10 "domain": 1,
11 "url": 1,
12 "indicators": [
13 {
14 "ioc": "59.100.199.243",
15 "ioc_type": "ipv4",
16 "added_on": "2025-02-18",
17 "updated_on": "2025-02-18",
18 "tags": "Google",
19 "description": "Testing",
20 "expires_in": "93 days"
21 }
22 {
23 "ioc": "69.108.129.43",
24 "ioc_type": "ipv4",
25 "added_on": "2025-02-18",
26 "updated_on": "2025-02-18",
27 "tags": "Google",
28 "description": "Testing",
29 "expires_in": "93 days"
30 }
31 ]
32 }Response Field Descriptions
Field Type Description list_namestring The name of the list from which indicators are retrieved. typestring Indicates whether the list is Public or Private. categorystring The category of the list (e.g., Whitelist, Blacklist). tagsstring Tags associated with the list. descriptionstring A brief description of the list. total_iocsint The total number of indicators present in the list. ipv4int The number of IPv4 indicators. ipv6int The number of IPv6 indicators. domainint The number of domain-based indicators. urlint The number of URL-based indicators. indicatorsarray A list of individual indicators with details. iocstring The indicator value (e.g., IP address, domain, URL). ioc_typestring The type of indicator (e.g., ipv4, ipv6, domain, url). added_onstring The date when the indicator was added to the list. updated_onstring The date when the indicator was last updated. tagsstring Tags associated with the indicator. descriptionstring A brief description of the indicator. expires_instring The time left before the indicator expires.
Error Responses
Status Code Description 400Bad request. Ensure all required parameters are correctly formatted. 401Unauthorized. Invalid or missing API key. 403Forbidden. You do not have permission to access this list. 404Not found. The specified list or indicator does not exist. 500Internal Server Error. An unexpected error occurred.