QutteraWebsiteMalwareScanner

This Integration is part of the Quttera Website Malware Scanner Pack.

Supported versions

Available on Cortex XSOAR (versions 6.0.0 and later) and Cortex XSIAM.

Quttera Website Malware Scanner This integration was integrated and tested with version v3 of QutteraWebsiteMalwareScanner

Configure QutteraWebsiteMalwareScanner in Cortex

Parameter	Required
API Key	True
Quttera Scanner URL	True

Commands

You can execute these commands from the CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

quttera-scan-start

---

Start to scan a given domain

Notice: Submitting indicators using this command might make the indicator data publicly available. See the vendor’s documentation for more details.

Base Command

quttera-scan-start

Input

Argument Name	Description	Required
domain	The name of the domain to scan.	Required

Context Output

Path	Type	Description
QutteraWebsiteMalwareScanning.Start.error	Number	HTTP response from the scanner
QutteraWebsiteMalwareScanning.Start.errorstr	String	Status of the scan request

quttera-rescan-status

---

Retrieve status of submitted domain

Base Command

quttera-rescan-status

Input

Argument Name	Description	Required
domain	The name of the domain to retrieve its status.	Required

Context Output

Path	Type	Description
QutteraWebsiteMalwareScanning.Status.error	Number	Scan result request status
QutteraWebsiteMalwareScanning.Status.errorstr	String	Scan result request description
QutteraWebsiteMalwareScanning.Status.status.blacklisted	String	Is the domain blacklisted
QutteraWebsiteMalwareScanning.Status.status.files	Number	Amount of scanned files
QutteraWebsiteMalwareScanning.Status.status.scanner_result	String	Scan result
QutteraWebsiteMalwareScanning.Status.status.sensitivity	String	Sensitivity
QutteraWebsiteMalwareScanning.Status.status.state	String	Is scanning done
QutteraWebsiteMalwareScanning.Status.status.time	String	Time
QutteraWebsiteMalwareScanning.Status.status.url	String	Scanned URL

quttera-scan-report

---

Retrieve report of submitted domain

Base Command

quttera-scan-report

Input

Argument Name	Description	Required
domain	The name of the domain to retrieve its report.	Required

Context Output

Path	Type	Description
QutteraWebsiteMalwareScanning.report.error	Number	Retrieving domain scan return code
QutteraWebsiteMalwareScanning.report.errorstr	String	Retrieving domain scan report state
QutteraWebsiteMalwareScanning.report.status	Dict	Detailed domain scan report
QutteraWebsiteMalwareScanning.report.status.blacklisted	String	Is domain blacklisted
QutteraWebsiteMalwareScanning.report.status.files	Number	How many files were scanned
QutteraWebsiteMalwareScanning.report.status.scanner_result	String	Scanner result
QutteraWebsiteMalwareScanning.report.status.sensitivity	String	Domain sensitivity
QutteraWebsiteMalwareScanning.report.status.state	String	State of the domain
QutteraWebsiteMalwareScanning.report.status.time	String	Scan time
QutteraWebsiteMalwareScanning.report.status.url	String	Scanned URL

quttera-report-malware

---

Retrieve url blacklist and reputation

Notice: Submitting indicators using this command might make the indicator data publicly available. See the vendor’s documentation for more details.

Base Command

quttera-report-malware

Input

Argument Name	Description	Required
url	URL to retrieve its blacklist and reputation.	Required

Context Output

Path	Type	Description
QutteraWebsiteMalwareScanning.report	Dict	Retrieving url blacklist and reputation

quttera-status-blacklist

---

Retrieve domain blacklist and reputation

Base Command

quttera-status-blacklist

Input

Argument Name	Description	Required
domain	The name of the domain to retrieve its blacklist and reputation.	Required

Context Output

Path	Type	Description
QutteraWebsiteMalwareScanning.report	Dict	Retrieving domain blacklist and reputation