diff --git a/docs/api-reference/spec/firework-v2-openapi.json b/docs/api-reference/spec/firework-v2-openapi.json
index f5a985f..e13123a 100644
--- a/docs/api-reference/spec/firework-v2-openapi.json
+++ b/docs/api-reference/spec/firework-v2-openapi.json
@@ -1831,7 +1831,7 @@
}
},
{
- "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: financial_data, seller, bot, ransomleak, stealer_log, forum_post, listing, blog_post, forum_profile, forum_topic, chat_message\n- open_web: google, social_media_account, stack_exchange, source_code_files, paste, service, bucket_object, source_code_secrets, bucket, docker\n- leaks: leak\n- domains: domain\n",
+ "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: listing, forum_topic, seller, stealer_log, blog_post, ransomleak, forum_post, bot, financial_data, chat_message, forum_profile\n- open_web: stack_exchange, paste, source_code_files, service, source_code_secrets, social_media_account, google, bucket_object, docker, bucket\n- leaks: leak\n- domains: domain\n",
"explode": true,
"in": "query",
"name": "types",
@@ -2151,7 +2151,7 @@
}
},
{
- "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: financial_data, seller, bot, ransomleak, stealer_log, forum_post, listing, blog_post, forum_profile, forum_topic, chat_message\n- open_web: google, social_media_account, stack_exchange, source_code_files, paste, service, bucket_object, source_code_secrets, bucket, docker\n- leaks: leak\n- domains: domain\n",
+ "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: listing, forum_topic, seller, stealer_log, blog_post, ransomleak, forum_post, bot, financial_data, chat_message, forum_profile\n- open_web: stack_exchange, paste, source_code_files, service, source_code_secrets, social_media_account, google, bucket_object, docker, bucket\n- leaks: leak\n- domains: domain\n",
"explode": true,
"in": "query",
"name": "types",
@@ -2722,7 +2722,7 @@
}
},
{
- "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: financial_data, seller, bot, ransomleak, stealer_log, forum_post, listing, blog_post, forum_profile, forum_topic, chat_message\n- open_web: google, social_media_account, stack_exchange, source_code_files, paste, service, bucket_object, source_code_secrets, bucket, docker\n- leaks: leak\n- domains: domain\n",
+ "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: listing, forum_topic, seller, stealer_log, blog_post, ransomleak, forum_post, bot, financial_data, chat_message, forum_profile\n- open_web: stack_exchange, paste, source_code_files, service, source_code_secrets, social_media_account, google, bucket_object, docker, bucket\n- leaks: leak\n- domains: domain\n",
"explode": true,
"in": "query",
"name": "types",
@@ -3042,7 +3042,7 @@
}
},
{
- "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: financial_data, seller, bot, ransomleak, stealer_log, forum_post, listing, blog_post, forum_profile, forum_topic, chat_message\n- open_web: google, social_media_account, stack_exchange, source_code_files, paste, service, bucket_object, source_code_secrets, bucket, docker\n- leaks: leak\n- domains: domain\n",
+ "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: listing, forum_topic, seller, stealer_log, blog_post, ransomleak, forum_post, bot, financial_data, chat_message, forum_profile\n- open_web: stack_exchange, paste, source_code_files, service, source_code_secrets, social_media_account, google, bucket_object, docker, bucket\n- leaks: leak\n- domains: domain\n",
"explode": true,
"in": "query",
"name": "types",
@@ -3440,7 +3440,7 @@
}
},
{
- "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: financial_data, seller, bot, ransomleak, stealer_log, forum_post, listing, blog_post, forum_profile, forum_topic, chat_message\n- open_web: google, social_media_account, stack_exchange, source_code_files, paste, service, bucket_object, source_code_secrets, bucket, docker\n- leaks: leak\n- domains: domain\n",
+ "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: listing, forum_topic, seller, stealer_log, blog_post, ransomleak, forum_post, bot, financial_data, chat_message, forum_profile\n- open_web: stack_exchange, paste, source_code_files, service, source_code_secrets, social_media_account, google, bucket_object, docker, bucket\n- leaks: leak\n- domains: domain\n",
"explode": true,
"in": "query",
"name": "types",
@@ -3782,7 +3782,7 @@
}
},
{
- "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: financial_data, seller, bot, ransomleak, stealer_log, forum_post, listing, blog_post, forum_profile, forum_topic, chat_message\n- open_web: google, social_media_account, stack_exchange, source_code_files, paste, service, bucket_object, source_code_secrets, bucket, docker\n- leaks: leak\n- domains: domain\n",
+ "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: listing, forum_topic, seller, stealer_log, blog_post, ransomleak, forum_post, bot, financial_data, chat_message, forum_profile\n- open_web: stack_exchange, paste, source_code_files, service, source_code_secrets, social_media_account, google, bucket_object, docker, bucket\n- leaks: leak\n- domains: domain\n",
"explode": true,
"in": "query",
"name": "types",
@@ -4061,7 +4061,7 @@
}
},
{
- "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: financial_data, seller, bot, ransomleak, stealer_log, forum_post, listing, blog_post, forum_profile, forum_topic, chat_message\n- open_web: google, social_media_account, stack_exchange, source_code_files, paste, service, bucket_object, source_code_secrets, bucket, docker\n- leaks: leak\n- domains: domain\n",
+ "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: listing, forum_topic, seller, stealer_log, blog_post, ransomleak, forum_post, bot, financial_data, chat_message, forum_profile\n- open_web: stack_exchange, paste, source_code_files, service, source_code_secrets, social_media_account, google, bucket_object, docker, bucket\n- leaks: leak\n- domains: domain\n",
"explode": true,
"in": "query",
"name": "types",
@@ -5122,7 +5122,7 @@
}
},
{
- "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: financial_data, seller, bot, ransomleak, stealer_log, forum_post, listing, blog_post, forum_profile, forum_topic, chat_message\n- open_web: google, social_media_account, stack_exchange, source_code_files, paste, service, bucket_object, source_code_secrets, bucket, docker\n- leaks: leak\n- domains: domain\n",
+ "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: listing, forum_topic, seller, stealer_log, blog_post, ransomleak, forum_post, bot, financial_data, chat_message, forum_profile\n- open_web: stack_exchange, paste, source_code_files, service, source_code_secrets, social_media_account, google, bucket_object, docker, bucket\n- leaks: leak\n- domains: domain\n",
"explode": true,
"in": "query",
"name": "types",
@@ -5422,7 +5422,7 @@
}
},
{
- "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: financial_data, seller, bot, ransomleak, stealer_log, forum_post, listing, blog_post, forum_profile, forum_topic, chat_message\n- open_web: google, social_media_account, stack_exchange, source_code_files, paste, service, bucket_object, source_code_secrets, bucket, docker\n- leaks: leak\n- domains: domain\n",
+ "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: listing, forum_topic, seller, stealer_log, blog_post, ransomleak, forum_post, bot, financial_data, chat_message, forum_profile\n- open_web: stack_exchange, paste, source_code_files, service, source_code_secrets, social_media_account, google, bucket_object, docker, bucket\n- leaks: leak\n- domains: domain\n",
"explode": true,
"in": "query",
"name": "types",
@@ -6504,29 +6504,29 @@
"search_types": {
"items": {
"enum": [
- "google",
- "bot",
- "stack_exchange",
- "stealer_log",
- "forum_post",
"listing",
+ "source_code_files",
"service",
- "bucket_object",
- "forum_profile",
- "source_code_secrets",
- "leak",
- "financial_data",
- "seller",
- "chat_message",
- "bucket",
+ "stealer_log",
"social_media_account",
- "paste",
- "domain",
"ransomleak",
- "source_code_files",
- "blog_post",
- "forum_topic",
+ "forum_post",
+ "bot",
"docker",
+ "chat_message",
+ "stack_exchange",
+ "forum_topic",
+ "paste",
+ "seller",
+ "source_code_secrets",
+ "blog_post",
+ "domain",
+ "google",
+ "bucket_object",
+ "financial_data",
+ "bucket",
+ "leak",
+ "forum_profile",
"illicit_networks",
"open_web",
"buckets",
@@ -6539,7 +6539,7 @@
"infected_devices",
"social_media"
],
- "example": "google",
+ "example": "listing",
"type": "string"
},
"type": "array"
@@ -6617,30 +6617,30 @@
"search_types": {
"items": {
"enum": [
- "google",
- "bot",
- "stack_exchange",
- "stealer_log",
- "forum_post",
"listing",
+ "source_code_files",
"service",
- "bucket_object",
- "forum_profile",
- "source_code_secrets",
- "leak",
- "financial_data",
- "seller",
+ "stealer_log",
+ "social_media_account",
"ad",
+ "ransomleak",
+ "forum_post",
+ "bot",
+ "docker",
"chat_message",
- "bucket",
- "social_media_account",
+ "stack_exchange",
+ "forum_topic",
"paste",
- "domain",
- "ransomleak",
- "source_code_files",
+ "seller",
+ "source_code_secrets",
"blog_post",
- "forum_topic",
- "docker",
+ "domain",
+ "google",
+ "bucket_object",
+ "financial_data",
+ "bucket",
+ "leak",
+ "forum_profile",
"illicit_networks",
"open_web",
"buckets",
@@ -6654,7 +6654,7 @@
"infected_devices",
"social_media"
],
- "example": "google",
+ "example": "listing",
"type": "string"
},
"type": "array"
diff --git a/docs/api-reference/spec/firework-v2-swagger.json b/docs/api-reference/spec/firework-v2-swagger.json
index 6697784..1c69dfb 100644
--- a/docs/api-reference/spec/firework-v2-swagger.json
+++ b/docs/api-reference/spec/firework-v2-swagger.json
@@ -646,29 +646,29 @@
"search_types": {
"items": {
"enum": [
- "google",
- "bot",
- "stack_exchange",
- "stealer_log",
- "forum_post",
"listing",
+ "source_code_files",
"service",
- "bucket_object",
- "forum_profile",
- "source_code_secrets",
- "leak",
- "financial_data",
- "seller",
- "chat_message",
- "bucket",
+ "stealer_log",
"social_media_account",
- "paste",
- "domain",
"ransomleak",
- "source_code_files",
- "blog_post",
- "forum_topic",
+ "forum_post",
+ "bot",
"docker",
+ "chat_message",
+ "stack_exchange",
+ "forum_topic",
+ "paste",
+ "seller",
+ "source_code_secrets",
+ "blog_post",
+ "domain",
+ "google",
+ "bucket_object",
+ "financial_data",
+ "bucket",
+ "leak",
+ "forum_profile",
"illicit_networks",
"open_web",
"buckets",
@@ -681,7 +681,7 @@
"infected_devices",
"social_media"
],
- "example": "google",
+ "example": "listing",
"type": "string"
},
"type": "array"
@@ -758,30 +758,30 @@
"search_types": {
"items": {
"enum": [
- "google",
- "bot",
- "stack_exchange",
- "stealer_log",
- "forum_post",
"listing",
+ "source_code_files",
"service",
- "bucket_object",
- "forum_profile",
- "source_code_secrets",
- "leak",
- "financial_data",
- "seller",
+ "stealer_log",
+ "social_media_account",
"ad",
+ "ransomleak",
+ "forum_post",
+ "bot",
+ "docker",
"chat_message",
- "bucket",
- "social_media_account",
+ "stack_exchange",
+ "forum_topic",
"paste",
- "domain",
- "ransomleak",
- "source_code_files",
+ "seller",
+ "source_code_secrets",
"blog_post",
- "forum_topic",
- "docker",
+ "domain",
+ "google",
+ "bucket_object",
+ "financial_data",
+ "bucket",
+ "leak",
+ "forum_profile",
"illicit_networks",
"open_web",
"buckets",
@@ -795,7 +795,7 @@
"infected_devices",
"social_media"
],
- "example": "google",
+ "example": "listing",
"type": "string"
},
"type": "array"
@@ -3826,7 +3826,7 @@
},
{
"collectionFormat": "multi",
- "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: financial_data, seller, bot, ransomleak, stealer_log, forum_post, listing, blog_post, forum_profile, forum_topic, chat_message\n- open_web: google, social_media_account, stack_exchange, source_code_files, paste, service, bucket_object, source_code_secrets, bucket, docker\n- leaks: leak\n- domains: domain\n",
+ "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: listing, forum_topic, seller, stealer_log, blog_post, ransomleak, forum_post, bot, financial_data, chat_message, forum_profile\n- open_web: stack_exchange, paste, source_code_files, service, source_code_secrets, social_media_account, google, bucket_object, docker, bucket\n- leaks: leak\n- domains: domain\n",
"enum": [
"attachment",
"listing",
@@ -4090,7 +4090,7 @@
},
{
"collectionFormat": "multi",
- "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: financial_data, seller, bot, ransomleak, stealer_log, forum_post, listing, blog_post, forum_profile, forum_topic, chat_message\n- open_web: google, social_media_account, stack_exchange, source_code_files, paste, service, bucket_object, source_code_secrets, bucket, docker\n- leaks: leak\n- domains: domain\n",
+ "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: listing, forum_topic, seller, stealer_log, blog_post, ransomleak, forum_post, bot, financial_data, chat_message, forum_profile\n- open_web: stack_exchange, paste, source_code_files, service, source_code_secrets, social_media_account, google, bucket_object, docker, bucket\n- leaks: leak\n- domains: domain\n",
"enum": [
"attachment",
"listing",
@@ -4524,7 +4524,7 @@
},
{
"collectionFormat": "multi",
- "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: financial_data, seller, bot, ransomleak, stealer_log, forum_post, listing, blog_post, forum_profile, forum_topic, chat_message\n- open_web: google, social_media_account, stack_exchange, source_code_files, paste, service, bucket_object, source_code_secrets, bucket, docker\n- leaks: leak\n- domains: domain\n",
+ "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: listing, forum_topic, seller, stealer_log, blog_post, ransomleak, forum_post, bot, financial_data, chat_message, forum_profile\n- open_web: stack_exchange, paste, source_code_files, service, source_code_secrets, social_media_account, google, bucket_object, docker, bucket\n- leaks: leak\n- domains: domain\n",
"enum": [
"attachment",
"listing",
@@ -4788,7 +4788,7 @@
},
{
"collectionFormat": "multi",
- "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: financial_data, seller, bot, ransomleak, stealer_log, forum_post, listing, blog_post, forum_profile, forum_topic, chat_message\n- open_web: google, social_media_account, stack_exchange, source_code_files, paste, service, bucket_object, source_code_secrets, bucket, docker\n- leaks: leak\n- domains: domain\n",
+ "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: listing, forum_topic, seller, stealer_log, blog_post, ransomleak, forum_post, bot, financial_data, chat_message, forum_profile\n- open_web: stack_exchange, paste, source_code_files, service, source_code_secrets, social_media_account, google, bucket_object, docker, bucket\n- leaks: leak\n- domains: domain\n",
"enum": [
"attachment",
"listing",
@@ -5097,7 +5097,7 @@
},
{
"collectionFormat": "multi",
- "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: financial_data, seller, bot, ransomleak, stealer_log, forum_post, listing, blog_post, forum_profile, forum_topic, chat_message\n- open_web: google, social_media_account, stack_exchange, source_code_files, paste, service, bucket_object, source_code_secrets, bucket, docker\n- leaks: leak\n- domains: domain\n",
+ "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: listing, forum_topic, seller, stealer_log, blog_post, ransomleak, forum_post, bot, financial_data, chat_message, forum_profile\n- open_web: stack_exchange, paste, source_code_files, service, source_code_secrets, social_media_account, google, bucket_object, docker, bucket\n- leaks: leak\n- domains: domain\n",
"enum": [
"attachment",
"listing",
@@ -5397,7 +5397,7 @@
},
{
"collectionFormat": "multi",
- "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: financial_data, seller, bot, ransomleak, stealer_log, forum_post, listing, blog_post, forum_profile, forum_topic, chat_message\n- open_web: google, social_media_account, stack_exchange, source_code_files, paste, service, bucket_object, source_code_secrets, bucket, docker\n- leaks: leak\n- domains: domain\n",
+ "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: listing, forum_topic, seller, stealer_log, blog_post, ransomleak, forum_post, bot, financial_data, chat_message, forum_profile\n- open_web: stack_exchange, paste, source_code_files, service, source_code_secrets, social_media_account, google, bucket_object, docker, bucket\n- leaks: leak\n- domains: domain\n",
"enum": [
"attachment",
"listing",
@@ -5631,7 +5631,7 @@
},
{
"collectionFormat": "multi",
- "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: financial_data, seller, bot, ransomleak, stealer_log, forum_post, listing, blog_post, forum_profile, forum_topic, chat_message\n- open_web: google, social_media_account, stack_exchange, source_code_files, paste, service, bucket_object, source_code_secrets, bucket, docker\n- leaks: leak\n- domains: domain\n",
+ "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: listing, forum_topic, seller, stealer_log, blog_post, ransomleak, forum_post, bot, financial_data, chat_message, forum_profile\n- open_web: stack_exchange, paste, source_code_files, service, source_code_secrets, social_media_account, google, bucket_object, docker, bucket\n- leaks: leak\n- domains: domain\n",
"enum": [
"attachment",
"listing",
@@ -6475,7 +6475,7 @@
},
{
"collectionFormat": "multi",
- "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: financial_data, seller, bot, ransomleak, stealer_log, forum_post, listing, blog_post, forum_profile, forum_topic, chat_message\n- open_web: google, social_media_account, stack_exchange, source_code_files, paste, service, bucket_object, source_code_secrets, bucket, docker\n- leaks: leak\n- domains: domain\n",
+ "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: listing, forum_topic, seller, stealer_log, blog_post, ransomleak, forum_post, bot, financial_data, chat_message, forum_profile\n- open_web: stack_exchange, paste, source_code_files, service, source_code_secrets, social_media_account, google, bucket_object, docker, bucket\n- leaks: leak\n- domains: domain\n",
"enum": [
"attachment",
"listing",
@@ -6723,7 +6723,7 @@
},
{
"collectionFormat": "multi",
- "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: financial_data, seller, bot, ransomleak, stealer_log, forum_post, listing, blog_post, forum_profile, forum_topic, chat_message\n- open_web: google, social_media_account, stack_exchange, source_code_files, paste, service, bucket_object, source_code_secrets, bucket, docker\n- leaks: leak\n- domains: domain\n",
+ "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: listing, forum_topic, seller, stealer_log, blog_post, ransomleak, forum_post, bot, financial_data, chat_message, forum_profile\n- open_web: stack_exchange, paste, source_code_files, service, source_code_secrets, social_media_account, google, bucket_object, docker, bucket\n- leaks: leak\n- domains: domain\n",
"enum": [
"attachment",
"listing",
diff --git a/docs/api-reference/spec/firework-v3-openapi.json b/docs/api-reference/spec/firework-v3-openapi.json
index a4d8bca..944c8e5 100644
--- a/docs/api-reference/spec/firework-v3-openapi.json
+++ b/docs/api-reference/spec/firework-v3-openapi.json
@@ -483,7 +483,7 @@
}
},
{
- "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: chat_message, listing, bot, forum_profile, ransomleak, forum_post, stealer_log, blog_post, forum_topic, financial_data, seller\n- open_web: docker, bucket_object, service, paste, social_media_account, bucket, source_code_secrets, source_code_files, stack_exchange, google\n- leaks: leak\n- domains: domain\n",
+ "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: listing, forum_topic, seller, stealer_log, blog_post, ransomleak, forum_post, bot, financial_data, chat_message, forum_profile\n- open_web: stack_exchange, paste, source_code_files, service, source_code_secrets, social_media_account, google, bucket_object, docker, bucket\n- leaks: leak\n- domains: domain\n",
"explode": true,
"in": "query",
"name": "types",
@@ -803,7 +803,7 @@
}
},
{
- "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: chat_message, listing, bot, forum_profile, ransomleak, forum_post, stealer_log, blog_post, forum_topic, financial_data, seller\n- open_web: docker, bucket_object, service, paste, social_media_account, bucket, source_code_secrets, source_code_files, stack_exchange, google\n- leaks: leak\n- domains: domain\n",
+ "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: listing, forum_topic, seller, stealer_log, blog_post, ransomleak, forum_post, bot, financial_data, chat_message, forum_profile\n- open_web: stack_exchange, paste, source_code_files, service, source_code_secrets, social_media_account, google, bucket_object, docker, bucket\n- leaks: leak\n- domains: domain\n",
"explode": true,
"in": "query",
"name": "types",
diff --git a/docs/api-reference/spec/firework-v3-swagger.json b/docs/api-reference/spec/firework-v3-swagger.json
index f71bc53..09d1912 100644
--- a/docs/api-reference/spec/firework-v3-swagger.json
+++ b/docs/api-reference/spec/firework-v3-swagger.json
@@ -1326,7 +1326,7 @@
},
{
"collectionFormat": "multi",
- "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: chat_message, listing, bot, forum_profile, ransomleak, forum_post, stealer_log, blog_post, forum_topic, financial_data, seller\n- open_web: docker, bucket_object, service, paste, social_media_account, bucket, source_code_secrets, source_code_files, stack_exchange, google\n- leaks: leak\n- domains: domain\n",
+ "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: listing, forum_topic, seller, stealer_log, blog_post, ransomleak, forum_post, bot, financial_data, chat_message, forum_profile\n- open_web: stack_exchange, paste, source_code_files, service, source_code_secrets, social_media_account, google, bucket_object, docker, bucket\n- leaks: leak\n- domains: domain\n",
"enum": [
"attachment",
"listing",
@@ -1590,7 +1590,7 @@
},
{
"collectionFormat": "multi",
- "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: chat_message, listing, bot, forum_profile, ransomleak, forum_post, stealer_log, blog_post, forum_topic, financial_data, seller\n- open_web: docker, bucket_object, service, paste, social_media_account, bucket, source_code_secrets, source_code_files, stack_exchange, google\n- leaks: leak\n- domains: domain\n",
+ "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: listing, forum_topic, seller, stealer_log, blog_post, ransomleak, forum_post, bot, financial_data, chat_message, forum_profile\n- open_web: stack_exchange, paste, source_code_files, service, source_code_secrets, social_media_account, google, bucket_object, docker, bucket\n- leaks: leak\n- domains: domain\n",
"enum": [
"attachment",
"listing",
diff --git a/docs/api-reference/spec/firework-v4-openapi.json b/docs/api-reference/spec/firework-v4-openapi.json
index 4a8b72b..a46a712 100644
--- a/docs/api-reference/spec/firework-v4-openapi.json
+++ b/docs/api-reference/spec/firework-v4-openapi.json
@@ -34,7 +34,7 @@
"content": {
"application/json": {
"schema": {
- "$ref": "#/components/schemas/pyro__firework__backend__api4__asset_authorization__datamodels__AuthorizationResponse"
+ "$ref": "#/components/schemas/AuthorizationResponse"
}
}
}
@@ -105,7 +105,7 @@
"operationId": "list_cookie_monitoring_configurations_admin_cookies_configurations_get",
"parameters": [
{
- "name": "from_",
+ "name": "from",
"in": "query",
"required": false,
"schema": {
@@ -117,7 +117,7 @@
"type": "null"
}
],
- "title": "From "
+ "title": "From"
}
},
{
@@ -996,7 +996,7 @@
}
},
{
- "name": "from_",
+ "name": "from",
"in": "query",
"required": false,
"schema": {
@@ -1008,7 +1008,7 @@
"type": "null"
}
],
- "title": "From "
+ "title": "From"
}
},
{
@@ -2212,7 +2212,7 @@
"operationId": "tenant_alerts_alerts__get",
"parameters": [
{
- "name": "from_",
+ "name": "from",
"in": "query",
"required": false,
"schema": {
@@ -2224,7 +2224,7 @@
"type": "null"
}
],
- "title": "From "
+ "title": "From"
}
},
{
@@ -2488,7 +2488,7 @@
"operationId": "alert_channels_alerts_channels_get",
"parameters": [
{
- "name": "from_",
+ "name": "from",
"in": "query",
"required": false,
"schema": {
@@ -2500,7 +2500,7 @@
"type": "null"
}
],
- "title": "From "
+ "title": "From"
}
},
{
@@ -2889,7 +2889,7 @@
"content": {
"application/json": {
"schema": {
- "$ref": "#/components/schemas/pyro__firework__backend__api4__asset_authorization__datamodels__AuthorizationResponse"
+ "$ref": "#/components/schemas/AuthorizationResponse"
}
}
}
@@ -3195,10 +3195,71 @@
"/firework/v4/events/": {
"get": {
"tags": [
- "private"
+ "public"
],
"summary": "Get Event",
"operationId": "get_event_events__get",
+ "parameters": [
+ {
+ "name": "uid",
+ "in": "query",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "title": "Uid"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Successful Response",
+ "content": {
+ "application/json": {
+ "schema": {
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/pyro__events__firework__stealerlog__StealerLogEvent"
+ },
+ {
+ "$ref": "#/components/schemas/RansomLeakEvent"
+ },
+ {
+ "$ref": "#/components/schemas/LookalikeDomainEvent"
+ }
+ ],
+ "discriminator": {
+ "propertyName": "event_type",
+ "mapping": {
+ "stealer_log": "#/components/schemas/pyro__events__firework__stealerlog__StealerLogEvent",
+ "ransomleak": "#/components/schemas/RansomLeakEvent",
+ "lookalike": "#/components/schemas/LookalikeDomainEvent"
+ }
+ },
+ "title": "Response Get Event Events Get"
+ }
+ }
+ }
+ },
+ "422": {
+ "description": "Validation Error",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/HTTPValidationError"
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "/firework/v4/events/ui": {
+ "get": {
+ "tags": [
+ "private"
+ ],
+ "summary": "Get Event Ui",
+ "operationId": "get_event_ui_events_ui_get",
"parameters": [
{
"name": "uid",
@@ -3732,6 +3793,46 @@
}
}
},
+ "/firework/v4/events/html": {
+ "get": {
+ "tags": [
+ "private"
+ ],
+ "summary": "Get Event Html",
+ "operationId": "get_event_html_events_html_get",
+ "parameters": [
+ {
+ "name": "uid",
+ "in": "query",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "title": "Uid"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Successful Response",
+ "content": {
+ "application/json": {
+ "schema": {}
+ }
+ }
+ },
+ "422": {
+ "description": "Validation Error",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/HTTPValidationError"
+ }
+ }
+ }
+ }
+ }
+ }
+ },
"/firework/v4/file_analysis/submit": {
"post": {
"tags": [
@@ -4372,7 +4473,7 @@
"operationId": "get_identifier_count_identifiers_count_get",
"parameters": [
{
- "name": "from_",
+ "name": "from",
"in": "query",
"required": false,
"schema": {
@@ -4384,7 +4485,7 @@
"type": "null"
}
],
- "title": "From "
+ "title": "From"
}
},
{
@@ -4658,7 +4759,7 @@
"operationId": "get_identifiers_identifiers__get",
"parameters": [
{
- "name": "from_",
+ "name": "from",
"in": "query",
"required": false,
"schema": {
@@ -4670,7 +4771,7 @@
"type": "null"
}
],
- "title": "From "
+ "title": "From"
}
},
{
@@ -5193,7 +5294,7 @@
}
},
{
- "name": "from_",
+ "name": "from",
"in": "query",
"required": false,
"schema": {
@@ -5205,7 +5306,7 @@
"type": "null"
}
],
- "title": "From "
+ "title": "From"
}
},
{
@@ -5410,7 +5511,7 @@
}
},
{
- "name": "from_",
+ "name": "from",
"in": "query",
"required": false,
"schema": {
@@ -5422,7 +5523,7 @@
"type": "null"
}
],
- "title": "From "
+ "title": "From"
}
},
{
@@ -6444,7 +6545,7 @@
}
},
{
- "name": "from_",
+ "name": "from",
"in": "query",
"required": false,
"schema": {
@@ -6456,7 +6557,7 @@
"type": "null"
}
],
- "title": "From "
+ "title": "From"
}
},
{
@@ -7398,7 +7499,7 @@
"operationId": "list_reports_report_groups__report_group_id__reports__get",
"parameters": [
{
- "name": "from_",
+ "name": "from",
"in": "query",
"required": false,
"schema": {
@@ -7410,7 +7511,7 @@
"type": "null"
}
],
- "title": "From "
+ "title": "From"
}
},
{
@@ -7439,7 +7540,7 @@
"in": "query",
"required": false,
"schema": {
- "$ref": "#/components/schemas/pyro__reports__report_store__SortType",
+ "$ref": "#/components/schemas/SortType",
"default": "updated_at"
}
},
@@ -7452,7 +7553,7 @@
{
"type": "array",
"items": {
- "$ref": "#/components/schemas/pyro__reports__report_types__ReportType"
+ "$ref": "#/components/schemas/ReportType"
}
},
{
@@ -7906,7 +8007,7 @@
}
},
{
- "name": "from_",
+ "name": "from",
"in": "query",
"required": false,
"schema": {
@@ -7918,7 +8019,7 @@
"type": "null"
}
],
- "title": "From "
+ "title": "From"
}
},
{
@@ -8332,7 +8433,7 @@
"operationId": "get_tenant_integrations_integrations_tenant_integrations_get",
"parameters": [
{
- "name": "from_",
+ "name": "from",
"in": "query",
"required": false,
"schema": {
@@ -8344,7 +8445,7 @@
"type": "null"
}
],
- "title": "From "
+ "title": "From"
}
},
{
@@ -9091,7 +9192,7 @@
"operationId": "list_reports_threat_flow_reports__get",
"parameters": [
{
- "name": "from_",
+ "name": "from",
"in": "query",
"required": false,
"schema": {
@@ -9103,7 +9204,7 @@
"type": "null"
}
],
- "title": "From "
+ "title": "From"
}
},
{
@@ -9193,7 +9294,7 @@
"content": {
"application/json": {
"schema": {
- "$ref": "#/components/schemas/pyro__threat_flow__web__v4__reports__models__ReportResponse"
+ "$ref": "#/components/schemas/ReportResponse"
}
}
}
@@ -9283,7 +9384,7 @@
"content": {
"application/json": {
"schema": {
- "$ref": "#/components/schemas/pyro__threat_flow__web__v4__reports__models__ReportResponse"
+ "$ref": "#/components/schemas/ReportResponse"
}
}
}
@@ -9626,7 +9727,7 @@
"operationId": "list_sandbox_submissions_sandbox_get",
"parameters": [
{
- "name": "from_",
+ "name": "from",
"in": "query",
"required": false,
"schema": {
@@ -9638,7 +9739,7 @@
"type": "null"
}
],
- "title": "From "
+ "title": "From"
}
},
{
@@ -9853,6 +9954,47 @@
}
}
},
+ "/firework/v4/sandbox/submissions/{submission_uuid}/iocs/csv": {
+ "get": {
+ "tags": [
+ "private"
+ ],
+ "summary": "Stream Iocs Csv",
+ "operationId": "stream_iocs_csv_sandbox_submissions__submission_uuid__iocs_csv_get",
+ "parameters": [
+ {
+ "name": "submission_uuid",
+ "in": "path",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "format": "uuid",
+ "title": "Submission Uuid"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Successful Response",
+ "content": {
+ "application/json": {
+ "schema": {}
+ }
+ }
+ },
+ "422": {
+ "description": "Validation Error",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/HTTPValidationError"
+ }
+ }
+ }
+ }
+ }
+ }
+ },
"/firework/v4/sandbox/submissions/{submission_uuid}/archive": {
"post": {
"tags": [
@@ -11153,6 +11295,20 @@
"type": "null"
}
]
+ },
+ "custom_headers": {
+ "anyOf": [
+ {
+ "additionalProperties": {
+ "type": "string"
+ },
+ "type": "object"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Custom Headers"
}
},
"type": "object",
@@ -12003,6 +12159,31 @@
],
"title": "AuthorizationRequestItemTenant"
},
+ "AuthorizationResponse": {
+ "properties": {
+ "success": {
+ "type": "boolean",
+ "title": "Success"
+ },
+ "error_message": {
+ "anyOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Error Message"
+ }
+ },
+ "type": "object",
+ "required": [
+ "success",
+ "error_message"
+ ],
+ "title": "AuthorizationResponse"
+ },
"AuthorizeAssetRequestStatus": {
"type": "string",
"enum": [
@@ -12322,7 +12503,7 @@
}
],
"title": "Created After",
- "default": "2026-01-05T15:04:02.866993Z"
+ "default": "2026-01-08T20:17:43.618686Z"
},
"from": {
"anyOf": [
@@ -13607,16 +13788,16 @@
"query": {
"oneOf": [
{
- "$ref": "#/components/schemas/pyro__leaks__types__DomainQuery"
+ "$ref": "#/components/schemas/DomainQuery"
},
{
- "$ref": "#/components/schemas/pyro__leaks__types__EmailQuery"
+ "$ref": "#/components/schemas/EmailQuery"
},
{
- "$ref": "#/components/schemas/pyro__leaks__types__KeywordQuery"
+ "$ref": "#/components/schemas/KeywordQuery"
},
{
- "$ref": "#/components/schemas/pyro__firework__backend__api4__events__models__SecretQuery"
+ "$ref": "#/components/schemas/SecretQuery"
},
{
"$ref": "#/components/schemas/AuthDomainQuery"
@@ -13813,6 +13994,25 @@
],
"title": "DomainData"
},
+ "DomainQuery": {
+ "properties": {
+ "type": {
+ "type": "string",
+ "const": "domain",
+ "title": "Type"
+ },
+ "fqdn": {
+ "type": "string",
+ "title": "Fqdn"
+ }
+ },
+ "type": "object",
+ "required": [
+ "type",
+ "fqdn"
+ ],
+ "title": "DomainQuery"
+ },
"DomainRestrictedTerm": {
"properties": {
"type": {
@@ -13877,6 +14077,25 @@
],
"title": "EmailData"
},
+ "EmailQuery": {
+ "properties": {
+ "type": {
+ "type": "string",
+ "const": "email",
+ "title": "Type"
+ },
+ "email": {
+ "type": "string",
+ "title": "Email"
+ }
+ },
+ "type": "object",
+ "required": [
+ "type",
+ "email"
+ ],
+ "title": "EmailQuery"
+ },
"EnrichedBulkAction": {
"properties": {
"id": {
@@ -14430,11 +14649,62 @@
],
"title": "EventInput"
},
- "EventSecretsBody": {
+ "EventMetadata": {
"properties": {
- "uid": {
- "type": "string",
- "title": "Uid"
+ "estimated_created_at": {
+ "anyOf": [
+ {
+ "type": "string",
+ "format": "date-time"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Estimated Created At"
+ },
+ "flare_url": {
+ "type": "string",
+ "maxLength": 2083,
+ "minLength": 1,
+ "format": "uri",
+ "title": "Flare Url"
+ },
+ "matched_at": {
+ "anyOf": [
+ {
+ "type": "string",
+ "format": "date-time"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Matched At"
+ },
+ "severity": {
+ "$ref": "#/components/schemas/EventSeverity"
+ },
+ "uid": {
+ "type": "string",
+ "title": "Uid"
+ }
+ },
+ "type": "object",
+ "required": [
+ "estimated_created_at",
+ "flare_url",
+ "matched_at",
+ "severity",
+ "uid"
+ ],
+ "title": "EventMetadata"
+ },
+ "EventSecretsBody": {
+ "properties": {
+ "uid": {
+ "type": "string",
+ "title": "Uid"
},
"from": {
"anyOf": [
@@ -14461,6 +14731,17 @@
],
"title": "EventSecretsBody"
},
+ "EventSeverity": {
+ "type": "string",
+ "enum": [
+ "info",
+ "low",
+ "medium",
+ "high",
+ "critical"
+ ],
+ "title": "EventSeverity"
+ },
"ExecutiveSummaryOutput": {
"properties": {
"overview": {
@@ -14787,6 +15068,23 @@
},
"materialized_at": {
"$ref": "#/components/schemas/FeedDateFilter"
+ },
+ "tags": {
+ "items": {
+ "type": "string"
+ },
+ "type": "array",
+ "title": "Tags"
+ },
+ "is_ignored": {
+ "type": "boolean",
+ "title": "Is Ignored",
+ "default": false
+ },
+ "is_remediated": {
+ "type": "boolean",
+ "title": "Is Remediated",
+ "default": false
}
},
"type": "object",
@@ -14982,7 +15280,7 @@
"$ref": "#/components/schemas/UsernameQuery"
},
{
- "$ref": "#/components/schemas/pyro__leaks__types__DomainQuery"
+ "$ref": "#/components/schemas/DomainQuery"
},
{
"$ref": "#/components/schemas/BrandQuery"
@@ -14991,7 +15289,7 @@
"$ref": "#/components/schemas/NameQuery"
},
{
- "$ref": "#/components/schemas/pyro__leaks__types__KeywordQuery"
+ "$ref": "#/components/schemas/KeywordQuery"
},
{
"$ref": "#/components/schemas/QueryStringQuery"
@@ -15003,10 +15301,10 @@
"$ref": "#/components/schemas/IpQuery"
},
{
- "$ref": "#/components/schemas/pyro__leaks__types__EmailQuery"
+ "$ref": "#/components/schemas/EmailQuery"
},
{
- "$ref": "#/components/schemas/pyro__firework__backend__api4__events__models__SecretQuery"
+ "$ref": "#/components/schemas/SecretQuery"
},
{
"$ref": "#/components/schemas/CredentialsQuery"
@@ -15641,7 +15939,7 @@
"$ref": "#/components/schemas/UsernameQuery"
},
{
- "$ref": "#/components/schemas/pyro__leaks__types__DomainQuery"
+ "$ref": "#/components/schemas/DomainQuery"
},
{
"$ref": "#/components/schemas/BrandQuery"
@@ -15650,7 +15948,7 @@
"$ref": "#/components/schemas/NameQuery"
},
{
- "$ref": "#/components/schemas/pyro__leaks__types__KeywordQuery"
+ "$ref": "#/components/schemas/KeywordQuery"
},
{
"$ref": "#/components/schemas/QueryStringQuery"
@@ -15662,10 +15960,10 @@
"$ref": "#/components/schemas/IpQuery"
},
{
- "$ref": "#/components/schemas/pyro__leaks__types__EmailQuery"
+ "$ref": "#/components/schemas/EmailQuery"
},
{
- "$ref": "#/components/schemas/pyro__firework__backend__api4__events__models__SecretQuery"
+ "$ref": "#/components/schemas/SecretQuery"
},
{
"$ref": "#/components/schemas/CredentialsQuery"
@@ -17567,6 +17865,25 @@
],
"title": "KeywordData"
},
+ "KeywordQuery": {
+ "properties": {
+ "type": {
+ "type": "string",
+ "const": "keyword",
+ "title": "Type"
+ },
+ "keyword": {
+ "type": "string",
+ "title": "Keyword"
+ }
+ },
+ "type": "object",
+ "required": [
+ "type",
+ "keyword"
+ ],
+ "title": "KeywordQuery"
+ },
"KeywordRestrictedTerm": {
"properties": {
"type": {
@@ -17748,6 +18065,175 @@
],
"title": "LogoResponse"
},
+ "LookalikeDomainEvent": {
+ "properties": {
+ "event_type": {
+ "type": "string",
+ "const": "lookalike",
+ "title": "Event Type",
+ "default": "lookalike"
+ },
+ "data": {
+ "$ref": "#/components/schemas/LookalikeDomainEventData"
+ },
+ "metadata": {
+ "$ref": "#/components/schemas/EventMetadata"
+ }
+ },
+ "type": "object",
+ "required": [
+ "data",
+ "metadata"
+ ],
+ "title": "LookalikeDomainEvent"
+ },
+ "LookalikeDomainEventData": {
+ "properties": {
+ "domain": {
+ "type": "string",
+ "title": "Domain"
+ },
+ "registered_at": {
+ "anyOf": [
+ {
+ "type": "string",
+ "format": "date-time"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Registered At"
+ },
+ "identifier_domains": {
+ "anyOf": [
+ {
+ "items": {
+ "type": "string"
+ },
+ "type": "array"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Identifier Domains"
+ },
+ "feed": {
+ "anyOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Feed"
+ },
+ "cert_data": {
+ "anyOf": [
+ {
+ "additionalProperties": true,
+ "type": "object"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Cert Data"
+ },
+ "subject": {
+ "anyOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Subject"
+ },
+ "issuer": {
+ "anyOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Issuer"
+ }
+ },
+ "type": "object",
+ "required": [
+ "domain",
+ "registered_at",
+ "identifier_domains",
+ "feed",
+ "cert_data",
+ "subject",
+ "issuer"
+ ],
+ "title": "LookalikeDomainEventData"
+ },
+ "MalwareInformation": {
+ "properties": {
+ "malware_family": {
+ "anyOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Malware Family"
+ },
+ "build_id": {
+ "anyOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Build Id"
+ },
+ "file_location": {
+ "anyOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "File Location"
+ },
+ "infected_at": {
+ "anyOf": [
+ {
+ "type": "string",
+ "format": "date-time"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Infected At"
+ }
+ },
+ "type": "object",
+ "required": [
+ "malware_family",
+ "build_id",
+ "file_location",
+ "infected_at"
+ ],
+ "title": "MalwareInformation"
+ },
"MarkUserAsCompromisedPayload": {
"properties": {
"credential_hash": {
@@ -19076,27 +19562,121 @@
],
"title": "QueryStringQuery"
},
- "RecentActivityCountResponse": {
+ "RansomLeakEvent": {
"properties": {
- "count": {
- "type": "integer",
- "title": "Count"
+ "event_type": {
+ "type": "string",
+ "const": "ransomleak",
+ "title": "Event Type",
+ "default": "ransomleak"
+ },
+ "data": {
+ "$ref": "#/components/schemas/RansomLeakEventData"
+ },
+ "metadata": {
+ "$ref": "#/components/schemas/EventMetadata"
}
},
"type": "object",
"required": [
- "count"
+ "data",
+ "metadata"
],
- "title": "RecentActivityCountResponse"
+ "title": "RansomLeakEvent"
},
- "RecentActivityExposedPII": {
+ "RansomLeakEventData": {
"properties": {
- "type": {
- "$ref": "#/components/schemas/SearchType"
+ "url": {
+ "anyOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Url"
},
- "uid": {
- "type": "string",
- "title": "Uid"
+ "response_url": {
+ "anyOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Response Url"
+ },
+ "title": {
+ "anyOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Title"
+ },
+ "content": {
+ "anyOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Content"
+ },
+ "body": {
+ "anyOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Body"
+ },
+ "victim_information": {
+ "$ref": "#/components/schemas/VictimInfo"
+ }
+ },
+ "type": "object",
+ "required": [
+ "url",
+ "response_url",
+ "title",
+ "content",
+ "body",
+ "victim_information"
+ ],
+ "title": "RansomLeakEventData"
+ },
+ "RecentActivityCountResponse": {
+ "properties": {
+ "count": {
+ "type": "integer",
+ "title": "Count"
+ }
+ },
+ "type": "object",
+ "required": [
+ "count"
+ ],
+ "title": "RecentActivityCountResponse"
+ },
+ "RecentActivityExposedPII": {
+ "properties": {
+ "type": {
+ "$ref": "#/components/schemas/SearchType"
+ },
+ "uid": {
+ "type": "string",
+ "title": "Uid"
},
"leaked_date": {
"type": "string",
@@ -19447,7 +20027,7 @@
"title": "Author"
},
"report_type": {
- "$ref": "#/components/schemas/pyro__reports__report_types__ReportType"
+ "$ref": "#/components/schemas/ReportType-Output"
},
"created_at": {
"type": "string",
@@ -19729,7 +20309,7 @@
"title": "Author"
},
"report_type": {
- "$ref": "#/components/schemas/pyro__reports__report_types__ReportType"
+ "$ref": "#/components/schemas/ReportType-Output"
},
"created_at": {
"type": "string",
@@ -20201,6 +20781,18 @@
],
"title": "ReportRequestResponse"
},
+ "ReportResponse": {
+ "properties": {
+ "report": {
+ "$ref": "#/components/schemas/PydanticThreatFlowReport"
+ }
+ },
+ "type": "object",
+ "required": [
+ "report"
+ ],
+ "title": "ReportResponse"
+ },
"ReportSchedulerData": {
"properties": {
"report_group_id": {
@@ -20501,6 +21093,24 @@
],
"title": "ReportStatus"
},
+ "ReportType": {
+ "type": "string",
+ "enum": [
+ "v1",
+ "event_based",
+ "feed_based"
+ ],
+ "title": "ReportType"
+ },
+ "ReportType-Output": {
+ "type": "string",
+ "enum": [
+ "v1",
+ "event_based",
+ "feed_based"
+ ],
+ "title": "ReportType"
+ },
"ReportUpdatePayload": {
"properties": {
"title": {
@@ -20530,7 +21140,7 @@
"report_type": {
"anyOf": [
{
- "$ref": "#/components/schemas/pyro__reports__report_types__ReportType"
+ "$ref": "#/components/schemas/ReportType"
},
{
"type": "null"
@@ -21358,6 +21968,25 @@
],
"title": "SecretPosition"
},
+ "SecretQuery": {
+ "properties": {
+ "type": {
+ "type": "string",
+ "const": "secret",
+ "title": "Type"
+ },
+ "secret": {
+ "type": "string",
+ "title": "Secret"
+ }
+ },
+ "type": "object",
+ "required": [
+ "type",
+ "secret"
+ ],
+ "title": "SecretQuery"
+ },
"Severity": {
"type": "string",
"enum": [
@@ -21369,6 +21998,18 @@
],
"title": "Severity"
},
+ "SortType": {
+ "type": "string",
+ "enum": [
+ "id",
+ "title",
+ "author",
+ "created_at",
+ "updated_at",
+ "status"
+ ],
+ "title": "SortType"
+ },
"Source": {
"properties": {
"sphere": {
@@ -21974,6 +22615,36 @@
],
"title": "StealerLogEvent"
},
+ "StealerLogEventData": {
+ "properties": {
+ "victim_information": {
+ "anyOf": [
+ {
+ "$ref": "#/components/schemas/VictimInformation"
+ },
+ {
+ "type": "null"
+ }
+ ]
+ },
+ "malware_information": {
+ "anyOf": [
+ {
+ "$ref": "#/components/schemas/MalwareInformation"
+ },
+ {
+ "type": "null"
+ }
+ ]
+ }
+ },
+ "type": "object",
+ "required": [
+ "victim_information",
+ "malware_information"
+ ],
+ "title": "StealerLogEventData"
+ },
"StealerLogFindingCookie": {
"properties": {
"host_key": {
@@ -23650,46 +24321,31 @@
],
"title": "ValidationError"
},
- "WebhookBasicAuth": {
+ "VictimInfo": {
"properties": {
- "username": {
- "type": "string",
- "title": "Username"
+ "name": {
+ "anyOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Name"
},
- "password": {
- "type": "string",
- "title": "Password"
- }
- },
- "type": "object",
- "required": [
- "username",
- "password"
- ],
- "title": "WebhookBasicAuth"
- },
- "pyro__entities__identities__profile__sort_type__SortType": {
- "type": "string",
- "enum": [
- "creation_date",
- "credentials_count",
- "event_type",
- "information_type",
- "ip_address",
- "last_seen",
- "leaked_date",
- "password",
- "source_name"
- ],
- "title": "SortType"
- },
- "pyro__firework__backend__api4__asset_authorization__datamodels__AuthorizationResponse": {
- "properties": {
- "success": {
- "type": "boolean",
- "title": "Success"
+ "display_name": {
+ "anyOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Display Name"
},
- "error_message": {
+ "domain": {
"anyOf": [
{
"type": "string"
@@ -23698,124 +24354,405 @@
"type": "null"
}
],
- "title": "Error Message"
- }
- },
- "type": "object",
- "required": [
- "success",
- "error_message"
- ],
- "title": "AuthorizationResponse"
- },
- "pyro__firework__backend__api4__events__models__SecretQuery": {
- "properties": {
- "type": {
- "type": "string",
- "const": "secret",
- "title": "Type"
+ "title": "Domain"
},
- "secret": {
- "type": "string",
- "title": "Secret"
- }
- },
- "type": "object",
- "required": [
- "type",
- "secret"
- ],
- "title": "SecretQuery"
- },
- "pyro__firework__backend__api4__reports__report_groups__reports__report_datamodels__ReportResponse": {
- "properties": {
- "report": {
- "$ref": "#/components/schemas/Report"
- }
- },
- "type": "object",
- "required": [
- "report"
- ],
- "title": "ReportResponse"
- },
- "pyro__leaks__types__DomainQuery": {
- "properties": {
- "type": {
- "type": "string",
- "const": "domain",
- "title": "Type"
+ "alternative_domains": {
+ "anyOf": [
+ {
+ "items": {
+ "type": "string"
+ },
+ "type": "array"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Alternative Domains"
},
- "fqdn": {
- "type": "string",
- "title": "Fqdn"
+ "industry": {
+ "anyOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Industry"
+ },
+ "employee_count": {
+ "anyOf": [
+ {
+ "type": "integer"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Employee Count"
+ },
+ "city": {
+ "anyOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "City"
+ },
+ "state": {
+ "anyOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "State"
+ },
+ "country": {
+ "anyOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Country"
+ },
+ "latitude": {
+ "anyOf": [
+ {
+ "type": "number"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Latitude"
+ },
+ "longitude": {
+ "anyOf": [
+ {
+ "type": "number"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Longitude"
}
},
"type": "object",
"required": [
- "type",
- "fqdn"
+ "name",
+ "display_name",
+ "domain",
+ "alternative_domains",
+ "industry",
+ "employee_count",
+ "city",
+ "state",
+ "country",
+ "latitude",
+ "longitude"
],
- "title": "DomainQuery"
+ "title": "VictimInfo"
},
- "pyro__leaks__types__EmailQuery": {
+ "VictimInformation": {
"properties": {
- "type": {
- "type": "string",
- "const": "email",
- "title": "Type"
+ "ip_address": {
+ "anyOf": [
+ {
+ "type": "string",
+ "format": "ipvanyaddress"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Ip Address"
},
- "email": {
- "type": "string",
- "title": "Email"
+ "ip_network": {
+ "anyOf": [
+ {
+ "type": "string",
+ "format": "ipvanynetwork"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Ip Network"
+ },
+ "username": {
+ "anyOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Username"
+ },
+ "country_code": {
+ "anyOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Country Code"
+ },
+ "zip_code": {
+ "anyOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Zip Code"
+ },
+ "location": {
+ "anyOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Location"
+ },
+ "hwid": {
+ "anyOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Hwid"
+ },
+ "current_language": {
+ "anyOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Current Language"
+ },
+ "screensize_width": {
+ "anyOf": [
+ {
+ "type": "integer"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Screensize Width"
+ },
+ "screensize_height": {
+ "anyOf": [
+ {
+ "type": "integer"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Screensize Height"
+ },
+ "timezone": {
+ "anyOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Timezone"
+ },
+ "os": {
+ "anyOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Os"
+ },
+ "uac": {
+ "anyOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Uac"
+ },
+ "process_elevation": {
+ "anyOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Process Elevation"
+ },
+ "available_keyboards": {
+ "anyOf": [
+ {
+ "items": {
+ "type": "string"
+ },
+ "type": "array"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Available Keyboards"
+ },
+ "hardware": {
+ "anyOf": [
+ {
+ "items": {
+ "type": "string"
+ },
+ "type": "array"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Hardware"
+ },
+ "anti_viruses": {
+ "anyOf": [
+ {
+ "items": {
+ "type": "string"
+ },
+ "type": "array"
+ },
+ {
+ "type": "null"
+ }
+ ],
+ "title": "Anti Viruses"
}
},
"type": "object",
"required": [
- "type",
- "email"
- ],
- "title": "EmailQuery"
+ "ip_address",
+ "ip_network",
+ "username",
+ "country_code",
+ "zip_code",
+ "location",
+ "hwid",
+ "current_language",
+ "screensize_width",
+ "screensize_height",
+ "timezone",
+ "os",
+ "uac",
+ "process_elevation",
+ "available_keyboards",
+ "hardware",
+ "anti_viruses"
+ ],
+ "title": "VictimInformation"
},
- "pyro__leaks__types__KeywordQuery": {
+ "WebhookBasicAuth": {
"properties": {
- "type": {
+ "username": {
"type": "string",
- "const": "keyword",
- "title": "Type"
+ "title": "Username"
},
- "keyword": {
+ "password": {
"type": "string",
- "title": "Keyword"
+ "title": "Password"
}
},
"type": "object",
"required": [
- "type",
- "keyword"
+ "username",
+ "password"
],
- "title": "KeywordQuery"
+ "title": "WebhookBasicAuth"
},
- "pyro__reports__report_store__SortType": {
+ "pyro__entities__identities__profile__sort_type__SortType": {
"type": "string",
"enum": [
- "id",
- "title",
- "author",
- "created_at",
- "updated_at",
- "status"
+ "creation_date",
+ "credentials_count",
+ "event_type",
+ "information_type",
+ "ip_address",
+ "last_seen",
+ "leaked_date",
+ "password",
+ "source_name"
],
"title": "SortType"
},
- "pyro__reports__report_types__ReportType": {
- "type": "string",
- "enum": [
- "v1",
- "event_based",
- "feed_based"
+ "pyro__events__firework__stealerlog__StealerLogEvent": {
+ "properties": {
+ "event_type": {
+ "type": "string",
+ "const": "stealer_log",
+ "title": "Event Type",
+ "default": "stealer_log"
+ },
+ "data": {
+ "$ref": "#/components/schemas/StealerLogEventData"
+ },
+ "metadata": {
+ "$ref": "#/components/schemas/EventMetadata"
+ }
+ },
+ "type": "object",
+ "required": [
+ "data",
+ "metadata"
],
- "title": "ReportType"
+ "title": "StealerLogEvent"
+ },
+ "pyro__firework__backend__api4__reports__report_groups__reports__report_datamodels__ReportResponse": {
+ "properties": {
+ "report": {
+ "$ref": "#/components/schemas/Report"
+ }
+ },
+ "type": "object",
+ "required": [
+ "report"
+ ],
+ "title": "ReportResponse"
},
"pyro__threat_flow__core__reports__report_store__ReportType": {
"type": "string",
@@ -23834,18 +24771,6 @@
"tenant_id"
],
"title": "SortType"
- },
- "pyro__threat_flow__web__v4__reports__models__ReportResponse": {
- "properties": {
- "report": {
- "$ref": "#/components/schemas/PydanticThreatFlowReport"
- }
- },
- "type": "object",
- "required": [
- "report"
- ],
- "title": "ReportResponse"
}
},
"securitySchemes": {
@@ -23860,4 +24785,4 @@
"BearerAuth": []
}
]
-}
\ No newline at end of file
+}
diff --git a/docs/api-reference/v4/endpoints/get-event.mdx b/docs/api-reference/v4/endpoints/get-event.mdx
new file mode 100644
index 0000000..eefa074
--- /dev/null
+++ b/docs/api-reference/v4/endpoints/get-event.mdx
@@ -0,0 +1,249 @@
+---
+title: "Get Event"
+api: "GET https://api.flare.io/firework/v4/events/"
+authMethod: "bearer"
+---
+
+Returns data for a specific event.
+
+
+
+ ```json Blog Post
+ {
+ "data": {
+ "url": "",
+ "content": "",
+ "description": "",
+ "posted_at": "2025-01-01T00:00:00.000000+00:00"
+ },
+ "metadata": {
+ "estimated_created_at": "2023-11-07T05:31:56Z",
+ "flare_url": "",
+ "matched_at": "2023-11-07T05:31:56Z",
+ "severity": "info",
+ "uid": ""
+ },
+ "event_type": "blog_post",
+ }
+ ```
+ ```json Financial
+ {
+ "data": {
+ "bank": "",
+ "bin": "",
+ "brand": "",
+ "country": "",
+ "expiration": "2030-05-01T00:00:00+00:00",
+ "owner": "",
+ "state_code": "",
+ "zip": "",
+ "has_cvv": "",
+ "has_date_of_birth": "",
+ "has_mother_maiden_name": "",
+ "has_phone": "",
+ "has_pin": "",
+ "has_ssn": "",
+ "has_track_1": "",
+ "has_vbv": ""
+ },
+ "metadata": {
+ "estimated_created_at": "2023-11-07T05:31:56Z",
+ "flare_url": "",
+ "matched_at": "2023-11-07T05:31:56Z",
+ "severity": "info",
+ "uid": ""
+ },
+ "event_type": "cc",
+ }
+ ```
+ ```json Ransom Leak
+ {
+ "data": {
+ "victim_information": {
+ "name": "",
+ "display_name": "",
+ "domain": "",
+ "alternative_domains": "[]",
+ "industry": "",
+ "employee_count": "",
+ "city": "",
+ "state": "",
+ "country": "",
+ "latitude": "",
+ "longitude": ""
+ }
+ "url": "",
+ "response_url": "",
+ "title": "",
+ "content": "",
+ },
+ "metadata": {
+ "estimated_created_at": "2023-11-07T05:31:56Z",
+ "flare_url": "",
+ "matched_at": "2023-11-07T05:31:56Z",
+ "severity": "info",
+ "uid": ""
+ },
+ "event_type": "listing",
+ }
+ ```
+ ```json Stealer Log
+ {
+ "data": {
+ "victim_information": {
+ "ip_address": "",
+ "ip_network": "",
+ "username": "",
+ "country_code": "",
+ "zip_code": "",
+ "location": "",
+ "hwid": "",
+ "current_language": "",
+ "screensize_width": 123,
+ "screensize_height": 123,
+ "timezone": "",
+ "os": "",
+ "uac": "",
+ "process_elevation": "",
+ "available_keyboards": [
+ ""
+ ],
+ "hardware": [
+ ""
+ ],
+ "anti_viruses": [
+ ""
+ ]
+ },
+ "malware_information": {
+ "malware_family": "",
+ "build_id": "",
+ "file_location": "",
+ "infected_at": "2023-11-07T05:31:56Z"
+ }
+ },
+ "metadata": {
+ "estimated_created_at": "2023-11-07T05:31:56Z",
+ "flare_url": "",
+ "matched_at": "2023-11-07T05:31:56Z",
+ "severity": "info",
+ "uid": ""
+ },
+ "event_type": "stealer_log"
+ }
+ ```
+
+
+
+#### Parameters
+
+
+ The UID of the Event.
+
+
+#### Response
+
+Response fields differ based on event type as follows:
+
+
+
+ Blog Post Event Data
+
+
+ Url of the specific blog post.
+
+
+ Content of the Blog Post.
+
+
+ Blog Post description, if provided.
+
+
+ The date the blog post was posted on the web.
+
+
+
+
+
+
+ Financial Event Data
+
+
+ Name of the bank related to the card/information leak.
+
+
+ Associated BIN to a leaked credit card.
+
+
+ Major brand of the leaked credit card.
+ Ex: VISA
+
+
+ The country of origin of the leaked card/information.
+
+
+ Expiration of the leaked card.
+
+
+ Name of the owner found on the card.
+
+
+ Initials of the state tied to the card. This is included for American leaked cards.
+
+
+ Zip code of the address attached to the leaked card. This is included for American leaked cards.
+
+
+ When true, this means that the leaked data includes the CVV of the leaked card.
+
+
+
+
+
+
+ RansomLeak Event Data
+
+
+
+
+
+
+
+ Stealer Log Event Data
+
+
+
+
+
+
+
+
+ Event Metadata
+
+
+ The date that the information was made available within the Flare.
+
+
+ Url to the event within Flare
+
+
+ The date that this event was matched to an identifier within your tenant.
+
+
+ The event severity, when an event exists on your tenant feed this score will reflect any changes made to the severity.
+
+ `info`,
+ `low`,
+ `medium`,
+ `high`,
+ `critical`
+
+
+
+ The event uid. This should match the initial uid provided intially as a required parameter.
+
+
+
+
+