96 строки
6.2 KiB
JSON
96 строки
6.2 KiB
JSON
{
|
|
"swagger": "2.0",
|
|
"info": {
|
|
"version": "1.0",
|
|
"title": "MSRC Engage API"
|
|
},
|
|
"host": "api.msrc.microsoft.com",
|
|
"basePath": "/engage",
|
|
"schemes": [
|
|
"https"
|
|
],
|
|
"security": [
|
|
{
|
|
"apiKeyHeader": []
|
|
},
|
|
{
|
|
"apiKeyQuery": []
|
|
}
|
|
],
|
|
"paths": {
|
|
"/pentest": {
|
|
"post": {
|
|
"description": "An API for submitting Azure Service customer-driven penetration testing notifications in a derivative of the CARS (Cloud Abuse Reporting Schema) as JSON",
|
|
"operationId": "Pentest Notification",
|
|
"consumes": [
|
|
"application/json"
|
|
],
|
|
"parameters": [
|
|
{
|
|
"in": "body",
|
|
"name": "body",
|
|
"description": "Derivation of the Cloud Abuse Reporting Schema",
|
|
"required": false,
|
|
"schema": {
|
|
"$ref": "#/definitions/Body"
|
|
}
|
|
}
|
|
],
|
|
"responses": {
|
|
"202": {
|
|
"description": "Accepted"
|
|
},
|
|
"400": {
|
|
"description": "Bad Request"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"/cars": {
|
|
"post": {
|
|
"description": "An API for submitting Abuse or CERT reports in the CARS (Cloud Abuse Reporting Schema) as JSON",
|
|
"operationId": "CERT Report",
|
|
"consumes": [
|
|
"application/json"
|
|
],
|
|
"parameters": [
|
|
{
|
|
"in": "body",
|
|
"name": "body",
|
|
"description": "Cloud Abuse Reporting Schema",
|
|
"required": true,
|
|
"schema": {
|
|
"example": "{\n \"reporterInfo\": {\n \"reporterEmail\": \"reporter_email@email.com\",\n \"reporterName\": \"John Smith\",\n \"reporterPhone\": \"555-555-5555\",\n \"reporterOrg\": \"Contoso\",\n \"discloseEmail\": \"TRUE||FALSE\",\n \"reporterNotes\": \"Sources are at liberty to elaborate on what their organization does if it's relevant to their reports as a whole.\"\n },\n \"reports\": [\n {\n \"report\": {\n \"batchID\": \"Group/Campaign Identifier\",\n \"relatedCases\": [ \"ID\", \"ID\", \"...\" ],\n \"reportNotes\": \"This is a brief summary of what I have found...\",\n \"TLP\": \"AMBER||GREEN||WHITE\",\n \"disclosureNotes\": \"Sources are at liberty to specify additional intended limits of the sharing: these must be adhered to.\",\n \"threats\": [\n {\n \"threat\": {\n \"threatType\": \"Activity||Content\",\n \"threatSubType\": \"CNC||FRAUD||DOS||SPAM||MALWARE||INTRUSION_ATTEMPT||PORT_SCAN||WEB_CRAWL||PHISHING||THREAT_TYPE_UNSPECIFIED\",\n \"sampleType\":\"Base64\",\n \"sourceIp\": \"1.1.1.1\",\n \"destinationIp\": \"2.2.2.2\",\n \"sourcePort\": \"PORT\",\n \"destinationPort\": \"PORT\",\n \"sourceUrl\": \"URL\",\n \"destinationUrl\": \"URL\",\n \"protocol\": \"PROTOCOL_NUMBER\",\n \"byteCount\": \"BYTES\",\n \"packetCount\": \"PACKETS\",\n \"date\": \"yyyy-mm-dd\",\n \"time\": \"00:00:00\",\n \"timeZone\": \"-0000\",\n \"sample\": \"logs of observed activity; must be of type specified above\"\n }\n }\n ]\n }\n }\n ]\n}"
|
|
}
|
|
}
|
|
],
|
|
"responses": {
|
|
"202": {
|
|
"description": "Accepted"
|
|
},
|
|
"400": {
|
|
"description": "Bad Request"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"securityDefinitions": {
|
|
"apiKeyHeader": {
|
|
"type": "apiKey",
|
|
"name": "api-key",
|
|
"in": "header"
|
|
},
|
|
"apiKeyQuery": {
|
|
"type": "apiKey",
|
|
"name": "subscription-key",
|
|
"in": "query"
|
|
}
|
|
},
|
|
"definitions": {
|
|
"Body": {
|
|
"example": "{\n \"reporterInfo\": {\n \"reporterEmail\": \"reporter_email@email.com\",\n \"reporterName\": \"John Smith\",\n \"reporterPhone\": \"555-555-5555\",\n \"reporterOrg\": \"Contoso\",\n \"discloseEmail\": \"TRUE||FALSE\",\n \"reporterNotes\": \"Sources are at liberty to elaborate on what their organization does if it's relevant to their reports as a whole.\"\n },\n \"reports\": [\n {\n \"report\": {\n \"batchID\": \"Group/Campaign Identifier\",\n \"relatedCases\": [ \"ID\", \"ID\", \"...\" ],\n \"reportNotes\": \"This is a brief summary of what I have found...\",\n \"TLP\": \"AMBER||GREEN||WHITE\",\n \"disclosureNotes\": \"Sources are at liberty to specify additional intended limits of the sharing: these must be adhered to.\",\n \"threats\": [\n {\n \"threat\": {\n \"threatType\": \"Activity||Content\",\n \"threatSubType\": \"CNC||FRAUD||DOS||SPAM||MALWARE||INTRUSION_ATTEMPT||PORT_SCAN||WEB_CRAWL||PHISHING||THREAT_TYPE_UNSPECIFIED\",\n \"sampleType\":\"Base64\",\n \"sourceIp\": \"1.1.1.1\",\n \"destinationIp\": \"2.2.2.2\",\n \"sourcePort\": \"PORT\",\n \"destinationPort\": \"PORT\",\n \"sourceUrl\": \"URL\",\n \"destinationUrl\": \"URL\",\n \"protocol\": \"PROTOCOL_NUMBER\",\n \"byteCount\": \"BYTES\",\n \"packetCount\": \"PACKETS\",\n \"date\": \"yyyy-mm-dd\",\n \"time\": \"00:00:00\",\n \"timeZone\": \"-0000\",\n \"sample\": \"logs of observed activity; must be of type specified above\"\n }\n }\n ]\n }\n }\n ]\n}"
|
|
}
|
|
}
|
|
}
|