Twinwave
TwinWave’s threat analysis platform analyzes both URLs and files to detect credential phishing and malware threats. Our platform automatically navigates complex attack chains that attackers put in front of threats in order to evade analysis. In addition to detecting threats, the TwinWave platform generates actionable intelligence for threat hunting and other activities.
Data Enrichment & Threat Intelligence · Twinwave
Configuration parameters
isFetch— Fetch incidentsincidentType— Incident typeapi-token— Twinwave API token (required)first_fetch— Number of jobs to first fetchmax_fetch— Max Fetchsource— Filter incidents by submission source.username— Filter UI incidents by username. Exact match only. (Cannot use if source is all or api)proxy— Use system proxy settingsinsecure— Trust any certificate (not secure)
Commands (11)
-
twinwave-download-submitted-resourceDownload the Submitted Resource. Download a password-protected Zip archive of the Resource. Use the password 'infected' to decrypt the archive. All Resources discovered during the analysis are available for download via this endpoint. To get the list of SHA256s for the Job's Resources, see The Resources array from Get a Job Summary.
-
twinwave-get-enginesList Available Engines.
-
twinwave-get-job-normalized-forensicsGet a Job's Normalized Forensics.
-
twinwave-get-job-summaryGet Job Summary.
-
twinwave-get-task-normalized-forensicsGet a Task's Normalized Forensics.
-
twinwave-get-task-raw-forensicsGet a Task's Raw Forensics.
-
twinwave-get-temp-artifact-urlGet a Temporary Artifact URL.
-
twinwave-resubmit-jobResubmit a Job.
-
twinwave-search-across-jobs-and-resourcesSearch Across Jobs and Resources.
-
twinwave-submit-fileSubmit File for Scanning.
-
twinwave-submit-urlSubmit New URL for Scanning.