# Google Threat Intelligence Documentation
## Guides
- [Agentic Platform](https://gtidocs.virustotal.com/docs/agentic-platform.md)
- [Agentic User Guide](https://gtidocs.virustotal.com/docs/agentic-user-guide.md)
- [ASM API Limits and Quotas](https://gtidocs.virustotal.com/docs/asm-limits-quotas.md)
- [ASM Roles and Permissions](https://gtidocs.virustotal.com/docs/asm-roles-and-permissions.md)
- [Assessment Capabilities](https://gtidocs.virustotal.com/docs/assessment-capabilities.md)
- [ASM Scan Ranges](https://gtidocs.virustotal.com/docs/asm-scan-ranges.md)
- [Assign Roles Within a Collection](https://gtidocs.virustotal.com/docs/assign-roles-within-a-collection.md)
- [Collection Scan Rate](https://gtidocs.virustotal.com/docs/collection-scan-rate.md)
- [Collections Tips and Tricks](https://gtidocs.virustotal.com/docs/collections-tips-and-tricks.md)
- [Customize Collections](https://gtidocs.virustotal.com/docs/customize-collections.md)
- [Create a Collection](https://gtidocs.virustotal.com/docs/create-a-collection.md)
- [Issue Settings](https://gtidocs.virustotal.com/docs/issue-settings.md)
- [Third Party Monitoring Workflow](https://gtidocs.virustotal.com/docs/third-party-monitoring-workflow.md)
- [Dashboard](https://gtidocs.virustotal.com/docs/dashboard.md)
- [How to delete an ASM project](https://gtidocs.virustotal.com/docs/delete-asm-project.md)
- [Discovery Context Visualizer](https://gtidocs.virustotal.com/docs/discovery-context-visualizer.md)
- [How to Set Entities Out of Scope](https://gtidocs.virustotal.com/docs/how-to-set-entities-out-of-scope.md)
- [Entities](https://gtidocs.virustotal.com/docs/entities-guide.md)
- [Scan History](https://gtidocs.virustotal.com/docs/scan-history.md)
- [Exporting Search Results](https://gtidocs.virustotal.com/docs/exporting-search-results.md)
- [Getting Started with ASM](https://gtidocs.virustotal.com/docs/get-started-asm.md)
- [Analyzing SSL/TLS Issues](https://gtidocs.virustotal.com/docs/analyzing-ssltls-issues.md)
- [Opt Out of Attack Surface Management Scanning](https://gtidocs.virustotal.com/docs/asm-opt-out.md)
- [Projects](https://gtidocs.virustotal.com/docs/asm-projects.md)
- [Search Syntax for Attack Surface Management](https://gtidocs.virustotal.com/docs/asm-search-syntax.md)
- [Bulk Select](https://gtidocs.virustotal.com/docs/bulk-select.md)
- [Manage Project Membership](https://gtidocs.virustotal.com/docs/manage-project-membership.md)
- [Search Summary](https://gtidocs.virustotal.com/docs/search-summary.md)
- [ASM Akamai Integration](https://gtidocs.virustotal.com/docs/asm-akamai-integration.md)
- [ASM AWS Integration](https://gtidocs.virustotal.com/docs/asm-aws-integration.md)
- [ASM Azure Integration](https://gtidocs.virustotal.com/docs/asm-azure-integration.md)
- [ASM Cloudflare Integration](https://gtidocs.virustotal.com/docs/asm-cloudflare-integration.md)
- [ASM Credential Security Details](https://gtidocs.virustotal.com/docs/asm-credential-security-details.md)
- [ASM DNS Made Easy Integration](https://gtidocs.virustotal.com/docs/asm-dns-made-easy-integration.md)
- [ASM GitHub Integration](https://gtidocs.virustotal.com/docs/asm-github-integration.md)
- [ASM GoDaddy Integration](https://gtidocs.virustotal.com/docs/asm-godaddy-integration.md)
- [ASM Google Cloud Integration](https://gtidocs.virustotal.com/docs/asm-google-cloud-integration.md)
- [Inbound Integrations](https://gtidocs.virustotal.com/docs/inbound-integrations.md)
- [Scale AWS Integration Across AWS Organizations](https://gtidocs.virustotal.com/docs/scale-aws-integration-across-aws-organizations.md)
- [Scale Google Cloud Integration](https://gtidocs.virustotal.com/docs/scale-google-cloud-integration.md)
- [Inferred Vulnerabilities](https://gtidocs.virustotal.com/docs/inferred-vulnerabilities.md)
- [Insights](https://gtidocs.virustotal.com/docs/insights.md)
- [How Issues Work](https://gtidocs.virustotal.com/docs/how-issues-work.md)
- [Issues](https://gtidocs.virustotal.com/docs/issues-guide.md)
- [Create Issues from Inferred CVEs](https://gtidocs.virustotal.com/docs/issues-creation.md)
- [Issues Severity Definitions and Examples](https://gtidocs.virustotal.com/docs/issues-severity-definitions.md)
- [Notifications](https://gtidocs.virustotal.com/docs/notifications.md)
- [ASM Cortex XSOAR Integration](https://gtidocs.virustotal.com/docs/asm-cortex-xsoar-integration.md)
- [ASM Jira Integration](https://gtidocs.virustotal.com/docs/asm-jira-integration.md)
- [ASM ServiceNow Integration](https://gtidocs.virustotal.com/docs/asm-servicenow-integration.md)
- [ASM Google SecOps SIEM Integration](https://gtidocs.virustotal.com/docs/asm-siem-integration.md)
- [ASM Google SecOps SOAR Integration Docs](https://gtidocs.virustotal.com/docs/asm-soar-integration.md)
- [ASM Splunk Integration](https://gtidocs.virustotal.com/docs/asm-splunk-integration.md)
- [Outbound Integrations](https://gtidocs.virustotal.com/docs/outbound-integrations.md)
- [Mandiant Advantage for Splunk](https://gtidocs.virustotal.com/docs/mandiant-advantage-for-splunk.md)
- [Technologies](https://gtidocs.virustotal.com/docs/technologies-guide.md)
- [TLD List](https://gtidocs.virustotal.com/docs/tld-list.md)
- [Understanding Attack Surface Management Seeds](https://gtidocs.virustotal.com/docs/understanding-attack-surface-management-seeds.md)
- [DTM Alert Severity Definitions and Examples](https://gtidocs.virustotal.com/docs/dtm-alert-severity.md)
- [Group Alerts](https://gtidocs.virustotal.com/docs/dtm-group-alerts.md)
- [Lucene Queries for DTM Alerts](https://gtidocs.virustotal.com/docs/dtm-lucene-queries-for-alerts.md)
- [Alerts](https://gtidocs.virustotal.com/docs/alerts-guide.md)
- [Configuring DTM Email Notifications](https://gtidocs.virustotal.com/docs/configuring-dtm-email-notifications.md)
- [Digital Threat Monitoring FAQ](https://gtidocs.virustotal.com/docs/digital-threat-monitoring-faq.md)
- [Digital Threat Monitoring](https://gtidocs.virustotal.com/docs/digital-threat-monitoring.md)
- [DTM API Limits and Quotas](https://gtidocs.virustotal.com/docs/dtm-limits-quotas.md)
- [Digital Threat Monitoring User Roles](https://gtidocs.virustotal.com/docs/dtm-user-roles.md)
- [Get started with DTM](https://gtidocs.virustotal.com/docs/get-started-dtm.md)
- [Lucene Queries in DTM](https://gtidocs.virustotal.com/docs/lucene-queries-in-dtm.md)
- [Monitors](https://gtidocs.virustotal.com/docs/monitors-guide.md)
- [Monitor Compromised Credentials](https://gtidocs.virustotal.com/docs/monitor-compromised-credentials.md)
- [Monitor Fields](https://gtidocs.virustotal.com/docs/monitor-fields.md)
- [Monitor Matching Methodology](https://gtidocs.virustotal.com/docs/monitor-matching-methodology.md)
- [Build Effective Monitors](https://gtidocs.virustotal.com/docs/monitor-scenarios.md)
- [Research Tools](https://gtidocs.virustotal.com/docs/research-tools.md)
- [I accidentally uploaded a file with confidential or sensitive information to Google TI, can you please delete it?](https://gtidocs.virustotal.com/docs/accidental-upload.md)
- [AV product on Google Threat Intelligence detects a file and its equivalent commercial version does not](https://gtidocs.virustotal.com/docs/antivirus-differs.md)
- [What type of files are supported by code insight?](https://gtidocs.virustotal.com/docs/codeinsight-supported-files.md)
- [What kind of files will Google Threat Intelligence scan?](https://gtidocs.virustotal.com/docs/file-types.md)
- [Why does my signed file appear as "not signed" on VirusTotal?](https://gtidocs.virustotal.com/docs/why-does-my-signed-file-appear-as-not-signed-on-virustotal.md): I have a file that appears to be digitally signed on my Windows system, but VirusTotal's "Details" tab reports it as "File is not signed." Why is there a discrepancy?
- [Frequently Asked Questions](https://gtidocs.virustotal.com/docs/frequently-asked-questions.md)
- [Why can't I see the gti_assessment attribute in the JSON response?](https://gtidocs.virustotal.com/docs/missing-gti-asssessment.md)
- [My Landscape](https://gtidocs.virustotal.com/docs/my-landscape-faq.md)
- [Understanding Partial Files](https://gtidocs.virustotal.com/docs/partial-files.md)
- [When is an analysis included in the feeds?](https://gtidocs.virustotal.com/docs/when-analysis-feeds.md)
- [Campaigns](https://gtidocs.virustotal.com/docs/campaigns.md)
- [Countries & Industries Profiles](https://gtidocs.virustotal.com/docs/countries-industries-profiles.md)
- [New dark web research](https://gtidocs.virustotal.com/docs/dark-web-guide.md)
- [IoC Collections](https://gtidocs.virustotal.com/docs/ioc-collections.md)
- [Malware & Tools](https://gtidocs.virustotal.com/docs/malware-tools.md)
- [Threat Profiles](https://gtidocs.virustotal.com/docs/manage-threat-profiles.md)
- [Mandiant Techniques and Key Events on the Timeline](https://gtidocs.virustotal.com/docs/mandiant-techniques-and-key-events-on-the-timeline.md)
- [Suspected Attribution](https://gtidocs.virustotal.com/docs/suspected-attribution.md)
- [Threat Actors](https://gtidocs.virustotal.com/docs/threat-actors-card.md)
- [How Your Threat Landscape Uses AI Recommendations](https://gtidocs.virustotal.com/docs/threat-landscape-ai-recommendations.md)
- [TTP Analysis](https://gtidocs.virustotal.com/docs/ttp-analysis.md)
- [Walkthrough guide for Google Threat Intelligence group administrators](https://gtidocs.virustotal.com/docs/admins-guide.md)
- [How consumption quotas are handled](https://gtidocs.virustotal.com/docs/consumption-quotas-handled.md)
- [Understanding Consumption](https://gtidocs.virustotal.com/docs/quota-consumption.md)
- [Configure SAML with Entra ID](https://gtidocs.virustotal.com/docs/saml-entraid.md)
- [Configure SAML with Okta](https://gtidocs.virustotal.com/docs/saml-okta.md)
- [Configure SAML with Ping](https://gtidocs.virustotal.com/docs/saml-ping.md)
- [Single Sign On Authentication](https://gtidocs.virustotal.com/docs/sso-authentication.md)
- [MISP integration guide](https://gtidocs.virustotal.com/docs/gti4misp-guide.md)
- [Google Threat Intelligence for MSFT Sentinel](https://gtidocs.virustotal.com/docs/gti4sentinel-guide.md): Configuration and use guide
- [Splunk integration guide](https://gtidocs.virustotal.com/docs/gti4splunk-guide.md)
- [Palo Alto XSOAR integration guide](https://gtidocs.virustotal.com/docs/gti4xsoar-guide.md)
- [Migrate from VirusTotal](https://gtidocs.virustotal.com/docs/migrate-from-virustotal.md): How to move from VirusTotal integrations to the Google Threat Intelligence ones.
- [List of Google TI Integrations](https://gtidocs.virustotal.com/docs/technology-integrations-list.md)
- [VT4Browsers + Google TI](https://gtidocs.virustotal.com/docs/vt4browsers.md): VT4Browsers evolves with the power of Google Threat Intelligence
- [Contributors](https://gtidocs.virustotal.com/docs/contributors.md)
- [Google Threat Intelligence Customer Migration](https://gtidocs.virustotal.com/docs/google-threat-intelligence-customer-migration.md)
- [Google Threat Intelligence - API Migration guide for Mandiant Advantage former users](https://gtidocs.virustotal.com/docs/mati-api-migration-guide.md)
- [Google Threat Intelligence - Migration guide for Mandiant Advantage former users](https://gtidocs.virustotal.com/docs/mati-migration-guide.md)
- [Google Threat Intelligence - Migration guide for VirusTotal former users](https://gtidocs.virustotal.com/docs/vt-migration-guide.md)
- [Google Threat Intelligence Platform Navigation](https://gtidocs.virustotal.com/docs/google-threat-intelligence-navigation.md)
- [Google Threat Intelligence API key](https://gtidocs.virustotal.com/docs/how-get-gti-api-keys.md)
- [Check with VirusTotal](https://gtidocs.virustotal.com/docs/check-vt.md)
- [How does Diff work?](https://gtidocs.virustotal.com/docs/how-does-diff-work.md)
- [Diff](https://gtidocs.virustotal.com/docs/diff.md)
- [External behavioural engines sandboxes](https://gtidocs.virustotal.com/docs/external-sandboxes.md)
- [Get started with IOC Investigation](https://gtidocs.virustotal.com/docs/get-started-ioc-investigation.md)
- [Google Threat Intelligence Indicator Score](https://gtidocs.virustotal.com/docs/google-threat-intelligence-indicator-score.md)
- [In-house Sandboxes - behavioural analysis products](https://gtidocs.virustotal.com/docs/in-house-sandboxes.md)
- [Batch file downloads](https://gtidocs.virustotal.com/docs/batch-file-downloads.md)
- [Collection search modifiers](https://gtidocs.virustotal.com/docs/collection-search-modifiers.md)
- [Content search (Grep)](https://gtidocs.virustotal.com/docs/content-search-grep.md)
- [Domain search modifiers](https://gtidocs.virustotal.com/docs/domain-search-modifiers.md)
- [File - List of Engines](https://gtidocs.virustotal.com/docs/file-list-of-engines.md)
- [File search modifiers](https://gtidocs.virustotal.com/docs/file-search-modifiers.md)
- [File similarity search](https://gtidocs.virustotal.com/docs/file-similarity-search.md)
- [Full list of Google Threat Intelligence behaviour_tags modifier](https://gtidocs.virustotal.com/docs/full-list-of-google-threat-intelligence-behaviour_tags-modifier.md)
- [Full list of Google Threat Intelligence search modifiers](https://gtidocs.virustotal.com/docs/full-list-of-google-threat-intelligence-search-modifiers.md)
- [Full list of Google Threat Intelligence tag modifier](https://gtidocs.virustotal.com/docs/full-list-of-google-threat-intelligence-tag-modifier.md)
- [IP address search modifiers](https://gtidocs.virustotal.com/docs/ip-address-search-modifiers.md)
- [Reports search modifiers](https://gtidocs.virustotal.com/docs/reports-search-modifiers.md)
- [Threat Intelligence objects search modifiers](https://gtidocs.virustotal.com/docs/threat-intelligence-objects-modifiers-values.md)
- [URL search modifiers](https://gtidocs.virustotal.com/docs/url-search-modifiers.md)
- [IoC Stream](https://gtidocs.virustotal.com/docs/ioc-stream-guide.md)
- [Sources Subscriptions](https://gtidocs.virustotal.com/docs/sources-subscriptions.md)
- [Behavior hunting](https://gtidocs.virustotal.com/docs/hunting-behavior.md)
- [Legacy variables](https://gtidocs.virustotal.com/docs/hunting-legacy-variables.md)
- [File hunting](https://gtidocs.virustotal.com/docs/hunting-metadata.md)
- [Reference](https://gtidocs.virustotal.com/docs/hunting-reference.md)
- [Livehunt](https://gtidocs.virustotal.com/docs/livehunt-guide.md)
- [Network hunting examples](https://gtidocs.virustotal.com/docs/nethunt-examples.md)
- [Network hunting](https://gtidocs.virustotal.com/docs/nethunt.md)
- [Writing YARA rules for Livehunt](https://gtidocs.virustotal.com/docs/writing-yara-rules-for-livehunt.md)
- [IoC Reports](https://gtidocs.virustotal.com/docs/results-reports.md)
- [Retrohunt](https://gtidocs.virustotal.com/docs/retrohunt-guide.md)
- [Saved Searches](https://gtidocs.virustotal.com/docs/saved-searches-guide.md)
- [Ask questions with Gemini](https://gtidocs.virustotal.com/docs/search-gemini.md)
- [What's YARA Hunting?](https://gtidocs.virustotal.com/docs/whats-yara-hunting.md)
- [Getting Started with our new Dark Web Intel capabilities, powered by the relevance system](https://gtidocs.virustotal.com/docs/dark-web-intel.md)
- [OpenVPN support on private scanning](https://gtidocs.virustotal.com/docs/private-scanning-openvpn.md)
- [Private Scanning](https://gtidocs.virustotal.com/docs/private-scanning.md)
- [Threat Intelligence Report Types](https://gtidocs.virustotal.com/docs/report-types.md)
- [Reports & Analysis](https://gtidocs.virustotal.com/docs/reports-and-analysis.md)
- [Get started with Threat Graph](https://gtidocs.virustotal.com/docs/get-started-threat-graph.md)
- [Commonalities and Hunting](https://gtidocs.virustotal.com/docs/threat-graph-commonalities.md)
- [Management](https://gtidocs.virustotal.com/docs/threat-graph-management.md)
- [Nodes](https://gtidocs.virustotal.com/docs/threat-graph-nodes.md)
- [Overview](https://gtidocs.virustotal.com/docs/threat-graph-overview.md)
- [Search and start new investigation](https://gtidocs.virustotal.com/docs/threat-graph-search.md)
- [Automatic Security Telemetry Enrichment](https://gtidocs.virustotal.com/docs/automatic-security-telemetry-enrichment.md)
- [Use cases and other resources](https://gtidocs.virustotal.com/docs/use-cases.md)
- [Advanced Hunting](https://gtidocs.virustotal.com/docs/use-cases-advanced-hunting.md)
- [Incident Response](https://gtidocs.virustotal.com/docs/use-cases-incident-response.md)
- [Phishing & Brand Monitoring](https://gtidocs.virustotal.com/docs/use-cases-phishing-brand-monitoring.md)
- [Vulnerability Management](https://gtidocs.virustotal.com/docs/use-cases-vulnerability-management.md)
- [How to Explore Vulnerabilities](https://gtidocs.virustotal.com/docs/explore-vulnerabilities.md)
- [Vulnerability report details](https://gtidocs.virustotal.com/docs/vulnerability-report.md)
## API Reference
- [Google Threat Intelligence API Overview](https://gtidocs.virustotal.com/reference/api-overview.md)
- [API responses](https://gtidocs.virustotal.com/reference/api-responses.md)
- [Collections](https://gtidocs.virustotal.com/reference/introduction-collections.md)
- [Errors](https://gtidocs.virustotal.com/reference/introduction-errors.md)
- [Key concepts](https://gtidocs.virustotal.com/reference/introduction-key-concepts.md)
- [Objects](https://gtidocs.virustotal.com/reference/introduction-objects.md)
- [Relationships](https://gtidocs.virustotal.com/reference/introduction-relationships.md)
- [OpenAPI Specifications](https://gtidocs.virustotal.com/reference/openapi-specs.md)
- [STIX responses](https://gtidocs.virustotal.com/reference/stix-responses.md)
- [Activity Log](https://gtidocs.virustotal.com/reference/activity-log.md)
- [Audit](https://gtidocs.virustotal.com/reference/audit-object.md): Tracks basic CRUD facts.
- [ConfidenceLevel](https://gtidocs.virustotal.com/reference/confidencelevel-object.md): Enum to indicate the level of confidence in a verdict.
- [RelevanceAnalysis](https://gtidocs.virustotal.com/reference/relevanceanalysis-object.md): Structured relevance analysis for a threat.
- [SeverityAnalysis](https://gtidocs.virustotal.com/reference/severityanalysis-object.md): Structured severity analysis for a threat.
- [Analyses](https://gtidocs.virustotal.com/reference/analyses-object.md): Partner contributors' analyses for files and URLs.
- [π item](https://gtidocs.virustotal.com/reference/item.md): Item being analysed
- [Campaign](https://gtidocs.virustotal.com/reference/campaign-object.md): Information about campaigns
- [π author](https://gtidocs.virustotal.com/reference/comment-object-author.md): Comment votes.
- [Comments](https://gtidocs.virustotal.com/reference/comment-object.md): comment object
- [Country Profile](https://gtidocs.virustotal.com/reference/country-profile-object.md)
- [Dark Web Communication Channel](https://gtidocs.virustotal.com/reference/dark-web-communication-channel-object.md)
- [Dark Web Communication](https://gtidocs.virustotal.com/reference/dark-web-communication-object.md)
- [Dark Web Conversation Thread](https://gtidocs.virustotal.com/reference/dark-web-conversation-thread-object.md)
- [Dark Web Service](https://gtidocs.virustotal.com/reference/dark-web-service-object.md)
- [Dark Web User Profile](https://gtidocs.virustotal.com/reference/dark-web-user-profile-object.md)
- [π caa_records](https://gtidocs.virustotal.com/reference/caa_records.md): Records CAA for the domain.
- [π cname_records](https://gtidocs.virustotal.com/reference/cname_records.md): Records CNAME for the domain.
- [π comments](https://gtidocs.virustotal.com/reference/domain-comments.md): Comments in Domain objects
- [π communicating_files](https://gtidocs.virustotal.com/reference/domain-communicating_files.md)
- [π downloaded_files](https://gtidocs.virustotal.com/reference/domain-downloaded_files.md)
- [π historical_ssl_certificates](https://gtidocs.virustotal.com/reference/domain-historical_ssl_certificates.md): All SSL certificates that have been associated with the domain at some moment in time.
- [π historical_whois](https://gtidocs.virustotal.com/reference/domain-historical_whois.md): All whois records that have been associated with the domain at some moment in time.
- [π referrer_files](https://gtidocs.virustotal.com/reference/domain-referrer_files.md): Files containing the domain on its strings.
- [π related_comments](https://gtidocs.virustotal.com/reference/domain-related_comments.md): Comments posted in related objects
- [π resolutions](https://gtidocs.virustotal.com/reference/domain-resolutions.md): Domain's IP resolutions.
- [π urls](https://gtidocs.virustotal.com/reference/domain-urls.md): Domain's URLs.
- [π collections](https://gtidocs.virustotal.com/reference/domains-object-collections.md): Collections containing this domain.
- [π graphs](https://gtidocs.virustotal.com/reference/domains-object-graphs.md)
- [π related_threat_actors](https://gtidocs.virustotal.com/reference/domains-object-related_threat_actors.md): Related Threat Actors for a given domain.
- [ππ§βπ» user_votes](https://gtidocs.virustotal.com/reference/domains-object-user_votes.md): Domain's user votes.
- [π votes](https://gtidocs.virustotal.com/reference/domains-object-votes.md): Domain's votes.
- [π immediate_parent](https://gtidocs.virustotal.com/reference/immediate_parent.md): Domain's immediate parent.
- [Domains](https://gtidocs.virustotal.com/reference/domains-object.md): Along with URLs, Google Threat Intelligence stores information related network locations, as domains and IP addresses. Within this section we will go through the information provided by Domain objects.
- [π mx_records](https://gtidocs.virustotal.com/reference/mx_records.md): Records MX for the domain.
- [π ns_records](https://gtidocs.virustotal.com/reference/ns_records.md): Records NS for the domain.
- [π parent](https://gtidocs.virustotal.com/reference/parent.md): Domain's parent.
- [π siblings](https://gtidocs.virustotal.com/reference/siblings.md)
- [π soa_records](https://gtidocs.virustotal.com/reference/soa_records.md): Records SOA for the domain.
- [π subdomains](https://gtidocs.virustotal.com/reference/subdomains.md): Domain's subdomains.
- [π attack_techniques](https://gtidocs.virustotal.com/reference/file-behaviour-object-attack-techniques.md): File behaviour's ATT&CK techniques
- [dns_lookups](https://gtidocs.virustotal.com/reference/file-behaviour-object-dns-lookup.md): DNS queries
- [π file](https://gtidocs.virustotal.com/reference/file-behaviour-object-file.md): File behaviour's file
- [files_copied](https://gtidocs.virustotal.com/reference/file-behaviour-object-files-copied.md): Object that describes a file copy or move.
- [files_dropped](https://gtidocs.virustotal.com/reference/file-behaviour-object-files-dropped.md): Interesting files written to disk during execution.
- [http_conversations](https://gtidocs.virustotal.com/reference/file-behaviour-object-http-conversations.md): HTTP Calls.
- [ip_traffic](https://gtidocs.virustotal.com/reference/file-behaviour-object-ip-traffic.md): Outgoing connections seen during the execution of the given file.
- [permissions_checked](https://gtidocs.virustotal.com/reference/file-behaviour-object-permissions-checked.md): Records a query to see whether a given component/package/process/service has a particular permission.
- [processes_tree](https://gtidocs.virustotal.com/reference/file-behaviour-object-processes-tree.md): Created processes during the execution of a given file.
- [sms_sent](https://gtidocs.virustotal.com/reference/file-behaviour-object-sms-sent.md): Sent SMSs during the execution of the file under study.
- [tags](https://gtidocs.virustotal.com/reference/file-behaviour-object-tags.md): Sandbox behavior tagged with a complex operation
- [verdicts](https://gtidocs.virustotal.com/reference/file-behaviour-object-verdicts.md): Verdicts to tag a sample from sandbox behaviour
- [Files Behaviour](https://gtidocs.virustotal.com/reference/file-behaviour-summary-object.md): File behaviour reports
- [π analyses](https://gtidocs.virustotal.com/reference/file-object-analyses.md): All analyses made for a given file.
- [androguard](https://gtidocs.virustotal.com/reference/file-object-androguard.md): information about Android files.
- [asf_info](https://gtidocs.virustotal.com/reference/file-object-asf-info.md): information about Microsoft Advanced Streaming/Systems Format (ASF) files.
- [authentihash](https://gtidocs.virustotal.com/reference/file-object-authentihash.md): hash to verify PE files.
- [bundle_info](https://gtidocs.virustotal.com/reference/file-object-bundle-info.md): information about compressed files.
- [π bundled_files](https://gtidocs.virustotal.com/reference/file-object-bundled-files.md): Files bundled within the file.
- [π carbonblack_children](https://gtidocs.virustotal.com/reference/file-object-carbonblack-children.md): Files derived from the file according to Carbon Black.
- [π carbonblack_parents](https://gtidocs.virustotal.com/reference/file-object-carbonblack-parents.md): Files from where the file was derived according to Carbon Black.
- [class_info](https://gtidocs.virustotal.com/reference/file-object-class-info.md): information about Java .class bytecode files.
- [π collections](https://gtidocs.virustotal.com/reference/file-object-collections.md): Collections containing this file.
- [π comments](https://gtidocs.virustotal.com/reference/file-object-comments.md): Comments in file objects.
- [π compressed_parents](https://gtidocs.virustotal.com/reference/file-object-compressed-parents.md): File bundles from where the file was found inside.
- [π contacted_domains](https://gtidocs.virustotal.com/reference/file-object-contacted-domains.md): Domains contacted by a given file
- [π contacted_ips](https://gtidocs.virustotal.com/reference/file-object-contacted-ips.md): IP addresses contacted by a given file
- [π contacted_urls](https://gtidocs.virustotal.com/reference/file-object-contacted-urls.md): URL addresses contacted by a given file
- [crowdsourced_ids_results](https://gtidocs.virustotal.com/reference/file-object-crowdsourced-ids-results.md): IDS matches for the file.
- [crowdsourced_ids_stats](https://gtidocs.virustotal.com/reference/file-object-crowdsourced-ids-stats.md): IDS results stats.
- [crowdsourced_yara_results](https://gtidocs.virustotal.com/reference/file-object-crowdsourced-yara-results.md): YARA matches from crowdsourced rules.
- [deb_info](https://gtidocs.virustotal.com/reference/file-object-deb-info.md): information about Debian packages.
- [detectiteasy](https://gtidocs.virustotal.com/reference/file-object-detectiteasy.md): File type identification tool.
- [dmg_info](https://gtidocs.virustotal.com/reference/file-object-dmg-info.md): information about mountable macOS disk images.
- [dot_net_assembly](https://gtidocs.virustotal.com/reference/file-object-dot-net-assembly.md): information about Microsoft .NET files.
- [dot_net_guids](https://gtidocs.virustotal.com/reference/file-object-dot-net-guids.md): identifiers for Microsoft .NET assemblies.
- [π dropped_files](https://gtidocs.virustotal.com/reference/file-object-dropped-files.md)
- [elf_info](https://gtidocs.virustotal.com/reference/file-object-elf-info.md): information about Unix ELF files.
- [π email_attachments](https://gtidocs.virustotal.com/reference/file-object-email-attachments.md): Files attached to a given email file.
- [π email_parents](https://gtidocs.virustotal.com/reference/file-object-email-parents.md): Email files containing the file.
- [π embedded_domains](https://gtidocs.virustotal.com/reference/file-object-embedded-domains.md): Domain names embedded in the file.
- [π embedded_ips](https://gtidocs.virustotal.com/reference/file-object-embedded-ips.md): IP addresses embedded in the file.
- [π embedded_urls](https://gtidocs.virustotal.com/reference/file-object-embedded-urls.md): IP addresses embedded in the file.
- [π execution_parents](https://gtidocs.virustotal.com/reference/file-object-execution-parents.md): Files that executed the file.
- [exiftool](https://gtidocs.virustotal.com/reference/file-object-exiftool.md): information about EXIF metadata from files.
- [π graphs](https://gtidocs.virustotal.com/reference/file-object-graphs.md)
- [html_info](https://gtidocs.virustotal.com/reference/file-object-html-info.md): Information from HTML files
- [image_code_injections](https://gtidocs.virustotal.com/reference/file-object-image-code-injections.md): code injection inside image files.
- [ipa_info](https://gtidocs.virustotal.com/reference/file-object-ipa-info.md): information about iOS App Store Package files.
- [isoimage_info](https://gtidocs.virustotal.com/reference/file-object-isoimage-info.md): information about ISO image files.
- [π itw_domains](https://gtidocs.virustotal.com/reference/file-object-itw-domains.md): In the wild domain names from where the file has been downloaded.
- [π itw_ips](https://gtidocs.virustotal.com/reference/file-object-itw-ips.md): In the wild IP addresses from where the file has been downloaded.
- [π itw_urls](https://gtidocs.virustotal.com/reference/file-object-itw-urls.md): In the wild URLs from where the file has been downloaded.
- [jar_info](https://gtidocs.virustotal.com/reference/file-object-jar-info.md): information about Java Archive files.
- [javascript_info](https://gtidocs.virustotal.com/reference/file-object-javascript-info.md): Information extracted out of Javascript files
- [known_distributors](https://gtidocs.virustotal.com/reference/file-object-known-distributors.md): Information about the file's distributors
- [lnk_info](https://gtidocs.virustotal.com/reference/file-object-lnk-info.md): information about Microsoft Windows LNK files
- [macho_info](https://gtidocs.virustotal.com/reference/file-object-macho-info.md): information about Apple MachO files.
- [magic](https://gtidocs.virustotal.com/reference/file-object-magic.md): identification of files via magic number.
- [malware_config](https://gtidocs.virustotal.com/reference/file-object-malware-config.md): Malware configuration for certain malware families
- [π memory_pattern_domains](https://gtidocs.virustotal.com/reference/file-object-memory-pattern-domains.md): Domains extracted from the memory pattern of the file.
- [π memory_pattern_ips](https://gtidocs.virustotal.com/reference/file-object-memory-pattern-ips.md): IPs extracted from the memory pattern of the file.
- [π memory_pattern_urls](https://gtidocs.virustotal.com/reference/file-object-memory-pattern-urls.md): URLs extracted from the memory pattern of the file.
- [monitor_info](https://gtidocs.virustotal.com/reference/file-object-monitor-info.md): Information from VT monitor
- [nsrl_info](https://gtidocs.virustotal.com/reference/file-object-nsrl-info.md): Whitelisted files from the NSRL.
- [office_info](https://gtidocs.virustotal.com/reference/file-object-office-info.md): Microsoft Office files structure information.
- [openxml_info](https://gtidocs.virustotal.com/reference/file-object-openxml-info.md): Microsoft OpenXML files information.
- [π overlay_children](https://gtidocs.virustotal.com/reference/file-object-overlay-children.md): Files contained by the file as an overlay.
- [π overlay_parents](https://gtidocs.virustotal.com/reference/file-object-overlay-parents.md): Files containing the file as an overlay.
- [password_info](https://gtidocs.virustotal.com/reference/file-object-password-info.md): Information from password protected files
- [π pcap_children](https://gtidocs.virustotal.com/reference/file-object-pcap-children.md): PCAP files seen in the file.
- [π pcap_parents](https://gtidocs.virustotal.com/reference/file-object-pcap-parents.md): PCAP files that contain the file.
- [pdf_info](https://gtidocs.virustotal.com/reference/file-object-pdf-info.md): information about Adobe PDF files.
- [pe_info](https://gtidocs.virustotal.com/reference/file-object-pe-info.md): Microsoft Windows Portable Executable file format info.
- [π pe_resource_children](https://gtidocs.virustotal.com/reference/file-object-pe-resource-children.md): PE files contained by the file as a resource.
- [π pe_resource_parents](https://gtidocs.virustotal.com/reference/file-object-pe-resource-parents.md): PE files containing the file as a resource.
- [packers](https://gtidocs.virustotal.com/reference/file-object-peid.md): identification of packers used by files.
- [popular_threat_classification](https://gtidocs.virustotal.com/reference/file-object-popular-threat-classification.md): Human readable names extracted from the AV verdicts and clustering hashes
- [powershell_info](https://gtidocs.virustotal.com/reference/file-object-powershell-info.md)
- [π related_threat_actors](https://gtidocs.virustotal.com/reference/file-object-related-threat-actors.md): Related Threat Actors for a given file.
- [rombios_info](https://gtidocs.virustotal.com/reference/file-object-rombios-info.md): information about BIOS, EFI, UEFI and related archives.
- [rtf_info](https://gtidocs.virustotal.com/reference/file-object-rtf-info.md): information about Microsoft Rich Text Format files.
- [sandbox_verdicts](https://gtidocs.virustotal.com/reference/file-object-sandbox-verdicts.md): Sandbox verdicts for the file.
- [π screenshots](https://gtidocs.virustotal.com/reference/file-object-screenshots.md): Screenshots obtained from the execution of the file.
- [sigma_analysis_results](https://gtidocs.virustotal.com/reference/file-object-sigma-analysis-results.md): Sigma results for the file.
- [sigma_analysis_stats](https://gtidocs.virustotal.com/reference/file-object-sigma-analysis-stats.md): Sigma analysis stats for the file.
- [π sigma_analysis](https://gtidocs.virustotal.com/reference/file-object-sigma-analysis.md): Last Sigma analysis results.
- [signature_info](https://gtidocs.virustotal.com/reference/file-object-signature-info.md): Information about signed PE and Mach-O files.
- [π similar_files](https://gtidocs.virustotal.com/reference/file-object-similar-files.md): Files similar to the file.
- [snort](https://gtidocs.virustotal.com/reference/file-object-snort.md): Matched Snort alerts in PCAP network captures.
- [ssdeep](https://gtidocs.virustotal.com/reference/file-object-ssdeep.md): CTPH hash of the file content.
- [π submissions](https://gtidocs.virustotal.com/reference/file-object-submissions.md): File submissions
- [suricata](https://gtidocs.virustotal.com/reference/file-object-suricata.md): Matched suricata alerts for PCAP network captures.
- [swf_info](https://gtidocs.virustotal.com/reference/file-object-swf-info.md): Information about Adobe Shockwave Flash files.
- [telfhash](https://gtidocs.virustotal.com/reference/file-object-telfhash.md): File's Trend Micro ELF Hash (aka telfhash)
- [tlsh](https://gtidocs.virustotal.com/reference/file-object-tlsh.md): Trend Micro's TLSH hash
- [traffic_inspection](https://gtidocs.virustotal.com/reference/file-object-traffic-inspection.md): Traffic notions extracted from PCAP network captures.
- [trid](https://gtidocs.virustotal.com/reference/file-object-trid.md): file type identification tool.
- [π urls_for_embedded_js](https://gtidocs.virustotal.com/reference/file-object-urls-for-embedded-js.md): URLs where a given JS file is embedded
- [ππ§βπ» user_votes](https://gtidocs.virustotal.com/reference/file-object-user-votes.md): Votes for a given file made by the current user
- [vba_info](https://gtidocs.virustotal.com/reference/file-object-vba-info.md): VBA macros information
- [π votes](https://gtidocs.virustotal.com/reference/file-object-votes.md): Votes for a given file
- [wireshark](https://gtidocs.virustotal.com/reference/file-object-wireshark.md): Metadata produced by Wireshark when acting on the file.
- [π bundled_files](https://gtidocs.virustotal.com/reference/files-bundled_files.md): Files bundled within the file.
- [π embedded_urls](https://gtidocs.virustotal.com/reference/files-embedded_urls.md): IP addresses embedded in the file.
- [Files](https://gtidocs.virustotal.com/reference/file-object.md): Information about files
- [π comments](https://gtidocs.virustotal.com/reference/graph-comments.md): Comments in a graph
- [π editors](https://gtidocs.virustotal.com/reference/graph-editors.md): Users that can edit a graph
- [π group](https://gtidocs.virustotal.com/reference/graph-group.md): Group owning the graph
- [π items](https://gtidocs.virustotal.com/reference/graph-items.md): Contained objects in the graph
- [π owner](https://gtidocs.virustotal.com/reference/graph-owner.md): User owning the graph
- [π viewers](https://gtidocs.virustotal.com/reference/graph-viewers.md): Users that can view a graph
- [Graphs](https://gtidocs.virustotal.com/reference/graph-object.md): Information about graphs.
- [ππ§βπ» administrators](https://gtidocs.virustotal.com/reference/group-administrators.md): Users administrating the group
- [ππ§βπ» graphs](https://gtidocs.virustotal.com/reference/group-graphs.md): VT Graphs the group is owner/editor/viewer of.
- [ππ§βπ» users](https://gtidocs.virustotal.com/reference/group-users.md): Group members
- [Groups](https://gtidocs.virustotal.com/reference/group-object.md): Groups of users in Google Threat Intelligence
- [Hunting Notifications](https://gtidocs.virustotal.com/reference/hunting-notification-object.md): Generated notifications by matches in Hunting Rulesets
- [Hunting Rulesets](https://gtidocs.virustotal.com/reference/hunting-ruleset-object.md): User's hunting rulesets
- [Industry Profile](https://gtidocs.virustotal.com/reference/industry-profile-object.md)
- [IoC Collection](https://gtidocs.virustotal.com/reference/ioc-collection-object.md): Information about IoC collections
- [IoC-Stream Notifications](https://gtidocs.virustotal.com/reference/ioc-stream-notifications-object.md): Generated notifications by matches in the IoC-Stream
- [IP addresses](https://gtidocs.virustotal.com/reference/ip-object.md): IPv4 addresses are other of the network locations that Google Threat Intelligence stores information about. A description of the fields stored within these objects follows.
- [π collections](https://gtidocs.virustotal.com/reference/ip-object-collections.md): Collections containing this IP address.
- [π comments](https://gtidocs.virustotal.com/reference/ip-object-comments.md): Comments posted in a IP address.
- [π communicating_files](https://gtidocs.virustotal.com/reference/ip-object-communicating-files.md)
- [π downloaded_files](https://gtidocs.virustotal.com/reference/ip-object-downloaded-files.md)
- [π graphs](https://gtidocs.virustotal.com/reference/ip-object-graphs.md)
- [π historical_ssl_certificates](https://gtidocs.virustotal.com/reference/ip-object-historical-ssl-certificates.md): All SSL certificates that have been associated with the IP at some moment in time.
- [π historical_whois](https://gtidocs.virustotal.com/reference/ip-object-historical-whois.md): All whois records associated with the IP address at some moment in time.
- [π referrer_files](https://gtidocs.virustotal.com/reference/ip-object-referrer-files.md): File containing the IP address on its strings.
- [π related_comments](https://gtidocs.virustotal.com/reference/ip-object-related-comments.md): Comments posted in related objects.
- [π related_threat_actors](https://gtidocs.virustotal.com/reference/ip-object-related-threat-actors.md): Related Threat Actors for a given IP address.
- [π resolutions](https://gtidocs.virustotal.com/reference/ip-object-resolutions.md): Domain resolutions for a IP address.
- [π urls](https://gtidocs.virustotal.com/reference/ip-object-urls.md): IP address' URLs
- [ππ§βπ» user_votes](https://gtidocs.virustotal.com/reference/ip-object-user-votes.md): IP address' user votes.
- [π votes](https://gtidocs.virustotal.com/reference/ip-object-votes.md): IP address' votes.
- [Malware Family](https://gtidocs.virustotal.com/reference/malware-family-object.md): Information about malware families
- [π attack_techniques](https://gtidocs.virustotal.com/reference/attack_techniques.md): Attack tactic's techniques.
- [Attack Tactics](https://gtidocs.virustotal.com/reference/object-attack-tactics.md): Information about attack tactics
- [π attack_tactics](https://gtidocs.virustotal.com/reference/attack_tactics.md): Attack technique's tactics.
- [π threat_actors](https://gtidocs.virustotal.com/reference/attack-techniques-threat_actors.md): Attack technique's threat actors
- [Attack Techniques](https://gtidocs.virustotal.com/reference/object-attack-techniques.md): Information about attack techniques
- [π parent_technique](https://gtidocs.virustotal.com/reference/parent_technique.md): Attack technique's parent technique.
- [π revoking_technique](https://gtidocs.virustotal.com/reference/revoking_technique.md): Attack technique's revoking technique.
- [π subtechniques](https://gtidocs.virustotal.com/reference/subtechniques.md): Attack technique's sub-techniques.
- [Operations](https://gtidocs.virustotal.com/reference/operation-object.md): Asynchronous operations
- [Private Analyses](https://gtidocs.virustotal.com/reference/private-analyses-object.md): Private file's analyses
- [π item](https://gtidocs.virustotal.com/reference/private-analyses-object-item.md): Item being analysed
- [π submitter](https://gtidocs.virustotal.com/reference/submitter.md): User who submitted the analysis
- [Private Files Behaviours](https://gtidocs.virustotal.com/reference/private-file-behaviours-object.md): Information about private file behaviours
- [π attack_techniques](https://gtidocs.virustotal.com/reference/private-file-behaviours-attack_techniques.md): Private file behaviour's ATT&CK techniques
- [π file](https://gtidocs.virustotal.com/reference/private-file-behaviours-file.md): Private file behaviour's file.
- [π behaviours](https://gtidocs.virustotal.com/reference/behaviours.md): Behaviour reports for the private file
- [π embedded_ips](https://gtidocs.virustotal.com/reference/embedded_ips.md): IP addresses contained in the file
- [π embedded_urls](https://gtidocs.virustotal.com/reference/embedded_urls.md): URLs contained in the file
- [π execution_parents](https://gtidocs.virustotal.com/reference/execution_parents.md): Files dropping the file during its execution
- [Private Files](https://gtidocs.virustotal.com/reference/private-files-object.md): Information about private files
- [π dropped_files](https://gtidocs.virustotal.com/reference/private-files-object-dropped_files.md): Files dropped during the file's execution
- [π embedded_domains](https://gtidocs.virustotal.com/reference/private-files-object-embedded_domains.md): Domains contained in the file
- [Private URLs Behaviours](https://gtidocs.virustotal.com/reference/private-url-behaviours-object.md): Information about private URL behaviours
- [Private URLs](https://gtidocs.virustotal.com/reference/private-urls-object.md): Information about private URLs
- [Report](https://gtidocs.virustotal.com/reference/report-object.md): Information about reports
- [Resolutions](https://gtidocs.virustotal.com/reference/resolution-object.md): Domain-IP resolutions.
- [Retrohunt Jobs](https://gtidocs.virustotal.com/reference/retrohunt-job-object.md): YARA matching against Google Threat Intelligence's file corpus
- [ππ§βπ» matching_files](https://gtidocs.virustotal.com/reference/retrohunt-job-matching-files.md): Files matching the Retrohunt job.
- [ππ§βπ» owner](https://gtidocs.virustotal.com/reference/retrohunt-job-owner.md): Retrohunt job's owner
- [Saved Searches](https://gtidocs.virustotal.com/reference/saved-search-object.md)
- [Screenshots](https://gtidocs.virustotal.com/reference/screenshots-object.md): screenshot objects
- [Service Accounts](https://gtidocs.virustotal.com/reference/service-accounts-object.md): Information about a Google Threat Intelligence Service Account
- [ππ§βπ» api_quota_group](https://gtidocs.virustotal.com/reference/service-account-object-api-quota-group.md): Group which the user consumes API quota from.
- [π comments](https://gtidocs.virustotal.com/reference/service-account-object-comments.md): Comments posted by a certain user
- [ππ§βπ» groups](https://gtidocs.virustotal.com/reference/service-account-object-groups.md): Groups for which the user is a member.
- [ππ§βπ» intelligence_quota_group](https://gtidocs.virustotal.com/reference/service-account-object-intelligence-quota-group.md): Group which the user consumes Intelligence quota from.
- [π mentions](https://gtidocs.virustotal.com/reference/service-account-object-mentions.md): Comments mentioning the user.
- [Sigma Analyses](https://gtidocs.virustotal.com/reference/sigma-analyses-object.md): Sigma analyses run in sandbox generated sysmon logs.
- [π rules](https://gtidocs.virustotal.com/reference/sigma-analyses-object-rules.md): Matched rules in a Sigma analysis.
- [Sigma Rules](https://gtidocs.virustotal.com/reference/sigma-rule-object.md): Sigma rules matched in Sigma analyses
- [Software and Toolkit](https://gtidocs.virustotal.com/reference/software-toolkit-object.md): Information about software and toolkits
- [SSL Certificate](https://gtidocs.virustotal.com/reference/ssl-certificate-object.md): SSL certificates information.
- [Submissions](https://gtidocs.virustotal.com/reference/submission-object.md): Information about submissions
- [Threat Actor](https://gtidocs.virustotal.com/reference/threat-actor-object.md): Information about threat actors
- [Threat Profile](https://gtidocs.virustotal.com/reference/threat-profile-object.md): Information about threat profile
- [URLs](https://gtidocs.virustotal.com/reference/url-object.md): Information about URLs.
- [π analyses](https://gtidocs.virustotal.com/reference/url-analyses.md): All analyses made for a given URL.
- [π comments](https://gtidocs.virustotal.com/reference/url-comments.md): Comments in URL objects.
- [π contacted_domains](https://gtidocs.virustotal.com/reference/url-contacted_domains.md): Distinct domains from which the URL loads some kind of resource.
- [π contacted_ips](https://gtidocs.virustotal.com/reference/url-contacted_ips.md): Distinct IP addresses from which the URL loads some kind of resource.
- [π downloaded_files](https://gtidocs.virustotal.com/reference/url-downloaded_files.md): Files downloaded from the URL.
- [π graphs](https://gtidocs.virustotal.com/reference/url-graphs.md)
- [π last_serving_ip_address](https://gtidocs.virustotal.com/reference/url-last_serving_ip_address.md): Last IP address that served the URL.
- [π network_location](https://gtidocs.virustotal.com/reference/url-network_location.md): Domain or IP address for the URL.
- [π redirecting_urls](https://gtidocs.virustotal.com/reference/url-redirecting_urls.md): URLs that redirected to the given URL.
- [π redirects_to](https://gtidocs.virustotal.com/reference/url-redirects_to.md): URLs that this url redirects to.
- [π related_comments](https://gtidocs.virustotal.com/reference/url-related_comments.md): Comments in URL's related objects.
- [π submissions](https://gtidocs.virustotal.com/reference/url-submissions.md): URL submissions
- [π communicating_files](https://gtidocs.virustotal.com/reference/urls-communicating_files.md): Files that communicate with this url when they are executed.
- [π embedded_js_files](https://gtidocs.virustotal.com/reference/urls-embedded_js_files.md): Found javascript scripts in the URL's HTML response
- [π collections](https://gtidocs.virustotal.com/reference/urls-object-collections.md): Collections containing this URL.
- [π related_threat_actors](https://gtidocs.virustotal.com/reference/urls-object-related_threat_actors.md): Related Threat Actors for a given URL.
- [ππ§βπ» user_votes](https://gtidocs.virustotal.com/reference/urls-object-user_votes.md): Votes for a given URL made by the current user
- [π referrer_files](https://gtidocs.virustotal.com/reference/urls-referrer_files.md): Files containing a given URL.
- [π referrer_urls](https://gtidocs.virustotal.com/reference/urls-referrer_urls.md): URLs that refer to the given URL.
- [π urls_related_by_tracker_id](https://gtidocs.virustotal.com/reference/urls-urls_related_by_tracker_id.md): URLs having trackers with the same IDs
- [π votes](https://gtidocs.virustotal.com/reference/votes.md): Votes for a given URL
- [Users](https://gtidocs.virustotal.com/reference/user-object.md): Information about a Google Threat Intelligence user
- [ππ§βπ» api_quota_group](https://gtidocs.virustotal.com/reference/user-object-api-quota-group.md): Group which the user consumes API quota from.
- [π collections](https://gtidocs.virustotal.com/reference/user-object-collections.md)
- [π comments](https://gtidocs.virustotal.com/reference/user-object-comments.md): Comments posted by a certain user
- [π graphs](https://gtidocs.virustotal.com/reference/user-object-graphs.md): VT Graphs the user is owner/editor/viewer of
- [ππ§βπ» groups](https://gtidocs.virustotal.com/reference/user-object-groups.md): Groups for which the user is a member.
- [ππ§βπ» hunting_notification_files](https://gtidocs.virustotal.com/reference/user-object-hunting-notification-files.md): Files flagged in the hunting notifications for the user.
- [ππ§βπ» hunting_notifications](https://gtidocs.virustotal.com/reference/user-object-hunting-notifications.md): Hunting notifications for the user.
- [ππ§βπ» hunting_rulesets](https://gtidocs.virustotal.com/reference/user-object-hunting-rulesets.md): Hunting rulesets editable by the user.
- [ππ§βπ» intelligence_quota_group](https://gtidocs.virustotal.com/reference/user-object-intelligence-quota-group.md): Group which the user consumes Intelligence quota from.
- [π mentions](https://gtidocs.virustotal.com/reference/user-object-mentions.md): Comments mentioning the user.
- [ππ§βπ» retrohunt_jobs](https://gtidocs.virustotal.com/reference/user-object-retrohunt-job.md): User's Retrohunt jobs
- [π votes](https://gtidocs.virustotal.com/reference/user-object-votes.md): Votes posted by a certain user
- [Votes](https://gtidocs.virustotal.com/reference/vote-object.md): vote objects
- [Vulnerability](https://gtidocs.virustotal.com/reference/vulnerability-object.md): Information about vulnerabilities
- [Whois](https://gtidocs.virustotal.com/reference/whois-object.md): Domain and IP addresses whois records.
- [YARA Rules](https://gtidocs.virustotal.com/reference/yara-rule-object.md): YARA rules objects
- [YARA Rulesets](https://gtidocs.virustotal.com/reference/yara-rulesets-object.md): YARA rulesets objects
- [Delete](https://gtidocs.virustotal.com/reference/delete_user-collections-uuid.md): Delete a collection
- [Read](https://gtidocs.virustotal.com/reference/get_user-collections-uuid.md): Show details for a specified collection
- [Index](https://gtidocs.virustotal.com/reference/get_user-collections.md): List all collections. if invalid, or no PROJECT-ID is passed, only collections from top project are returned.
- [Archive](https://gtidocs.virustotal.com/reference/patch_user-collections-uuid-archive.md): Archive a collection
- [Unarchive](https://gtidocs.virustotal.com/reference/patch_user-collections-uuid-unarchive.md): Unarchive a collection
- [Create](https://gtidocs.virustotal.com/reference/post_user-collections.md): Creates a new collection
- [Destroy](https://gtidocs.virustotal.com/reference/delete_integrations-uuid.md): Delete an existing integration. This cannot be undone! To obtain a UUID for your integration, please see the GET Index query first: 
- [Jira projects](https://gtidocs.virustotal.com/reference/get_projects-uuid-integrations-jira-projects.md)
- [Index](https://gtidocs.virustotal.com/reference/get_projects-uuid-integrations.md): List all integrations configured for the project.
- [Create](https://gtidocs.virustotal.com/reference/post_projects-uuid-integrations.md): Attack Surface Management currently supports the following integrations, Use the samples in the post body: _**GCP**_: ``` json { "name": "Test GCP Integration", "secrets": { "service_account_email": "Email.Address@Service-Account-here.com" }, "type": "GcpCredential" } ``` **Jira:** ``` json { "name": "Test JIRA Integration", "secrets": { "jira_api_key": "APIKEYHERE", "host": "hostname.com", "username": "Email.Address@here.com" }, "type": "jira" } ``` **Azure:** ``` json { "name": "Test Azure Integration", "secrets": { "tenant_id": "TenantIdhere" }, "type": "azure" } ``` **Github:** ``` json { "name": "Test github Integration", "secrets": { "github_access_token": "TokenHere" }, "type": "github" } ``` **Akamai:** ``` json { "name": "Test akamai Integration", "secrets": { "client_secret": "SecretHere", "host": "hosthere.com", "access_token": "AccessTokenHere", "client_token": "ClientTokenHere" }, "type": "akamai" } ``` **Godaddy:** ``` json { "name": "Test godaddy Integration", "secrets": { "api_key": "KeyHere", "api_secret": "SecretHere" }, "type": "godaddy" } ``` **Cloudflare:** ``` json { "name": "Test cloudflare Integration", "secrets": { "cloudflare_api_key": "APIKeyHere" }, "type": "cloudflare" } ``` **AWS Roles:** ``` json { "name": "Test AwsCredential Integration", "secrets": { "aws_role_arn": "RoleHere" }, "type": "AwsCredential" } ``` **AWS Keys:** ``` json { "name": "Test AwsCredential Integration", "secrets": { "aws_access_key_id": "KeyHere", "aws_secret_access_key": "SecretHere", }, "type": "AwsCredential" } ```
- [Index](https://gtidocs.virustotal.com/reference/get_collections-collection-uuid-collection-runs.md): Returns up to last 10 collection scans
- [Create](https://gtidocs.virustotal.com/reference/post_collections-collection-uuid-collection-runs.md): This will schedule a scan for the collection entered
- [Get Full Detail](https://gtidocs.virustotal.com/reference/get_entities-entity-uid-raw.md): Obtains an individual entity's full details
- [Get Detail](https://gtidocs.virustotal.com/reference/get_entities-entity-uid.md): Obtains an individual entity's searchable details
- [Search Entities](https://gtidocs.virustotal.com/reference/get_search-entities-search-string.md): Search Endpoint for all entity data. If no operator is used, "name" field is searched Valid Search Keywords ('**search_string' parameter)**: - collection:intrigue_123k221 - type:string - ApiEndpoint, AppEndpoint, AutonomousSystem, AwsEC2Instance, AwsRdsDbInstance, AwsS3Bucket, AzureStorageAccount, AzureVirtualMachine, DnsRecord, Domain, EmailAddress, GcpApiGateway, GcpAppEngineApplication, GcpCloudFunction, GcpCloudSQLInstance, GcpComputeEngineInstance, GcpStorageBucket, GithubAccount, GithubRepository, IpAddress, Nameserver, NetBlock, NetworkService, SslCertificate, UniqueKeyword, UniqueToken, Uri - name:string - hidden:false | true - tag:tagname - country:us (alpha-2 country coded) - uid:12345 - last_seen_after:string - last_scan_count_1 (1-10) - last_refresh - configured_scan_count - YYYY-MM-DD - last_seen_before:string - last_scan_count_1 (1-10) - last_refresh - configured_scan_count - YYYY-MM-DD - first_seen_after:string - last_scan_count_1 (1-10) - last_refresh - configured_scan_count - YYYY-MM-DD - scoped:true | false - http_code:404 - http_auth:true | false - http_auth_basic:true | false - http_auth_ntlm:true | false - http_title:string - http_forms:true | false - http_cookie - technology:jquery - cloud:true | false - cloud_provider - network - port_tcp - port_udp - port_count_lte:1 - port_count_gte:1 - issue_count_lte:1 - issue_count_gte:1 - vuln:cve - vuln_count_gte:1 - vuln_count_lte:1 - critical_or_high:true | false - resolves_to:string
- [Destroy](https://gtidocs.virustotal.com/reference/delete_integration-collections-uuid.md): Removes integration from a Collection. Integration will not be deleted from the platform. UUID is of the integration_collection. found in /api/v3/asm/integration_collections. This value is also displayed in the post Create /api/v3/asm/user_collections/:collection_uuid/integration_collections
- [Index](https://gtidocs.virustotal.com/reference/get_integration-collections.md): Returns current integrations assigned to collections.
- [Create](https://gtidocs.virustotal.com/reference/post_user-collections-collection-uuid-integration-collections.md): Assigns an existing integration to a collection. To create an integration, see Integrations Section. "integration_uuid" within the body can be found in /api/v3/asm/projects/:uuid/integrations
- [Get Detail](https://gtidocs.virustotal.com/reference/get_issues-id.md): Gets an individual entity's details
- [Search Issues](https://gtidocs.virustotal.com/reference/get_search-issues-search-string.md): Search Endpoint for all issue data. If no operator is used, "name" field is searched Valid Search Keywords ('**search_string' parameter)**: - collection:name_123k221 - name:string - uid:12345 - tag:tag_name - last_seen_after:string - last_scan_count_1 (1-10) - last_refresh - YYYY-MM-DD - configured_scan_count - last_seen_before:string - last_scan_count_1 (1-10) - last_refresh - YYYY-MM-DD - configured_scan_count - first_seen_after:string - last_scan_count_1 (1-10) - last_refresh - YYYY-MM-DD - configured_scan_count - entity_uid:12345 - entity_type:string - ApiEndpoint, AppEndpoint, AutonomousSystem, AwsEC2Instance, AwsRdsDbInstance, AwsS3Bucket, AzureStorageAccount, AzureVirtualMachine, DnsRecord, Domain, EmailAddress, GcpApiGateway, GcpAppEngineApplication, GcpCloudFunction, GcpCloudSQLInstance, GcpComputeEngineInstance, GcpStorageBucket, GithubAccount, GithubRepository, IpAddress, Nameserver, NetBlock, NetworkService, SslCertificate, UniqueKeyword, UniqueToken, Uri - entity_name:string - scoped:true | false - severity:integer 1-5 - severity_lte:integer 1-5 - severity_gte:integer 1-5 - status_new:open or closed - status_detailed:string - open_triaged, open_in_progress, closed_mitigated, closed_resolved, closed_duplicate, closed_out_of_scope, closed_benign, closed_risk_accepted, closed_false_positive, closed_no_reproduce, closed_tracked_externally
- [Set Status](https://gtidocs.virustotal.com/reference/post_issues-id-status.md): Set status on an individual entity. The body takes a json input with a single 'status' field. Values for Payload status: - open_new - open_triaged - open_in_progress - closed_resolved - closed_duplicate - closed_out_of_scope - closed_benign - closed_risk_accepted - closed_false_positive - closed_no_repro - closed_tracked_externally - closed
- [Catalog Stats](https://gtidocs.virustotal.com/reference/get_library-catalog-stats.md): Statistics about the Catalog
- [Entities Stats](https://gtidocs.virustotal.com/reference/get_library-entities-stats.md)
- [Entities List](https://gtidocs.virustotal.com/reference/get_library-entities.md): Returns types of entities.
- [Fingerprint Stats](https://gtidocs.virustotal.com/reference/get_library-fingerprints-stats.md): Statistics about the Fingerprint (ident) capabilities
- [Fingerprints List](https://gtidocs.virustotal.com/reference/get_library-fingerprints.md): Returns Technology fingerprints from Library.
- [Issues List - Export as CSV](https://gtidocs.virustotal.com/reference/get_library-issues-export-csv.md)
- [Issues List - Specific Isssue](https://gtidocs.virustotal.com/reference/get_library-issues-issue-name.md): Send a specific entity type, and get the definition
- [Issues Stats](https://gtidocs.virustotal.com/reference/get_library-issues-stats.md): Statistics about the issues, Total count, Count by category:
- [Issues List](https://gtidocs.virustotal.com/reference/get_library-issues.md): View list of all issue types. Change Page value to display next 100 issues.
- [Tasks List - Export as CSV](https://gtidocs.virustotal.com/reference/get_library-tasks-export-csv.md)
- [Tasks Stats](https://gtidocs.virustotal.com/reference/get_library-tasks-stats.md): Returns a list of current task type count, and count by Author:
- [Tasks List](https://gtidocs.virustotal.com/reference/get_library-tasks.md): View all tasks. Change Page value to display next 100
- [Delete](https://gtidocs.virustotal.com/reference/delete_notes-item-type-item-uid-note-uid.md): Deletes all notes on an entity or issue.
- [Index](https://gtidocs.virustotal.com/reference/get_notes-item-type-item-uid.md): Lists all notes on an entity or issue.
- [Create](https://gtidocs.virustotal.com/reference/post_notes-item-type-item-uid.md): Creates a note on an entity or issue.
- [Delete](https://gtidocs.virustotal.com/reference/delete_projects-uuid.md): This api endpoint will delete a project.
- [Index](https://gtidocs.virustotal.com/reference/get_projects.md): List all projects
- [Create](https://gtidocs.virustotal.com/reference/post_projects.md): Create a new project Body: ``` json { "name" : "New Project Name" } ```
- [Delete](https://gtidocs.virustotal.com/reference/delete_entities-entity-id.md): delete a user entity / seed
- [Index](https://gtidocs.virustotal.com/reference/get_user-collections-collection-uuid-user-entities.md): endpoint to list user entities / seeds
- [Create](https://gtidocs.virustotal.com/reference/post_user-collections-collection-uuid-user-entities.md): endpoint which creates a user entity (could be a seed or not) for a collection
- [Delete](https://gtidocs.virustotal.com/reference/delete_tags-item-type-item-uid-tag-name.md): Deletes a tag on an issue
- [Index](https://gtidocs.virustotal.com/reference/get_tags-item-type-item-uid.md): Lists all tags on an entity or issue.
- [Create](https://gtidocs.virustotal.com/reference/post_tags-item-type-item-uid.md): Creates a tag on an entity or issue.
- [Search Technologies](https://gtidocs.virustotal.com/reference/get_search-technologies-search-string.md): Search Endpoint for all technology data. If no operator is used, "name" field is searched Valid Search Keywords ('**search_string' parameter)**: - collection:intrigue_123k221 - name:google_analytics - label:wordpress_plugin - last_seen_after:string - last_scan_count_1 (1-10) - last_refresh - configured_scan_count - YYYY-MM-DD - last_seen_before:string - last_scan_count_1 (1-10) - last_refresh - configured_scan_count - YYYY-MM-DD - first_seen_after:string - last_scan_count_1 (1-10) - last_refresh - configured_scan_count - YYYY-MM-DD - cpe_type:application or service, hardware, os - product:text - vendor:google
- [Get Entity point in time](https://gtidocs.virustotal.com/reference/get_time-series-point-in-time-entities-uid.md): Returns entity details of an entity for a specific point in time. | **Key** | Format | **Notes** | | --- | --- | --- | | uid | string | required
id or uuid from [https://asm-api.advantage.mandiant.com/search/entities/:search_string](https://asm-api.advantage.mandiant.com/search/entities/:search_string) | | point_in_time | YYYY-MM-DD or ISO8601 timestamp string (UTC) | required
Results from from [https://asm-api.advantage.mandiant.com/time_series/points_in_time/entities/:uid?start=](https://asm-api.advantage.mandiant.com/time_series/points_in_time/entities/:uid?start=)
Example: 2023-06-26T09:50:20Z, or YYYY-MM-DD |
- [Get Issue point in time](https://gtidocs.virustotal.com/reference/get_time-series-point-in-time-issues-uid.md): Returns issue details for issues associated with an entity at a specific point in time. | key | Format | **Notes** | | --- | --- | --- | | property | status, last_seen | required | | property_end_value_filter | string | optional
If provided, the result set will be filtered to only return results where the property value at the end point in time is equal to the provided filter value. | | transition | changed, unchanged, stagnated | required
changed means the property had more than one value over the time period
Example: 1, 2, 3, 4
unchanged means the property had only one value over the time period
Example: 1, 1, 1, 1
stagnated means the property initially was changing but ended up unchanged (more than one consecutive trailing value are the same)
Example: 1, 2, 3, 3 | | start | ISO8601 timestamp string (UTC) | required
Example: 2023-06-16T09:50:20Z | | end | ISO8601 timestamp string (UTC) | required
Example: 2023-06-26T09:50:20Z |
- [Get Entity points in time](https://gtidocs.virustotal.com/reference/get_time-series-points-in-time-entities-uid.md): Returns the dates of when an entity was seen.
- [Get Issue points in time](https://gtidocs.virustotal.com/reference/get_time-series-points-in-time-issues-uid.md): Returns the dates of when an issue was seen.
- [Generate a personal Authorization Token](https://gtidocs.virustotal.com/reference/get-auth-token.md)
- [Get an hourly Threat List](https://gtidocs.virustotal.com/reference/get-hourly-threat-list.md)
- [Get the latest Threat List](https://gtidocs.virustotal.com/reference/get-latest-threat-list.md)
- [List provisioned Categorised Threat Lists](https://gtidocs.virustotal.com/reference/list-provisioned-threat-lists.md)
- [Export Dashboard Data](https://gtidocs.virustotal.com/reference/dashboards-download.md)
- [Delete a file attachment from an alert](https://gtidocs.virustotal.com/reference/delete-alert-attachment.md): Delete an existing file attachment from an alert.
- [Download a file attachment from an alert](https://gtidocs.virustotal.com/reference/download-alert-analysis-attachment.md): Download the file attachment from an alert.
- [List the file attachments for the alert](https://gtidocs.virustotal.com/reference/get-alert-analysis-attachments.md): List the file attachments for a given alert.
- [Upload attachments to an alert's analysis](https://gtidocs.virustotal.com/reference/post-alert-analysis-attachment.md): Upload one or more files to the alert's analysis. The following file type extensions are supported; doc, docx, xls, xlsx, pdf, png, zip, csv, txt
- [Update the analysis text on an alert](https://gtidocs.virustotal.com/reference/put-alert-analysis.md): Update the analysis text on an alert object. The empty string will clear out existing analysis. Markdown format can be used.
- [List audit records for a given alert](https://gtidocs.virustotal.com/reference/get-alert-audit.md): Get alert audit records for a given alert. This API uses the next link header to provide the URI of the next page of results. When fetching subsequent pages, only use the link header URI.
- [List alert audit records](https://gtidocs.virustotal.com/reference/get-all-alert-audit.md): Get alert audit records. This API uses the next link header to provide the URI of the next page of results. When fetching subsequent pages, only use the link header URI.
- [List child alerts for a given aggregated alert bucket](https://gtidocs.virustotal.com/reference/get-agg-child-alerts.md): Get child alerts for a given bucket. This API uses the next link header to provide the URI of the next page of results. When fetching subsequent pages, only use the link header URI.
- [Get an existing alert by its ID](https://gtidocs.virustotal.com/reference/get-alerts-id.md): Get an existing alert by ID.
- [List alerts](https://gtidocs.virustotal.com/reference/get-alerts.md): Get alerts for the current organization. This API uses the next link header to provide the URI of the next page of results. When fetching subsequent pages, only use the link header URI.
- [Update field(s) of an alert](https://gtidocs.virustotal.com/reference/patch-alerts-id.md): Updates the specified fields for an existing alert. Note that not all fields of an alert are writable.
- [Asynchronously bulk update alerts using query params to target the alerts](https://gtidocs.virustotal.com/reference/post-alerts-bulk-apply.md): Asynchronously update alerts using query params to taget which alerts will be updated.
- [Synchronously bulk update alerts](https://gtidocs.virustotal.com/reference/post-alerts-bulk.md): Bulk apply updates to alerts. The only updatable fields are those available via the PATCH alert API. Updates occur synchronously.
- [Fetch the labels for an existing document](https://gtidocs.virustotal.com/reference/get-docs-type-id-labels.md): A read-only endpoint to fetch the labels for an existing document indexed in our system.
- [Fetch the topics for an existing document](https://gtidocs.virustotal.com/reference/get-docs-type-id-topics.md): A read-only endpoint to fetch the topics for an existing document saved in the system.
- [Retrieve an indexed document by its type and ID](https://gtidocs.virustotal.com/reference/get-docs-type-id.md): A read-only endpoint that fetches an indexed document (optionally) along with its topics and labels.
- [Search for documents](https://gtidocs.virustotal.com/reference/post-docs-search.md): Search documents using Lucene syntax. Search requests are limited to 60 seconds in duration. Requests exceeding this time will be terminated and should be scoped using date ranges.
- [DTM Pagination](https://gtidocs.virustotal.com/reference/dtm-pagination.md)
- [Delete email settings](https://gtidocs.virustotal.com/reference/delete-settings-email-id.md): Delete existing email settings by ID.
- [Fetch an email setting](https://gtidocs.virustotal.com/reference/get-settings-email-id.md): Get email settings by ID.
- [List email settings](https://gtidocs.virustotal.com/reference/list-settings-email.md): List email settings for your organization.
- [Update email settings](https://gtidocs.virustotal.com/reference/patch-settings-email-id.md): Update existing email settings for the properties given in the request body. All other properties remain unchanged.
- [Reverify one or more email recipients](https://gtidocs.virustotal.com/reference/post-settings-email-id-reverify.md): Reverify existing email settings recipients by setting their status to "pending" and resending the email address verification email. This can be used if existing recipients did not verify their email address before the verify link expired in thier verification email.
- [Create email settings](https://gtidocs.virustotal.com/reference/post-settings-email.md): Create email settings for your organization. Note that only 1 email setting per organization is allowed.
- [Delete an existing monitor](https://gtidocs.virustotal.com/reference/delete-monitor-id.md): Delete an existing monitor by its ID.
- [Get a monitor by its ID](https://gtidocs.virustotal.com/reference/get-monitor-id.md): Get an existing monitor by ID.
- [List monitor templates for top DTM use cases](https://gtidocs.virustotal.com/reference/get-monitor-templates.md): Lists all monitor templates for top DTM use cases. Templates are intended to be the starting place for montior creation based on a specific use case.
- [List monitors](https://gtidocs.virustotal.com/reference/get-monitors.md): Lists all monitors belonging to the current organization. Pagination is supported and the URI to next page of results is provided in the response link header. If fetching subsequent pages, only use the next link header provided in the previous page of results.
- [Estimate how many alerts will be created for the backfill of an updated monitor](https://gtidocs.virustotal.com/reference/patch-monitor-backfill-estimate.md): Estimate how many alerts will be created when backfilling the given updated monitor. Only newly added domains are considered for backfill. Backfill is only applicable for monitors created from the Compromised Credential monitor template.
- [Asynchronously backfill alerts for new domains](https://gtidocs.virustotal.com/reference/patch-monitor-backfill.md): Asynchronously backfill alerts for the new domains added in the latest version of the monitor (when compared to it's previous version) using the time range specified. This API is only supported for monitors created from the Compromised Credential monitor template and will create at most 10,000 alerts.
- [Partial update an existing monitor](https://gtidocs.virustotal.com/reference/patch-monitor-id.md): Partial update an existing monitor with the fields in the request body. This request only updates the specified fields in the request body; the remaining fields of the existing monitor are unchanged.
- [Estimate how many alerts will be created for the backfill of a newly created monitor](https://gtidocs.virustotal.com/reference/post-monitor-backfill-estimate.md): Estimate how many alerts will be created when backfilling the given new monitor. Backfill is only applicable for monitors created from the Compromised Credential monitor template.
- [Asynchronously backfill alerts for the monitor](https://gtidocs.virustotal.com/reference/post-monitor-backfill.md): Begin a new alert backfill for the current monitor using the time range specified. This API is only supported for monitors created from the Compromised Credential monitor template and will create at most 10,000 alerts.
- [Create a new monitor](https://gtidocs.virustotal.com/reference/post-monitor.md): Create a new monitor.
- [Update an existing monitor](https://gtidocs.virustotal.com/reference/put-monitor-id.md): Update an existing monitor by replacing all its fields with the given body.
- [Delete an existing verified domain.](https://gtidocs.virustotal.com/reference/delete-domain-id.md): Delete an existing verified domain by its ID.
- [Get a verified domain by ID](https://gtidocs.virustotal.com/reference/get-verified-domain.md): Get a verified domain by its ID.
- [Download all verified domains with their TXT verification code in CSV format](https://gtidocs.virustotal.com/reference/get-verified-domains-csv.md): Lists all verified domains in CSV format suitable for getting an inventory of the domain TXT record codes to verify.
- [List verified domains for the current organization](https://gtidocs.virustotal.com/reference/get-verified-domains.md): Lists all verified domains. Pagination is supported and the URI to next page of results is provided in the response link header. If fetching subsequent pages, only use the next link header provided in the previous page of results.
- [Add new verified domains](https://gtidocs.virustotal.com/reference/post-domain-bulk.md): Add multiple verified domains.
- [Add a new verified domain](https://gtidocs.virustotal.com/reference/post-domain.md): Add a new verified domain.
- [Perform a synchronous verification check for the domain's TXT record code.](https://gtidocs.virustotal.com/reference/reverify-domain-id.md): Perform a check of the domains TXT record verification code.
- [Get Next Communication in a Channel](https://gtidocs.virustotal.com/reference/get-ddw-channel-next-communications.md)
- [Get Previous Communication in a Channel](https://gtidocs.virustotal.com/reference/get-ddw-channel-previous-communications.md)
- [Get a Dark Web Communication Channel object](https://gtidocs.virustotal.com/reference/get-ddw-communication-channel.md)
- [Get objects related to a Dark Web Communication object](https://gtidocs.virustotal.com/reference/get-ddw-communication-relationships.md)
- [Get a Dark Web Communication object](https://gtidocs.virustotal.com/reference/get-ddw-communication.md)
- [Get objects related to a Dark Web Service object](https://gtidocs.virustotal.com/reference/get-ddw-service-relationships.md)
- [Get a Dark Web Service object](https://gtidocs.virustotal.com/reference/get-ddw-service.md)
- [Get Next Communication in a Thread](https://gtidocs.virustotal.com/reference/get-ddw-thread-next-communications.md)
- [Get Previous Communication in a Thread](https://gtidocs.virustotal.com/reference/get-ddw-thread-previous-communications.md)
- [Get a Dark Web User Profile](https://gtidocs.virustotal.com/reference/get-ddw-user-profile.md)
- [Dark Web](https://gtidocs.virustotal.com/reference/dark-web.md)
- [List Dark Web Communications](https://gtidocs.virustotal.com/reference/list-ddw-communications.md)
- [Add new items to an IoC collection](https://gtidocs.virustotal.com/reference/add-element-to-ioc-collection.md)
- [Add Hunting rulesets association to an IoC Collection](https://gtidocs.virustotal.com/reference/add-hunting-rulesets-relationship.md)
- [Add a comment to a collection](https://gtidocs.virustotal.com/reference/create-collection-comment.md)
- [Create a new collection](https://gtidocs.virustotal.com/reference/create-collection.md)
- [Subscribe to a threat object](https://gtidocs.virustotal.com/reference/create-threat-subscription-preferences.md)
- [Delete a collection](https://gtidocs.virustotal.com/reference/delete-collection.md)
- [Delete items from an IoC collection](https://gtidocs.virustotal.com/reference/delete-element-from-ioc-collection.md)
- [Delete Hunting rulesets association from IoC collection](https://gtidocs.virustotal.com/reference/delete-hunting-rulesets-relationship.md)
- [Delete subscription from a threat object](https://gtidocs.virustotal.com/reference/delete-threat-subscription-preferences.md)
- [Export IOCs from a given threat's relationship](https://gtidocs.virustotal.com/reference/export-iocs-threat-relationship.md)
- [Export aggregations / commonalities from a threat](https://gtidocs.virustotal.com/reference/export-threat-aggregations.md)
- [Export IOCs from a threat](https://gtidocs.virustotal.com/reference/export-threat-iocs.md)
- [Get comments from a collection](https://gtidocs.virustotal.com/reference/get-collection-comments.md)
- [Get a collection](https://gtidocs.virustotal.com/reference/get-collection.md)
- [Get Hunting rulesets associated with an IoC Collection](https://gtidocs.virustotal.com/reference/get-related-hunting-rulesets.md)
- [Get MITRE tactics and techniques associated with a threat](https://gtidocs.virustotal.com/reference/get-threat-mitre-tree.md)
- [Get object descriptors related to a threat](https://gtidocs.virustotal.com/reference/get-threat-related-descriptors.md)
- [Get objects related to a threat](https://gtidocs.virustotal.com/reference/get-threat-relationships.md)
- [Check subscription preferences from threat object](https://gtidocs.virustotal.com/reference/get-threat-subscription-preferences.md)
- [Get a Threat's observed actions list](https://gtidocs.virustotal.com/reference/get-threat-timeline-events.md)
- [Threat Actors, Malware & Tools, Campaigns, IoC Collection, Country and Industry Profiles](https://gtidocs.virustotal.com/reference/threat-actors-malware-tools-campaigns-ioc-collections.md)
- [List collections](https://gtidocs.virustotal.com/reference/list-collections.md)
- [Search IoCs inside a threat](https://gtidocs.virustotal.com/reference/search-iocs-inside-a-threat.md)
- [Update a collection](https://gtidocs.virustotal.com/reference/update-collection.md)
- [Add objects to a Threat Profile](https://gtidocs.virustotal.com/reference/add-threat-profile-recommendations.md)
- [Add or update relationships between a Threat Profile and other objects](https://gtidocs.virustotal.com/reference/add-threat-profile-relationships.md)
- [Create a Threat Profile](https://gtidocs.virustotal.com/reference/create-threat-profile.md)
- [Delete objects from a Threat Profile](https://gtidocs.virustotal.com/reference/delete-threat-profile-recommendations.md)
- [Delete items from a Threat Profile](https://gtidocs.virustotal.com/reference/delete-threat-profile-relationships.md)
- [Delete a Threat Profile](https://gtidocs.virustotal.com/reference/delete-threat-profile.md)
- [Get a Threat Profile's recommendations descriptors](https://gtidocs.virustotal.com/reference/get-threat-profile-recommendations-descriptors.md)
- [Get recommendations of a Threat Profile](https://gtidocs.virustotal.com/reference/get-threat-profile-recommendations.md)
- [Get object descriptors related to a Threat Profile](https://gtidocs.virustotal.com/reference/get-threat-profile-related-descriptors.md)
- [Get objects related to a Threat Profile](https://gtidocs.virustotal.com/reference/get-threat-profile-relationships.md)
- [Get a Threat Profile's timeline associations](https://gtidocs.virustotal.com/reference/get-threat-profile-timeline-associations.md)
- [Get a Threat Profile](https://gtidocs.virustotal.com/reference/get-threat-profile.md)
- [List Threat Profiles](https://gtidocs.virustotal.com/reference/list-threat-profiles.md)
- [Update a Threat Profiles](https://gtidocs.virustotal.com/reference/update-threat-profile.md)
- [Overview](https://gtidocs.virustotal.com/reference/alert-documents-overview.md)
- [Get Document](https://gtidocs.virustotal.com/reference/get-alert-document.md): Gets a specific document associated with an alert.
- [Overview](https://gtidocs.virustotal.com/reference/alerts-overview.md)
- [Enumerate Facets](https://gtidocs.virustotal.com/reference/enumerate-alert-facets.md): EnumerateAlertFacets returns the facets and the number of alerts that meet the filter criteria and have that value for each facet.
- [Get Alert](https://gtidocs.virustotal.com/reference/get-alert.md): Get an alert by name.
- [List Alerts](https://gtidocs.virustotal.com/reference/list-alerts.md): Get a list of alerts that meet the filter criteria.
- [Mark as Benign](https://gtidocs.virustotal.com/reference/markalertasbenign.md): Marks an alert as benign - BENIGN.
- [Mark as Duplicate](https://gtidocs.virustotal.com/reference/markalertasduplicate.md): Marks an alert as a duplicate of another alert. - DUPLICATE.
- [Mark as Escalated](https://gtidocs.virustotal.com/reference/markalertasescalated.md): Marks an alert as escalated - ESCALATED.
- [Mark as False Positive](https://gtidocs.virustotal.com/reference/markalertasfalsepositive.md): Marks an alert as a false positive - FALSE_POSITIVE.
- [Mark as Not Actionable](https://gtidocs.virustotal.com/reference/markalertasnotactionable.md): Marks an alert as not actionable - NOT_ACTIONABLE.
- [Mark as Read](https://gtidocs.virustotal.com/reference/markalertasread.md): Marks an alert as read - READ.
- [Mark as Resolved](https://gtidocs.virustotal.com/reference/markalertasresolved.md): Marks an alert to closed state - RESOLVED.
- [Mak as Externally Tracked](https://gtidocs.virustotal.com/reference/markalertastrackedexternally.md): Marks an alert as tracked externally - TRACKED_EXTERNALLY.
- [Mark as Triaged](https://gtidocs.virustotal.com/reference/markalertastriaged.md): Marks an alert as triaged - TRIAGED.
- [Overview](https://gtidocs.virustotal.com/reference/configuration-revisions-overview.md)
- [List Revisions](https://gtidocs.virustotal.com/reference/list-configuration-revisions.md): List configuration revisions that meet the filter criteria.
- [Overview](https://gtidocs.virustotal.com/reference/configurations-overview.md)
- [Get Configuration](https://gtidocs.virustotal.com/reference/get-configuration.md): Get a configuration by name.
- [List Configurations](https://gtidocs.virustotal.com/reference/list-configurations.md): Get a list of configurations that meet the filter criteria.
- [Upsert Configuration](https://gtidocs.virustotal.com/reference/upsert-configuration.md): Creates or updates a configuration.
- [Overview](https://gtidocs.virustotal.com/reference/findings-overview.md)
- [Get finding](https://gtidocs.virustotal.com/reference/get-finding.md): Get a finding by name.
- [List Findings](https://gtidocs.virustotal.com/reference/list-findings.md): Get a list of findings that meet the filter criteria.
- [Search Findings](https://gtidocs.virustotal.com/reference/search-findings.md): SearchFindings is a more powerful version of ListFindings that supports complex queries like "findings for issues" using functions such as `has_issue` and `has_asset` in the query string. Example to search for findings for a specific issue: `has_issue("name=\"vaults/vault-12345/issues/issue-12345\"")`)
- [Get Started](https://gtidocs.virustotal.com/reference/ti-get-started.md)
- [Authentication](https://gtidocs.virustotal.com/reference/ti-authentication.md)
- [Key Concepts](https://gtidocs.virustotal.com/reference/ti-key-concepts.md)
- [Get a minutely domain feed batch](https://gtidocs.virustotal.com/reference/feedsdomains2time.md)
- [Get an hourly domain feed batch](https://gtidocs.virustotal.com/reference/feedsdomainshourly2time.md)
- [Domain intelligence feed](https://gtidocs.virustotal.com/reference/domain-intelligence-feed.md)
- [Get a hourly file feed batch](https://gtidocs.virustotal.com/reference/feeds-file-hourly.md)
- [Get a per-minute file feed batch](https://gtidocs.virustotal.com/reference/feeds-file.md)
- [Download a file published in the file feed](https://gtidocs.virustotal.com/reference/file-feed-download.md)
- [File intelligence feed](https://gtidocs.virustotal.com/reference/file-intelligence-feed.md)
- [Get an hourly IP address feed batch](https://gtidocs.virustotal.com/reference/feedsip_addresseshourly2time.md)
- [Get a minutely IP address feed batch](https://gtidocs.virustotal.com/reference/feedsip_addressestime.md)
- [IP intelligence feed](https://gtidocs.virustotal.com/reference/ip-intelligence-feed.md)
- [Get an hourly file behaviour feed batch](https://gtidocs.virustotal.com/reference/feeds-file-behaviour-hourly.md)
- [Get a per-minute file behaviour feed batch](https://gtidocs.virustotal.com/reference/feeds-file-behaviour.md)
- [Get the EVTX file generated during a fileβs behavior analysis](https://gtidocs.virustotal.com/reference/file-behaviour-feed-evtx.md)
- [Get a file behaviour's detailed HTML report](https://gtidocs.virustotal.com/reference/file-behaviour-feed-html.md)
- [Get the memdump file generated during a fileβs behavior analysis](https://gtidocs.virustotal.com/reference/file-behaviour-feed-memdump.md)
- [Get the PCAP file generated during a fileβs behavior analysis](https://gtidocs.virustotal.com/reference/file-behaviour-feed-pcap.md)
- [Sandbox analyses feed](https://gtidocs.virustotal.com/reference/sandbox-analyses-feed.md)
- [Get an hourly URL feed batch](https://gtidocs.virustotal.com/reference/feeds-url-hourly.md)
- [Get a minutely URL feed batch](https://gtidocs.virustotal.com/reference/feeds-url.md)
- [URL intelligence feed](https://gtidocs.virustotal.com/reference/url-intelligence-feed.md)
- [Get object descriptors related to an analysis](https://gtidocs.virustotal.com/reference/analyses-get-descriptors.md)
- [Get objects related to an analysis](https://gtidocs.virustotal.com/reference/analyses-get-objects.md)
- [Get a URL / file analysis](https://gtidocs.virustotal.com/reference/analysis.md)
- [Get an operation object](https://gtidocs.virustotal.com/reference/get-operations-id.md)
- [Get a submission object](https://gtidocs.virustotal.com/reference/get-submission.md)
- [Get an attack tactic object](https://gtidocs.virustotal.com/reference/attack_tacticsid.md)
- [Get objects related to an attack tactic](https://gtidocs.virustotal.com/reference/attack_tacticsidrelationship.md)
- [Get object descriptors related to an attack tactic](https://gtidocs.virustotal.com/reference/attack_tacticsidrelationshipsrelationship.md)
- [Get an attack technique object](https://gtidocs.virustotal.com/reference/attack_techniqueid.md)
- [Get objects related to an attack technique](https://gtidocs.virustotal.com/reference/attack_techniqueidrelationship.md)
- [Get object descriptors related to an attack technique](https://gtidocs.virustotal.com/reference/attack_techniquesidrelationshipsrelationship.md)
- [Analyse code blocks with Code Insights](https://gtidocs.virustotal.com/reference/analyse-binary.md)
- [Delete a comment](https://gtidocs.virustotal.com/reference/comment-id-delete.md)
- [Get object descriptors related to a comment](https://gtidocs.virustotal.com/reference/comments-relationships-ids.md)
- [Get objects related to a comment](https://gtidocs.virustotal.com/reference/comments-relationships.md)
- [Get a comment object](https://gtidocs.virustotal.com/reference/get-comment.md)
- [Get latest comments](https://gtidocs.virustotal.com/reference/get-comments.md)
- [Comments](https://gtidocs.virustotal.com/reference/comments.md)
- [Add a vote to a comment](https://gtidocs.virustotal.com/reference/vote-comment.md)
- [Get a domain report](https://gtidocs.virustotal.com/reference/domain-info.md)
- [Add a vote to a domain](https://gtidocs.virustotal.com/reference/domain-votes-post.md)
- [Get comments on a domain](https://gtidocs.virustotal.com/reference/domains-comments-get.md)
- [Add a comment to a domain](https://gtidocs.virustotal.com/reference/domains-comments-post.md)
- [Get object descriptors related to a domain](https://gtidocs.virustotal.com/reference/domains-relationships-ids.md)
- [Get objects related to a domain](https://gtidocs.virustotal.com/reference/domains-relationships.md)
- [Request a domain (re)scan](https://gtidocs.virustotal.com/reference/domains-rescan.md)
- [Get votes on a domain](https://gtidocs.virustotal.com/reference/domains-votes-get.md)
- [Get a DNS resolution object](https://gtidocs.virustotal.com/reference/get-resolution-by-id.md)
- [Get the PCAP file generated during a fileβs behavior analysis](https://gtidocs.virustotal.com/reference/file_behaviours_pcap.md)
- [Get objects related to a behaviour report](https://gtidocs.virustotal.com/reference/file_behaviourssandbox_idrelationship.md)
- [Get object descriptors related to a behaviour report](https://gtidocs.virustotal.com/reference/file_behaviourssandbox_idrelationshipsrelationship.md)
- [Get a summary of all behavior reports for a file](https://gtidocs.virustotal.com/reference/file-all-behaviours-summary.md)
- [Get the EVTX file generated during a fileβs behavior analysis](https://gtidocs.virustotal.com/reference/file-behaviour-evtx.md)
- [Get the memdump file generated during a fileβs behavior analysis](https://gtidocs.virustotal.com/reference/file-behaviour-memdump.md)
- [Get a summary of all MITRE ATT&CK techniques observed in a file](https://gtidocs.virustotal.com/reference/get-a-summary-of-all-mitre-attck-techniques-observed-in-a-file.md)
- [Get all behavior reports for a file](https://gtidocs.virustotal.com/reference/get-all-behavior-reports-for-a-file.md)
- [Get a detailed HTML behaviour report](https://gtidocs.virustotal.com/reference/get-file-behaviour-html.md)
- [Get a file behavior report from a sandbox](https://gtidocs.virustotal.com/reference/get-file-behaviour-id.md)
- [Get a file report](https://gtidocs.virustotal.com/reference/file-info.md)
- [Request a file rescan (re-analyse)](https://gtidocs.virustotal.com/reference/files-analyse.md)
- [Get comments on a file](https://gtidocs.virustotal.com/reference/files-comments-get.md)
- [Add a comment to a file](https://gtidocs.virustotal.com/reference/files-comments-post.md)
- [Get a fileβs download URL](https://gtidocs.virustotal.com/reference/files-download-url.md)
- [Download a file](https://gtidocs.virustotal.com/reference/files-download.md)
- [Get object descriptors related to a file](https://gtidocs.virustotal.com/reference/files-relationships-ids.md)
- [Get objects related to a file](https://gtidocs.virustotal.com/reference/files-relationships.md)
- [Upload a file](https://gtidocs.virustotal.com/reference/files-scan.md)
- [Get a URL for uploading large files](https://gtidocs.virustotal.com/reference/files-upload-url.md)
- [Get votes on a file](https://gtidocs.virustotal.com/reference/files-votes-get.md)
- [Add a vote on a file](https://gtidocs.virustotal.com/reference/files-votes-post.md)
- [Get a crowdsourced Sigma rule object](https://gtidocs.virustotal.com/reference/get-sigma-rules.md)
- [Get a crowdsourced YARA ruleset](https://gtidocs.virustotal.com/reference/get-yara-rulesets.md)
- [Files](https://gtidocs.virustotal.com/reference/files.md)
- [Retrieve summary for a list of IoCs](https://gtidocs.virustotal.com/reference/get-ioc-summary.md): Retrieve summary for a list of IoCs.The request body should contain a list of IoC descriptors.
- [Request an IP address (re)scan](https://gtidocs.virustotal.com/reference/ip-analyse.md): Reanalyse an IP address already in Google Threat Intelligence
- [Get comments on an IP address](https://gtidocs.virustotal.com/reference/ip-comments-get.md)
- [Add a comment to an IP address](https://gtidocs.virustotal.com/reference/ip-comments-post.md)
- [Get an IP address report](https://gtidocs.virustotal.com/reference/ip-info.md)
- [Get object descriptors related to an IP address](https://gtidocs.virustotal.com/reference/ip-relationships-ids.md)
- [Get objects related to an IP address](https://gtidocs.virustotal.com/reference/ip-relationships.md)
- [Add a vote to an IP address](https://gtidocs.virustotal.com/reference/ip-votes-post.md)
- [Get votes on an IP address](https://gtidocs.virustotal.com/reference/ip-votes.md)
- [Get a list of popular threat categories](https://gtidocs.virustotal.com/reference/popular_threat_categories.md)
- [Create a Saved Search](https://gtidocs.virustotal.com/reference/create-saved-searches.md)
- [Delete a Saved Search](https://gtidocs.virustotal.com/reference/delete-saved-searches.md)
- [Get object descriptors related to a Saved Search](https://gtidocs.virustotal.com/reference/get-saved-searches-related-descriptors.md)
- [Get objects related to a Saved Search](https://gtidocs.virustotal.com/reference/get-saved-searches-relationships.md)
- [Get a Saved Search](https://gtidocs.virustotal.com/reference/get-saved-searches.md)
- [List Saved Searches](https://gtidocs.virustotal.com/reference/list-saved-searches.md)
- [Revoke access to a Saved Search](https://gtidocs.virustotal.com/reference/revoke-saved-searches-access.md)
- [Share a Saved Search](https://gtidocs.virustotal.com/reference/share-saved-searches.md)
- [Update a Saved Search](https://gtidocs.virustotal.com/reference/update-saved-searches.md)
- [Search for files, URLs, domains, IPs and comments](https://gtidocs.virustotal.com/reference/api-search.md)
- [Search & Metadata](https://gtidocs.virustotal.com/reference/search-metadata.md)
- [Get file content search snippets](https://gtidocs.virustotal.com/reference/intelligence-search-snippets.md)
- [Advanced corpus search](https://gtidocs.virustotal.com/reference/intelligence-search.md)
- [Get Google Threat Intel metadata](https://gtidocs.virustotal.com/reference/metadata.md)
- [URLs](https://gtidocs.virustotal.com/reference/urls.md)
- [Scan URL](https://gtidocs.virustotal.com/reference/scan-url.md)
- [Get a URL report](https://gtidocs.virustotal.com/reference/url-info.md)
- [Request a URL rescan (re-analyse)](https://gtidocs.virustotal.com/reference/urls-analyse.md)
- [Get comments on a URL](https://gtidocs.virustotal.com/reference/urls-comments-get.md)
- [Add a comment on a URL](https://gtidocs.virustotal.com/reference/urls-comments-post.md)
- [Get object descriptors related to a URL](https://gtidocs.virustotal.com/reference/urls-relationships-ids.md)
- [Get objects related to a URL](https://gtidocs.virustotal.com/reference/urls-relationships.md)
- [Get votes on a URL](https://gtidocs.virustotal.com/reference/urls-votes-get.md)
- [Add a vote on a URL](https://gtidocs.virustotal.com/reference/urls-votes-post.md)
- [Check a ZIP fileβs status](https://gtidocs.virustotal.com/reference/get-zip-file.md)
- [Zipping files](https://gtidocs.virustotal.com/reference/zipping-files.md)
- [Create a password-protected ZIP with Google Threat Intelligence files](https://gtidocs.virustotal.com/reference/zip_files.md)
- [Get a ZIP fileβs download URL](https://gtidocs.virustotal.com/reference/zip-files-download-url.md)
- [Download a ZIP file](https://gtidocs.virustotal.com/reference/zip-files-download.md)
- [List private analyses](https://gtidocs.virustotal.com/reference/list-private-analyses.md)
- [Get objects related to a private analysis](https://gtidocs.virustotal.com/reference/private-analyses-relationship.md)
- [Get object descriptors related to a private analysis](https://gtidocs.virustotal.com/reference/private-analyses-relationships-descriptor.md)
- [Get a private analysis](https://gtidocs.virustotal.com/reference/private-analysis.md)
- [Get the EVTX file generated during a private fileβs behavior analysis](https://gtidocs.virustotal.com/reference/file-behaviourssandbox-idevtx.md)
- [Get the PCAP file generated during a private fileβs behavior analysis](https://gtidocs.virustotal.com/reference/file-behaviourssandbox-idmemdump.md)
- [Get the behaviour reports from a private file](https://gtidocs.virustotal.com/reference/get-all-behaviour-reports-from-a-private-file.md)
- [Get a summary of all MITRE ATT&CK techniques observed in a file](https://gtidocs.virustotal.com/reference/get-summary-all-mitre-attack-techniques-observed-in-a-file.md)
- [Get a behaviour report from a private file](https://gtidocs.virustotal.com/reference/privatefile-behaviourssandbox-id.md)
- [Get a detailed HTML behaviour report](https://gtidocs.virustotal.com/reference/privatefile-behaviourssandbox-idhtml.md)
- [Get the memdump file generated during a private fileβs behavior analysis](https://gtidocs.virustotal.com/reference/privatefile-behaviourssandbox-idpcap.md)
- [Get objects related to a private file's behaviour report](https://gtidocs.virustotal.com/reference/privatefile-behaviourssandbox-idrelationship.md)
- [Get object descriptors related to a private file's behaviour report](https://gtidocs.virustotal.com/reference/privatefile-behaviourssandbox-idrelationshipsrelationship.md)
- [Get a summary of all behavior reports for a file](https://gtidocs.virustotal.com/reference/privatefilesidbehaviour-summary.md)
- [Delete a private file report](https://gtidocs.virustotal.com/reference/delete-file-private-scanning.md)
- [Private Files](https://gtidocs.virustotal.com/reference/private-files.md)
- [List private files](https://gtidocs.virustotal.com/reference/list-private-files.md)
- [Get a private file report](https://gtidocs.virustotal.com/reference/private-files-info.md)
- [Get objects related to a private file](https://gtidocs.virustotal.com/reference/private-files-relationships.md)
- [Get a URL for uploading large files](https://gtidocs.virustotal.com/reference/private-files-upload-url.md)
- [Get object descriptors related to a file](https://gtidocs.virustotal.com/reference/privatefilesidrelationshipsrelationship.md)
- [Rescan a private file](https://gtidocs.virustotal.com/reference/rescan-a-private-file.md)
- [Upload a file](https://gtidocs.virustotal.com/reference/upload-file-private-scanning.md)
- [Get a URL analysis report](https://gtidocs.virustotal.com/reference/get-a-private-url-analysis-report.md)
- [Private URLs](https://gtidocs.virustotal.com/reference/private-urls.md)
- [Get object descriptors related to a private URL](https://gtidocs.virustotal.com/reference/private-get-object-descriptors-related-to-a-url.md)
- [Get objects related to a private URL](https://gtidocs.virustotal.com/reference/private-get-objects-related-to-a-url.md)
- [Private Scan URL](https://gtidocs.virustotal.com/reference/private-scan-url.md)
- [Private Zipping files](https://gtidocs.virustotal.com/reference/private-zipping-files.md)
- [Download a ZIP file](https://gtidocs.virustotal.com/reference/private-scanning-download-zip-file.md)
- [Get a ZIP fileβs download URL](https://gtidocs.virustotal.com/reference/private-scanning-get-zip-download-url.md)
- [Check a ZIP fileβs status](https://gtidocs.virustotal.com/reference/private-scanning-get-zip-file.md)
- [Create a password-protected ZIP with Google Threat Intelligence files](https://gtidocs.virustotal.com/reference/private-scanning-zip-files.md)
- [Add a comment to a report](https://gtidocs.virustotal.com/reference/create-report-comment.md)
- [Subscribe to a report](https://gtidocs.virustotal.com/reference/create-report-subscription-preferences.md)
- [Create a new report](https://gtidocs.virustotal.com/reference/create-report.md)
- [Delete subscription from a report](https://gtidocs.virustotal.com/reference/delete-report-subscription-preferences.md)
- [Delete a report](https://gtidocs.virustotal.com/reference/delete-report.md)
- [Download a Report](https://gtidocs.virustotal.com/reference/download-report.md)
- [Export IOCs from a given report's relationship](https://gtidocs.virustotal.com/reference/export-iocs-report-relationship.md)
- [Export aggregations / commonalities from a report](https://gtidocs.virustotal.com/reference/export-report-aggregations.md)
- [Export IOCs from a report](https://gtidocs.virustotal.com/reference/export-report-iocs.md)
- [Get comments from a report](https://gtidocs.virustotal.com/reference/get-report-comments.md)
- [Get MITRE tactics and techniques associated with a report](https://gtidocs.virustotal.com/reference/get-report-mitre-tree.md)
- [Get object descriptors related to a report](https://gtidocs.virustotal.com/reference/get-report-related-descriptors.md)
- [Get objects related to a report](https://gtidocs.virustotal.com/reference/get-report-relationships.md)
- [Check subscription preferences from a report](https://gtidocs.virustotal.com/reference/get-report-subscription-preferences.md)
- [Get a report](https://gtidocs.virustotal.com/reference/get-report.md)
- [Reports](https://gtidocs.virustotal.com/reference/reports.md)
- [List reports](https://gtidocs.virustotal.com/reference/list-reports.md)
- [Search IoCs inside a report](https://gtidocs.virustotal.com/reference/search-iocs-inside-a-report.md)
- [Update a report](https://gtidocs.virustotal.com/reference/update-report.md)
- [Grant users and groups permission to edit a graph](https://gtidocs.virustotal.com/reference/graphs-add-editor.md)
- [Grant users and groups permission to see a graph](https://gtidocs.virustotal.com/reference/graphs-add-viewer.md)
- [Check if a user or group can edit a graph](https://gtidocs.virustotal.com/reference/graphs-check-editor.md)
- [Check if a user or group can view a graph](https://gtidocs.virustotal.com/reference/graphs-check-viewer.md)
- [Revoke edit graph permissions from a user or group](https://gtidocs.virustotal.com/reference/graphs-delete-editor.md)
- [Revoke view permission from a user or group](https://gtidocs.virustotal.com/reference/graphs-delete-viewer.md)
- [Get users and groups that can edit a graph](https://gtidocs.virustotal.com/reference/graphs-editors.md)
- [Get users and groups that can view a graph](https://gtidocs.virustotal.com/reference/graphs-viewers.md)
- [Create a graph](https://gtidocs.virustotal.com/reference/create-graphs.md)
- [Get comments on a graph](https://gtidocs.virustotal.com/reference/get-graph-comments.md)
- [Delete a graph](https://gtidocs.virustotal.com/reference/graphs-delete.md)
- [Get a graph object](https://gtidocs.virustotal.com/reference/graphs-info.md)
- [Get object descriptors related to a graph](https://gtidocs.virustotal.com/reference/graphs-relationships-ids.md)
- [Get objects related to a graph](https://gtidocs.virustotal.com/reference/graphs-relationships.md)
- [Update a graph object](https://gtidocs.virustotal.com/reference/graphs-update.md)
- [Search graphs](https://gtidocs.virustotal.com/reference/graphs.md)
- [Add a comment to a graph](https://gtidocs.virustotal.com/reference/post-graphs-comments.md)
- [Get Activity Logs](https://gtidocs.virustotal.com/reference/get-activity-log.md)
- [Check if a user is a group admin](https://gtidocs.virustotal.com/reference/check-user-group-administrator.md)
- [Check if a user is a group member](https://gtidocs.virustotal.com/reference/check-user-in-group.md)
- [Remove a user from a group](https://gtidocs.virustotal.com/reference/delete-user-from-group.md)
- [Get administrators for a group](https://gtidocs.virustotal.com/reference/get-group-administrators.md)
- [Get group users](https://gtidocs.virustotal.com/reference/get-group-users.md)
- [Delete SAML configuration of a group.](https://gtidocs.virustotal.com/reference/groups-del-samlconfig.md)
- [Get SAML configuration details of a group.](https://gtidocs.virustotal.com/reference/groups-get-samlconfig.md)
- [Update SAML configuration of a group.](https://gtidocs.virustotal.com/reference/groups-patch-samlconfig.md)
- [Get object descriptors related to a group](https://gtidocs.virustotal.com/reference/groups-relationships-ids.md)
- [Get objects related to a group](https://gtidocs.virustotal.com/reference/groups-relationships.md)
- [Get a group object](https://gtidocs.virustotal.com/reference/groups.md)
- [Manage Roles](https://gtidocs.virustotal.com/reference/patch-group-users-roles.md)
- [Update a group object](https://gtidocs.virustotal.com/reference/patch-group.md)
- [Add users to a group](https://gtidocs.virustotal.com/reference/update-group-users.md)
- [Get a group's usage per feature](https://gtidocs.virustotal.com/reference/get-group-usage.md)
- [Get a groupβs API usage](https://gtidocs.virustotal.com/reference/group-api-usage.md)
- [Get a userβs API usage](https://gtidocs.virustotal.com/reference/user-api-usage.md)
- [Create a new Service Account](https://gtidocs.virustotal.com/reference/create-a-new-service-account.md)
- [Get a Service Account object](https://gtidocs.virustotal.com/reference/get-a-service-account-object.md)
- [Get Service Accounts of a group](https://gtidocs.virustotal.com/reference/get-service-accounts-of-a-group.md)
- [Delete a user](https://gtidocs.virustotal.com/reference/delete-user-id.md)
- [Get object descriptors related to a user](https://gtidocs.virustotal.com/reference/get-users-relationships-ids.md)
- [Update a user object](https://gtidocs.virustotal.com/reference/patch-user-id.md)
- [Get a user object](https://gtidocs.virustotal.com/reference/user.md)
- [Get objects related to a user](https://gtidocs.virustotal.com/reference/users-relationships.md)
- [Add a comment to a vulnerability](https://gtidocs.virustotal.com/reference/create-vulnerability-comment.md)
- [Subscribe to a vulnerability](https://gtidocs.virustotal.com/reference/create-vulnerability-subscription-preferences.md)
- [Delete subscription from a vulnerability](https://gtidocs.virustotal.com/reference/delete-vulnerability-subscription-preferences.md)
- [Export IoCs from a given vulnerability's relationship](https://gtidocs.virustotal.com/reference/export-iocs-vulnerability-relationship.md)
- [Export aggregations / commonalities from a vulnerability](https://gtidocs.virustotal.com/reference/export-vulnerability-aggregations.md)
- [Export IoCs from a vulnerability](https://gtidocs.virustotal.com/reference/export-vulnerability-iocs.md)
- [Get comments from a vulnerability](https://gtidocs.virustotal.com/reference/get-vulnerability-comments.md)
- [Get MITRE tactics and techniques associated with a vulnerability](https://gtidocs.virustotal.com/reference/get-vulnerability-mitre-tree.md)
- [Get object descriptors related to a vulnerability](https://gtidocs.virustotal.com/reference/get-vulnerability-related-descriptors.md)
- [Get objects related to a vulnerability](https://gtidocs.virustotal.com/reference/get-vulnerability-relationships.md)
- [Check subscription preferences from a vulnerability](https://gtidocs.virustotal.com/reference/get-vulnerability-subscription-preferences.md)
- [Get a vulnerability](https://gtidocs.virustotal.com/reference/get-vulnerability.md)
- [List vulnerabilities](https://gtidocs.virustotal.com/reference/list-vulnerabilities.md)
- [Search IoCs inside a vulnerability](https://gtidocs.virustotal.com/reference/search-iocs-inside-a-vulnerability.md)
- [Get a widget rendering URL](https://gtidocs.virustotal.com/reference/get-widget-url.md): Get a widget rendering URL
- [Google Threat Intelligence Widget Quick guide](https://gtidocs.virustotal.com/reference/widget-quick-guide.md)
- [Delete an IoC Stream notification](https://gtidocs.virustotal.com/reference/delete-an-ioc-stream-notification.md)
- [Delete notifications from the IoC Stream](https://gtidocs.virustotal.com/reference/delete-notifications-from-the-ioc-stream.md)
- [Get an IoC Stream notification](https://gtidocs.virustotal.com/reference/get-an-ioc-stream-notification.md)
- [Get objects from the IoC Stream](https://gtidocs.virustotal.com/reference/get-objects-from-the-ioc-stream.md)
- [Add IoC Collectios association to a Hunting ruleset](https://gtidocs.virustotal.com/reference/add-ioc-collections-relationship.md)
- [Check if a user or group is a Livehunt ruleset editor](https://gtidocs.virustotal.com/reference/check-user-hunting-ruleset-editor.md)
- [Create a new Livehunt ruleset](https://gtidocs.virustotal.com/reference/create-hunting-ruleset.md)
- [Remove all Livehunt rulesets](https://gtidocs.virustotal.com/reference/delete-all-hunting-rulesets.md)
- [Revoke Livehunt ruleset edit permission from a user or group](https://gtidocs.virustotal.com/reference/delete-hunting-ruleset-editor.md)
- [Delete a Livehunt ruleset](https://gtidocs.virustotal.com/reference/delete-hunting-ruleset.md)
- [Delete IoC Collections association from Hunting ruleset](https://gtidocs.virustotal.com/reference/delete-ioc-collections-relationship.md)
- [Grant Livehunt ruleset edit permissions for a user or group](https://gtidocs.virustotal.com/reference/edit-hunting-ruleset-relationship.md)
- [Get objects related to a Livehunt ruleset](https://gtidocs.virustotal.com/reference/get-hunting-ruleset-full-relationships.md)
- [Get object descriptors related to a Livehunt ruleset](https://gtidocs.virustotal.com/reference/get-hunting-ruleset-relationship.md)
- [Get a Livehunt ruleset](https://gtidocs.virustotal.com/reference/get-hunting-ruleset.md)
- [Get IoC Collections associated with a Hunting ruleset](https://gtidocs.virustotal.com/reference/get-related-ioc-collections.md)
- [Get Livehunt rulesets](https://gtidocs.virustotal.com/reference/list-hunting-rulesets.md)
- [Update a Livehunt ruleset](https://gtidocs.virustotal.com/reference/modify-hunting-ruleset.md)
- [Transfer Livehunt ruleset to another user](https://gtidocs.virustotal.com/reference/transfer-livehunt-ruleset-to-another-user.md)
- [Abort a Retrohunt job](https://gtidocs.virustotal.com/reference/abort-retrohunt-job.md)
- [Create a new Retrohunt job](https://gtidocs.virustotal.com/reference/create-retrohunt-job.md)
- [Delete a Retrohunt job](https://gtidocs.virustotal.com/reference/delete-retrohunt-job.md)
- [Retrieve matches for a Retrohunt job](https://gtidocs.virustotal.com/reference/get-retrohunt-job-relationships.md)
- [Get a Retrohunt job object](https://gtidocs.virustotal.com/reference/get-retrohunt-job.md)
- [Get a list of Retrohunt jobs](https://gtidocs.virustotal.com/reference/get-retrohunt-jobs.md)
- [Get objects descriptors related to a Crowdsourced YARA rule](https://gtidocs.virustotal.com/reference/crowdsourced-yara-rule-relationship-descriptors-endpoint.md)
- [Get objects related to a Crowdsourced YARA rule](https://gtidocs.virustotal.com/reference/crowdsourced-yara-rule-relationship-endpoint.md)
- [Get a Crowdsourced YARA rule](https://gtidocs.virustotal.com/reference/get-a-crowdsourced-yara-rule.md)
- [List Crowdsourced YARA Rules](https://gtidocs.virustotal.com/reference/list-crowdsourced-yara-rules.md)
## Changelog
- [April 13th, 2026 - Visual Insights and Saved Search Integration in Agentic, SCIM Token Updates, and more](https://gtidocs.virustotal.com/changelog/visual-insights-and-saved-search-integration-in-agentic-scim-token-updates-and-more.md)
- [April 6th, 2026 - AutoIt Deobfuscation for Agentic, Improved RBAC, and more](https://gtidocs.virustotal.com/changelog/april-6th-2026-autoit-deobfuscation-for-agentic-improved-rbac-and-more.md)
- [March 30th, 2026 - New Agentic Prompt Templates, Code Insight Support for LNK Files, My Landscape (Beta), and more](https://gtidocs.virustotal.com/changelog/march-30th-2026-new-agentic-prompt-templates-code-insight-support-for-lnk-files-and-more.md)
- [March 16th, 2026 - March 16, 2026: SCIM Support, Incident Response Guide, Splunk Integration Updates and more](https://gtidocs.virustotal.com/changelog/march-16th-2026-march-16-2026-scim-support-incident-response-guide-splunk-integration-updates-and-more.md)
- [March 9th, 2026 - New Dark Web Advanced Searches, Agentic integration with Dark Web, Ransomware dashboard and Country & Industry Profiles, and more](https://gtidocs.virustotal.com/changelog/march-9th-2026-new-dark-web-advanced-searches-agentic-integration-with-dark-web-ransomware-dashboard-and-country-industry-profiles-and-more.md)