Scan API Endpoint

This API endpoint allows users to submit a file or archive that will get converted into one or multiple (in the case of archives with multiple files) tasks. The list of accepted files for processing are returned in the "acceptedFiles" array, files with unsupported file type (or rejected for another reason, e.g. because they are too large) will be found in the "rejectedFiles" array. The call is asynchronous and will return immediately. Using the submission ID, the execution status and results can be retrieved later via the /submit-result or /task endpoints.

Syntax

POST https://<ip>:<port>/submit

Parameters

Name	Type	Required?	Description
serect	String	Y	Authentication secret
priority	Integer	N	Processing priority (0 = default, 100 = highest)
password	String	N	Archive password
skipWhitelistedFiles	Boolean	N	Reject submitted files, if their hash (MD5/SHA-256) is on an internal or external whitelist
transformOpt.[option]	String	N	Set custom transform options that differ from the default backend configuration. Available options: rapidMode runOSINTLookups runExtendedOSINTLookups runOSINTLookupsOnExtractedFiles runFileVisualizer runFileDownloaders runDomainResolver runYaraRulesOnInputFile runYaraRulesOnExtractedFiles runWhoisRecordLookups runIPStackLookupOnExectractedHosts runTesseractOCRForImages Note: rapidMode sets an even extended set of options to fully optimize for speed. It will override any other option, if enabled
$_FILE	Octet-Stream	Y	File/Archive as form-data body
url	String	N	URL to file

Example Response

JSON
    
 
{    "acceptedFiles":    [        {            "ID": "fff5ae43-5008-4e40-8574-eab7e201434b",            "submitName": "EMOTET.doc",            "sha256": "c52f09e474c5d9b316e0b8e5e839282e52268a79b03bef1cefaaee4c2cec793e",            "mediaType":            {                "string": "application/x-tika-msoffice",                "slash": 11,                "semicolon": 27,                "parameters":                {}            },            "priority": 1,            "positionInQueue": 0        }    ],    "rejectedFiles":    [],    "submitWarnings":    []}
Copy

Note: if a file gets rejected, appropriate data will be presented in the "rejectedFiles" array including a "rejectedReason" field.

JSON
    
{    "processTime": 18,    "acceptedFiles":    [],    "rejectedFiles":    [        {            "submitName": "9db9ff48cf728fdfd86e627e313869c81ca2d8a36800e88078817aa88794a4a9_5d-16d29c-cddf-46ee-8f4d-76718608e408",            "priority": 0,            "positionInQueue": -1,            "rejectedReason": "ARCHIVE_ZIPBOMB",            "isSourceFile": false        },        {            "ID": "5d16d29c-cddf-46ee-8f4d-76718608e408",            "submitName": "filename",            "sha256": "9db9ff48cf728fdfd86e627e313869c81ca2d8a36800e88078817aa88794a4a9",            "mediaType":            {                "string": "application/zip",                "slash": 11,                "semicolon": 15,                "parameters":                {}            },            "priority": 100,            "positionInQueue": -1,            "rejectedReason": "ARCHIVE",            "isSourceFile": true        }    ],    "submitWarnings":    []}
Copy

Possible values for “rejectedReason”:

EMPTY_FILE
TOO_LARGE_FILE
DIRECTORY
ARCHIVE_UNPACKED
ARCHIVE_INVALID
ARCHIVE_ENCRYPTED
ARCHIVE_ZIPBOMB
INVALID_PASSWORD
UNSUPPORTED_FILE_FORMAT
SERVER_FULL
INTERNAL_ERROR
WHITELISTED

Last updated on

Was this page helpful?