PhishGuard is an API service designed to scan malicious emails and provide comprehensive reports on malicious actors, their targets, and link domains utilized in these emails.
The api is available for use at http://emailscan.wilma.monster/api/v1. See below for a list of endpoints and their respective functionalities.
List all submitted emails for a given customer.
Returns a list of all emails submitted for the given customer id with optional filters applied. The limit and offset parameters are used for paging through the results.
All other parameters are used to filter the results and are applied before the limit and offset parameters.
curl -X GET -H "Accept: application/json" "http://emailscan.wilma.monster/api/v1/customers/{customer_id}/emails?limit=20&offset=0&start=2024-02-21T13:10:05Z&end=2024-02-21T14:10:05Z&[email protected]&[email protected]&state=scanned&only_malicious=true"
customer_id*: String - The customer identifier (UUIDv4).
limit: Integer - Returns only this many results (0 < limit <= 1000). Default is 100.offset: Integer - Skip this many results before returning (0 <= offset). Default is 0.start: Date (date-time) - Only return emails submitted from this date (RFC3339 format).end: Date (date-time) - Only return emails submitted before this date (RFC3339 format).from: String (email) - Only return emails submitted from this email address.to: String (email) - Only return emails submitted to this email address.state: String - Only return emails with this state ('pending', 'scanned', 'failed').only_malicious: Boolean - Only return emails flagged as malicious.
- Status Code: 200 - List of all emails with applied filters.
Get information for a particular email.
Returns a representation of an email for a customer with the status of the scan and its result.
curl -X GET -H "Accept: application/json" "http://emailscan.wilma.monster/api/v1/customers/{customer_id}/emails/{id}"
customer_id*: String - The customer identifier (UUIDv4).id*: String - The email identifier returned during creation.
- Status Code: 200 - Information about the requested email message.
Post a new email scan request.
If the customer account does not exist, it will be created.
curl -X POST
-H "Accept: application/json"
-H "Content-Type: application/json"
"http://emailscan.wilma.monster/api/v1/customers/{customer_id}/emails"
-d '{
"metadata" : {
"spamhammer" : "1|14"
},
"contents" : {
"subject" : "Important information about your account.",
"from" : "[email protected]",
"to" : "[email protected]",
"body" : "Dear customer,\nWe have noticed some suspicious activity on your account. Please click here to reset your password."
}
}'
customer_id*: String - The customer identifier (UUIDv4).
metadata: Object - Metadata for the email.contents: Object - The contents of the email.
- Status Code: 201 - The Email scan request has been successfully created.
Get malicious senders of emails.
Returns a list of all senders/actors identified as sending at least one malicious email.
curl -X GET -H "Accept: application/json" "http://emailscan.wilma.monster/api/v1/customers/{customer_id}/reports/actors"
customer_id*: String - The customer identifier (UUIDv4).
- Status Code: 200 - List of all senders/actors identified as sending at least one malicious email.
Get the domains that appeared in malicious emails.
Returns a report consisting of the link domains found in malicious emails for the given customer.
curl -X GET -H "Accept: application/json" "http://emailscan.wilma.monster/api/v1/customers/{customer_id}/reports/domains"
customer_id*: String - The customer identifier (UUIDv4).
- Status Code: 200 - A report consisting of the link domains found in malicious emails.
Get users who have received malicious emails.
Returns a list of all recipients who have received at least one malicious email.
curl -X GET -H "Accept: application/json" "http://emailscan.wilma.monster/api/v1/customers/{customer_id}/reports/recipients"
customer_id*: String - The customer identifier (UUIDv4).
- Status Code: 200 - List of all recipients who have received malicious email.
Query the health of the service.
The health endpoint is useful for determining whether an instance is still healthy.
curl -X GET "http://emailscan.wilma.monster/api/v1/health"
- Status Code: 200 - Service is healthy.
- Status Code: 500 - Service is not healthy.
- Status Code: 503 - Service is not healthy.