Contents

---
tags:
  - IP address
  - Domain
  - Passive DNS
  - Reverse Whois
---

# SecurityTrails

- [https://securitytrails.com/](https://securitytrails.com/)

This analyzer uses [SecurityTrails API](https://docs.securitytrails.com/docs).

An API endpoint to use is changed based on a type of a query.

| Query type | API endpoint       | Artifact   |
| ---------- | ------------------ | ---------- |
| IP address | `/v1/domains/list` | Domain     |
| Domain     | `/v1/history/`     | IP address |
| Mail       | `/v1/domains/list` | Domain     |

```yaml
analyzer: securitytrails
query: ...
api_key: ...
```

## Components

### Analyzer

`analyzer` (`string`) should be either of `securitytrails` and `st`.

### Query

`query` (`string`) is a passive DNS search/reverse whois query. Domain, IP address or mail.

### API Key

`api_key` (`string`) is an API key. Optional. Defaults to `ENV[”SECURITYTRAILS_API_KEY"]`.

Version data entries

1 entries across 1 versions & 1 rubygems

Version	Path
mihari-5.6.0	docs/analyzers/securitytrails.md