New App: ReversingLabs A1000

[ivukovicRL]

Name of the app reversinglabsa1000

Integration ReversingLabs A1000

About App utilizes ReversingLabs A1000 APIs:

1. get classification - Get classification for a sample
2. get detailed report - Get detailed analysis report
3. get summary report - Get a summary report for hash
4. download dynamic analysis report - Download previously requested dynamic analysis report in pdf
5. check dynamic analysis report status - Get the the status of the report previously requested
6. create dynamic analysis report - Initiate the creation of PDF or HTML reports
7. advanced search - Search for samples using multi-part search criteria
8. network files from ip - Get a a list of hashes and classifications for files found on the requested IP address
9. network urls from ip - Get a list of URLs hosted on the requested IP address
10. network ip to domain - Get a list of IP-to-domain mappings
11. ip reputation - Queries IP info
12. domain reputation - Queries domain info
13. url reputation - Queries URL info
14. get titaniumcore report - Get TitaniumCore report
15. download pdf report - Download pdf report
16. check pdf report creation - Check pdf report creation
17. create pdf report - create pdf report
18. check submitted url status - check submitted url status
19. submit url - Accepts a file url and returns a response
20. detonate file - Upload file to A1000

We already have a similar app: https://github.com/splunk-soar-connectors/reversinglabs-a1000

After publishing this app we will probably remove the old one. We intentionally didn't upgrade the existing app because this is a cleaner approach and the review process will be much easier this way.

This app has much different implementation approach (utilizes our own helper lib https://pypi.org/project/reversinglabs-sdk-py3/) and is much more extensive (20 actions supported)

[mpan-splunk]

New repo is created at https://github.com/splunk-soar-connectors/reversinglabsa1000