🚧
Special privileges required
Vulnerability Intelligence is only available to users with the Google Threat Intelligence (Google TI) Enterprise or Enterprise Plus licenses.

Allows to search IoCs inside a vulnerability using advanced intelligence queries.

The expected input is the same as /intelligence/search. By default it searches files, in order to search other entities use entity:domain/ip/url.

Examples

Search for IoCs related to a vulnerability that meet certain conditions.

import requests
import urllib

object_id = "vulnerability--cve-2022-30190"
query = "tag%3Acve-2022-30190"
attributes = "name
limit = "2"
relationships = "files"
url = f"https://www.virustotal.com/api/v3/collections/{object_id}/search?query={query}&limit={limit}&attributes={attributes}&relationships={relationships}"
headers = {"accept": "application/json","x-apikey": <api-key>}
response = requests.get(url, headers=headers)