https://live.paloaltonetworks.com/t5/general-topics/api-or-script-to-report-bad-urls-to-pan/m-p/155433#M51119 <P>Is there an ability to post bad URL reports to PAN in an automated/scripted fashion?&nbsp;</P><P>&nbsp;</P><P>I know the report site exists (<A href="https://urlfiltering.paloaltonetworks.com" target="_blank">https://urlfiltering.paloaltonetworks.com</A>) but it requires a captcha. My goal is to write a script which takes in a (phishing) URL as input and automatically reports it to several security vendors.&nbsp;</P> Sun, 07 May 2017 17:23:23 GMT Schuyler 2017-05-07T17:23:23Z https://live.paloaltonetworks.com/t5/general-topics/api-or-script-to-report-bad-urls-to-pan/m-p/155433#M51119 <P>Is there an ability to post bad URL reports to PAN in an automated/scripted fashion?&nbsp;</P><P>&nbsp;</P><P>I know the report site exists (<A href="https://urlfiltering.paloaltonetworks.com" target="_blank">https://urlfiltering.paloaltonetworks.com</A>) but it requires a captcha. My goal is to write a script which takes in a (phishing) URL as input and automatically reports it to several security vendors.&nbsp;</P> Sun, 07 May 2017 17:23:23 GMT https://live.paloaltonetworks.com/t5/general-topics/api-or-script-to-report-bad-urls-to-pan/m-p/155433#M51119 Schuyler 2017-05-07T17:23:23Z https://live.paloaltonetworks.com/t5/general-topics/api-or-script-to-report-bad-urls-to-pan/m-p/155695#M51177 <P>if this is to report malware you can use the WildFire submission API instead: <A title="Submit a Website Link to WildFire (API)" href="https://www.paloaltonetworks.com/documentation/71/wildfire/wf_api/submit-files-and-links-through-the-wildfire-api/submit-a-website-link-to-wildfire-api" target="_blank">Submit a Website Link to WildFire (API)</A></P> <P>&nbsp;</P> <P>you can get your API key by logging into <A title="WildFire portal" href="https://wildfire.paloaltonetworks.com" target="_blank">wildfire.paloaltonetworks.com</A> and clicking the 'account' link at the top right</P> <P>&nbsp;</P> <P>&nbsp;</P> <P>WildFire will go ahead and scan the url you submit, and if malware is found, categorize the URL as malware plus identify whatever malware is found and create signatures for it: 2 birds with 1 stone <span class="lia-unicode-emoji" title=":winking_face:">😉</span></P> Tue, 09 May 2017 13:16:11 GMT https://live.paloaltonetworks.com/t5/general-topics/api-or-script-to-report-bad-urls-to-pan/m-p/155695#M51177 reaper 2017-05-09T13:16:11Z https://live.paloaltonetworks.com/t5/general-topics/api-or-script-to-report-bad-urls-to-pan/m-p/155744#M51181 <P>I only use the URL form for mis-categorized domains that need changed.&nbsp;</P><P>&nbsp;</P><P>I wouldn't spend any time submitting malicious URLs manually to PAN, they're actually very good at it compared to most vendors I've seen around the web. I would recommend creating a local DBL - Dynamic Block List on your box. When you find a phishing URL, just post it in your block list and move on. PAN probably has to do additional checks on their end before they can issue a malicious category on the domain for all of their customers.&nbsp;</P><P>&nbsp;</P><P>Also, by the time they do that manually, the malicious domain might already be taken down.&nbsp;</P><P>&nbsp;</P><P>Hope that helps, -Rags</P> Tue, 09 May 2017 14:24:10 GMT https://live.paloaltonetworks.com/t5/general-topics/api-or-script-to-report-bad-urls-to-pan/m-p/155744#M51181 Rags 2017-05-09T14:24:10Z https://live.paloaltonetworks.com/t5/general-topics/api-or-script-to-report-bad-urls-to-pan/m-p/155750#M51184 <P><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/943">@Rags</a>,</P><P>This is how I've been doing things and it works very well, you also have the added benefit of making a script so that anybody can report it and your network team doesn't directly need to be involved in any way as long as you trust the rest of your team with confirming it should be blocked.&nbsp;</P> Tue, 09 May 2017 15:50:23 GMT https://live.paloaltonetworks.com/t5/general-topics/api-or-script-to-report-bad-urls-to-pan/m-p/155750#M51184 BPry 2017-05-09T15:50:23Z