zhen-dong-nexusflow commited on
Commit
ed063d7
1 Parent(s): f78ef1a

Initialization

Browse files
app.py ADDED
@@ -0,0 +1,387 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ import gradio as gr
2
+ import matplotlib.pyplot as plt
3
+ import numpy as np
4
+ import pandas as pd
5
+ import plotly.express as px
6
+
7
+ from strings import api_descriptions, func_definitions
8
+
9
+ # Define your HTML content for the bubble, ensure it's suitable for inline display
10
+ # Define your HTML content for the bubble, ensure it's suitable for inline display
11
+ bubble_html = """
12
+ <div style="{style}" class="bubble">
13
+ {text}
14
+ </div>
15
+ """
16
+
17
+ bubble_style = """
18
+ padding: 10px;
19
+ margin: 5px;
20
+ background: linear-gradient(to bottom right, #FFFFFF, #E8E8E8); /* Lighter background for contrast */
21
+ border-radius: 15px;
22
+ border: 1px solid #a1a1a1; /* Lighter border for subtle definition */
23
+ box-shadow: 2px 2px 10px rgba(255,255,255,0.1); /* Softer shadow with a hint of white for depth */
24
+ font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif;
25
+ font-size: calc(4vw + 4vh) / 2; /* Scales dynamically with the viewport */
26
+ text-align: center;
27
+ display: flex;
28
+ align-items: center; /* Centers text vertically */
29
+ justify-content: center; /* Centers text horizontally */
30
+ min-height: 50px; /* Adjust as needed */
31
+ max-height: 140px; /* Adjust as needed */
32
+ max-width: 100%;
33
+ color: #333333; /* Dark text for contrast against light background */
34
+ overflow-wrap: break-word; /* Allows long words to be broken and wrap onto the next line */
35
+ """
36
+
37
+ # Add a hover effect using <style> tag
38
+ hover_css = """
39
+ <style>
40
+ .bubble:hover {
41
+ transform: scale(1.05); /* Scales up the bubble */
42
+ z-index: 10; /* Ensures the scaled bubble is above others */
43
+ }
44
+ </style>
45
+ """
46
+
47
+
48
+ # Updated results reflecting the new screenshot
49
+ RESULTS = {
50
+ 'Climate': {"GPT4": 0.6808, "NexusRaven-V2": 0.7234},
51
+ 'Heldout_Combined': {"GPT4": 0.4814, "NexusRaven-V2": 0.5990},
52
+ 'Places_API': {"GPT4": 0.3541, "NexusRaven-V2": 0.5000},
53
+ 'OTX': {"GPT4": 0.9130, "NexusRaven-V2": 0.9021},
54
+ 'VirusTotal': {"GPT4": 0.8940, "NexusRaven-V2": 0.7815},
55
+ 'VT_Multi_Dependency': {"GPT4": 0.3469, "NexusRaven-V2": 0.3673},
56
+ 'VT_Multi_Disconnected': {"GPT4": 0.2380, "NexusRaven-V2": 0.3809},
57
+ 'CVECPE': {"GPT4": 0.5769, "NexusRaven-V2": 0.4480},
58
+ 'CVECPE_Multi_Dependency': {"GPT4": 0.1071, "NexusRaven-V2": 0.1607},
59
+ }
60
+
61
+ SAMPLES = {
62
+ 'OTX': "data/OTX.json",
63
+ 'CVECPE' : "data/CVECPE.json",
64
+ 'CVECPE_Multi_Dependency' : "data/CVECPE_MultiAPIs.json",
65
+ 'VirusTotal' : 'data/VirusTotal.json',
66
+ 'VT_Multi_Dependency': 'data/VT_MultiAPIs_Nested.json',
67
+ 'VT_Multi_Disconnected': 'data/VT_MultiAPIs_Disconnected.json',
68
+ 'Climate' : 'data/Climate.jsonl',
69
+ 'Places_API' : 'data/Places_API.jsonl'
70
+ }
71
+ import json
72
+ import random
73
+ import gradio as gr
74
+
75
+ def read_json_or_jsonl(file_path):
76
+ """
77
+ Read a file and determine if it's JSON or JSONL.
78
+ Return the data as a list of items.
79
+ """
80
+ try:
81
+ with open(file_path, 'r') as file:
82
+ if file_path.endswith('.jsonl'):
83
+ # Read JSONL file
84
+ data = [json.loads(line) for line in file]
85
+ else:
86
+ # Read JSON file
87
+ data = json.load(file)
88
+ for item in data:
89
+ if "input" in item:
90
+ item["Input"] = item["input"]
91
+
92
+ return data
93
+ except Exception as e:
94
+ print(f"Error reading file: {e}")
95
+ return []
96
+
97
+ def sample_data(data, sample_size=5):
98
+ """
99
+ Randomly sample items from the data.
100
+ """
101
+ if not data:
102
+ return []
103
+ sample_size = min(sample_size, len(data))
104
+ return random.sample(data, sample_size)
105
+
106
+ def highlight_row(s, column, value, color='yellow'):
107
+ """
108
+ Highlight a row where the column has a specified value.
109
+
110
+ Args:
111
+ s (pd.Series): Row of the DataFrame.
112
+ column (str): Column name to check the value.
113
+ value (any): Value to check against.
114
+ color (str): Background color for highlighting. Default is yellow.
115
+
116
+ Returns:
117
+ [str]: A list of CSS strings for each cell in the row.
118
+ """
119
+ return [f'background-color: {color}' if v == value else ''
120
+ for v in s[column]]
121
+
122
+ def create_bar_chart(data, title, theme):
123
+ df = pd.DataFrame.from_dict(data, orient='index', columns=['Score']).reset_index()
124
+ df.rename(columns={'index': 'Model'}, inplace=True)
125
+
126
+ # Choose colors based on the theme
127
+ colors = ['#636EFA', '#EF553B'] if theme == 'dark' else ['#00CC96', '#AB63FA']
128
+
129
+ fig = px.bar(
130
+ df, x='Model', y='Score', title=title,
131
+ color='Model', color_discrete_sequence=colors,
132
+ text='Score', barmode='group'
133
+ )
134
+
135
+ # Update layout for better contrast based on theme
136
+ fig.update_layout(
137
+ plot_bgcolor='rgba(0,0,0,0)' if theme == 'dark' else 'rgba(255,255,255,1)',
138
+ paper_bgcolor='rgba(0,0,0,0)' if theme == 'dark' else 'rgba(255,255,255,1)',
139
+ font_color='white' if theme == 'dark' else 'black'
140
+ )
141
+
142
+ # Update the bar chart to enable hover information
143
+ fig.update_traces(
144
+ hoverinfo='all', hovertemplate='Model: %{x}<br>Score: %{y:.2f}'
145
+ )
146
+
147
+ # Normalization for relative scaling
148
+ max_score = df['Score'].max()
149
+ fig.update_yaxes(range=[0, max_score + max_score * 0.1])
150
+
151
+ return fig
152
+
153
+
154
+ # Define the task categories
155
+ simple_tasks = ['OTX', 'CVECPE', 'VirusTotal', 'VT_Multi_Disconnected', 'Heldout_Combined']
156
+ difficult_tasks = ['VT_Multi_Dependency', 'Climate', 'Places_API', 'CVECPE_Multi_Dependency']
157
+
158
+ # Define the formatting function
159
+ def format_scores(val):
160
+ if isinstance(val, float):
161
+ val = val * 100
162
+ return f"{val:.4g}" # 'g' format specifier for significant figures
163
+ return val
164
+
165
+ # Function to calculate averages
166
+ def calculate_averages(results):
167
+ all_tasks_avg = pd.DataFrame(results).mean(axis=1)
168
+ simple_tasks_avg = pd.DataFrame({k: results[k] for k in simple_tasks}).mean(axis=1)
169
+ difficult_tasks_avg = pd.DataFrame({k: results[k] for k in difficult_tasks}).mean(axis=1)
170
+
171
+ avg_data = pd.DataFrame({
172
+ 'All Tasks': all_tasks_avg,
173
+ 'Tasks with Single Call (simple)"': simple_tasks_avg,
174
+ 'Tasks with Nested/Parallel Calls (challenging)': difficult_tasks_avg
175
+ }).reset_index().rename(columns={'index': 'Model'})
176
+
177
+ return avg_data
178
+
179
+ # Function to display the averages in Gradio
180
+ def display_averages():
181
+ avg_data = calculate_averages(RESULTS)
182
+ return avg_data
183
+
184
+
185
+ # Define the capability categories
186
+ single_calls = ['OTX', 'CVECPE', 'VirusTotal', 'Heldout_Combined']
187
+ nested_calls = ['VT_Multi_Dependency', 'Places_API', 'CVECPE_Multi_Dependency', 'Heldout_Combined']
188
+ parallel_calls = ['Climate', 'VT_Multi_Disconnected']
189
+
190
+ otx = ["OTX"]
191
+ cvecpe = ['CVECPE']
192
+ virustotal = ['VirusTotal']
193
+ vt_multi_dependency = ['VT_Multi_Dependency']
194
+ places = ['Places_API']
195
+ cvecpe_multi_dependency = ['CVECPE_Multi_Dependency']
196
+ heldout = ['Heldout_Combined']
197
+ climate = ['Climate']
198
+ vt_multi_disconnected = ['VT_Multi_Disconnected']
199
+
200
+ # Function to calculate capability scores
201
+ def calculate_capability_scores(results, type):
202
+ if type == "general ability":
203
+ single_calls_avg = pd.DataFrame({k: results[k] for k in single_calls}).mean(axis=1)
204
+ nested_calls_avg = pd.DataFrame({k: results[k] for k in nested_calls}).mean(axis=1)
205
+ parallel_calls_avg = pd.DataFrame({k: results[k] for k in parallel_calls}).mean(axis=1)
206
+
207
+ capability_data = pd.DataFrame({
208
+ 'Capability': ['Single Calls', 'Nested Calls', 'Parallel Calls'],
209
+ 'GPT4': [single_calls_avg['GPT4'], nested_calls_avg['GPT4'], parallel_calls_avg['GPT4']],
210
+ 'NexusRaven-V2': [single_calls_avg['NexusRaven-V2'], nested_calls_avg['NexusRaven-V2'], parallel_calls_avg['NexusRaven-V2']]
211
+ }).melt(id_vars=['Capability'], var_name='Model', value_name='Score')
212
+ elif type == "many apis many args":
213
+ otx_avg = pd.DataFrame({k: results[k] for k in otx}).mean(axis=1)
214
+ cvecpe_avg = pd.DataFrame({k: results[k] for k in cvecpe}).mean(axis=1)
215
+ virustotal_avg = pd.DataFrame({k: results[k] for k in virustotal}).mean(axis=1)
216
+ vt_multi_dependency_avg = pd.DataFrame({k: results[k] for k in vt_multi_dependency}).mean(axis=1)
217
+ places_avg = pd.DataFrame({k: results[k] for k in places}).mean(axis=1)
218
+ cvecpe_multi_dependency_avg = pd.DataFrame({k: results[k] for k in cvecpe_multi_dependency}).mean(axis=1)
219
+ heldout_avg = pd.DataFrame({k: results[k] for k in heldout}).mean(axis=1)
220
+ climate_avg = pd.DataFrame({k: results[k] for k in climate}).mean(axis=1)
221
+ vt_multi_disconnected_avg = pd.DataFrame({k: results[k] for k in vt_multi_disconnected}).mean(axis=1)
222
+
223
+ capability_data = pd.DataFrame({
224
+ 'Capability': ['OTX (Single)', 'VirusTotal (Single)', 'VT_Multi (Nested)', 'VT_Multi (Parallel)', 'CVECPE (Single)', 'CVECPE_Multi (Nested)', 'Places (Nested)', 'Climate (Parallel)', 'Stack (Nested)'],
225
+ 'GPT4': [otx_avg['GPT4'], virustotal_avg['GPT4'], vt_multi_dependency_avg['GPT4'], vt_multi_disconnected_avg['GPT4'], cvecpe_avg['GPT4'], cvecpe_multi_dependency_avg['GPT4'], places_avg['GPT4'], climate_avg['GPT4'], heldout_avg['GPT4']],
226
+ 'NexusRaven-V2': [otx_avg['NexusRaven-V2'], virustotal_avg['NexusRaven-V2'], vt_multi_dependency_avg['NexusRaven-V2'], vt_multi_disconnected_avg['NexusRaven-V2'], cvecpe_avg['NexusRaven-V2'], cvecpe_multi_dependency_avg['NexusRaven-V2'],
227
+ places_avg['NexusRaven-V2'], climate_avg['NexusRaven-V2'], heldout_avg['NexusRaven-V2']]
228
+ }).melt(id_vars=['Capability'], var_name='Model', value_name='Score')
229
+
230
+ return capability_data
231
+
232
+ # Function to create and display the radar chart with improved style
233
+ def display_radar_chart(type):
234
+ if type == "general ability":
235
+ data = calculate_capability_scores(RESULTS, "general ability")
236
+ fig = px.line_polar(data, r='Score', theta='Capability', color='Model', line_close=True,
237
+ markers=True, # Adding markers
238
+ color_discrete_sequence=px.colors.qualitative.Pastel, # Using Pastel color scheme
239
+ template='plotly_dark',
240
+ title='Capability Radar Chart on General Abilities')
241
+ elif type == "many apis many args":
242
+ data = calculate_capability_scores(RESULTS, "many apis many args")
243
+ fig = px.line_polar(data, r='Score', theta='Capability', color='Model', line_close=True,
244
+ markers=True, # Adding markers
245
+ color_discrete_sequence=px.colors.qualitative.Pastel, # Using Pastel color scheme
246
+ template='plotly_dark',
247
+ title='Capability Radar Chart on All Subtasks')
248
+
249
+ # Customize the lines and markers
250
+ fig.update_traces(marker=dict(size=10), line=dict(width=4))
251
+
252
+ return fig
253
+
254
+
255
+ INTRO_TEXT = """
256
+ # Nexus Function Calling Leaderboard
257
+
258
+ Welcome to the Nexus Function Calling Leaderboard! We provide a focused benchmarking platform that evaluates a range of models on their ability to perform zero-shot function calling and API usage. Our leaderboard features the following highlights:
259
+
260
+ - **Nine Varied Tasks**: We cover a broad spectrum, from cybersecurity and climate APIs to recommendation systems, along with some pure Python functions.
261
+ - **Zero-Shot Challenges**: Models are tested on their innate ability to handle tasks they haven't seen before, showcasing their versatility and comprehension from the function definitions and user queries ONLY.
262
+ - **Diverse Model Participation**: We included a mix of both open-source and closed-source models. We initially benchmarked three models, and we are more than happy to work together with the community to involve more models.
263
+
264
+ This leaderboard is an exciting step towards understanding and improving the capabilities of large language models in diverse, real-world applications with building semantic interfaces around APIs!
265
+
266
+ """
267
+
268
+ CSS = """
269
+ .intro-text {
270
+ font-size: 26px;
271
+ }
272
+ footer {
273
+ visibility: hidden;
274
+ }
275
+ """
276
+
277
+ # Custom CSS to change the font size in Markdown
278
+ custom_css = """
279
+ <style>
280
+ .markdown-class {
281
+ font-size: 16px !important; /* Adjust the font size as needed */
282
+ }
283
+ </style>
284
+ """
285
+
286
+ with gr.Blocks(theme='dark') as demo: # Set the theme here
287
+ gr.HTML(
288
+ """<img width="50" height="50" style="float:left; margin: 0px;" src="/file=logo.png">
289
+ <h1 style="overflow: hidden; padding-top: 17px; margin: 0px;">Nexusflow</h1>
290
+ """
291
+ )
292
+ with gr.Row():
293
+ gr.Image(
294
+ "raven.png",
295
+ show_label=False,
296
+ show_share_button=True,
297
+ min_width=40,
298
+ scale=1,
299
+ )
300
+ with gr.Column(scale=4):
301
+ gr.HTML(custom_css)
302
+ gr.Markdown(INTRO_TEXT, elem_classes="markdown-class")
303
+ with gr.Tab("Overall"):
304
+ # Compute overall
305
+ # Create the Gradio interface
306
+ with gr.Accordion("Task Averages:"):
307
+ gr.Dataframe(display_averages().map(format_scores))
308
+
309
+ with gr.Accordion("Model Capabilities:"):
310
+ with gr.Row():
311
+ gr.Plot(display_radar_chart("general ability"))
312
+ gr.Plot(display_radar_chart("many apis many args"))
313
+
314
+ for key, value in RESULTS.items():
315
+ tab_names = {
316
+ 'OTX': 'OTX (Single)',
317
+ 'CVECPE': 'CVECPE (Single)',
318
+ 'VirusTotal': 'VirusTotal (Single)',
319
+ 'VT_Multi_Dependency': 'VT_Multi (Nested)',
320
+ 'Places_API': 'Places (Nested)',
321
+ 'CVECPE_Multi_Dependency': 'CVECPE_Multi (Nested)',
322
+ 'Heldout_Combined': 'Stack (Nested)',
323
+ 'Climate': 'Climate (Parallel)',
324
+ 'VT_Multi_Disconnected': 'VT_Multi (Parallel)'
325
+ }
326
+
327
+ tab_name = tab_names.get(key, key)
328
+
329
+ with gr.Tab(tab_name):
330
+ # Create and display DataFrame
331
+ with gr.Accordion("Details of the " + tab_name + " :", open=False) as accordion:
332
+ gr.Markdown(api_descriptions[key])
333
+ if key == "Heldout_Combined":
334
+ accordion.open = True
335
+ else:
336
+ func_definition_list = func_definitions[key]
337
+
338
+ with gr.Group():
339
+ for i in range(len(func_definition_list)):
340
+ with gr.Accordion(func_definition_list[i][0], open=False):
341
+ gr.Markdown(func_definition_list[i][1])
342
+
343
+ df = pd.DataFrame.from_dict(value, orient='index', columns=['Score']).reset_index()
344
+ df.rename(columns={'index': 'Model'}, inplace=True)
345
+ gr.Dataframe(df.map(format_scores))
346
+ if key in SAMPLES:
347
+ file_path = SAMPLES[key]
348
+ data = read_json_or_jsonl(file_path)
349
+ samples = sample_data(data)
350
+ # Spat the data
351
+ # Generate samples with inline style and formatted text
352
+ #samples = [[hover_css + bubble_html.format(style=bubble_style, text=sample['Input']), hover_css + bubble_html.format(style=bubble_style, text=sample['Output'])] for sample in samples]
353
+ for sample in samples:
354
+ s = sample["Output"]
355
+ # FIXME: Do this via screen
356
+ n = 90
357
+ from black import Mode, format_str
358
+
359
+ if isinstance(s, list):
360
+ sample['Output'] = ''.join([format_str(item, mode=Mode()) for item in s])
361
+ else:
362
+ sample['Output'] = format_str(s, mode=Mode())#'\\ \n'.join(s[i:i+n] for i in range(0, len(s), n))
363
+
364
+ samples = [[hover_css + bubble_html.format(style=bubble_style, text=sample['Input']), f"```python\n{sample['Output']}\n```".replace("; ", ";\n")] for sample in samples]
365
+ gr.Dataset(
366
+ #components=[gr.Textbox(visible=False, text_align="left"), gr.Textbox(visible=False, text_align="left")],
367
+ components=[gr.HTML(), gr.Markdown()],
368
+ headers= ["Prompt", "API Use"],
369
+ label=f"{key} Samples",
370
+ samples=samples
371
+ )
372
+ demo.load(
373
+ None,
374
+ None,
375
+ js="""
376
+ () => {
377
+ const params = new URLSearchParams(window.location.search);
378
+ if (!params.has('__theme')) {
379
+ params.set('__theme', 'dark');
380
+ window.location.search = params.toString();
381
+ }
382
+ }""",
383
+ )
384
+
385
+
386
+ demo.launch(share=True, allowed_paths=["logo.png", "raven.png"])
387
+
data/CVECPE.json ADDED
@@ -0,0 +1,391 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ [
2
+ {
3
+ "Input": "I want to check vulnerability related to Microsoft Exchange 2010. Can you provide me with a list of two representative CPEs?",
4
+ "Output": "r = nvdlib.searchCPE(keywordSearch = 'Microsoft Exchange 2010', limit = 2)",
5
+ "verified": true
6
+ },
7
+ {
8
+ "Input": "Filter for a partial cpeMatchString for Microsoft Exchange 2013, return all the vulnerabilities for said matching CPEs, and print their CVE IDs.",
9
+ "Output": "r = nvdlib.searchCPE(cpeMatchString='cpe:2.3:a:microsoft:exchange_server:2013:')",
10
+ "verified": true
11
+ },
12
+ {
13
+ "Input": "Filter for CVE names modfied between 2020-01-01 and 2020-02-01 with the keyword of PHP.",
14
+ "Output": "r = nvdlib.searchCVE(lastModStartDate='2020-01-01 00:00', lastModEndDate='2020-02-01 00:00', keywordSearch='PHP')",
15
+ "verified": true
16
+ },
17
+ {
18
+ "Input": "Look for CPEs related to 'Windows 10'. I want to see the most recent 5 and print the request URL for debugging.",
19
+ "Output": "r = nvdlib.searchCPE(keywordSearch='Windows 10', limit=5, verbose=True)",
20
+ "verified": true
21
+ },
22
+ {
23
+ "Input": "Can you get me the exact CPE matches for 'cpe:2.3:a:apache:http_server:2.4.29:' and show the URL request?",
24
+ "Output": "r = nvdlib.searchCPE(cpeMatchString='cpe:2.3:a:apache:http_server:2.4.29:', verbose=True)",
25
+ "verified": true
26
+ },
27
+ {
28
+ "Input": "I'm looking for CPE vulnerabilities in 'Mozilla Firefox'. Retrieve only the first 10 records.",
29
+ "Output": "r = nvdlib.searchCPE(keywordSearch='Mozilla Firefox', limit=10)",
30
+ "verified": true
31
+ },
32
+ {
33
+ "Input": "Find CPEs with the partial name 'cpe:2.3:a:google:chrome:' and limit the results to 3. Use my API key 'xyz789' for faster requests.",
34
+ "Output": "r = nvdlib.searchCPE(cpeMatchString='cpe:2.3:a:google:chrome:', limit=3, key='xyz789')",
35
+ "verified": true
36
+ },
37
+ {
38
+ "Input": "I want to see all the CVEs that were modified between '2021-03-01' and '2021-04-01' with the term 'Linux'.",
39
+ "Output": "r = nvdlib.searchCVE(lastModStartDate='2021-03-01 00:00', lastModEndDate='2021-04-01 00:00', keywordSearch='Linux')",
40
+ "verified": true
41
+ },
42
+ {
43
+ "Input": "Show me the CPEs matching the string 'cpe:2.3:o:microsoft:windows_8:', and please print the request URL for my reference.",
44
+ "Output": "r = nvdlib.searchCPE(cpeMatchString='cpe:2.3:o:microsoft:windows_8:', verbose=True)",
45
+ "verified": true
46
+ },
47
+ {
48
+ "Input": "Could you please pull the CPE records associated with 'Java' and limit them to the first 8 results?",
49
+ "Output": "r = nvdlib.searchCPE(keywordSearch='Java', limit=8)",
50
+ "verified": true
51
+ },
52
+ {
53
+ "Input": "I need to fetch the CVEs that have seen modifications between the first day of 2021 and March 15, 2021. Also, they should be related to 'nginx'.",
54
+ "Output": "r = nvdlib.searchCVE(lastModStartDate='2021-01-01 00:00', lastModEndDate='2021-03-15 00:00', keywordSearch='nginx')",
55
+ "verified": true
56
+ },
57
+ {
58
+ "Input": "Seek out CPEs that closely align with the partial name 'cpe:2.3:o:apple:ios:'. Display the top 4 and also provide the request URL.",
59
+ "Output": "r = nvdlib.searchCPE(cpeMatchString='cpe:2.3:o:apple:ios:', limit=4, verbose=True)",
60
+ "verified": true
61
+ },
62
+ {
63
+ "Input": "Would you be able to retrieve records of CPEs that underwent changes between April 1, 2022, and April 30, 2022?",
64
+ "Output": "r = nvdlib.searchCPE(lastModStartDate='2022-04-01 00:00', lastModEndDate='2022-04-30 00:00')",
65
+ "verified": true
66
+ },
67
+ {
68
+ "Input": "I'm trying to trace CPEs that are precisely matched with 'cpe:2.3:a:oracle:database:12.1.0.2:'. Can you also ensure there's a shorter delay between requests by using my API key 'api-key-123'?",
69
+ "Output": "r = nvdlib.searchCPE(cpeMatchString='cpe:2.3:a:oracle:database:12.1.0.2:', key='api-key-123')",
70
+ "verified": true
71
+ },
72
+ {
73
+ "Input": "Using the key 'special-key-456', I'd like to view CPEs related to 'Adobe Flash'. If possible, display the request URL for reference.",
74
+ "Output": "r = nvdlib.searchCPE(keywordSearch='Adobe Flash', key='special-key-456', verbose=True)",
75
+ "verified": true
76
+ },
77
+ {
78
+ "Input": "Let's search for CVEs with ties to 'Python' that have been modified after June 1, 2022, but before June 30, 2022.",
79
+ "Output": "r = nvdlib.searchCVE(lastModStartDate='2022-06-01 00:00', lastModEndDate='2022-06-30 00:00', keywordSearch='Python')",
80
+ "verified": true
81
+ },
82
+ {
83
+ "Input": "Can you help narrow down CPEs that are aligned with the string 'cpe:2.3:a:ibm:cloud:'? And also, please trim the results to just 6 entries.",
84
+ "Output": "r = nvdlib.searchCPE(cpeMatchString='cpe:2.3:a:ibm:cloud:', limit=6)",
85
+ "verified": true
86
+ },
87
+ {
88
+ "Input": "I'm curious about the CPEs associated with 'MySQL'. Could you show me the first 7, and also ensure you display the request URL for me?",
89
+ "Output": "r = nvdlib.searchCPE(keywordSearch='MySQL', limit=7, verbose=True)",
90
+ "verified": true
91
+ },
92
+ {
93
+ "Input": "I'd love to retrieve CVEs updated between February 10, 2021, and March 20, 2021, that are related to 'Tomcat'. Also, I want a shorter delay with my API key 'fast-key-789'.",
94
+ "Output": "r = nvdlib.searchCVE(lastModStartDate='2021-02-10 00:00', lastModEndDate='2021-03-20 00:00', keywordSearch='Tomcat', key='fast-key-789')",
95
+ "verified": true
96
+ },
97
+ {
98
+ "Input": "How about we look for CPEs that match the string 'cpe:2.3:o:redhat:linux:'? Show just the top 3, please.",
99
+ "Output": "r = nvdlib.searchCPE(cpeMatchString='cpe:2.3:o:redhat:linux:', limit=3)",
100
+ "verified": true
101
+ },
102
+ {
103
+ "Input": "For the sake of auditing, I want to see CVEs that changed post-January 15, 2022, until February 15, 2022. Also, I'm particularly interested in those containing 'SSH' in their metadata.",
104
+ "Output": "r = nvdlib.searchCVE(lastModStartDate='2022-01-15 00:00', lastModEndDate='2022-02-15 00:00', keywordSearch='SSH')",
105
+ "verified": true
106
+ },
107
+ {
108
+ "Input": "Find me CPEs that align exactly with the pattern 'cpe:2.3:a:sap:netweaver:' and use my API key 'pro-key-321' to speed up the requests.",
109
+ "Output": "r = nvdlib.searchCPE(cpeMatchString='cpe:2.3:a:sap:netweaver:', key='pro-key-321')",
110
+ "verified": true
111
+ },
112
+ {
113
+ "Input": "Using the provided key 'elite-key-654', fetch CPEs that have any connections with 'Drupal'. Also, if you could display the request URL, that would be great!",
114
+ "Output": "r = nvdlib.searchCPE(keywordSearch='Drupal', key='elite-key-654', verbose=True)",
115
+ "verified": true
116
+ },
117
+ {
118
+ "Input": "For our security assessment, we need CVEs related to 'VMware' that were modified after May 5, 2022, and before May 25, 2022. Also, ensure to provide the request URL.",
119
+ "Output": "r = nvdlib.searchCVE(lastModStartDate='2022-05-05 00:00', lastModEndDate='2022-05-25 00:00', keywordSearch='VMware', verbose=True)",
120
+ "verified": true
121
+ },
122
+ {
123
+ "Input": "Could you help identify CPEs that closely resemble the pattern 'cpe:2.3:a:google:android:'? And please, limit the results to just 5.",
124
+ "Output": "r = nvdlib.searchCPE(cpeMatchString='cpe:2.3:a:google:android:', limit=5)",
125
+ "verified": true
126
+ },
127
+ {
128
+ "Input": "I'm interested in CVEs that underwent changes between March 10 and March 30 of 2022, and are associated with 'PostgreSQL'. Can you also provide a debug URL?",
129
+ "Output": "r = nvdlib.searchCVE(lastModStartDate='2022-03-10 00:00', lastModEndDate='2022-03-30 00:00', keywordSearch='PostgreSQL', verbose=True)",
130
+ "verified": true
131
+ },
132
+ {
133
+ "Input": "I'm conducting a study on 'OpenSSL'. Could you fetch the first 10 CPEs related to it?",
134
+ "Output": "r = nvdlib.searchCPE(keywordSearch='OpenSSL', limit=10)",
135
+ "verified": true
136
+ },
137
+ {
138
+ "Input": "Hoping to view CVEs related to 'Windows 10' that were modified between August 1, 2021, and September 1, 2021. Please utilize my API key 'api-fast-101' to expedite the process.",
139
+ "Output": "r = nvdlib.searchCVE(keywordSearch='Windows 10', lastModStartDate='2021-08-01 00:00', lastModEndDate='2021-09-01 00:00', key='api-fast-101')",
140
+ "verified": true
141
+ },
142
+ {
143
+ "Input": "Look up CPEs matching 'cpe:2.3:o:linux:ubuntu:'. Return only the top 5 results for now.",
144
+ "Output": "r = nvdlib.searchCPE(cpeMatchString='cpe:2.3:o:linux:ubuntu:', limit=5)",
145
+ "verified": true
146
+ },
147
+ {
148
+ "Input": "Desire to see CVEs that were updated between January 1, 2022, and January 31, 2022. Specifically interested in CVEs with 'Firefox' in their metadata. Can I also get the request URL for reference?",
149
+ "Output": "r = nvdlib.searchCVE(keywordSearch='Firefox', lastModStartDate='2022-01-01 00:00', lastModEndDate='2022-01-31 00:00', verbose=True)",
150
+ "verified": true
151
+ },
152
+ {
153
+ "Input": "I'm after the CPEs exactly matching 'cpe:2.3:a:mongodb:server:'. Could you employ my API key 'key-pro-202' to lessen the request delay?",
154
+ "Output": "r = nvdlib.searchCPE(cpeMatchString='cpe:2.3:a:mongodb:server:', key='key-pro-202')",
155
+ "verified": true
156
+ },
157
+ {
158
+ "Input": "With the help of the 'vip-key-303' API key, procure CPEs associated with 'Apache Struts'. And yes, I'd like to see the request URL as well.",
159
+ "Output": "r = nvdlib.searchCPE(keywordSearch='Apache Struts', key='vip-key-303', verbose=True)",
160
+ "verified": true
161
+ },
162
+ {
163
+ "Input": "For a security review, it's imperative I get CPEs linked to 'Django' that underwent changes after July 10, 2022, up till July 30, 2022.",
164
+ "Output": "r = nvdlib.searchCPE(keywordSearch='Django', lastModStartDate='2022-07-10 00:00', lastModEndDate='2022-07-30 00:00')",
165
+ "verified": false
166
+ },
167
+ {
168
+ "Input": "We're in need of CPEs mirroring the pattern 'cpe:2.3:o:microsoft:windows_server:'. Could you curate a list of just the initial 6?",
169
+ "Output": "r = nvdlib.searchCPE(cpeMatchString='cpe:2.3:o:microsoft:windows_server:', limit=6)",
170
+ "verified": true
171
+ },
172
+ {
173
+ "Input": "Can we explore CVEs updated between October 10, 2021, and October 20, 2021, having 'Wordpress' in their description? Also, if it's not too much to ask, could you display the debug URL?",
174
+ "Output": "r = nvdlib.searchCVE(keywordSearch='Wordpress', lastModStartDate='2021-10-10 00:00', lastModEndDate='2021-10-20 00:00', verbose=True)",
175
+ "verified": true
176
+ },
177
+ {
178
+ "Input": "I want to check vulnerability related to Microsoft Exchange 2010. Can you provide me with a list of two representative CVEs?",
179
+ "Output": "r = nvdlib.searchCVE(keywordSearch='Microsoft Exchange 2010', limit=2)",
180
+ "verified": true
181
+ },
182
+ {
183
+ "Input": "Check vulnerability of RedHat from Sept 8, 2021 to December 1, 2021 Can you provide me with a list of two representative CVEs?",
184
+ "Output": "r = nvdlib.searchCVE(pubStartDate = '2021-09-08 00:00', pubEndDate = '2021-12-01 00:00', keywordSearch = 'RedHat', limit=2)",
185
+ "verified": true
186
+ },
187
+ {
188
+ "Input": "Use CVE and Check vulnerability of RedHat from Sept 8, 2021 to December 1, 2021, only check version 2 severity of HIGH. ",
189
+ "Output": "r = nvdlib.searchCVE(pubStartDate = '2021-09-08 00:00', pubEndDate = '2021-12-01 00:00', keywordSearch = 'RedHat', cvssV2Severity = 'HIGH')",
190
+ "verified": true
191
+ },
192
+ {
193
+ "Input": "Could you get the details of the CVE with the ID CVE-2023-0144?",
194
+ "Output": "r = nvdlib.searchCVE(cveId='CVE-2023-0144')",
195
+ "verified": true
196
+ },
197
+ {
198
+ "Input": "What are the vulnerabilities associated with the CPE 'cpe:2.3:o:microsoft:windows_10:1607'?",
199
+ "Output": "r = nvdlib.searchCVE(cpeName='cpe:2.3:o:microsoft:windows_10:1607')",
200
+ "verified": true
201
+ },
202
+ {
203
+ "Input": "Can you list all the vulnerabilities that have 'HIGH' severity in CVSSv3?",
204
+ "Output": "r = nvdlib.searchCVE(cvssV3Severity='HIGH')",
205
+ "verified": true
206
+ },
207
+ {
208
+ "Input": "Find the vulnerabilities that are related to 'XSS'?",
209
+ "Output": "r = nvdlib.searchCVE(keywordSearch='XSS')",
210
+ "verified": true
211
+ },
212
+ {
213
+ "Input": "Find the vulnerabilities associated with CWE-287.",
214
+ "Output": "r = nvdlib.searchCVE(cweId='CWE-287')",
215
+ "verified": true
216
+ },
217
+ {
218
+ "Input": "Find the vulnerabilities that were published between 2023-05-01 and 2023-06-30.",
219
+ "Output": "r = nvdlib.searchCVE(pubStartDate='2023-05-01 00:00', pubEndDate='2023-06-30 00:00')",
220
+ "verified": true
221
+ },
222
+ {
223
+ "Input": "Find any vulnerabilities associated with the CPE 'cpe:2.3:o:microsoft:windows_10:1607'.",
224
+ "Output": "r = nvdlib.searchCVE(cpeName='cpe:2.3:o:microsoft:windows_10:1607')",
225
+ "verified": true
226
+ },
227
+ {
228
+ "Input": "Fetch the details for CVE-2023-1234.",
229
+ "Output": "r = nvdlib.searchCVE(cveId='CVE-2023-1234')",
230
+ "verified": true
231
+ },
232
+ {
233
+ "Input": "Which vulnerabilities are associated with CWE-287?",
234
+ "Output": "r = nvdlib.searchCVE(cweId='CWE-287')",
235
+ "verified": true
236
+ },
237
+ {
238
+ "Input": "Show me 'HIGH' severity vulnerabilities using CVSSv2.",
239
+ "Output": "r = nvdlib.searchCVE(cvssV2Severity='HIGH')"
240
+ },
241
+ {
242
+ "Input": "What vulnerabilities were published between January 1, 2023 and March 30, 2023?",
243
+ "Output": "r = nvdlib.searchCVE(pubStartDate='2023-01-01 00:00', pubEndDate='2023-03-30 00:00')",
244
+ "verified": true
245
+ },
246
+ {
247
+ "Input": "Find 'MEDIUM' severity vulnerabilities using CVSSv3 for CPE 'cpe:2.3:o:microsoft:windows_10:1607'.",
248
+ "Output": "r = nvdlib.searchCVE(cpeName='cpe:2.3:o:microsoft:windows_10:1607', cvssV3Severity='MEDIUM')",
249
+ "verified": true
250
+ },
251
+ {
252
+ "Input": "Show me vulnerabilities related to 'Buffer Overflow'.",
253
+ "Output": "r = nvdlib.searchCVE(keywordSearch='Buffer Overflow')",
254
+ "verified": true
255
+ },
256
+ {
257
+ "Input": "Find vulnerabilities associated with 'SQL Injection' and CWE-89.",
258
+ "Output": "r = nvdlib.searchCVE(keywordSearch='SQL Injection', cweId='CWE-89')",
259
+ "verified": true
260
+ },
261
+ {
262
+ "Input": "Are there any vulnerabilities with a US-CERT technical alert associated with the CPE 'cpe:2.3:o:microsoft:windows_10:1607'?",
263
+ "Output": "r = nvdlib.searchCVE(cpeName='cpe:2.3:o:microsoft:windows_10:1607', hasCertAlerts=True)",
264
+ "verified": true
265
+ },
266
+ {
267
+ "Input": "Are there any reported vulnerabilities with a CERT/CC note for 'cpe:2.3:o:microsoft:windows_10:1607'?",
268
+ "Output": "r = nvdlib.searchCVE(cpeName='cpe:2.3:o:microsoft:windows_10:1607', hasCertNotes=True)",
269
+ "verified": true
270
+ },
271
+ {
272
+ "Input": "What are some 'LOW' severity vulnerabilities related to 'XSS' according to CVSSv2?",
273
+ "Output": "r = nvdlib.searchCVE(keywordSearch='XSS', cvssV2Severity='LOW')",
274
+ "verified": true
275
+ },
276
+ {
277
+ "Input": "Can you list vulnerabilities related to 'Apache' that were published between July 1, 2023 and July 14, 2023?",
278
+ "Output": "r = nvdlib.searchCVE(pubStartDate='2023-07-01 00:00', pubEndDate='2023-07-14 00:00', keywordSearch='Apache')",
279
+ "verified": true
280
+ },
281
+ {
282
+ "Input": "I'm interested in 'CRITICAL' severity vulnerabilities related to 'Buffer Overflow' using CVSSv3. What can you find?",
283
+ "Output": "r = nvdlib.searchCVE(keywordSearch='Buffer Overflow', cvssV3Severity='CRITICAL')",
284
+ "verified": true
285
+ },
286
+ {
287
+ "Input": "What vulnerabilities related to 'SQL Injection' contain information from OVAL?",
288
+ "Output": "r = nvdlib.searchCVE(keywordSearch='SQL Injection', hasOval=True)",
289
+ "verified": true
290
+ },
291
+ {
292
+ "Input": "Could you find vulnerabilities related to 'Windows 10' that were modified between March 1, 2023 and March 31, 2023?",
293
+ "Output": "r = nvdlib.searchCVE(lastModStartDate='2023-03-01 00:00', lastModEndDate='2023-03-31 00:00', keywordSearch='Windows 10')",
294
+ "verified": true
295
+ },
296
+ {
297
+ "Input": "Are there any vulnerabilities associated with 'cpe:2.3:o:microsoft:windows_10:1607' where the CPE is also considered vulnerable?",
298
+ "Output": "r = nvdlib.searchCVE(cpeName='cpe:2.3:o:microsoft:windows_10:1607', isVulnerable=True)",
299
+ "verified": true
300
+ },
301
+ {
302
+ "Input": "Could you find vulnerabilities related to 'Windows 10' for the CPE 'cpe:2.3:o:microsoft:windows_10:1607' that are not rejected?",
303
+ "Output": "r = nvdlib.searchCVE(cpeName='cpe:2.3:o:microsoft:windows_10:1607', keywordSearch='Windows 10', noRejected=True)",
304
+ "verified": true
305
+ },
306
+ {
307
+ "Input": "Could you fetch 100 CVEs that have a source identifier of 'cve@mitre.org'?",
308
+ "Output": "r = nvdlib.searchCVE(sourceIdentifier='cve@mitre.org', limit=100)",
309
+ "verified": true
310
+ },
311
+ {
312
+ "Input": "What vulnerabilities are associated with the CPE 'cpe:2.3:o:linux:linux_kernel' and exist in versions from 3.0 to 3.5?",
313
+ "Output": "r = nvdlib.searchCVE(virtualMatchString='cpe:2.3:o:linux:linux_kernel', versionStart='3.0', versionStartType='including', versionEnd='3.5', versionEndType='including')",
314
+ "verified": true
315
+ },
316
+ {
317
+ "Input": "Find vulnerabilities matching the CVSSv2 vector string 'AV:N/AC:M/Au:N/C:P/I:P/A:P' for the source identifier 'cve@mitre.org'.",
318
+ "Output": "r = nvdlib.searchCVE(sourceIdentifier='cve@mitre.org', cvssV2Metrics='AV:N/AC:M/Au:N/C:P/I:P/A:P')",
319
+ "verified": true
320
+ },
321
+ {
322
+ "Input": "Find vulnerabilities associated with the CPE 'cpe:2.3:o:microsoft:windows_10:1607' and CWE-79.",
323
+ "Output": "r = nvdlib.searchCVE(cpeName='cpe:2.3:o:microsoft:windows_10:1607', cweId='CWE-79')",
324
+ "verified": true
325
+ },
326
+ {
327
+ "Input": "Could you find vulnerabilities related to 'SQL Injection', associated with CWE-89 and have a technical alert from US-CERT?",
328
+ "Output": "r = nvdlib.searchCVE(keywordSearch='SQL Injection', cweId='CWE-89', hasCertAlerts=True)",
329
+ "verified": true
330
+ },
331
+ {
332
+ "Input": "I'm currently auditing 'cpe:2.3:o:microsoft:windows_10:1607' and one of the aspects I'm looking into are notes from CERT/CC. Can you help me find any reported vulnerabilities that come with a note from CERT/CC for this CPE?",
333
+ "Output": "r = nvdlib.searchCVE(cpeName='cpe:2.3:o:microsoft:windows_10:1607', hasCertNotes=True)",
334
+ "verified": true
335
+ },
336
+ {
337
+ "Input": "I'm doing a report about vulnerabilities and one of the areas I'm focusing on are 'LOW' severity vulnerabilities, particularly those related to 'XSS'. According to CVSSv2, what vulnerabilities fall into this category?",
338
+ "Output": "r = nvdlib.searchCVE(keywordSearch='XSS', cvssV2Severity='LOW')",
339
+ "verified": true
340
+ },
341
+ {
342
+ "Input": "We've been using 'Apache' and I just wanted to check if there have been any vulnerabilities published from July 1, 2023, to July 14, 2023. Do you have any information on this?",
343
+ "Output": "r = nvdlib.searchCVE(pubStartDate='2023-07-01 00:00', pubEndDate='2023-07-14 00:00', keywordSearch='Apache')",
344
+ "verified": true
345
+ },
346
+ {
347
+ "Input": "I've been hearing about these 'CRITICAL' severity vulnerabilities related to 'Buffer Overflow' using CVSSv3. Can you give me more details about these vulnerabilities?",
348
+ "Output": "r = nvdlib.searchCVE(keywordSearch='Buffer Overflow', cvssV3Severity='CRITICAL')",
349
+ "verified": true
350
+ },
351
+ {
352
+ "Input": "I'm doing a deep dive into vulnerabilities related to 'SQL Injection' and I'm particularly interested in those that contain information from OVAL. Can you help me find these?",
353
+ "Output": "r = nvdlib.searchCVE(keywordSearch='SQL Injection', hasOval=True)",
354
+ "verified": true
355
+ },
356
+ {
357
+ "Input": "I remember coming across some vulnerabilities related to 'Windows 10' around March this year. Specifically, those that were modified between March 1, 2023, and March 31, 2023. Can you help me find these again?",
358
+ "Output": "r = nvdlib.searchCVE(lastModStartDate='2023-03-01 00:00', lastModEndDate='2023-03-31 00:00', keywordSearch='Windows 10')",
359
+ "verified": true
360
+ },
361
+ {
362
+ "Input": "Recently, we've been using 'cpe:2.3:o:microsoft:windows_10:1607' and I'm just trying to stay ahead of any potential issues. Are there any vulnerabilities associated with this CPE where it's also considered vulnerable?",
363
+ "Output": "r = nvdlib.searchCVE(cpeName='cpe:2.3:o:microsoft:windows_10:1607', isVulnerable=True)",
364
+ "verified": true
365
+ },
366
+ {
367
+ "Input": "I've been tracking vulnerabilities related to 'Windows 10' for the CPE 'cpe:2.3:o:microsoft:windows_10:1607'. However, I only want those that haven't been rejected. Can you help me find these?",
368
+ "Output": "r = nvdlib.searchCVE(cpeName='cpe:2.3:o:microsoft:windows_10:1607', keywordSearch='Windows 10', noRejected=True)",
369
+ "verified": true
370
+ },
371
+ {
372
+ "Input": "I've been using software 'cpe:2.3:o:linux:linux_kernel' and I heard there might be issues with versions from 3.0 to 3.5. Could you find out if there have been any vulnerabilities within this range?",
373
+ "Output": "r = nvdlib.searchCVE(virtualMatchString='cpe:2.3:o:linux:linux_kernel', versionStart='3.0', versionStartType='including', versionEnd='3.5', versionEndType='including')",
374
+ "verified": true
375
+ },
376
+ {
377
+ "Input": "I am reviewing vulnerabilities with specific CVSSv3 metrics. The metrics I am interested in are 'AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'. Can you provide information on vulnerabilities that match these metrics?",
378
+ "Output": "r = nvdlib.searchCVE(cvssV3Metrics='AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')",
379
+ "verified": true
380
+ },
381
+ {
382
+ "Input": "I have an NVD API Key and I want to set a delay between requests for the sake of network performance. Let's use a delay of 10 seconds. My key is '123456789'. Can we proceed with this setup?",
383
+ "Output": "r = nvdlib.searchCVE(key='123456789', delay=10)",
384
+ "verified": true
385
+ },
386
+ {
387
+ "Input": "I am trying to find vulnerabilities related to 'SQL Injection'. However, I would also like to see the URL request for debugging purposes. Can you make this happen?",
388
+ "Output": "r = nvdlib.searchCVE(keywordSearch='SQL Injection', verbose=True)",
389
+ "verified": true
390
+ }
391
+ ]
data/CVECPE_MultiAPIs.json ADDED
@@ -0,0 +1,227 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ [
2
+ {
3
+ "Input": "I want to check how many vulnerabilities are related to Microsoft Exchange 2010?",
4
+ "Output": "count_cvecpe_items(searchCVE(keywordSearch='Microsoft Exchange 2010'))"
5
+ },
6
+ {
7
+ "Input": "Please check vulnerabilities of RedHat from Sept 8, 2020 to December 1, 2021 Can you provide me with a list of two representative CVEs?",
8
+ "Output": "searchCVE(pubStartDate=verify_and_process_data_range_start('2020-09-08', '2021-12-01'), pubEndDate=verify_and_process_data_range_end('2020-09-08', '2021-12-01'), keywordSearch='RedHat', limit=2)"
9
+ },
10
+ {
11
+ "Input": "Use CVE and Check vulnerability of RedHat from Sept 8, 2021 to December 1, 2022, only check version 2 severity of HIGH.",
12
+ "Output": "searchCVE(pubStartDate=verify_and_process_data_range_start('2021-09-08', '2022-12-01'), pubEndDate=verify_and_process_data_range_end('2021-09-08', '2022-12-01'), keywordSearch='RedHat', cvssV2Severity='HIGH')"
13
+ },
14
+ {
15
+ "Input": "Find the vulnerabilities that are related to 'XSS' and generate a summary.",
16
+ "Output": "summarize_cvecpes(searchCVE(keywordSearch='XSS'))"
17
+ },
18
+ {
19
+ "Input": "How many CVSSv2 'HIGH' severity vulnerabilities are there in CVEs.",
20
+ "Output": "count_cvecpe_items(searchCVE(cvssV2Severity='HIGH'))"
21
+ },
22
+ {
23
+ "Input": "Find the vulnerabilities that were published between 2022-05-01 and 2023-06-30.",
24
+ "Output": "searchCVE(pubStartDate=verify_and_process_data_range_start('2022-05-01', '2023-06-30'), pubEndDate=verify_and_process_data_range_end('2022-05-01', '2023-06-30'))"
25
+ },
26
+ {
27
+ "Input": "What vulnerabilities were published between January 1, 2023 and April 3, 2023?",
28
+ "Output": "searchCVE(pubStartDate=verify_and_process_data_range_start('2023-01-01', '2023-04-03'), pubEndDate=verify_and_process_data_range_end('2023-01-01', '2023-04-03'))"
29
+ },
30
+ {
31
+ "Input": "Find vulnerabilities associated with 'SQL Injection', if there is no result, try search with 'SQL'.",
32
+ "Output": "search_backup_keywords(searchCVE(keywordSearch='SQL Injection'), 'SQL')"
33
+ },
34
+ {
35
+ "Input": "Can you summarize 'LOW' severity vulnerabilities related to 'XSS' according to CVSSv2?",
36
+ "Output": "summarize_cvecpes(searchCVE(keywordSearch='XSS', cvssV2Severity='LOW'))"
37
+ },
38
+ {
39
+ "Input": "Can you summarize vulnerabilities related to 'Apache' that were published between July 1, 2022 and July 14, 2023?",
40
+ "Output": "summarize_cvecpes(searchCVE(pubStartDate=verify_and_process_data_range_start('2022-07-01', '2023-07-14'), pubEndDate=verify_and_process_data_range_end('2022-07-01', '2023-07-14'), keywordSearch='Apache'))"
41
+ },
42
+ {
43
+ "Input": "Could you find out how many vulnerabilities are related to 'Windows 10' that were modified between March 1, 2020 and March 31, 2023?",
44
+ "Output": "count_cvecpe_items(searchCVE(lastModStartDate=verify_and_process_data_range_start('2020-03-01', '2023-03-31'), lastModEndDate=verify_and_process_data_range_end('2020-03-01', '2023-03-31'), keywordSearch='Windows 10'))"
45
+ },
46
+ {
47
+ "Input": "I'm doing a report about vulnerabilities and one of the areas I'm focusing on are 'LOW' severity vulnerabilities, particularly those related to 'XSS'. According to CVSSv2, how many vulnerabilities fall into this category?",
48
+ "Output": "count_cvecpe_items(searchCVE(keywordSearch='XSS', cvssV2Severity='LOW'))"
49
+ },
50
+ {
51
+ "Input": "We've been using 'Apache' and I just wanted to check if there have been any vulnerabilities published from July 1, 2021, to July 14, 2023. Do you have any information on this?",
52
+ "Output": "searchCVE(pubStartDate=verify_and_process_data_range_start('2021-07-01', '2023-07-14'), pubEndDate=verify_and_process_data_range_end('2021-07-01', '2023-07-14'), keywordSearch='Apache')"
53
+ },
54
+ {
55
+ "Input": "I've been hearing about these 'CRITICAL' severity vulnerabilities related to 'Buffer Overflow' using CVSSv3. Can you compare these vulnerabilities against those with 'HIGH' severity related to 'Buffer Overflow'? What are the differences and commons?",
56
+ "Output": "compare_cvecpes(searchCVE(keywordSearch='Buffer Overflow', cvssV3Severity='CRITICAL'), searchCVE(keywordSearch='Buffer Overflow', cvssV3Severity='HIGH'))"
57
+ },
58
+ {
59
+ "Input": "I remember coming across some vulnerabilities related to 'Windows 10' around March this year. Specifically, those that were modified between March 1, 2023, and March 31, 2023. If there is no such vulnerabilities, can you search for Windows 7 instead?",
60
+ "Output": "search_backup_keywords(searchCVE(lastModStartDate='2023-03-01', lastModEndDate='2023-03-31', keywordSearch='Windows 10'), 'Windows 7')"
61
+ },
62
+ {
63
+ "Input": "Filter for CPE names modfied between 2020-01-01 and 2021-02-01 with the keyword of PHP.",
64
+ "Output": "searchCPE(lastModStartDate=verify_and_process_data_range_start('2020-01-01', '2021-02-01'), lastModEndDate=verify_and_process_data_range_end('2020-01-01', '2021-02-01'), keywordSearch='PHP')"
65
+ },
66
+ {
67
+ "Input": "I'm looking for CPE vulnerabilities in 'Mozilla Firefox'. Retrieve only the first 10 records. If there is no result, try using the keyword 'Firefox' and there is no limit for this potential new search.",
68
+ "Output": "search_backup_keywords(searchCPE(keywordSearch='Mozilla Firefox', limit=10), 'Firefox')"
69
+ },
70
+ {
71
+ "Input": "For CPEs that were modified between '2021-03-01' and '2021-04-01', I want to compare those with the term 'Linux' and those with 'Windows'.",
72
+ "Output": "compare_cvecpes(searchCPE(lastModStartDate='2021-03-01', lastModEndDate='2021-04-01', keywordSearch='Linux'), searchCPE(lastModStartDate='2021-03-01', lastModEndDate='2021-04-01', keywordSearch='Windows'))"
73
+ },
74
+ {
75
+ "Input": "Could you please pull the CPE records associated with 'Java' and summarize the first 8 results?",
76
+ "Output": "summarize_cvecpes(searchCPE(keywordSearch='Java', limit=8))"
77
+ },
78
+ {
79
+ "Input": "I need to fetch the CPEs that have seen modifications between the first day of 2021 and March 15, 2021. Also, they should be related to 'PostgreSQL'. If not, they should be related to 'MySQL'",
80
+ "Output": "search_backup_keywords(searchCPE(lastModStartDate='2021-01-01', lastModEndDate='2021-03-15', keywordSearch='PostgreSQL'), 'MySQL')"
81
+ },
82
+ {
83
+ "Input": "Using the key 'special-key-456', I'd like to view CPEs related to 'Adobe Flash'. If possible, display the request URL for reference, and also summarize the descriptions of those CPEs.",
84
+ "Output": "summarize_cvecpes(searchCPE(keywordSearch='Adobe Flash', key='special-key-456', verbose=True))"
85
+ },
86
+ {
87
+ "Input": "Let's search for CPEs with ties to 'Python' that have been modified after June 1, 2021, but before June 30, 2022.",
88
+ "Output": "searchCPE(lastModStartDate=verify_and_process_data_range_start('2021-06-01', '2022-06-30'), lastModEndDate=verify_and_process_data_range_end('2021-06-01', '2022-06-30'), keywordSearch='Python')"
89
+ },
90
+ {
91
+ "Input": "I'm curious about the CPEs associated with 'MySQL'. Could you count the total number of related CPEs, and also ensure you display the request URL for me?",
92
+ "Output": "count_cvecpe_items(searchCPE(keywordSearch='MySQL', verbose=True))"
93
+ },
94
+ {
95
+ "Input": "I'm conducting a study on 'OpenSSL'. Could you summarize the first 10 CPEs related to it?",
96
+ "Output": "summarize_cvecpes(searchCPE(keywordSearch='OpenSSL', limit=10))"
97
+ },
98
+ {
99
+ "Input": "I'd love to count the number of CPEs updated between February 10, 2021, and March 20, 2021, that are related to 'Tomcat'. Also, I want a shorter delay with my API key 'fast-key-789'.",
100
+ "Output": "count_cvecpe_items(searchCPE(lastModStartDate='2021-02-10', lastModEndDate='2021-03-20', keywordSearch='Tomcat', key='fast-key-789'))"
101
+ },
102
+ {
103
+ "Input": "For the sake of auditing, I want to see CPEs that changed post-January 15, 2021, until February 15, 2022. Also, I'm particularly interested in those containing 'SSH' in their metadata.",
104
+ "Output": "searchCPE(lastModStartDate=verify_and_process_data_range_start('2021-01-15', '2022-02-15'), lastModEndDate=verify_and_process_data_range_end('2021-01-15', '2022-02-15'), keywordSearch='SSH')"
105
+ },
106
+ {
107
+ "Input": "For our security assessment, we need a summary of CPEs related to 'VMware' that were modified after May 5, 2022, and before May 25, 2022. Also, ensure to provide the request URL.",
108
+ "Output": "summarize_cvecpes(searchCPE(lastModStartDate='2022-05-05', lastModEndDate='2022-05-25', keywordSearch='VMware', verbose=True))"
109
+ },
110
+ {
111
+ "Input": "Hoping to view CPEs related to 'Windows 10' that were modified between August 1, 2021, and September 1, 2021. Please utilize my API key 'api-fast-101' to expedite the process. If there is no such CPE, please try to find those related to 'Windows 8'.",
112
+ "Output": "search_backup_keywords(searchCPE(keywordSearch='Windows 10', lastModStartDate='2021-08-01', lastModEndDate='2021-09-01', key='api-fast-101'), 'Windows 8')"
113
+ },
114
+ {
115
+ "Input": "Desire to see CPEs that were updated between January 1, 2022, and January 31, 2022. Specifically interested in comparing CPEs with 'Firefox' in their metadata and those CPEs with 'Chrome' in their metadata. Can I also get the request URL for reference?",
116
+ "Output": "compare_cvecpes(searchCPE(keywordSearch='Firefox', lastModStartDate='2022-01-01', lastModEndDate='2022-01-31', verbose=True), searchCPE(keywordSearch='Chrome', lastModStartDate='2022-01-01', lastModEndDate='2022-01-31', verbose=True))"
117
+ },
118
+ {
119
+ "Input": "With the help of the 'vip-key-303' API key, procure CPEs associated with 'Apache Struts'. And yes, I'd like to see the a summary and the request URL as well.",
120
+ "Output": "summarize_cvecpes(searchCPE(keywordSearch='Apache Struts', key='vip-key-303', verbose=True))"
121
+ },
122
+ {
123
+ "Input": "For a security review, I want to count how many CPEs are there linked to 'Django' that underwent changes after July 10, 2022, up till July 30, 2022.",
124
+ "Output": "count_cvecpe_items(searchCPE(keywordSearch='Django', lastModStartDate='2022-07-10', lastModEndDate='2022-07-30'))"
125
+ },
126
+ {
127
+ "Input": "What is the first Common Platform Enumeration (CPE) that was last modified on the National Vulnerability Database (NVD) with a limit of search results to 10 and in descending order of last modification time when searching for the keyword 'Apache' with exact match?",
128
+ "Output": "get_first_object_from_list(sortCPEsByLastMod(searchCPE(keywordSearch='Apache', keywordExactMatch=True, limit=10), descending=True))"
129
+ },
130
+ {
131
+ "Input": "Can you provide me with a combined list of Common Vulnerabilities and Exposures (CVEs) from the National Vulnerability Database (NVD) where the first list contains CVEs that match the CVSSv2 vector string 'AV:N/AC:M/Au:N/C:N/I:N/A:P' and the second list contains CVEs that have severity version 3, furthermore let's limit both lists to 50 results each?",
132
+ "Output": "mergeCVEs(searchCVE(cvssV2Metrics='AV:N/AC:M/Au:N/C:N/I:N/A:P', limit=50), searchCVE(cvssV3Severity='High', limit=50))"
133
+ },
134
+ {
135
+ "Input": "Can you find and list all existing named software (CPE) vulnerabilities published during 2023/5/15 and 2023/5/21 with a severity level of 'HIGH' according to both version 2 and version 3 CVSS metrics?",
136
+ "Output": "filterCVEsBySeverity(searchCVE(pubStartDate='2023-05-15', pubEndDate='2023-05-21'), 'HIGH')"
137
+ },
138
+ {
139
+ "Input": "Can you please find a list of common vulnerabilities and exposures (CVE) that have a CVSSv2 severity of 'high' and then filter this list for those that contain a description in Spanish?",
140
+ "Output": "filterCVEByLanguage(searchCVE(cvssV2Severity='high') , 'es')"
141
+ },
142
+ {
143
+ "Input": "How can I find CVEs that matches the CPE Match Criteria 'cpe:/o:linux:linux_kernel:2.6.32' and contains a Technical Alert from US-CERT, then sort them in descending order by their last modification date?",
144
+ "Output": "sortCVEsByModDate(searchCVE(cpeName='cpe:/o:linux:linux_kernel:2.6.32', hasCertAlerts=True), descending=True)"
145
+ },
146
+ {
147
+ "Input": "Give me vulnerabilities, sorted by their CVSS version 2.0 scores in descending order, released between January 1, 2021 and January 31, 2021, that match the CPE name 'cpe:/a:microsoft:windows_10:1909' and have a Technical Alert from US-CERT?",
148
+ "Output": "sortCVEsByCVSSv2Score(searchCVE(cpeName='cpe:/a:microsoft:windows_10:1909', pubStartDate='2021-01-01', pubEndDate='2021-01-31', hasCertAlerts=True), descending=True)"
149
+ },
150
+ {
151
+ "Input": "How can I get a list of all the CVEs that have been updated between January 1, 2022 and March 1, 2022, searching specifically for those that contain the keyword 'buffer overflow', sorted by their CVSS Version 3.x scores in descending order?",
152
+ "Output": "sortCVEsByCVSSv3Score(searchCVE(lastModStartDate='2022-01-01', lastModEndDate='2022-03-01', keywordSearch='buffer overflow'), descending=True)"
153
+ },
154
+ {
155
+ "Input": "What is the distribution of vulnerability severity labels for the CVEs of our system's CPE named 'cpe:/a:mysql:mysql' that were last modified in the third month of 2020? Also, ensure that the CPE is considered vulnerable.",
156
+ "Output": "countCVEsBySeverity(searchCVE(cpeName='cpe:/a:mysql:mysql', isVulnerable=True, lastModStartDate='2020-03-01', lastModEndDate='2020-03-31'))"
157
+ },
158
+ {
159
+ "Input": "Could you please find the first non-deprecated Common Platform Enumeration (CPE) that matches the keyword 'linux', and provide all the Common Vulnerability Exposures (CVEs) that are associated with it and have version 2 severity?",
160
+ "Output": "searchCVE(cpeName=get_first_object_from_list(filterDeprecatedCPEs(searchCPE(cpeMatchString='linux'))), cvssV2Severity='High')"
161
+ },
162
+ {
163
+ "Input": "Can you find and merge the list of CVEs that have a version 2 severity of 'High' with the list of CVEs that have a version 3 severity of 'Low'? Limit the result to the top 100 CVEs, and ensure that they contain a technical alert from US-CERT and have been published within the last month. Today's date is 2022/11/01",
164
+ "Output": "mergeCVEs(searchCVE(cvssV2Severity='High', hasCertAlerts=True, pubStartDate='2022-10-01', pubEndDate='2022-11-01', limit=100), searchCVE(cvssV3Severity='Low', hasCertAlerts=True, pubStartDate='2022-10-01', pubEndDate='2022-11-01', limit=100))"
165
+ },
166
+ {
167
+ "Input": "I am interested in finding vulnerabilities connected with a certain CPE name. First, I would like to find a non-deprecated CPE record using a partial match of the CPE name I am looking for. Let's say the partial CPE name is 'cpe:2.3:a:microsoft:exchange_server:2013:'. Could you use the full CPE name from the first non-deprecated CPE object in the obtained list and find a list of corresponding CVEs?",
168
+ "Output": "searchCVE(cpeName=getCPEName(get_first_object_from_list(filterDeprecatedCPEs(searchCPE(cpeMatchString='cpe:2.3:a:microsoft:exchange_server:2013:')))))"
169
+ },
170
+ {
171
+ "Input": "What is the combined list of CVEs that I can get by merging two separate searches on the NVD? For the first search, I am interested in CVEs that match the CVSSv2 vector string 'AV:N/AC:L/Au:S/C:N/I:N/A:P', have a version 2 severity of 'High', contain a Technical Alert from US-CERT, have information from MITRE's OVAL, and have the word 'Buffer Overflow' in their description, the search limited to 10 results. For the second search, I'm interested in CVEs that correspond to the CPE name 'cpe:2.3:a:php:php:5.3.6:*:*:*:*:*:*:*', have a version 3 severity of 'Critical' and contain a Vulnerability Note from CERT/CC, the search also limited to 10 results. I have an NVD API Key '123456789'.",
172
+ "Output": "mergeCVEs(searchCVE(cvssV2Metrics='AV:N/AC:L/Au:S/C:N/I:N/A:P', cvssV2Severity='High', hasCertAlerts=True, hasOval=True, keywordSearch='Buffer Overflow', limit=10, key='123456789'), searchCVE(cpeName='cpe:2.3:a:php:php:5.3.6:*:*:*:*:*:*:*', cvssV3Severity='Critical', hasCertNotes=True, limit=10, key='123456789'))"
173
+ },
174
+ {
175
+ "Input": "Could you provide a list of vulnerabilities from the NVD, filtered down to only those which have a high severity level and were last modified between November 1st, 2020 and December 31st, 2020?",
176
+ "Output": "filterCVEsBySeverity(searchCVE(lastModStartDate='2020-11-01', lastModEndDate='2020-12-31'), 'HIGH')"
177
+ },
178
+ {
179
+ "Input": "Can you query for a list of CVEs associated with a specific CPE 'cpe:2.3:o:microsoft:windows_10:1607', where the CPE is also considered vulnerable, and these CVEs contain information from MITRE's OVAL, and were last modified between January 1st, 2021 and March 15th, 2021? Once you've retrieved this list, can you please sort them in descending order, according to their CVSS Version 2.0 base scores?",
180
+ "Output": "sortCVEsByCVSSv2Score(searchCVE(cpeName = 'cpe:2.3:o:microsoft:windows_10:1607', isVulnerable = True, hasOval = True, lastModStartDate = '2021-01-01', lastModEndDate = '2021-03-15'))"
181
+ },
182
+ {
183
+ "Input": "Can you help me find the first non-deprecated CPE name from the NVD database with an exact match for the keyword 'Windows' and then find the associated vulnerabilities?",
184
+ "Output": "searchCVE(cpeName=getCPEName(get_first_object_from_list(filterDeprecatedCPEs(searchCPE(keywordExactMatch=True, keywordSearch='Windows')))))"
185
+ },
186
+ {
187
+ "Input": "Can you find the Common Platform Enumeration (CPE) object that exactly matches for 'cpe:2.3:a:apache:http_server:2.4.29:', and was last modified, extract its name and then use this name to fetch a collection of Common Vulnerabilities and Exposures (CVEs) associated with this CPE name?",
188
+ "Output": "searchCVE(cpeName=getCPEName(get_first_object_from_list(sortCPEsByLastMod(searchCPE(cpeMatchString='cpe:2.3:a:apache:http_server:2.4.29:'), True))))"
189
+ },
190
+ {
191
+ "Input": "What was the last modified CPE for a given keyword 'cpe:2.3:a:apache:http_server:2.4.29:', and can you find the CVEs that match this CPE name?",
192
+ "Output": "searchCVE(cpeName=getCPEName(cpeObject=get_first_object_from_list(list_of_objects=sortCPEsByLastMod(cpeList=searchCPE(cpeMatchString='cpe:2.3:a:apache:http_server:2.4.29:')))))"
193
+ },
194
+ {
195
+ "Input": "How many unique types of vulnerabilities have low, medium, high, and critical severity levels that can be found according to their 'cvssV3Severity' from a list of CVEs obtained from searching the National Vulnerability Database (NVD) that has CPE name 'cpe:2.3:o:microsoft:windows_10:1607' and have information from MITRE's OVAL and are considered vulnerable, with the condition that they contain exactly the keyword 'authentication' in their current description, and were last modified during the period starting from January 1, 2022 to January 31, 2022, without any CVEs with a reject or rejected status, and with a limit of 100 results?",
196
+ "Output": "countCVEsBySeverity(searchCVE(cpeName='cpe:2.3:o:microsoft:windows_10:1607', hasOval=True, isVulnerable=True, keywordExactMatch=True, keywordSearch='authentication', lastModStartDate='2022-01-01', lastModEndDate='2022-01-31', noRejected=True, limit=100))"
197
+ },
198
+ {
199
+ "Input": "What is the ordered list of CVE objects, in descending order of their last modification date, that are associated with a specific vulnerable CPE that has name 'cpe:2.3:o:microsoft:windows_10:1607' and contain a Technical Alert from US-CERT?",
200
+ "Output": "sortCVEsByModDate(searchCVE(cpeName='cpe:2.3:o:microsoft:windows_10:1607', hasCertAlerts=True, isVulnerable=True), descending=True)"
201
+ },
202
+ {
203
+ "Input": "What is the count of vulnerabilities by severity (LOW, MEDIUM, HIGH, CRITICAL) from the CVEs that match the provided CPE name 'cpe:/a:python:python:3.8.1' and considered as vulnerable?",
204
+ "Output": "countCVEsBySeverity(searchCVE(cpeName='cpe:/a:python:python:3.8.1', isVulnerable=True))"
205
+ },
206
+ {
207
+ "Input": "I have found a potential weak point in our current system and I strongly believe it might be associated with the CPE named 'cpe:/o:linux:linux_kernel'. I want to search for all the existing vulnerabilities that match this parameter sorted in descending order by their CVSS Version 2.0 base scores. Can you help?",
208
+ "Output": "sortCVEsByCVSSv2Score(searchCVE(cpeName='cpe:/o:linux:linux_kernel'), descending=True)"
209
+ },
210
+ {
211
+ "Input": "Can you find me the list of CVEs that contain a description in German language and that are associated with a specific CPE named 'cpeXYZ', while also considering this particular CPE vulnerable?",
212
+ "Output": "filterCVEByLanguage(searchCVE(cpeName='cpeXYZ', isVulnerable=True), 'de')"
213
+ },
214
+ {
215
+ "Input": "How can I programmatically search for CPEs on NVD site using its UUID '123-456-789', without any API key, with a limit of 5 results and make sure to only get the CPEs that are not deprecated?",
216
+ "Output": "filterDeprecatedCPEs(searchCPE(cpeNameId='123-456-789', limit=5))"
217
+ },
218
+ {
219
+ "Input": "Can you search for CPE records related to the keyword 'firewall' with an exact match? Then, can you return the results sorted in ascending order of their last modification time with a limit of 50 results per request?",
220
+ "Output": "sortCPEsByLastMod(searchCPE(keywordSearch='firewall', keywordExactMatch=True, limit=50), descending=False)"
221
+ },
222
+ {
223
+ "Input": "Can you use two searches, one with a CPE name ID 'CPE1234' and the other with a CPE match string 'CPEmatch', to find the respective CPE records? Then merge the results from both searches into one list, limiting the size of both searches to 25.",
224
+ "Output": "mergeCPEs(searchCPE(cpeNameId='CPE1234', limit=25), searchCPE(cpeMatchString='CPEmatch', limit=25))"
225
+ }
226
+
227
+ ]
data/Climate.jsonl ADDED
@@ -0,0 +1,47 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ {"input": "What's the ID of the weather station closest to me?", "Output": "get_nearest_station_id(nearby_stations=find_nearby_stations(lat_long=get_latitude_longitude(location=get_current_location())))"}
2
+ {"input": "What's the weather like in New york right now?", "Output": "get_hourly_observation(get_nearest_station_id(find_nearby_stations(get_latitude_longitude('New York'))), get_current_time_at_location(get_latitude_longitude('New York')), get_current_time_at_location(get_latitude_longitude('New York')), get_timezone(get_latitude_longitude('New York')))"}
3
+ {"input": "What's the weather like in New York for the past 3 days?", "Output": "get_hourly_observation(get_nearest_station_id(find_nearby_stations(get_latitude_longitude('New York'))), subtract_time_delta(get_current_time_at_location(get_latitude_longitude('New York')), 3), get_current_time_at_location(get_latitude_longitude('New York')), get_timezone(get_latitude_longitude('New York')))"}
4
+ {"input": "What has been the weather like for the past 7 days?", "Output": "get_hourly_observation(get_nearest_station_id(find_nearby_stations(get_latitude_longitude(get_current_location()))), subtract_time_delta(get_current_time_at_location(get_latitude_longitude(get_current_location())), 7), get_current_time_at_location(get_latitude_longitude(get_current_location())), get_timezone(get_latitude_longitude(get_current_location())))"}
5
+ {"input": "What is the nearest meterological station close to me?", "Output": "get_nearest_station_id(find_nearby_stations(get_latitude_longitude(get_current_location())))"}
6
+ {"input": "Give me a list of weather stations close to me?", "Output": "find_nearby_stations(get_latitude_longitude(get_current_location()))"}
7
+ {"input": "Get me the weather in Palo Alto for the past 3 days", "Output": "get_hourly_observation(get_nearest_station_id(find_nearby_stations(get_latitude_longitude('Palo Alto'))), subtract_time_delta(get_current_time_at_location(get_latitude_longitude('Palo Alto')), 3), get_current_time_at_location(get_latitude_longitude('Palo Alto')), get_timezone(get_latitude_longitude('Palo Alto')))"}
8
+ {"input": "What has been the weather like where I live for the past 14 days?", "Output": "get_hourly_observation(get_nearest_station_id(find_nearby_stations(get_latitude_longitude(get_current_location()))), subtract_time_delta(get_current_time_at_location(get_latitude_longitude(get_current_location())), 14), get_current_time_at_location(get_latitude_longitude(get_current_location())), get_timezone(get_latitude_longitude(get_current_location())))"}
9
+ {"input": "If today is Jan 23 2023, what's 129 days ago from today?", "Output": "subtract_time_delta('2023-01-23', 129)"}
10
+ {"input": "If today is 1900 Jan 21, can you please tell me what's 435 days prior to that?", "Output": "subtract_time_delta('1900-01-21', 435)"}
11
+ {"input": "What has been the weather like in the 3 day span between Jan 23, 1950 onwards for the city of Menlo Park?", "Output": "get_hourly_observation(station_id=get_nearest_station_id(nearby_stations=find_nearby_stations(lat_long=get_latitude_longitude(location='Menlo Park'))), start_time='1950-01-23', end_time='1950-01-25', time_zone=get_timezone(lat_long=get_latitude_longitude(location='Menlo Park')))"}
12
+ {"input": "What has been the weather like in the 3 day span between Jan 23, 1950 backwards for the city of New York?", "Output": "get_hourly_observation(get_nearest_station_id(find_nearby_stations(get_latitude_longitude('New York'))), subtract_time_delta('1950-01-23', 3), '1950-01-23', get_timezone(get_latitude_longitude('New York')))"}
13
+ {"input": "What are the coordinates of Honolulu Hawaii?", "Output": "get_latitude_longitude('Honolulu Hawaii')"}
14
+ {"input": "I want to plan a picnic around Jan 23, 2024 and I want it to go for 4 days at least. Will it be raining then?", "Output": "get_hourly_observation(get_nearest_station_id(find_nearby_stations(get_latitude_longitude(get_current_location()))), subtract_time_delta(\"2024-01-23\", 4), \"2024-01-23\", get_timezone(get_latitude_longitude(get_current_location())))"}
15
+ {"input": "How many weather sites are around me?", "Output": "find_nearby_stations(get_latitude_longitude(get_current_location()))"}
16
+ {"input": "Give me the closest weather site to Albany NY?", "Output": "get_nearest_station_id(find_nearby_stations(get_latitude_longitude(\"Albany NY\")))"}
17
+ {"input": "What's the weather currently at Albany NY?", "Output": "get_hourly_observation(get_nearest_station_id(find_nearby_stations(get_latitude_longitude(\"Albany NY\"))), get_current_time_at_location(get_latitude_longitude(\"Albany NY\")), get_current_time_at_location(get_latitude_longitude(\"Albany NY\")), get_timezone(get_latitude_longitude(\"Albany NY\")))"}
18
+ {"input": "What timezone does New York exist in?", "Output": "get_timezone(get_latitude_longitude(\"New York\"))"}
19
+ {"input": "What's the current timezone for New York?", "Output": "get_timezone(get_latitude_longitude(\"New York\"))"}
20
+ {"input": "Get me the time for New York and the timezone for Palo Alto?", "Output": "get_current_time_at_location(get_latitude_longitude(\"New York\")); get_timezone(get_latitude_longitude(\"Palo Alto\"))"}
21
+ {"input": "Get me the timezone for Palo Alto and the weather?", "Output": "get_timezone(get_latitude_longitude('Palo Alto')); get_hourly_observation(get_nearest_station_id(find_nearby_stations(get_latitude_longitude('Palo Alto'))), subtract_time_delta(get_current_time_at_location(get_latitude_longitude('Palo Alto')), 1), get_current_time_at_location(get_latitude_longitude('Palo Alto')), get_timezone(get_latitude_longitude('Palo Alto')))"}
22
+ {"input": "What has been the weather like for the past 5 days in the city of Menlo Park? Also get me the coordinates for Palo Alto. And finally, get me the timezone Palo Alto is in?", "Output": "get_hourly_observation(get_nearest_station_id(find_nearby_stations(get_latitude_longitude(\"Menlo Park\"))), subtract_time_delta(get_current_time_at_location(get_latitude_longitude(\"Menlo Park\")), 5), get_current_time_at_location(get_latitude_longitude(\"Menlo Park\")), get_timezone(get_latitude_longitude(\"Menlo Park\"))); get_latitude_longitude(\"Palo Alto\"); get_timezone(get_latitude_longitude(\"Palo Alto\"))"}
23
+ {"input": "What's Honolulu's timezone, and what has been the weather like for the past 3 days?", "Output": "get_timezone(lat_long=get_latitude_longitude(location='Honolulu')); get_hourly_observation(station_id=get_nearest_station_id(nearby_stations=find_nearby_stations(lat_long=get_latitude_longitude(location='Honolulu'))), start_time=subtract_time_delta(date_time_str=get_current_time_at_location(lat_long=get_latitude_longitude(location='Honolulu')), delta_days=3), end_time=get_current_time_at_location(lat_long=get_latitude_longitude(location='Honolulu')), time_zone=get_timezone(lat_long=get_latitude_longitude(location='Honolulu')));"}
24
+ {"input": "What's Honolulu's timezone, and what's the current time there?", "Output": "get_timezone(lat_long=get_latitude_longitude(location='Honolulu')); get_current_time_at_location(lat_long=get_latitude_longitude(location='Honolulu'));"}
25
+ {"input": "If I am 19 years and 23 days old, when was I born?", "Output": "subtract_time_delta(get_current_time_at_location(get_latitude_longitude(get_current_location())), delta_days=(19*365+23))"}
26
+ {"input": "If I am 10 days old, when was I born?", "Output": "subtract_time_delta(get_current_time_at_location(get_latitude_longitude(get_current_location())), 10)"}
27
+ {"input": "New York's weather has been kinda crazy, I wanna check out the nearest weather station", "Output": "find_nearby_stations(get_latitude_longitude(\"New York\"))"}
28
+ {"input": "Get me the timezones for Honolulu, New York, London, and Tokyo.", "Output": "get_timezone(get_latitude_longitude('Honolulu')); get_timezone(get_latitude_longitude('New York')); get_timezone(get_latitude_longitude('London')); get_timezone(get_latitude_longitude('Tokyo'))"}
29
+ {"input": "Get me the coordinates for New York, London, and Yokohama", "Output": "get_latitude_longitude('New York'); get_latitude_longitude('London'); get_latitude_longitude('Yokohama')"}
30
+ {"input": "Get me the weather for Kiev?", "Output": "get_hourly_observation(get_nearest_station_id(find_nearby_stations(get_latitude_longitude(\"Kiev\"))), subtract_time_delta(get_current_time_at_location(get_latitude_longitude(\"Kiev\")), 1), get_current_time_at_location(get_latitude_longitude(\"Kiev\")), get_timezone(get_latitude_longitude(\"Kiev\")))"}
31
+ {"input": "What timezone is Kiev in, and what timezone is Berlin in?", "Output": "get_timezone(get_latitude_longitude(\"Kiev\")); get_timezone(get_latitude_longitude(\"Berlin\"))"}
32
+ {"input": "Get me the weather stations in Berlin, Kiev, and London?", "Output": "find_nearby_stations(get_latitude_longitude('Berlin')); find_nearby_stations(get_latitude_longitude('Kiev')); find_nearby_stations(get_latitude_longitude('London'))"}
33
+ {"input": "Get me the weather stations in Berlin, and the weather stations in Kiev, and the weather stations in London?", "Output": "find_nearby_stations(get_latitude_longitude('Berlin')); find_nearby_stations(get_latitude_longitude('Kiev')); find_nearby_stations(get_latitude_longitude('London'))"}
34
+ {"input": "What's the weather station closest to Berlin? And the one closest to Kiev? And the one closest to London?", "Output": "get_nearest_station_id(find_nearby_stations(get_latitude_longitude('Berlin'))); get_nearest_station_id(find_nearby_stations(get_latitude_longitude('Kiev'))); get_nearest_station_id(find_nearby_stations(get_latitude_longitude('London')))"}
35
+ {"input": "Can you get me the coordinates for London, coordinates for Paris, and coordinates for Lyon?", "Output": "get_latitude_longitude(\"London\"); get_latitude_longitude(\"Paris\"); get_latitude_longitude(\"Lyon\");"}
36
+ {"input": "What are some weather stations for London, for Paris, and for Lyon?", "Output": "find_nearby_stations(get_latitude_longitude('London')); find_nearby_stations(get_latitude_longitude('Paris')); find_nearby_stations(get_latitude_longitude('Lyon'))"}
37
+ {"input": "What are the current timezones for London, the current timezones for Paris, and the current timezones for Kiev?", "Output": "get_timezone(get_latitude_longitude('London')); get_timezone(get_latitude_longitude('Paris')); get_timezone(get_latitude_longitude('Kiev'))"}
38
+ {"input": "What's the weather like in New York?", "Output": "get_hourly_observation(get_nearest_station_id(find_nearby_stations(get_latitude_longitude(\"New York\"))), subtract_time_delta(get_current_time_at_location(get_latitude_longitude(\"New York\")), 1), get_current_time_at_location(get_latitude_longitude(\"New York\")), get_timezone(get_latitude_longitude(\"New York\")))"}
39
+ {"input": "What are 10 days prior to today?", "Output": "subtract_time_delta(get_current_time_at_location(get_latitude_longitude(get_current_location())), 10)"}
40
+ {"input": "What's 10 years and 18 days prior to today?", "Output": "subtract_time_delta(get_current_time_at_location(get_latitude_longitude(get_current_location())), delta_days=(10*365 + 18))"}
41
+ {"input": "Paris timezone is what? Also what is London timezone?", "Output": "get_timezone(get_latitude_longitude('Paris')); get_timezone(get_latitude_longitude('London'))"}
42
+ {"input": "Get me 10 days prior to today in London?", "Output": "subtract_time_delta(get_current_time_at_location(get_latitude_longitude('London')), 10)"}
43
+ {"input": "Analyze the 45 days starting from Jan 23, 2020 in London in terms of its weather?", "Output": "get_hourly_observation(get_nearest_station_id(find_nearby_stations(get_latitude_longitude('London'))), subtract_time_delta('2020-01-23', 45), '2020-01-23', get_timezone(get_latitude_longitude('London')))"}
44
+ {"input": "Do analyze the weather for the 4 days starting from Feb 23, 2020 in Paris?", "Output": "get_hourly_observation(get_nearest_station_id(find_nearby_stations(get_latitude_longitude('Paris'))), subtract_time_delta('2020-02-23', 4), '2020-02-23', get_timezone(get_latitude_longitude('Paris')))"}
45
+ {"input": "Get me stations for the greater Tokyo area?", "Output": "find_nearby_stations(get_latitude_longitude(\"Tokyo\"))"}
46
+ {"input": "What's a good code for the nearest weather code to me?", "Output": "get_nearest_station_id(find_nearby_stations(get_latitude_longitude(get_current_location())))"}
47
+ {"input": "What's a good code the station near Tokyo?", "Output": "find_nearby_stations(get_latitude_longitude('Tokyo'))"}
data/OTX.json ADDED
@@ -0,0 +1,371 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ [
2
+ {
3
+ "Input": "Can you provide general information about the IP address 192.168.1.1 using my AlienVault API key 'myApiKey'?",
4
+ "Output": "getIndicatorForIPv4(apiKey = 'myApiKey', ip = '192.168.1.1', section = 'general')"
5
+ },
6
+ {
7
+ "Input": "I need to check the reputation of the IP 10.0.0.1 using AlienVault. My API key is 'xyz789'.",
8
+ "Output": "getIndicatorForIPv4(apiKey = 'xyz789', ip = '10.0.0.1', section = 'reputation')"
9
+ },
10
+ {
11
+ "Input": "Please fetch the geographical information for the IP address 8.8.8.8 with the API key '123abc' using AlienVault.",
12
+ "Output": "getIndicatorForIPv4(apiKey = '123abc', ip = '8.8.8.8', section = 'geo')"
13
+ },
14
+ {
15
+ "Input": "Using my API key 'key123', can you get information about malware associated with the IP 172.16.0.2 from AlienVault?",
16
+ "Output": "getIndicatorForIPv4(apiKey = 'key123', ip = '172.16.0.2', section = 'malware')"
17
+ },
18
+ {
19
+ "Input": "Can you retrieve the URL list linked to the IP address 8.8.4.4 using my AlienVault API key 'apiKey456'?",
20
+ "Output": "getIndicatorForIPv4(apiKey = 'apiKey456', ip = '8.8.4.4', section = 'urlList')"
21
+ },
22
+ {
23
+ "Input": "What is the passive DNS information for the IP 192.168.0.1 using the AlienVault API with my API key 'key789'?",
24
+ "Output": "getIndicatorForIPv4(apiKey = 'key789', ip = '192.168.0.1', section = 'passiveDns')"
25
+ },
26
+ {
27
+ "Input": "Can you check the URL list related to IP 172.24.1.1 with my 'api123Key' in AlienVault?",
28
+ "Output": "getIndicatorForIPv4(apiKey = 'api123Key', ip = '172.24.1.1', section = 'urlList')"
29
+ },
30
+ {
31
+ "Input": "I want to see the geo-location data for the IP address 10.10.10.10 using my AlienVault API key '987xyz'.",
32
+ "Output": "getIndicatorForIPv4(apiKey = '987xyz', ip = '10.10.10.10', section = 'geo')"
33
+ },
34
+ {
35
+ "Input": "Fetch the malware information for the IP 8.8.4.4 using the API key 'abcKey123' from AlienVault.",
36
+ "Output": "getIndicatorForIPv4(apiKey = 'abcKey123', ip = '8.8.4.4', section = 'malware')"
37
+ },
38
+ {
39
+ "Input": "Using AlienVault, can you get the reputation details for the IP 192.168.1.100 with the API key 'key654'?",
40
+ "Output": "getIndicatorForIPv4(apiKey = 'key654', ip = '192.168.1.100', section = 'reputation')"
41
+ },
42
+ {
43
+ "Input": "Can you get general information about the IPv6 address '2001:0db8:85a3:0000:0000:8a2e:0370:7334' using my API key 'xyz789'?",
44
+ "Output": "getIndicatorForIPv6(apiKey = 'xyz789', ip = '2001:0db8:85a3:0000:0000:8a2e:0370:7334', section = 'general')"
45
+ },
46
+ {
47
+ "Input": "I need to check the reputation data for the IPv6 address '2001:db8:1234:5678:9abc:def0:1234:5678' with my API key '123abc'.",
48
+ "Output": "getIndicatorForIPv6(apiKey = '123abc', ip = '2001:db8:1234:5678:9abc:def0:1234:5678', section = 'reputation')"
49
+ },
50
+ {
51
+ "Input": "Please provide geo information for '2001:0db8:ac10:fe01:0000:0000:0000:0000' using the AlienVault API with the key 'key456'.",
52
+ "Output": "getIndicatorForIPv6(apiKey = 'key456', ip = '2001:0db8:ac10:fe01:0000:0000:0000:0000', section = 'geo')"
53
+ },
54
+ {
55
+ "Input": "Fetch malware data associated with the IPv6 '2001:0db8:85a3:0000:0000:8a2e:0370:7334' using API key 'apikey123'.",
56
+ "Output": "getIndicatorForIPv6(apiKey = 'apikey123', ip = '2001:0db8:85a3:0000:0000:8a2e:0370:7334', section = 'malware')"
57
+ },
58
+ {
59
+ "Input": "Can you retrieve passive DNS information for IPv6 address '2001:db8:cafe::3' with my AlienVault API key '789xyz'?",
60
+ "Output": "getIndicatorForIPv6(apiKey = '789xyz', ip = '2001:db8:cafe::3', section = 'passiveDns')"
61
+ },
62
+ {
63
+ "Input": "Using AlienVault, could you find any malware samples related to the IPv6 '2001:0db8:1234:5678:9abc:def0:1234:5678'? My API key is '987def'.",
64
+ "Output": "getIndicatorForIPv6(apiKey = '987def', ip = '2001:0db8:1234:5678:9abc:def0:1234:5678', section = 'malware')"
65
+ },
66
+ {
67
+ "Input": "What is the geographical location data for the IPv6 address '2001:0db8:85a3:0000:0000:8a2e:0370:7334'? My API key for AlienVault is '456ghi'.",
68
+ "Output": "getIndicatorForIPv6(apiKey = '456ghi', ip = '2001:0db8:85a3:0000:0000:8a2e:0370:7334', section = 'geo')"
69
+ },
70
+ {
71
+ "Input": "Can you extract the list of URLs associated with the IPv6 '2001:db8:cafe::3' using my AlienVault key '321jkl'?",
72
+ "Output": "getIndicatorForIPv6(apiKey = '321jkl', ip = '2001:db8:cafe::3', section = 'urlList')"
73
+ },
74
+ {
75
+ "Input": "Is there any OTX reputation data available for '2001:db8:1234:5678:9abc:def0:1234:5678' on AlienVault? I'll use the API key '654mno'.",
76
+ "Output": "getIndicatorForIPv6(apiKey = '654mno', ip = '2001:db8:1234:5678:9abc:def0:1234:5678', section = 'reputation')"
77
+ },
78
+ {
79
+ "Input": "I'm interested in passive DNS data for the IPv6 address '2001:0db8:ac10:fe01:0000:0000:0000:0000' using AlienVault. My API key is '890pqr'.",
80
+ "Output": "getIndicatorForIPv6(apiKey = '890pqr', ip = '2001:0db8:ac10:fe01:0000:0000:0000:0000', section = 'passiveDns')"
81
+ },
82
+ {
83
+ "Input": "Can you retrieve general information for the domain 'example.com' using my AlienVault API key 'xyz123'?",
84
+ "Output": "getIndicatorForDomain(apiKey='xyz123', domain='example.com', section='general')"
85
+ },
86
+ {
87
+ "Input": "I need the geographic data for 'mywebsite.net' with API key 'abc123'. Can you get that from AlienVault?",
88
+ "Output": "getIndicatorForDomain(apiKey='abc123', domain='mywebsite.net', section='geo')"
89
+ },
90
+ {
91
+ "Input": "Please fetch malware analysis for 'suspiciousdomain.org' using my AlienVault key '123abc'.",
92
+ "Output": "getIndicatorForDomain(apiKey='123abc', domain='suspiciousdomain.org', section='malware')"
93
+ },
94
+ {
95
+ "Input": "Can you check the URL list associated with 'testsite.com' on AlienVault? My API key is 'key789'.",
96
+ "Output": "getIndicatorForDomain(apiKey='key789', domain='testsite.com', section='urlList')"
97
+ },
98
+ {
99
+ "Input": "I want to see the whois record for 'newsite.net' using AlienVault. My API key is '789xyz'.",
100
+ "Output": "getIndicatorForDomain(apiKey='789xyz', domain='newsite.net', section='whois')"
101
+ },
102
+ {
103
+ "Input": "Using AlienVault, can you extract the passive DNS information for 'domain123.com'? My API key is 'key12345'.",
104
+ "Output": "getIndicatorForDomain(apiKey='key12345', domain='domain123.com', section='passiveDns')"
105
+ },
106
+ {
107
+ "Input": "I'm interested in the whois details for 'siteexample.org'. Could you use the AlienVault API with this key: 'exampleKey678'?",
108
+ "Output": "getIndicatorForDomain(apiKey='exampleKey678', domain='siteexample.org', section='whois')"
109
+ },
110
+ {
111
+ "Input": "For the domain 'checkdomain.net', what malware threats have been identified? Please check using AlienVault and my API key 'net789Key'.",
112
+ "Output": "getIndicatorForDomain(apiKey='net789Key', domain='checkdomain.net', section='malware')"
113
+ },
114
+ {
115
+ "Input": "Could you pull up the geographical details for 'globaldomain.com' from AlienVault? Here's my API key: 'globalKey123'.",
116
+ "Output": "getIndicatorForDomain(apiKey='globalKey123', domain='globaldomain.com', section='geo')"
117
+ },
118
+ {
119
+ "Input": "Please access the URL list linked to 'websitedata.org' using my AlienVault API key 'dataKey456'.",
120
+ "Output": "getIndicatorForDomain(apiKey='dataKey456', domain='websitedata.org', section='urlList')"
121
+ },
122
+ {
123
+ "Input": "Can you get the general information about the hostname 'example.com' using my AlienVault API key 'myAPIKey123'?",
124
+ "Output": "getIndicatorForHostname(apiKey = 'myAPIKey123', hostname = 'example.com', section = 'general')"
125
+ },
126
+ {
127
+ "Input": "Please retrieve geographic data for 'bad-site.net' with my API key 'apiKey987' in AlienVault.",
128
+ "Output": "getIndicatorForHostname(apiKey = 'apiKey987', hostname = 'bad-site.net', section = 'geo')"
129
+ },
130
+ {
131
+ "Input": "Use AlienVault to find malware data associated with 'suspicious.org', my API key is '123KeyAPI'.",
132
+ "Output": "getIndicatorForHostname(apiKey = '123KeyAPI', hostname = 'suspicious.org', section = 'malware')"
133
+ },
134
+ {
135
+ "Input": "I need the URL list related to 'dangerous-host.io' using my AlienVault key 'Key999Alien'.",
136
+ "Output": "getIndicatorForHostname(apiKey = 'Key999Alien', hostname = 'dangerous-host.io', section = 'urlList')"
137
+ },
138
+ {
139
+ "Input": "Fetch passive DNS information for 'secure-server.com' using the AlienVault API, my key is 'AlienKey321'.",
140
+ "Output": "getIndicatorForHostname(apiKey = 'AlienKey321', hostname = 'secure-server.com', section = 'passiveDns')"
141
+ },
142
+ {
143
+ "Input": "I'd like to know the overall details, including geography, of the site 'mysterydomain.com'. My AlienVault API key is 'KeyABC123'.",
144
+ "Output": "getIndicatorForHostname(apiKey = 'KeyABC123', hostname = 'mysterydomain.com', section = 'general')"
145
+ },
146
+ {
147
+ "Input": "Could you fetch the geographic information for 'travelblog.net' using AlienVault? My API key is 'TravelKey789'.",
148
+ "Output": "getIndicatorForHostname(apiKey = 'TravelKey789', hostname = 'travelblog.net', section = 'geo')"
149
+ },
150
+ {
151
+ "Input": "Using AlienVault, I need to check for any malware connections to 'techupdate.io'. My API key is 'UpdateKey456'.",
152
+ "Output": "getIndicatorForHostname(apiKey = 'UpdateKey456', hostname = 'techupdate.io', section = 'malware')"
153
+ },
154
+ {
155
+ "Input": "Please list the URLs associated with 'newsportal.com' as per AlienVault's database. My key is 'NewsKey321'.",
156
+ "Output": "getIndicatorForHostname(apiKey = 'NewsKey321', hostname = 'newsportal.com', section = 'urlList')"
157
+ },
158
+ {
159
+ "Input": "Could you use AlienVault to gather passive DNS data for 'oldsite.org'? I'll provide my API key, 'DNSKey654'.",
160
+ "Output": "getIndicatorForHostname(apiKey = 'DNSKey654', hostname = 'oldsite.org', section = 'passiveDns')"
161
+ },
162
+ {
163
+ "Input": "Can you retrieve general metadata for the file hash '12345abcde67890fghij' using my API key 'xyz789'?",
164
+ "Output": "getIndicatorForFileHashes(apiKey = 'xyz789', fileHash = '12345abcde67890fghij', section = 'general')"
165
+ },
166
+ {
167
+ "Input": "I need to perform a dynamic and static analysis of the file hash 'abcd1234efgh5678ijkl' with my 'myKey123' API key.",
168
+ "Output": "getIndicatorForFileHashes(apiKey = 'myKey123', fileHash = 'abcd1234efgh5678ijkl', section = 'analysis')"
169
+ },
170
+ {
171
+ "Input": "Please fetch the general information available for the file hash '9f8e7d6c5b4a3s21f0e1' using the key 'api_key_456'.",
172
+ "Output": "getIndicatorForFileHashes(apiKey = 'api_key_456', fileHash = '9f8e7d6c5b4a3s21f0e1', section = 'general')"
173
+ },
174
+ {
175
+ "Input": "Access the analysis data for file hash '6f5e4d3c2b1a0987e6d5' with API key 'superKey789'.",
176
+ "Output": "getIndicatorForFileHashes(apiKey = 'superKey789', fileHash = '6f5e4d3c2b1a0987e6d5', section = 'analysis')"
177
+ },
178
+ {
179
+ "Input": "Get me the general metadata of file hash '00112233445566778899' using the API key 'myAPIkey321'.",
180
+ "Output": "getIndicatorForFileHashes(apiKey = 'myAPIkey321', fileHash = '00112233445566778899', section = 'general')"
181
+ },
182
+ {
183
+ "Input": "Using AlienVault, how can I get the general section details for a file hash 'a1b2c3d4e5' with my API key 'key12345'?",
184
+ "Output": "getIndicatorForFileHashes(apiKey = 'key12345', fileHash = 'a1b2c3d4e5', section = 'general')"
185
+ },
186
+ {
187
+ "Input": "Could you please provide the analysis for the file hash 'f6g7h8i9j0' using AlienVault? My API key is '98765key'.",
188
+ "Output": "getIndicatorForFileHashes(apiKey = '98765key', fileHash = 'f6g7h8i9j0', section = 'analysis')"
189
+ },
190
+ {
191
+ "Input": "I'm interested in obtaining the general metadata about the file hash '1a2b3c4d5e' through AlienVault. My API key is 'api123456'.",
192
+ "Output": "getIndicatorForFileHashes(apiKey = 'api123456', fileHash = '1a2b3c4d5e', section = 'general')"
193
+ },
194
+ {
195
+ "Input": "Could AlienVault provide an analysis of the file hash '5e4d3c2b1a' with the API key 'key654321'?",
196
+ "Output": "getIndicatorForFileHashes(apiKey = 'key654321', fileHash = '5e4d3c2b1a', section = 'analysis')"
197
+ },
198
+ {
199
+ "Input": "I need the general metadata for the file hash '9f8e7d6c5b' from AlienVault, and my API key is 'uniqueKey789'.",
200
+ "Output": "getIndicatorForFileHashes(apiKey = 'uniqueKey789', fileHash = '9f8e7d6c5b', section = 'general')"
201
+ },
202
+ {
203
+ "Input": "Can you retrieve general metadata for the file hash '12345abcde67890fghij' using my API key 'xyz789'?",
204
+ "Output": "getIndicatorForFileHashes(apiKey = 'xyz789', fileHash = '12345abcde67890fghij', section = 'general')"
205
+ },
206
+ {
207
+ "Input": "I need to perform a dynamic and static analysis of the file hash 'abcd1234efgh5678ijkl' with my 'myKey123' API key.",
208
+ "Output": "getIndicatorForFileHashes(apiKey = 'myKey123', fileHash = 'abcd1234efgh5678ijkl', section = 'analysis')"
209
+ },
210
+ {
211
+ "Input": "Can you provide general information about the URL 'http://example.com' using my AlienVault API key 'abc123'?",
212
+ "Output": "getIndicatorForUrl(apiKey = 'abc123', url = 'http://example.com', section = 'general')"
213
+ },
214
+ {
215
+ "Input": "I need a full URL analysis from AlienVault Labs for 'https://testsite.org'. My API key is 'xyz789'.",
216
+ "Output": "getIndicatorForUrl(apiKey = 'xyz789', url = 'https://testsite.org', section = 'url_list')"
217
+ },
218
+ {
219
+ "Input": "Using AlienVault, could you fetch the historical and geographic information for 'http://mywebsite.net' with the API key '123abc'?",
220
+ "Output": "getIndicatorForUrl(apiKey = '123abc', url = 'http://mywebsite.net', section = 'general')"
221
+ },
222
+ {
223
+ "Input": "Please access the complete URL analysis data for 'https://somesite.com' from AlienVault using the key '789xyz'.",
224
+ "Output": "getIndicatorForUrl(apiKey = '789xyz', url = 'https://somesite.com', section = 'url_list')"
225
+ },
226
+ {
227
+ "Input": "Could you retrieve general details for the URL 'http://info-site.com' through AlienVault with my API key 'key123'?",
228
+ "Output": "getIndicatorForUrl(apiKey = 'key123', url = 'http://info-site.com', section = 'general')"
229
+ },
230
+ {
231
+ "Input": "Show me the historical geographic data related to 'http://uniqueurl.com' using AlienVault. My API key is 'key456'.",
232
+ "Output": "getIndicatorForUrl(apiKey = 'key456', url = 'http://uniqueurl.com', section = 'general')"
233
+ },
234
+ {
235
+ "Input": "For the website 'https://examplepage.com', could you use my AlienVault API key '987abc' to get a comprehensive URL analysis?",
236
+ "Output": "getIndicatorForUrl(apiKey = '987abc', url = 'https://examplepage.com', section = 'url_list')"
237
+ },
238
+ {
239
+ "Input": "I'm interested in the AlienVault's general section data for 'http://sitequery.net'. Here's my API key: '321xyz'.",
240
+ "Output": "getIndicatorForUrl(apiKey = '321xyz', url = 'http://sitequery.net', section = 'general')"
241
+ },
242
+ {
243
+ "Input": "Using AlienVault, how can I get detailed URL analysis for 'https://webcheck.org' with the API key '654def'?",
244
+ "Output": "getIndicatorForUrl(apiKey = '654def', url = 'https://webcheck.org', section = 'url_list')"
245
+ },
246
+ {
247
+ "Input": "Can AlienVault provide me with the general section information for 'http://infoquery.com' using the API key '789ghi'?",
248
+ "Output": "getIndicatorForUrl(apiKey = '789ghi', url = 'http://infoquery.com', section = 'general')"
249
+ },
250
+ {
251
+ "Input": "Can you provide the MITRE CVE data for CVE-2021-34527 using AlienVault with my API key 'xyz789'?",
252
+ "Output": "getIndicatorForCVE(apiKey = 'xyz789', cve = 'CVE-2021-34527', section = 'General')"
253
+ },
254
+ {
255
+ "Input": "I need to get any pulses associated with CVE-2017-0144. My API key is '123abc'.",
256
+ "Output": "getIndicatorForCVE(apiKey = '123abc', cve = 'CVE-2017-0144', section = 'General')"
257
+ },
258
+ {
259
+ "Input": "Using my API key '456def', can you fetch the list of sections available for CVE-2019-0708 from AlienVault?",
260
+ "Output": "getIndicatorForCVE(apiKey = '456def', cve = 'CVE-2019-0708', section = 'General')"
261
+ },
262
+ {
263
+ "Input": "I want to check the information on AlienVault for CVE-2018-8174 with my API key '789ghi'.",
264
+ "Output": "getIndicatorForCVE(apiKey = '789ghi', cve = 'CVE-2018-8174', section = 'General')"
265
+ },
266
+ {
267
+ "Input": "Retrieve MITRE CVE data for CVE-2020-0601 using my API key 'abc123' from AlienVault.",
268
+ "Output": "getIndicatorForCVE(apiKey = 'abc123', cve = 'CVE-2020-0601', section = 'General')"
269
+ },
270
+ {
271
+ "Input": "What are the latest updates in AlienVault for the CVE identifier 'CVE-2015-1635' using the API key 'key123'?",
272
+ "Output": "getIndicatorForCVE(apiKey = 'key123', cve = 'CVE-2015-1635', section = 'General')"
273
+ },
274
+ {
275
+ "Input": "Using the API key 'myKey456', can you look up the general information about CVE-2022-21882 on AlienVault?",
276
+ "Output": "getIndicatorForCVE(apiKey = 'myKey456', cve = 'CVE-2022-21882', section = 'General')"
277
+ },
278
+ {
279
+ "Input": "Could you retrieve data related to the Common Vulnerabilities and Exposures entry 'CVE-2016-10033' from AlienVault with my API key '789Key'?",
280
+ "Output": "getIndicatorForCVE(apiKey = '789Key', cve = 'CVE-2016-10033', section = 'General')"
281
+ },
282
+ {
283
+ "Input": "Please access AlienVault's data for CVE-2020-1472 using the API key 'api789xyz'. I'm interested in the general overview.",
284
+ "Output": "getIndicatorForCVE(apiKey = 'api789xyz', cve = 'CVE-2020-1472', section = 'General')"
285
+ },
286
+ {
287
+ "Input": "Is there any information on AlienVault about CVE-2018-12126 with my API key 'keyABC123'?",
288
+ "Output": "getIndicatorForCVE(apiKey = 'keyABC123', cve = 'CVE-2018-12126', section = 'General')"
289
+ },
290
+ {
291
+ "Input": "Can you get the general information about NIDS with ID 123456 using my AlienVault API key 'xyz789'?",
292
+ "Output": "getIndicatorForNIDS(apiKey = 'xyz789', nids = '123456', section = 'General')"
293
+ },
294
+ {
295
+ "Input": "Using AlienVault, I need to retrieve data for NIDS 654321 with my API key 'abc123'.",
296
+ "Output": "getIndicatorForNIDS(apiKey = 'abc123', nids = '654321', section = 'General')"
297
+ },
298
+ {
299
+ "Input": "Please fetch NIDS information for ID 987654 using section 'General' with the API key 'def456'.",
300
+ "Output": "getIndicatorForNIDS(apiKey = 'def456', nids = '987654', section = 'General')"
301
+ },
302
+ {
303
+ "Input": "I want to access general metadata about the NIDS with ID 456789. My API key for AlienVault is 'ghi789'.",
304
+ "Output": "getIndicatorForNIDS(apiKey = 'ghi789', nids = '456789', section = 'General')"
305
+ },
306
+ {
307
+ "Input": "Retrieve general NIDS information for ID 321654 using my API key 'jkl012' with AlienVault.",
308
+ "Output": "getIndicatorForNIDS(apiKey = 'jkl012', nids = '321654', section = 'General')"
309
+ },
310
+ {
311
+ "Input": "Using the AlienVault platform, could you provide the general metadata for the NIDS identified by 112233? I'll be using the API key 'key123'.",
312
+ "Output": "getIndicatorForNIDS(apiKey = 'key123', nids = '112233', section = 'General')"
313
+ },
314
+ {
315
+ "Input": "I'm interested in the general section details of the NIDS with the identifier 334455. My API access is through 'key456'.",
316
+ "Output": "getIndicatorForNIDS(apiKey = 'key456', nids = '334455', section = 'General')"
317
+ },
318
+ {
319
+ "Input": "For my security analysis, I need the general details from AlienVault for NIDS ID 556677, using my provided API key 'key789'.",
320
+ "Output": "getIndicatorForNIDS(apiKey = 'key789', nids = '556677', section = 'General')"
321
+ },
322
+ {
323
+ "Input": "Query AlienVault for general information on NIDS number 778899, using the API key 'key101'.",
324
+ "Output": "getIndicatorForNIDS(apiKey = 'key101', nids = '778899', section = 'General')"
325
+ },
326
+ {
327
+ "Input": "I'd like to access the general metadata from AlienVault for the NIDS with ID 990011, with the API key 'key202' please.",
328
+ "Output": "getIndicatorForNIDS(apiKey = 'key202', nids = '990011', section = 'General')"
329
+ },
330
+ {
331
+ "Input": "Can you retrieve general information about the correlation rule with ID '1234567890abcdef' using my API key 'xyz987'?",
332
+ "Output": "getIndicatorForCorrelationRules(apiKey = 'xyz987', correlationRule = '1234567890abcdef', section = 'general')"
333
+ },
334
+ {
335
+ "Input": "I need details on the correlation rule 'abcdef1234567890' using the API key 'abc123'.",
336
+ "Output": "getIndicatorForCorrelationRules(apiKey = 'abc123', correlationRule = 'abcdef1234567890', section = 'general')"
337
+ },
338
+ {
339
+ "Input": "Using API key 'mykey999', fetch the general metadata for the correlation rule identified by 'fedcba0987654321'.",
340
+ "Output": "getIndicatorForCorrelationRules(apiKey = 'mykey999', correlationRule = 'fedcba0987654321', section = 'general')"
341
+ },
342
+ {
343
+ "Input": "Please provide information on the correlation rule with ID '0011223344556677' using the API key 'key123abc'.",
344
+ "Output": "getIndicatorForCorrelationRules(apiKey = 'key123abc', correlationRule = '0011223344556677', section = 'general')"
345
+ },
346
+ {
347
+ "Input": "Access the correlation rule '7766554433221100' using 'superkey321' to get its general metadata.",
348
+ "Output": "getIndicatorForCorrelationRules(apiKey = 'superkey321', correlationRule = '7766554433221100', section = 'general')"
349
+ },
350
+ {
351
+ "Input": "Show me the basic details for the correlation rule 'abc123def456' using my AlienVault key 'key789'.",
352
+ "Output": "getIndicatorForCorrelationRules(apiKey = 'key789', correlationRule = 'abc123def456', section = 'general')"
353
+ },
354
+ {
355
+ "Input": "I'd like to see the general metadata associated with the correlation rule '654321fedcba', and I'll use the API key '987zyx'.",
356
+ "Output": "getIndicatorForCorrelationRules(apiKey = '987zyx', correlationRule = '654321fedcba', section = 'general')"
357
+ },
358
+ {
359
+ "Input": "Could you pull up information on correlation rule ID '001122aabbcc' using the API key 'mySpecialKey123'?",
360
+ "Output": "getIndicatorForCorrelationRules(apiKey = 'mySpecialKey123', correlationRule = '001122aabbcc', section = 'general')"
361
+ },
362
+ {
363
+ "Input": "What can you tell me about the general aspects of the correlation rule 'ffeeddccbbaa' with my API key 'keyABC123'?",
364
+ "Output": "getIndicatorForCorrelationRules(apiKey = 'keyABC123', correlationRule = 'ffeeddccbbaa', section = 'general')"
365
+ },
366
+ {
367
+ "Input": "Using my AlienVault API key 'uniqueKey321', find the general data for the correlation rule identified by '12345abcde67890'.",
368
+ "Output": "getIndicatorForCorrelationRules(apiKey = 'uniqueKey321', correlationRule = '12345abcde67890', section = 'general')"
369
+ }
370
+
371
+ ]
data/Places_API.jsonl ADDED
@@ -0,0 +1,48 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ {"input": "Give me restaurants near me?", "Output": "find_places_near_location(type_of_place=['restaurant'], location=get_current_location())"}
2
+ {"input": "What are some good food near me? sort_results(places=get_recommendations(topics=['food'], lat_long=get_latitude_longitude(location=get_current_location())), sort='rating', ascending=True)", "Output": "sort_results(places=get_recommendations(topics=['food'], lat_long=get_latitude_longitude(location=get_current_location())), sort='rating', ascending=True)"}
3
+ {"input": "Hey where is New York?", "Output": "get_latitude_longitude('New York')"}
4
+ {"input": "Can you get me reviews for So Gong Tofu House and Blargh Food House and compare the reviews?", "Output": "get_some_reviews([\"So Gong Tofu House\", \"Blargh Food House\"])"}
5
+ {"input": "What's the current sentiment about McDonalds in Palo Alto?", "Output": "get_some_reviews(['McDonalds'], 'Palo Alto')"}
6
+ {"input": "What are good Mexican food within about 5 miles of the Houston Airport in Texas?", "Output": "find_places_near_location(['Mexican food'], 'Houston Airport, Texas', radius_miles=5)"}
7
+ {"input": "Can you get me the nearest restaurants to me?", "Output": "find_places_near_location(['restaurant'], get_current_location())"}
8
+ {"input": "How far away is the nearest McDonalds to me?", "Output": "get_distance(get_current_location(), find_places_near_location(['McDonalds'], get_current_location()))"}
9
+ {"input": "Can you get me good baguettes around the Eiffel Tower in Paris?", "Output": "get_recommendations([\"baguettes\"], get_latitude_longitude(\"Eiffel Tower in Paris\"))"}
10
+ {"input": "Can you get me good tourist stuff in Milan?", "Output": "sort_results(places=get_recommendations(topics=['tourist'], lat_long=get_latitude_longitude(location='Milan')), sort='rating', ascending=True)"}
11
+ {"input": "Get me good italian food near the Walk of Frame Milan?", "Output": "sort_results(places=get_recommendations(topics=['italian food'], lat_long=get_latitude_longitude(location='Walk of Fame Milan')), sort='rating', ascending=True)"}
12
+ {"input": "How far away is Teatro alla Scala in Milan from Parco Sempione in Milan?", "Output": "get_distance(\"Teatro alla Scala in Milan\", \"Parco Sempione in Milan\")"}
13
+ {"input": "Get me good pasta in Milan that is also very cheap?", "Output": "sort_results(places=get_recommendations(topics=['pasta'], lat_long=get_latitude_longitude(location='Milan')), sort='price', ascending=True)"}
14
+ {"input": "Where am I?", "Output": "get_current_location()"}
15
+ {"input": "What are people saying about Ramen Nagi, So Gong, and McDonalds and how would you compare them? Also, after that, get me the distance from Ramen Nagi and So Gong?", "Output": "get_some_reviews(['Ramen Nagi', 'So Gong', 'McDonalds']); get_distance('Ramen Nagi', 'So Gong')"}
16
+ {"input": "What is the distance between San Jose and New York, and also what's the distance between New York and New Jersey? Get me the coordinates for San Jose.", "Output": "get_distance('San Jose', 'New York'); get_distance('New York', 'New Jersey'); get_latitude_longitude('San Jose')"}
17
+ {"input": "Would you say McDonalds in Palo Alto is better than McDonalds in Menlo Park?", "Output": "get_some_reviews([\"McDonalds\"], \"Palo Alto\"); get_some_reviews([\"McDonalds\"], \"Menlo Park\")"}
18
+ {"input": "I heard that people say McDonalds in Japan is classier than the one in Palo Alto. Can you confirm?", "Output": "get_some_reviews([\"McDonalds\"], \"Japan\"); get_some_reviews([\"McDonalds\"], \"Palo Alto\")"}
19
+ {"input": "What are people saying about McDonalds in Japan compared to one in Palo Alto?", "Output": "get_some_reviews([\"McDonalds\"], \"Japan\"); get_some_reviews([\"McDonalds\"], \"Palo Alto\")"}
20
+ {"input": "Can you get me reviews for McDonalds in Japan and compare the reviews with it for McDonalds in Palo Alto?", "Output": "get_some_reviews(['McDonalds'], 'Japan'); get_some_reviews(['McDonalds'], 'Palo Alto')"}
21
+ {"input": "Can you list me hostels that are cheaper than $200 per night? I need the place to be within 20 miles from San Francisco City Hall.", "Output": "sort_results(find_places_near_location(['hostel'], 'San Francisco City Hall', 20), 'price', True)"}
22
+ {"input": "Can you get me some luxurious hotels in San Francisco? Start from like the most luxurious ones.", "Output": "sort_results(places=get_recommendations(topics=['luxury hotels'], lat_long=get_latitude_longitude(location='San Francisco')), sort='rating', ascending=False) "}
23
+ {"input": "Can you get me the cheapest hotels in San Fransisco?", "Output": "sort_results(places=get_recommendations(topics=['hotel'], lat_long=get_latitude_longitude(location='San Francisco')), sort='price', ascending=True)"}
24
+ {"input": "What's reviews for \u30b3\u30d9\u30f3\u30c8\u30ea\u30fc\u30e2\u30fc\u30bf\u30fc\u30a4\u30f3?", "Output": "get_some_reviews([\"\u30b3\u30d9\u30f3\u30c8\u30ea\u30fc\u30e2\u30fc\u30bf\u30fc\u30a4\u30f3\"])"}
25
+ {"input": "Why do people say Ritz-Carlton is so fancy?", "Output": "get_some_reviews([\"Ritz-Carlton\"])"}
26
+ {"input": "Can you get me the best recommendations for hotels that are cheap in New York, Sydney, and San Jose?", "Output": "sort_results(find_places_near_location(['hotel'], 'New York', 50), 'price', True); sort_results(find_places_near_location(['hotel'], 'Sydney', 50), 'price', True); sort_results(find_places_near_location(['hotel'], 'San Jose', 50), 'price', True)"}
27
+ {"input": "I'm planning a trip to Austin next month. Can you suggest a list of top-rated restaurants and historical sites near my hotel in downtown Austin?", "Output": "sort_results(places=get_recommendations(topics=['restaurant', 'historical site'], lat_long=get_latitude_longitude(location='Austin')), sort='rating', ascending=True)"}
28
+ {"input": "What are people saying about the Louvre? Also what's some good eats near by the Louvre? Both be in Paris please", "Output": "get_some_reviews(['Louvre'], 'Paris'); find_places_near_location(['restaurant'], 'Louvre, Paris')"}
29
+ {"input": "Can you get me the reviews for the Louvre in Paris? Also, I want to eat near that while visiting Louvre, find me something?", "Output": "get_some_reviews(['Louvre'], 'Paris'); find_places_near_location(['restaurant'], 'Louvre, Paris')"}
30
+ {"input": "Find me some live music venues and theaters near Times Square, New York, and sort them by distance and rating.", "Output": "sort_results(find_places_near_location(['live music venues', 'theaters'], 'Times Square, New York'), 'distance', True)"}
31
+ {"input": "I am going to be in Los Angeles Airport. Can you get me the best tourist places and places to eat within roughly 10 miles from my current location?", "Output": "sort_results(places=find_places_near_location(type_of_place=['tourist_attraction', 'restaurant'], location=get_latitude_longitude(location='Los Angeles Airport')), sort='distance', ascending=True)"}
32
+ {"input": "Get me the deets on Cha Cha Chicken?", "Output": "get_some_reviews(['Cha Cha Chicken'])"}
33
+ {"input": "Get me some good vegetarian Chinese food in San Francisco, and while you're at it, can you find some good Mexican food near me?", "Output": "find_places_near_location(['vegetarian', 'Chinese'], 'San Francisco'); find_places_near_location(['Mexican'], get_current_location())"}
34
+ {"input": "Get me the cheapest hotels in Hong Kong and Singapore?", "Output": "sort_results(find_places_near_location(['hotel'], 'Hong Kong'), 'price', True); sort_results(find_places_near_location(['hotel'], 'Singapore'), 'price', True)"}
35
+ {"input": "Get me the distance between my location and McRitchie Resovoire in Singapore?", "Output": "get_distance(get_current_location(), \"McRitchie Reservoir in Singapore\")"}
36
+ {"input": "Find me good food near San Francisco?", "Output": "sort_results(places=get_recommendations(topics=['food'], lat_long=get_latitude_longitude(location='San Francisco')), sort='rating', ascending=True)"}
37
+ {"input": "What are some ski resorts in Tahoe? Also what's some good food near Reno?", "Output": "find_places_near_location(['ski resort'], 'Tahoe'); get_some_reviews(['food'], 'Reno')"}
38
+ {"input": "Get me good food near me please, and also get me good food near Reno?", "Output": "sort_results(places=get_recommendations(topics=['food'], lat_long=get_latitude_longitude(location=get_current_location())), sort='distance', ascending=True); sort_results(places=get_recommendations(topics=['food'], lat_long=get_latitude_longitude(location='Reno')), sort='distance', ascending=True); "}
39
+ {"input": "What are good food that are also vegetarian friendly in Reno, maybe within around 10 miles around Virginia St?", "Output": "find_places_near_location(['vegetarian food'], 'Virginia St, Reno', 10)"}
40
+ {"input": "Find me the cheapest restaurants in Reno?", "Output": "sort_results(find_places_near_location(['restaurant'], 'Reno'), 'price', True)"}
41
+ {"input": "What are the tourist places that are closest to the Reno airport?", "Output": "sort_results(find_places_near_location(['tourist'], 'Reno Airport'), 'distance', True)"}
42
+ {"input": "Can you please compare the reviews for Ippudo Ramen, Ramen Nagi and Yayoi Cupertino?", "Output": "get_some_reviews([\"Ippudo Ramen\", \"Ramen Nagi\", \"Yayoi Cupertino\"], \"Cupertino\")"}
43
+ {"input": "Do people prefer Jinya in Austin or Jinya in San Jose?", "Output": "get_some_reviews([\"Jinya\"], \"Austin\"); get_some_reviews([\"Jinya\"], \"San Jose\")"}
44
+ {"input": "Can you please get me the reviews for Jinya in Austin and get me the reviews for Jinya in San Jose and tell me which is better?", "Output": "get_some_reviews(place_names=['Jinya'], location='Austin'); get_some_reviews(place_names=['Jinya'], location='San Jose'); "}
45
+ {"input": "What are some fun things to do in Reno that are also cheap?", "Output": "sort_results(places=get_recommendations(topics=['fun', 'cheap'], lat_long=get_latitude_longitude(location='Reno')), sort='price', ascending=True) "}
46
+ {"input": "I am hurt, what should I do?", "Output": "find_places_near_location(['hospital'], get_current_location())"}
47
+ {"input": "I am hungry", "Output": "get_recommendations(topics=['food'], lat_long=get_latitude_longitude(location=get_current_location()))"}
48
+ {"input": "My friend is pretty cheap but hes kinda hungry, help?", "Output": "sort_results(places=get_recommendations(topics=['food'], lat_long=get_latitude_longitude(location=get_current_location())), sort='price', ascending=True) "}
data/VT_MultiAPIs_Disconnected.json ADDED
@@ -0,0 +1,87 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ [
2
+ {
3
+ "Input": "Can you provide me the related comments and URLs, for the domain 'example.com' using the API key '123456'?",
4
+ "Output": [ "vt_get_objects_related_to_domain('example.com', 'comments', '123456')", "vt_get_objects_related_to_domain('example.com', 'urls', '123456')" ]
5
+ },
6
+ {
7
+ "Input": "Can you retrieve reports for the domains 'amazon.com' and 'google.com' using my API key '123456'? Also, get all objects related to 'amazon.com' for the relationship 'subdomains' with the same API key and return up to 10 results.",
8
+ "Output": [ "vt_get_multiple_domain_reports(['amazon.com', 'google.com'], '123456')", "vt_get_objects_related_to_domain('amazon.com', 'subdomains', '123456', 10)" ]
9
+ },
10
+ {
11
+ "Input": "What are the DNS resolutions of the parent domain and subdomains of the domain 'example.com', given that my API key is '123456'?",
12
+ "Output": [ "vt_get_objects_related_to_domain(vt_get_objects_related_to_domain('example.com', 'parent', '123456'), 'resolutions', '123456')", "vt_get_objects_related_to_domain(vt_get_objects_related_to_domain('example.com', 'subdomains', '123456'), 'resolutions', '123456')" ]
13
+ },
14
+ {
15
+ "Input": "What are the comments on the 'example.com' and 'test.com' domains, and what threat actors are related to 'example.com'? Please find this data for me using my API key '123456'.",
16
+ "Output": [ "vt_get_comments_on_multiple_domains(['example.com', 'test.com'], '123456')", "vt_get_objects_related_to_domain('example.com', 'related_threat_actors', '123456')" ]
17
+ },
18
+ {
19
+ "Input": "Could you retrieve all comments and related threat actors associated with the domains 'example.com' and 'testsite.org' through the VirusTotal API? Also, make sure to limit the retrieved data to the first 200 records for each domain. Here's my API key: '12345abc'.",
20
+ "Output": [ "vt_get_comments_on_multiple_domains(['example.com', 'testsite.org'], '12345abc', 200)", "vt_get_objects_related_to_domain('example.com', 'related_threat_actors', '12345abc', 200)", "vt_get_objects_related_to_domain('testsite.org', 'related_threat_actors', '12345abc', 200)" ]
21
+ },
22
+ {
23
+ "Input": "What are the threat actors related to the domain 'example.com' and what is their primary source region? Please limit the response to the top 10 results. Use my API key 'abc123'.",
24
+ "Output": [ "vt_get_objects_related_to_domain(domain='example.com', relationship='related_threat_actors', x_apikey='abc123', limit=10)", "vt_get_threat_actors_main_source_region(threat_actors=vt_get_objects_related_to_domain(domain='example.com', relationship='related_threat_actors', x_apikey='abc123', limit=10), x_apikey='abc123')" ]
25
+ },
26
+ {
27
+ "Input": "From which region is the threat actor related to the IP address '34.74.55.1'? Also, I am primarily interested in other objects related to URLs and my API key is 'A1B2C3D4E5'.",
28
+ "Output": [ "vt_get_threat_actors_main_source_region(vt_get_objects_related_to_ip_address('34.74.55.1', 'related_threat_actors', 'A1B2C3D4E5'), 'A1B2C3D4E5')", "vt_get_objects_related_to_ip_address('34.74.55.1', 'urls', 'A1B2C3D4E5')" ]
29
+ },
30
+ {
31
+ "Input": "Could you please verify if there are valid SSL certificates in the historical data of the domain 'example.com'? If available, could you list all the objects related to the 'example.com' domain such as communicating files, graphs, and other domain's related objects. Also, could you limit it to the first 50 records for review? My API key is 'ABC123'.",
32
+ "Output": [ "vt_validate_historical_ssl_certificates(historical_ssl_certificates=vt_get_objects_related_to_domain('example.com', 'historical_ssl_certificates', 'ABC123'), x_apikey='ABC123')", "vt_get_objects_related_to_domain(domain='example.com', relationship='caa_records', x_apikey='ABC123', limit=50)", "vt_get_objects_related_to_domain(domain='example.com', relationship='communicating_files', x_apikey='ABC123', limit=50)", "vt_get_objects_related_to_domain(domain='example.com', relationship='graphs', x_apikey='ABC123', limit=50)", "vt_get_objects_related_to_domain(domain='example.com', relationship='related_objects', x_apikey='ABC123', limit=50)" ]
33
+ },
34
+ {
35
+ "Input": "Can you use the functions to get reports on the bbc.com domain and all of its sibling domains' records using my API key '12345678abcd'? Please provide me with data on up to 50 records.",
36
+ "Output": [ "vt_get_multiple_domain_reports(['bbc.com'], '12345678abcd')", "vt_get_multiple_domain_reports(vt_get_objects_related_to_domain('bbc.com', 'siblings', '12345678abcd', 50), '12345678abcd')" ]
37
+ },
38
+ {
39
+ "Input": "Can you gather all the reports for the list of domains ['google.com', 'yahoo.com'] using my API key '12345', and could you also fetch and display all the sibling domains for 'google.com'?",
40
+ "Output": [ "vt_get_multiple_domain_reports(['google.com', 'yahoo.com'], '12345')", "vt_get_objects_related_to_domain('google.com', 'siblings', '12345')" ]
41
+ },
42
+ {
43
+ "Input": "Can you retrieve all the comments related to the domain 'example.com' and its subdomains? Also, could you provide any information about the 'threat actors' associated with the 'example.com' domain? Please use API key '123ApiKey' and retrieve a maximum of 50 comments.",
44
+ "Output": [ "vt_get_comments_on_domain('example.com', '123ApiKey', 50)", "vt_get_comments_on_multiple_domains(vt_get_objects_related_to_domain('example.com', 'subdomains', '123ApiKey') , '123ApiKey', 50)", "vt_get_objects_related_to_domain('example.com', 'related_threat_actors', '123ApiKey', 50)" ]
45
+ },
46
+ {
47
+ "Input": "What are the immediate parents of the domain 'xyz.com' and what are the comments on multiple domains including 'xyz.com', 'abc.com', and 'lmn.com'? Please use API key '8G7L5S'",
48
+ "Output": [ "vt_get_objects_related_to_domain(domain='xyz.com', relationship='immediate_parent', x_apikey='8G7L5S')", "vt_get_comments_on_multiple_domains(domains=['xyz.com', 'abc.com', 'lmn.com'], x_apikey='8G7L5S')" ]
49
+ },
50
+ {
51
+ "Input": "What are the immediate parent domains for the websites 'testsite.com', and what are the community comments made on these parent domains? Use API key '4D9M23C'",
52
+ "Output": [ "vt_get_objects_related_to_domain('testsite.com', 'immediate_parent', '4D9M23C')", "vt_get_comments_on_multiple_domains(vt_get_objects_related_to_domain('testsite.com', 'immediate_parent', '4D9M23C'), '4D9M23C')" ]
53
+ },
54
+ {
55
+ "Input": "What are all the objects related to the domain 'example.com' based on the 'comments' relationship, and could you also provide a report for the domains 'example.com' and 'test.com' using my API key '123ABC'?",
56
+ "Output": [ "vt_get_objects_related_to_domain(domain='example.com', relationship='comments', x_apikey='123ABC')", "vt_get_multiple_domain_reports(domains=['example.com', 'test.com'], x_apikey='123ABC')" ]
57
+ },
58
+ {
59
+ "Input": "What is the associated historical whois information and related threat actors for the IP address '192.0.2.0' obtained by using my API key '123abc'?",
60
+ "Output": [ "vt_get_object_descriptors_related_to_ip_address(ip='192.0.2.0', relationship='historical_whois', x_apikey='123abc')", "vt_get_object_descriptors_related_to_ip_address(ip='192.0.2.0', relationship='related_threat_actors', x_apikey='123abc')" ]
61
+ },
62
+ {
63
+ "Input": "What are the mx records, related threat actors, and the communicating files of the domain 'example.com' using my API key '123ABC', and can you limit the response to 5 items?",
64
+ "Output": [ "vt_get_object_descriptors_related_to_domain('example.com', 'mx_records', '123ABC', 5)", "vt_get_object_descriptors_related_to_domain('example.com', 'related_threat_actors', '123ABC', 5)", "vt_get_object_descriptors_related_to_domain('example.com', 'communicating_files', '123ABC', 5)" ]
65
+ },
66
+ {
67
+ "Input": "What was the last analysis date recorded by VirusTotal for the domain 'example.com' and 'test.com'? Please remember to use the API key '123456ab'.",
68
+ "Output": [ "vt_get_last_analysis_date_from_report(vt_get_domain_report('example.com', '123456ab'))", "vt_get_last_analysis_date_from_report(vt_get_domain_report('test.com', '123456ab'))" ]
69
+ },
70
+ {
71
+ "Input": "Can you please gather all the comments and votes related to the domain 'example.com', using my API key '123456'? Also, could you repeat this process for a second domain, 'test.com', and provide me the cumulative comments for these two domains?",
72
+ "Output": [ "vt_get_objects_related_to_domain('example.com', 'comments', '123456')", "vt_get_objects_related_to_domain('example.com', 'user_votes', '123456')", "vt_get_objects_related_to_domain('test.com', 'comments', '123456')", "vt_get_objects_related_to_domain('test.com', 'user_votes', '123456')", "vt_get_comments_on_multiple_domains(['example.com', 'test.com'], '123456')" ]
73
+ },
74
+ {
75
+ "Input": "What is the source region of related threat actors to the domain 'example.com', and list any comments related to 'example.com' from the community? Please use api key '123456ab'",
76
+ "Output": [ "vt_get_threat_actors_main_source_region(vt_get_objects_related_to_domain('example.com', 'related_threat_actors', '123456ab'), '123456ab')", "vt_get_objects_related_to_domain('example.com', 'comments', '123456ab')" ]
77
+ },
78
+ {
79
+ "Input": "How can I retrieve reports for the domains 'google.com' and 'facebook.com' using my API key '12345' and get all the objects related to the domain 'google.com', specifically the 'user_votes' relationship, with my API key '12345' and a limit of 10?",
80
+ "Output": [ "vt_get_multiple_domain_reports(domains=['google.com', 'facebook.com'], x_apikey='12345')", "vt_get_objects_related_to_domain(domain='google.com', relationship='user_votes', x_apikey='12345', limit=10)" ]
81
+ },
82
+ {
83
+ "Input": "How many comments are there in total on the IP addresses '192.168.0.1' and '192.168.0.2'? For the API calls, use the API key '123456'",
84
+ "Output": [ "calculate_sum_of_numbers(count_items_in_list(vt_get_comments_on_ip_address('192.168.0.1', '123456')), count_items_in_list(vt_get_comments_on_ip_address('192.168.0.2', '123456')))" ]
85
+ }
86
+
87
+ ]
data/VT_MultiAPIs_Nested.json ADDED
@@ -0,0 +1,195 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ [
2
+ {
3
+ "Input": "What is the majority vote from the votes returned by IP address '192.168.1.1'?",
4
+ "Output": "vt_get_majority_vote(vt_get_votes_on_ip_address('192.168.1.1'))"
5
+ },
6
+ {
7
+ "Input": "Could you please tell me the last analysis date in the format 'YYYY/MM/DD' for the domain report collected by VirusTotal for a specific IP address? Assume we have the IP address '12.345.678.90' and API key '09A7F9B0S3M9X756B3D5N4C22X1Y5C12'.",
8
+ "Output": "convert_unix_timestamp_to_date(vt_get_last_analysis_date_from_report(vt_get_ip_address_report('12.345.678.90', '09A7F9B0S3M9X756B3D5N4C22X1Y5C12')))"
9
+ },
10
+ {
11
+ "Input": "What was the date of the last analysis submitted to VirusTotal for the domain 'example.com' using the API key '1234abcd'? Please return the result in the 'YYYY/MM/DD' format",
12
+ "Output": "convert_unix_timestamp_to_date(vt_get_last_analysis_date_from_report(vt_get_domain_report('example.com', '1234abcd')))"
13
+ },
14
+ {
15
+ "Input": "Can you determine if the last analysis date of the domain report, retrieved from VirusTotal using a IP address '176.762.91.012' and API key '6A47Z90', falls within the date range of '2022/01/01' and '2022/12/31'?",
16
+ "Output": "vt_is_date_within_range(vt_get_last_analysis_date_from_report(vt_get_ip_address_report(ip='176.762.91.012', x_apikey='6A47Z90')), start='2022/01/01', end='2022/12/31')"
17
+ },
18
+ {
19
+ "Input": "Can you help me find out if the last VirusTotal analysis of my website example.com was after 2023/06? My API key is '12345678'.",
20
+ "Output": "vt_is_date_within_range(vt_get_last_analysis_date_from_report(vt_get_domain_report('example.com', '12345678')), start='2023/06')"
21
+ },
22
+ {
23
+ "Input": "What are all the objects related to the domain 'example.com', especially in terms of the related threat actors, and when were these threat actors last modified? Also, I have the API key '123abc' and would like to limit the results to top 50.",
24
+ "Output": "vt_get_threat_actors_latest_modification_date(vt_get_objects_related_to_domain('example.com', 'related_threat_actors', '123abc', 50), '123abc')"
25
+ },
26
+ {
27
+ "Input": "What was the last modification date of the threat actors related to the IP address '192.168.1.2'? For this operation, we are using the API Key 'ABC123'.",
28
+ "Output": "vt_get_threat_actors_latest_modification_date(vt_get_objects_related_to_ip_address('192.168.1.2', 'related_threat_actors', 'ABC123'), 'ABC123')"
29
+ },
30
+ {
31
+ "Input": "What is the main source region of the related threat actors associated with the IP address 192.0.2.0? Use my api key 'ABC123'.",
32
+ "Output": "vt_get_threat_actors_main_source_region(vt_get_objects_related_to_ip_address('192.0.2.0', 'related_threat_actors', 'ABC123'), 'ABC123')"
33
+ },
34
+ {
35
+ "Input": "What source region do the threat actors related to the IP address '192.168.1.1' originate from, considering the limit of relationships to be 20 and using the API key '1234abcd'?",
36
+ "Output": "vt_get_threat_actors_main_source_region(vt_get_objects_related_to_ip_address('192.168.1.1', 'related_threat_actors', '1234abcd', 20), '1234abcd')"
37
+ },
38
+ {
39
+ "Input": "Can you check if there are any valid SSL certificates from the historical data of the related objects to my domain 'example.com'? Use 'historical_ssl_certificates' as the relationship for the search, and the API key is '12345'. Limit the search to maximum 30 results.",
40
+ "Output": "vt_validate_historical_ssl_certificates(vt_get_objects_related_to_domain('example.com', 'historical_ssl_certificates', '12345', limit=30), '12345')"
41
+ },
42
+ {
43
+ "Input": "Given a specific IP address 253.451.46.89, can you identify if there has been at least one valid SSL certificate associated with the IP address in its history? To assess this, use the provided API key 'Q6R8T4C' for validation.",
44
+ "Output": "vt_validate_historical_ssl_certificates(vt_get_objects_related_to_ip_address('253.451.46.89', 'historical_ssl_certificates', 'Q6R8T4C'), 'Q6R8T4C')"
45
+ },
46
+ {
47
+ "Input": "What information can be retrieved about the subdomains of the given domain example.com? Can we evaluate all reports for these subdomains? Use this API key '254Q7V'.",
48
+ "Output": "vt_get_multiple_domain_reports(domains=vt_get_objects_related_to_domain(domain='example.com', relationship='subdomains', x_apikey='254Q7V'), x_apikey='254Q7V')"
49
+ },
50
+ {
51
+ "Input": "What are the subdomains related to the domain 'example.com', and what are the posted comments for these subdomains? My API key is '254Q7V'",
52
+ "Output": "vt_get_comments_on_multiple_domains(vt_get_objects_related_to_domain('example.com', 'subdomains', '254Q7V'), '254Q7V')"
53
+ },
54
+ {
55
+ "Input": "How many siblings does the domain 'example.com' have, given that the API key is '123XYZ'?",
56
+ "Output": "count_items_in_list(input_list=vt_get_object_descriptors_related_to_domain(domain='example.com', relationship='siblings', x_apikey='123XYZ'))"
57
+ },
58
+ {
59
+ "Input": "How many comments are there on a IP address 152.678.234.60 provided that you use a specific API key '4D9M23C'?",
60
+ "Output": "count_items_in_list(vt_get_comments_on_ip_address('152.678.234.60', '4D9M23C'))"
61
+ },
62
+ {
63
+ "Input": "How many comments are there on the domain 'example.com' using the API key '1234-5678-9101-1213'?",
64
+ "Output": "count_items_in_list(vt_get_comments_on_domain('example.com', '1234-5678-9101-1213'))"
65
+ },
66
+ {
67
+ "Input": "Given a specific IP address '196.84.239.213' and domain 'www.travelplannow.com', can you tell me the date when this domain was resolved to this IP address? My API key is '123abc'.",
68
+ "Output": "extract_resolution_date(vt_get_dns_resolution_object('196.84.239.213www.travelplannow.com', x_apikey='123abc'))"
69
+ },
70
+ {
71
+ "Input": "What was the date when my IP address 241.342.56.78 resolved to my domain www.connectivitytechs.com? Could you describe this in the format 'YYYY/MM/DD'? Please use my API key '123abc'",
72
+ "Output": "convert_unix_timestamp_to_date(extract_resolution_date(vt_get_dns_resolution_object('241.342.56.78www.connectivitytechs.com', x_apikey='123abc')))"
73
+ },
74
+ {
75
+ "Input": "How can I get the votes on the IP address '192.168.0.1', and then add these votes to another IP address '172.16.254.1' with the 'apikey123' as the API Key?",
76
+ "Output": "vt_add_votes_to_ip_address('172.16.254.1', vt_get_votes_on_ip_address('192.168.0.1'), 'apikey123')"
77
+ },
78
+ {
79
+ "Input": "How many reports are there from VirusTotal for the following domains: 'example1.com', 'example2.com', and 'example3.com', given that my API key is '123456ab'?",
80
+ "Output": "count_items_in_list(vt_get_multiple_domain_reports(['example1.com', 'example2.com', 'example3.com'], '123456ab'))"
81
+ },
82
+ {
83
+ "Input": "How many comments are made on the domain 'stackoverflow.com'? Please ensure use of the API key '12345678' and limit the number of comments to 100 for efficiency.",
84
+ "Output": "count_items_in_list(vt_get_comments_on_domain('stackoverflow.com', '12345678', 100))"
85
+ },
86
+ {
87
+ "Input": "Could you please find out if the last analysis date from an IP address report generated on the domain www.example.com falls within the range of January 1st, 2021 to December 31st, 2021? Please assure to use my API key '123456789' for this operation.",
88
+ "Output": "vt_is_date_within_range(vt_get_last_analysis_date_from_report(vt_get_domain_report('www.example.com', '123456789')), '2021/01/01', '2021/12/31')"
89
+ },
90
+ {
91
+ "Input": "Could you provide me the information whether any SSL certificates associated historically with the domain 'example.com' are still valid? To verify their authenticity, please use my API key '123abc'.",
92
+ "Output": "vt_validate_historical_ssl_certificates(historical_ssl_certificates=vt_get_objects_related_to_domain(domain='example.com', relationship='historical_ssl_certificates', x_apikey='123abc'), x_apikey='123abc')"
93
+ },
94
+ {
95
+ "Input": "Can you retrieve the first comment on the 'github.com' domain using your API key 'ABCD1234' and then add that comment to ip address '192.0.2.0' using the same API key?",
96
+ "Output": "vt_add_comment_to_ip_address('192.0.2.0', get_first_object_from_list(vt_get_comments_on_domain(\"github.com\", \"ABCD1234\")), 'ABCD1234')"
97
+ },
98
+ {
99
+ "Input": "Can you first retrieve the comments from the domain 'examplesite.com', then select a random comment from those retrieved using your API key '123456', and add this comment to the IP address '192.168.1.1' using the same API key?",
100
+ "Output": "vt_add_comment_to_ip_address('192.168.1.1', get_random_object_from_list(vt_get_comments_on_domain('examplesite.com', '123456')), '123456')"
101
+ },
102
+ {
103
+ "Input": "I have an IP address '192.168.0.1' and my API key is '123456abc'. Can you retrieve the first comment from this IP address and then post that same comment to another IP address '192.168.8.8'?",
104
+ "Output": "vt_add_comment_to_ip_address('192.168.8.8', get_first_object_from_list(vt_get_comments_on_ip_address('192.168.0.1', '123456abc')), '123456abc')"
105
+ },
106
+ {
107
+ "Input": "What is the total number of comments on the domain 'example.com' and 'test.com' combined, if my API key is '1234abcd'?",
108
+ "Output": "calculate_sum_of_numbers(count_items_in_list(vt_get_comments_on_domain('example.com', '1234abcd')), count_items_in_list(vt_get_comments_on_domain('test.com', '1234abcd')))"
109
+ },
110
+ {
111
+ "Input": "Can you help me retrieve some comments from the IP address '192.168.1.1' using my API key '12345678'? From those comments, select a random one. Then, could you post that selected comment to another IP address '172.16.254.1' using the same API key?",
112
+ "Output": "vt_add_comment_to_ip_address('172.16.254.1', get_random_object_from_list(vt_get_comments_on_ip_address('192.168.1.1', '12345678')), '12345678')"
113
+ },
114
+ {
115
+ "Input": "Can you retrieve comments on an IP address '192.0.2.0' using an API key '12345', then from those comments, select a random one, and then add that random comment to another IP address '203.0.113.0' using the same API key?",
116
+ "Output": "vt_add_comment_to_ip_address('203.0.113.0', get_random_object_from_list(vt_get_comments_on_ip_address('192.0.2.0', '12345')), '12345')"
117
+ },
118
+ {
119
+ "Input": "How can I retrieve the first comment from a specific IP address, e.g. '192.0.2.0', using my API key '123456', and then add that comment to another IP address, say '203.0.113.0', using the same API key?",
120
+ "Output": "vt_add_comment_to_ip_address('203.0.113.0', get_first_object_from_list(vt_get_comments_on_ip_address('192.0.2.0', '123456')), '123456')"
121
+ },
122
+ {
123
+ "Input": "Can you first get the comments on the domain 'example.com' using your API key '123456', and then add the first comment returned to the IP address '192.0.2.0' using the same API key?",
124
+ "Output": "vt_add_comment_to_ip_address(ip='192.0.2.0', data=get_first_object_from_list(list_of_objects=vt_get_comments_on_domain(domain='example.com', x_apikey='123456')), x_apikey='123456')"
125
+ },
126
+ {
127
+ "Input": "How can I retrieve the votes for the IP address '192.168.1.1', then add those votes to another IP address '172.16.254.1' using my API key '12345678'?",
128
+ "Output": "vt_add_votes_to_ip_address('172.16.254.1', vt_get_votes_on_ip_address('192.168.1.1'), '12345678')"
129
+ },
130
+ {
131
+ "Input": "How many comments have been made on the domain 'example.com', given that my API key is '12345'?",
132
+ "Output": "count_items_in_list(vt_get_comments_on_domain('example.com', '12345'))"
133
+ },
134
+ {
135
+ "Input": "I am currently tracking malware activities at two different IP addresses, '192.0.2.0' and '198.51.100.0'. I already have my API key '1234abcd'. Using my key, how many total comments have been made for these two IP addresses from VirusTotal?",
136
+ "Output": "calculate_sum_of_numbers(count_items_in_list(vt_get_comments_on_ip_address('192.0.2.0', '1234abcd')), count_items_in_list(vt_get_comments_on_ip_address('198.51.100.0', '1234abcd')))"
137
+ },
138
+ {
139
+ "Input": "How many comments have been posted about the domain 'example.com' by the community? Please use my api key '1234abcd'.",
140
+ "Output": "count_items_in_list(vt_get_object_descriptors_related_to_domain(\"example.com\", \"comments\", \"1234abcd\"))"
141
+ },
142
+ {
143
+ "Input": "Can you tell me the date in Unix timestamp when the domain 'example.com' was last resolved to its respective IP address, using my API key '1234XYZ'?",
144
+ "Output": "extract_resolution_date(vt_get_dns_resolution_object('example.com', '1234XYZ'))"
145
+ },
146
+ {
147
+ "Input": "I have recently been tracking some potential cyber threats and I have noted a suspicious domain example.com which is resolving to an unusual IP address 192.0.2.0 identified by a specific ID 192.0.2.0example.com. I am quite interested in understanding when this domain-IP resolution happened. Could you help me retrieve the DNS resolution object using my API key '123abc', extract the resolution date, and convert this information from Unix timestamp format to a more human readable date format?",
148
+ "Output": "convert_unix_timestamp_to_date(extract_resolution_date(vt_get_dns_resolution_object('192.0.2.0example.com', '123abc')))"
149
+ },
150
+ {
151
+ "Input": "Can you determine which category received the majority of votes on the IP address '192.168.1.1'?",
152
+ "Output": "vt_get_majority_vote(vt_get_votes_on_ip_address('192.168.1.1'))"
153
+ },
154
+ {
155
+ "Input": "What was the date of the last analysis that VirusTotal performed on a IP address 192.168.1.1 according to the report generated for that IP address? My API key is 'abc123'",
156
+ "Output": "convert_unix_timestamp_to_date(vt_get_last_analysis_date_from_report(vt_get_ip_address_report('192.168.1.1', 'abc123')))"
157
+ },
158
+ {
159
+ "Input": "Could you help me find out if the last analysis date of the domain 'example.com', retrieved from VirusTotal, falls within the date range starting from '2022/01/01' to '2022/02/01'? I have an API key which is 'abcdefgh'.",
160
+ "Output": "vt_is_date_within_range(vt_get_last_analysis_date_from_report(vt_get_domain_report('example.com', 'abcdefgh')), '2022/01/01', '2022/02/01')"
161
+ },
162
+ {
163
+ "Input": "Could you find out the most recent date when the threat actors related to the domain 'example.com' were last modified? Use API key '123abc' for both tasks.",
164
+ "Output": "vt_get_threat_actors_latest_modification_date(vt_get_objects_related_to_domain('example.com', 'related_threat_actors', '123abc'), '123abc')"
165
+ },
166
+ {
167
+ "Input": "Could you identify the main region from where threat actors are originating that are related to the domain 'hackers.com'? Use key 'abc123'.",
168
+ "Output": "vt_get_threat_actors_main_source_region(vt_get_objects_related_to_domain('hackers.com', 'related_threat_actors', 'abc123'), 'abc123')"
169
+ },
170
+ {
171
+ "Input": "Could you please check and validate all the historical SSL certificates associated with the domain 'example.com' with API key 'abc123'",
172
+ "Output": "vt_validate_historical_ssl_certificates(vt_get_objects_related_to_domain('example.com', 'historical_ssl_certificates', 'abc123'), 'abc123')"
173
+ },
174
+ {
175
+ "Input": "Could you please retrieve some comments from domain 'example.com' using api key '123abc', take a random comment from the retrieved ones, and post that comment to IP address '192.168.1.1' using the same api key?",
176
+ "Output": "vt_add_comment_to_ip_address('192.168.1.1', get_random_object_from_list(vt_get_comments_on_domain('example.com', '123abc')), '123abc')"
177
+ },
178
+ {
179
+ "Input": "I need to prepare a report on online activity. Could you tell me the total number of comments on two specific IP addresses, say '192.0.2.0' and '198.51.100.0'? I have an API key '12345' for this purpose.",
180
+ "Output": "calculate_sum_of_numbers(count_items_in_list(vt_get_comments_on_ip_address('192.0.2.0', '12345')), count_items_in_list(vt_get_comments_on_ip_address('198.51.100.0', '12345')))"
181
+ },
182
+ {
183
+ "Input": "What is the main source region of threat actors related to the domain 'example.com'? I have an API key '12345' for this purpose.",
184
+ "Output": "vt_get_threat_actors_main_source_region(vt_get_objects_related_to_domain('example.com', 'related_threat_actors', '12345'), '12345')"
185
+ },
186
+ {
187
+ "Input": "Can you provide the DNS resolutions for the parent domain of 'example.com' if I provide you with my API key '123456'?",
188
+ "Output": "vt_get_objects_related_to_domain(vt_get_objects_related_to_domain('example.com', 'parent', '123456'), 'resolutions', '123456')"
189
+ },
190
+ {
191
+ "Input": "Could you provide the comments from the community regarding the parent domains for the website 'testsite.com' using the API key '4D9M23C'?",
192
+ "Output": "vt_get_comments_on_multiple_domains(vt_get_objects_related_to_domain('testsite.com', 'immediate_parent', '4D9M23C'), '4D9M23C')"
193
+ }
194
+
195
+ ]
data/VirusTotal.json ADDED
@@ -0,0 +1,607 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ [
2
+ {
3
+ "Input": "Can you help me get a report of domain cloudflare.com on VirusTotal? My key is my_api.",
4
+ "Output": "vt_get_domain_report(domain = \"cloudflare.com\", x_apikey = \"my_api\")"
5
+ },
6
+ {
7
+ "Input": "Can I get data on the domain google.com from VirusTotal? I'm using the API key called user_key123.",
8
+ "Output": "vt_get_domain_report(domain = \"google.com\", x_apikey = \"user_key123\")"
9
+ },
10
+ {
11
+ "Input": "How do I fetch information about yahoo.com on VirusTotal with the API? My access key is VT_key987.",
12
+ "Output": "vt_get_domain_report(domain = \"yahoo.com\", x_apikey = \"VT_key987\")"
13
+ },
14
+ {
15
+ "Input": "I'd like to retrieve the report for bing.com from VirusTotal. Use the key api_key456.",
16
+ "Output": "vt_get_domain_report(domain = \"bing.com\", x_apikey = \"api_key456\")"
17
+ },
18
+ {
19
+ "Input": "Could you fetch domain details for example.com on VirusTotal for me? I have this API key: example_key789.",
20
+ "Output": "vt_get_domain_report(domain = \"example.com\", x_apikey = \"example_key789\")"
21
+ },
22
+ {
23
+ "Input": "I'm interested in the VirusTotal report of the domain microsoft.com. My access token is MS_key321.",
24
+ "Output": "vt_get_domain_report(domain = \"microsoft.com\", x_apikey = \"MS_key321\")"
25
+ },
26
+ {
27
+ "Input": "Please pull the VirusTotal domain info for apple.com. The API key I have is apple_vt_key.",
28
+ "Output": "vt_get_domain_report(domain = \"apple.com\", x_apikey = \"apple_vt_key\")"
29
+ },
30
+ {
31
+ "Input": "I need details from VirusTotal for the domain reddit.com. My given API key is reddit_api_key.",
32
+ "Output": "vt_get_domain_report(domain = \"reddit.com\", x_apikey = \"reddit_api_key\")"
33
+ },
34
+ {
35
+ "Input": "Can you fetch the domain report of amazon.com on VirusTotal? I'll provide my API key: amazon_key123.",
36
+ "Output": "vt_get_domain_report(domain = \"amazon.com\", x_apikey = \"amazon_key123\")"
37
+ },
38
+ {
39
+ "Input": "I want the VirusTotal data for domain netflix.com. Here's my access key: netflix_vt_key.",
40
+ "Output": "vt_get_domain_report(domain = \"netflix.com\", x_apikey = \"netflix_vt_key\")"
41
+ },
42
+ {
43
+ "Input": "How do I pull the domain info of twitter.com from VirusTotal? Using this API key: twt_key_abc.",
44
+ "Output": "vt_get_domain_report(domain = \"twitter.com\", x_apikey = \"twt_key_abc\")"
45
+ },
46
+ {
47
+ "Input": "Could you show me the way to get the report of domain youtube.com on VirusTotal? I have an API key: yt_key_xyz.",
48
+ "Output": "vt_get_domain_report(domain = \"youtube.com\", x_apikey = \"yt_key_xyz\")"
49
+ },
50
+ {
51
+ "Input": "Can you help me get comments on a domain youtube.com on VirusTotal? My key is my_api. Set the limit to 10 and the continuation cursor to abc.",
52
+ "Output": "vt_get_comments_on_domain(domain = \"youtube.com\", x_apikey = \"my_api\", limit = 10, cursor = \"abc\")"
53
+ },
54
+ {
55
+ "Input": "I need to retrieve comments for domain example.com using the API key 'api12345'.",
56
+ "Output": "vt_get_comments_on_domain(domain = \"example.com\", x_apikey = \"api12345\")"
57
+ },
58
+ {
59
+ "Input": "Could you help fetch comments for website google.com? I want to use the key 'secret_key' and set the limit to 5.",
60
+ "Output": "vt_get_comments_on_domain(domain = \"google.com\", x_apikey = \"secret_key\", limit = 5)"
61
+ },
62
+ {
63
+ "Input": "Please get the next batch of comments from facebook.com. My key is 'alpha_key'. Continue from cursor 'xyz123'.",
64
+ "Output": "vt_get_comments_on_domain(domain = \"facebook.com\", x_apikey = \"alpha_key\", cursor = \"xyz123\")"
65
+ },
66
+ {
67
+ "Input": "For domain reddit.com, I'd like to get 7 comments. My API key is 'beta_key'. Also, continue fetching from cursor 'cursor789'.",
68
+ "Output": "vt_get_comments_on_domain(domain = \"reddit.com\", x_apikey = \"beta_key\", limit = 7, cursor = \"cursor789\")"
69
+ },
70
+ {
71
+ "Input": "How can I view comments of domain microsoft.com with my key 'gamma_key' and a limit of 20?",
72
+ "Output": "vt_get_comments_on_domain(domain = \"microsoft.com\", x_apikey = \"gamma_key\", limit = 20)"
73
+ },
74
+ {
75
+ "Input": "Using my 'delta_key', how can I get comments for the domain apple.com?",
76
+ "Output": "vt_get_comments_on_domain(domain = \"apple.com\", x_apikey = \"delta_key\")"
77
+ },
78
+ {
79
+ "Input": "For the website netflix.com, can I fetch 15 comments with the 'epsilon_key'?",
80
+ "Output": "vt_get_comments_on_domain(domain = \"netflix.com\", x_apikey = \"epsilon_key\", limit = 15)"
81
+ },
82
+ {
83
+ "Input": "I wish to see comments of domain amazon.com. Kindly use my key 'zeta_key' and continue from the 'lmn456' cursor.",
84
+ "Output": "vt_get_comments_on_domain(domain = \"amazon.com\", x_apikey = \"zeta_key\", cursor = \"lmn456\")"
85
+ },
86
+ {
87
+ "Input": "Can I get the next 10 comments for twitter.com? Use the 'eta_key' and start from cursor 'rst890'.",
88
+ "Output": "vt_get_comments_on_domain(domain = \"twitter.com\", x_apikey = \"eta_key\", limit = 10, cursor = \"rst890\")"
89
+ },
90
+ {
91
+ "Input": "Using 'theta_key', fetch comments for domain instagram.com. Also, set a limit of 25.",
92
+ "Output": "vt_get_comments_on_domain(domain = \"instagram.com\", x_apikey = \"theta_key\", limit = 25)"
93
+ },
94
+ {
95
+ "Input": "Can you help me Get objects related to a domain apple.com on VirusTotal? The relationship I want to check is subdomains. My key is my_api. Set the limit to 10 and the continuation cursor to abc.",
96
+ "Output": "vt_get_objects_related_to_domain(domain = \"apple.com\", relationship = \"subdomains\", x_apikey = \"my_api\", limit = 10, cursor = \"abc\")"
97
+ },
98
+ {
99
+ "Input": "Can you show me DNS resolutions for yahoo.com from VirusTotal? I'll use the API key api_key123.",
100
+ "Output": "vt_get_objects_related_to_domain(domain = \"yahoo.com\", relationship = \"resolutions\", x_apikey = \"api_key123\")"
101
+ },
102
+ {
103
+ "Input": "I'm interested in comments related to google.com on VirusTotal. Also, I want a maximum of 5 comments. My API key is secret_key456.",
104
+ "Output": "vt_get_objects_related_to_domain(domain = \"google.com\", relationship = \"comments\", x_apikey = \"secret_key456\", limit = 5)"
105
+ },
106
+ {
107
+ "Input": "Using the key vt_key789, retrieve files communicating with the domain microsoft.com from VirusTotal.",
108
+ "Output": "vt_get_objects_related_to_domain(domain = \"microsoft.com\", relationship = \"communicating_files\", x_apikey = \"vt_key789\")"
109
+ },
110
+ {
111
+ "Input": "On VirusTotal, what are the sibling domains related to amazon.com? Use the continuation cursor 'next123' and the API key magic_key001.",
112
+ "Output": "vt_get_objects_related_to_domain(domain = \"amazon.com\", relationship = \"siblings\", x_apikey = \"magic_key001\", cursor = \"next123\")"
113
+ },
114
+ {
115
+ "Input": "Fetch me the list of URLs having the domain facebook.com. I don't want more than 10 URLs. API key for this is fb_key002.",
116
+ "Output": "vt_get_objects_related_to_domain(domain = \"facebook.com\", relationship = \"urls\", x_apikey = \"fb_key002\", limit = 10)"
117
+ },
118
+ {
119
+ "Input": "I'm eager to know the top parent domain of twitter.com using VirusTotal. The access key for this operation is tw_key003.",
120
+ "Output": "vt_get_objects_related_to_domain(domain = \"twitter.com\", relationship = \"parent\", x_apikey = \"tw_key003\")"
121
+ },
122
+ {
123
+ "Input": "From VirusTotal, can you help me find files that contain the domain linkedin.com? Remember, my key is li_key004.",
124
+ "Output": "vt_get_objects_related_to_domain(domain = \"linkedin.com\", relationship = \"referrer_files\", x_apikey = \"li_key004\")"
125
+ },
126
+ {
127
+ "Input": "I want to check the SSL certificates history associated with the domain reddit.com. I have the API key rd_key005.",
128
+ "Output": "vt_get_objects_related_to_domain(domain = \"reddit.com\", relationship = \"historical_ssl_certificates\", x_apikey = \"rd_key005\")"
129
+ },
130
+ {
131
+ "Input": "Can you provide me with the WHOIS historical data for domain adobe.com on VirusTotal? I'll use the API key adobe_key123.",
132
+ "Output": "vt_get_objects_related_to_domain(domain = \"adobe.com\", relationship = \"historical_whois\", x_apikey = \"adobe_key123\")"
133
+ },
134
+ {
135
+ "Input": "I'd love to see any threat actors associated with the domain dropbox.com on VirusTotal. My access key for this request is db_key456.",
136
+ "Output": "vt_get_objects_related_to_domain(domain = \"dropbox.com\", relationship = \"related_threat_actors\", x_apikey = \"db_key456\")"
137
+ },
138
+ {
139
+ "Input": "Could you help me get files downloaded from the domain netflix.com using VirusTotal? I have the key nf_key789 for this.",
140
+ "Output": "vt_get_objects_related_to_domain(domain = \"netflix.com\", relationship = \"downloaded_files\", x_apikey = \"nf_key789\")"
141
+ },
142
+ {
143
+ "Input": "I'm interested in the CAA records related to the domain instagram.com on VirusTotal. My authorization key is ig_key001.",
144
+ "Output": "vt_get_objects_related_to_domain(domain = \"instagram.com\", relationship = \"caa_records\", x_apikey = \"ig_key001\")"
145
+ },
146
+ {
147
+ "Input": "Show me the community comments about domain spotify.com on VirusTotal. For this task, use the key sp_key002 and fetch no more than 7 comments.",
148
+ "Output": "vt_get_objects_related_to_domain(domain = \"spotify.com\", relationship = \"comments\", x_apikey = \"sp_key002\", limit = 7)"
149
+ },
150
+ {
151
+ "Input": "On VirusTotal, could you show me the subdomains of domain paypal.com? Set the limit to 25 and use the continuation cursor 'pp_next'. My API key is pp_key123.",
152
+ "Output": "vt_get_objects_related_to_domain(domain = \"paypal.com\", relationship = \"subdomains\", x_apikey = \"pp_key123\", limit = 25, cursor = \"pp_next\")"
153
+ },
154
+ {
155
+ "Input": "I want to see community posted comments about slack.com from VirusTotal. Get me the next 30 comments using cursor 'slack_c2'. My key is sl_key456.",
156
+ "Output": "vt_get_objects_related_to_domain(domain = \"slack.com\", relationship = \"comments\", x_apikey = \"sl_key456\", limit = 30, cursor = \"slack_c2\")"
157
+ },
158
+ {
159
+ "Input": "Using VirusTotal, can you find me files that contain the domain airbnb.com? I'd like to see up to 50 files from cursor point 'ab_next'. My authorization key is ab_key789.",
160
+ "Output": "vt_get_objects_related_to_domain(domain = \"airbnb.com\", relationship = \"referrer_files\", x_apikey = \"ab_key789\", limit = 50, cursor = \"ab_next\")"
161
+ },
162
+ {
163
+ "Input": "For the domain trello.com on VirusTotal, I'm keen to know the URLs associated with it. Retrieve a maximum of 20 URLs starting from cursor 'tr_cursor1'. I'll use the API key tr_key001.",
164
+ "Output": "vt_get_objects_related_to_domain(domain = \"trello.com\", relationship = \"urls\", x_apikey = \"tr_key001\", limit = 20, cursor = \"tr_cursor1\")"
165
+ },
166
+ {
167
+ "Input": "How about fetching me the sibling domains for domain pinterest.com on VirusTotal? Get me the next 10 using the cursor 'pin_cur3'. My key for this is pin_key002.",
168
+ "Output": "vt_get_objects_related_to_domain(domain = \"pinterest.com\", relationship = \"siblings\", x_apikey = \"pin_key002\", limit = 10, cursor = \"pin_cur3\")"
169
+ },
170
+ {
171
+ "Input": "Can you help me Get object descriptors related to a domain example.org on VirusTotal? The relationship I want to check is subdomains. You should just return the related object's IDs (and context attributes, if any) instead of returning all attributes. My key is my_api. Set the limit to 10 and the continuation cursor to abc.",
172
+ "Output": "vt_get_object_descriptors_related_to_domain(domain = \"example.org\", relationship = \"subdomains\", x_apikey = \"my_api\", limit = 10, cursor = \"abc\")"
173
+ },
174
+ {
175
+ "Input": "How can I obtain the CNAME records for the domain 'sample.com' using the VirusTotal API? You should only return the related object's IDs. My key is 'secret123'.",
176
+ "Output": "vt_get_object_descriptors_related_to_domain(domain = \"sample.org\", relationship = \"cname_records\", x_apikey = \"secret123\")"
177
+ },
178
+ {
179
+ "Input": "I'm looking to retrieve the IDs (and context attributes, if any) of files that communicate with domain 'example.net'. Limit the results to 20. My API key is 'apikey_456'.",
180
+ "Output": "vt_get_object_descriptors_related_to_domain(domain = \"example.net\", relationship = \"communicating_files\", x_apikey = \"apikey_456\", limit = 20)"
181
+ },
182
+ {
183
+ "Input": "Please show me the IDs (and context attributes, if any) of comments related to 'test.org'. Also, if there's a continuation cursor, set it to 'cur123'. I have the API key 'mykey789'.",
184
+ "Output": "vt_get_object_descriptors_related_to_domain(domain = \"test.org\", relationship = \"comments\", x_apikey = \"mykey789\", cursor = \"cur123\")"
185
+ },
186
+ {
187
+ "Input": "What are the DNS resolutions for 'site.info'? Get object descriptors instead of returning all attributes. Use the key 'apikey_info'.",
188
+ "Output": "vt_get_object_descriptors_related_to_domain(domain = \"site.info\", relationship = \"resolutions\", x_apikey = \"apikey_info\")"
189
+ },
190
+ {
191
+ "Input": "Fetch me the historical WHOIS information for 'domain.xyz'. Only get object descriptors instead of returning all attributes. My access key is 'key_abc'. Can you limit the results to 5?",
192
+ "Output": "vt_get_object_descriptors_related_to_domain(domain = \"domain.xyz\", relationship = \"historical_whois\", x_apikey = \"key_abc\", limit = 5)"
193
+ },
194
+ {
195
+ "Input": "I'd like to see the IDs of sibling domains of 'brother.com' with a continuation cursor of 'next100'. My API key is 'sibling_key'.",
196
+ "Output": "vt_get_object_descriptors_related_to_domain(domain = \"brother.com\", relationship = \"siblings\", x_apikey = \"sibling_key\", cursor = \"next100\")"
197
+ },
198
+ {
199
+ "Input": "Show me the object descriptors of URLs associated with the domain 'linked.net'. Please use the API key 'linker_api'.",
200
+ "Output": "vt_get_object_descriptors_related_to_domain(domain = \"linked.net\", relationship = \"urls\", x_apikey = \"linker_api\")"
201
+ },
202
+ {
203
+ "Input": "How do I retrieve files downloaded from the domain 'downloads.com' using my API key 'dload_key'? I Only need IDs (and context attributes, if any).",
204
+ "Output": "vt_get_object_descriptors_related_to_domain(domain = \"downloads.com\", relationship = \"downloaded_files\", x_apikey = \"dload_key\")"
205
+ },
206
+ {
207
+ "Input": "Could you tell me how to obtain just the IDs and context attributes, and not all the details, of the CAA records for 'sample2.com'? I'll be using my API key 'secret567'.",
208
+ "Output": "vt_get_object_descriptors_related_to_domain(domain = \"sample2.com\", relationship = \"caa_records\", x_apikey = \"secret567\")"
209
+ },
210
+ {
211
+ "Input": "I want to fetch files communicating with 'example3.net'. I only need the related object's IDs and their context. Please limit it to 25 and use my API key 'key789'.",
212
+ "Output": "vt_get_object_descriptors_related_to_domain(domain = \"example3.net\", relationship = \"communicating_files\", x_apikey = \"key789\", limit = 25)"
213
+ },
214
+ {
215
+ "Input": "For the domain 'test4.org', how can I retrieve only the IDs and context attributes of community comments? Use the continuation cursor 'cur456' and my API key 'key123'.",
216
+ "Output": "vt_get_object_descriptors_related_to_domain(domain = \"test4.org\", relationship = \"comments\", x_apikey = \"key123\", cursor = \"cur456\")"
217
+ },
218
+ {
219
+ "Input": "I need just the basic identifiers and any contextual info for the DNS resolutions of 'site5.info'. Use my access key 'apikey_abc'.",
220
+ "Output": "vt_get_object_descriptors_related_to_domain(domain = \"site5.info\", relationship = \"resolutions\", x_apikey = \"apikey_abc\")"
221
+ },
222
+ {
223
+ "Input": "Can you show me how to get only the object IDs and their contexts for historical WHOIS details of 'domain6.xyz'? Let's cap the results at 8 and use 'key_def'.",
224
+ "Output": "vt_get_object_descriptors_related_to_domain(domain = \"domain6.xyz\", relationship = \"historical_whois\", x_apikey = \"key_def\", limit = 8)"
225
+ },
226
+ {
227
+ "Input": "For 'sister.com', I'd like the sibling domains but only require their IDs and context. Use 'next50' as the continuation cursor and my API key 'sister_key'.",
228
+ "Output": "vt_get_object_descriptors_related_to_domain(domain = \"sister.com\", relationship = \"siblings\", x_apikey = \"sister_key\", cursor = \"next50\")"
229
+ },
230
+ {
231
+ "Input": "I'm keen on seeing the URLs tied with 'linked7.net'. However, I only want the object IDs and any related context. My API key for this is 'linker_api2'.",
232
+ "Output": "vt_get_object_descriptors_related_to_domain(domain = \"linked7.net\", relationship = \"urls\", x_apikey = \"linker_api2\")"
233
+ },
234
+ {
235
+ "Input": "Can you help me Get a DNS resolution object on VirusTotal? The id I want to check is 111.222.33.44example.com. My key is my_api.",
236
+ "Output": "vt_get_dns_resolution_object(id = \"111.222.33.44example.com\", x_apikey = \"my_api\")"
237
+
238
+ },
239
+ {
240
+ "Input": "Can you retrieve the DNS resolution for the domain paired with IP 123.456.78.90 on VirusTotal? I'll provide the API key as 'sample_key1'.",
241
+ "Output": "vt_get_dns_resolution_object(id = \"123.456.78.90domain.com\", x_apikey = \"sample_key1\")"
242
+ },
243
+ {
244
+ "Input": "I need details from VirusTotal for the DNS object with ID 192.168.0.1website.net. My API access key is 'sample_key2'.",
245
+ "Output": "vt_get_dns_resolution_object(id = \"192.168.0.1website.net\", x_apikey = \"sample_key2\")"
246
+ },
247
+ {
248
+ "Input": "For the domain associated with IP 10.0.0.1 on VirusTotal, can you get its resolution details? Use the key 'sample_key3'.",
249
+ "Output": "vt_get_dns_resolution_object(id = \"10.0.0.1\", x_apikey = \"sample_key3\")"
250
+ },
251
+ {
252
+ "Input": "I'd appreciate if you could fetch the DNS resolution info for the domain mapped to IP 255.255.255.0 from VirusTotal. My key for this operation is 'sample_key4'.",
253
+ "Output": "vt_get_dns_resolution_object(id = \"255.255.255.0\", x_apikey = \"sample_key4\")"
254
+ },
255
+ {
256
+ "Input": "Looking to get data on the DNS resolution of the domain related to IP 172.16.0.2 via VirusTotal. Please proceed with the key 'sample_key5'.",
257
+ "Output": "vt_get_dns_resolution_object(id = \"172.16.0.2\", x_apikey = \"sample_key5\")"
258
+ },
259
+ {
260
+ "Input": "I'm interested in the DNS resolution details for the domain that correlates with IP 203.0.113.0 on VirusTotal. My authentication key is 'sample_key6'.",
261
+ "Output": "vt_get_dns_resolution_object(id = \"203.0.113.0\", x_apikey = \"sample_key6\")"
262
+ },
263
+ {
264
+ "Input": "Could you fetch the resolution data for the domain linked to IP 198.51.100.1 from VirusTotal? The API key I possess is 'sample_key7'.",
265
+ "Output": "vt_get_dns_resolution_object(id = \"198.51.100.1\", x_apikey = \"sample_key7\")"
266
+ },
267
+ {
268
+ "Input": "I want the DNS resolution information of the domain associated with 192.0.2.1 on VirusTotal. Please use the key 'sample_key8'.",
269
+ "Output": "vt_get_dns_resolution_object(id = \"192.0.2.1\", x_apikey = \"sample_key8\")"
270
+ },
271
+ {
272
+ "Input": "Provide me with the details for the DNS object ID 10.10.10.10linked.site on VirusTotal. For this request, use the key 'sample_key9'.",
273
+ "Output": "vt_get_dns_resolution_object(id = \"10.10.10.10linked.site\", x_apikey = \"sample_key9\")"
274
+ },
275
+ {
276
+ "Input": "For the VirusTotal DNS resolution of the domain tied to IP 44.55.66.77, can you help? The access key for this is 'sample_key10'.",
277
+ "Output": "vt_get_dns_resolution_object(id = \"44.55.66.77\", x_apikey = \"sample_key10\")"
278
+ },
279
+ {
280
+ "Input": "Can you help me get a report of this IP address on VirusTotal? http://www.example.org. My key is API_KEY.",
281
+ "Output": "vt_get_ip_address_report(ip = \"http://www.example.org\", x_apikey = \"API_KEY\")"
282
+ },
283
+ {
284
+ "Input": "I would like to check the IP address 192.168.0.1 on VirusTotal using my API key, KEY123",
285
+ "Output": "vt_get_ip_address_report(ip = \"192.168.0.1\", x_apikey = \"KEY123\")"
286
+ },
287
+ {
288
+ "Input": "Please fetch a report for the IP address 172.16.254.1 from VirusTotal. Use this API key: DEF456",
289
+ "Output": "vt_get_ip_address_report(ip = \"172.16.254.1\", x_apikey = \"DEF456\")"
290
+ },
291
+ {
292
+ "Input": "Can we have the VirusTotal report for 10.0.0.1? My API key is XYZ789",
293
+ "Output": "vt_get_ip_address_report(ip = \"10.0.0.1\", x_apikey = \"XYZ789\")"
294
+ },
295
+ {
296
+ "Input": "I need a VirusTotal report for the IP address 192.168.1.1. My key is ABC321",
297
+ "Output": "vt_get_ip_address_report(ip = \"192.168.1.1\", x_apikey = \"ABC321\")"
298
+ },
299
+ {
300
+ "Input": "Could you retrieve the VirusTotal report for the IP 203.0.113.0? Please use my API key GHI654",
301
+ "Output": "vt_get_ip_address_report(ip = \"203.0.113.0\", x_apikey = \"GHI654\")"
302
+ },
303
+ {
304
+ "Input": "Can you use my API key, ZYX987, to get a VirusTotal report for the IP address 192.0.2.0?",
305
+ "Output": "vt_get_ip_address_report(ip = \"192.0.2.0\", x_apikey = \"ZYX987\")"
306
+ },
307
+ {
308
+ "Input": "Please use VirusTotal to generate a report for the IP 198.51.100.0 with my API key, WXY864",
309
+ "Output": "vt_get_ip_address_report(ip = \"198.51.100.0\", x_apikey = \"WXY864\")"
310
+ },
311
+ {
312
+ "Input": "Could you help me fetch a VirusTotal report for the IP address 203.0.113.0? My API key is UVW741",
313
+ "Output": "vt_get_ip_address_report(ip = \"203.0.113.0\", x_apikey = \"UVW741\")"
314
+ },
315
+ {
316
+ "Input": "Please retrieve a report from VirusTotal for the IP address 172.16.0.0 using my API key, TUV618",
317
+ "Output": "vt_get_ip_address_report(ip = \"172.16.0.0\", x_apikey = \"TUV618\")"
318
+ },
319
+ {
320
+ "Input": "Can I get a VirusTotal report for 10.10.0.0 using my API key RST495?",
321
+ "Output": "vt_get_ip_address_report(ip = \"10.10.0.0\", x_apikey = \"RST495\")"
322
+ },
323
+ {
324
+ "Input": "Can you help me get comments on this IP address on VirusTotal? https://www.example.org. Set the limit to 10 and the continuation cursor to abc. My key is API_KEY.",
325
+ "Output": "vt_get_comments_on_ip_address(ip = \"https://www.example.org\", x_apikey = \"API_KEY\", limit = 10, cursor = \"abc\")"
326
+ },
327
+ {
328
+ "Input": "Could you get comments for IP address 192.168.0.1 on VirusTotal with the limit of 20 and the cursor set to bcd? My API key is KEY123",
329
+ "Output": "vt_get_comments_on_ip_address(ip = \"192.168.0.1\", x_apikey = \"KEY123\", limit = 20, cursor = \"bcd\")"
330
+ },
331
+ {
332
+ "Input": "I want to fetch comments for the IP address 172.16.254.1 from VirusTotal. Set the limit to 15 and cursor to efg. Here is my API key: DEF456",
333
+ "Output": "vt_get_comments_on_ip_address(ip = \"172.16.254.1\", x_apikey = \"DEF456\", limit = 15, cursor = \"efg\")"
334
+ },
335
+ {
336
+ "Input": "Can we have comments for 10.0.0.1 from VirusTotal? Please limit the number of comments to 5 and set the cursor to hij. My API key is XYZ789",
337
+ "Output": "vt_get_comments_on_ip_address(ip = \"10.0.0.1\", x_apikey = \"XYZ789\", limit = 5, cursor = \"hij\")"
338
+ },
339
+ {
340
+ "Input": "Retrieve VirusTotal comments for the IP address 192.168.1.1. Set the limit to 30 and cursor to klm. My API key is ABC321",
341
+ "Output": "vt_get_comments_on_ip_address(ip = \"192.168.1.1\", x_apikey = \"ABC321\", limit = 30, cursor = \"klm\")"
342
+ },
343
+ {
344
+ "Input": "Fetch the comments for IP 203.0.113.0 from VirusTotal. Set the limit to 25 and the cursor to nop. Use my API key GHI654",
345
+ "Output": "vt_get_comments_on_ip_address(ip = \"203.0.113.0\", x_apikey = \"GHI654\", limit = 25, cursor = \"nop\")"
346
+ },
347
+ {
348
+ "Input": "I want to fetch comments for the IP address 192.168.0.1 from VirusTotal. My API key is KEY123.",
349
+ "Output": "vt_get_comments_on_ip_address(ip = \"192.168.0.1\", x_apikey = \"KEY123\")"
350
+ },
351
+ {
352
+ "Input": "Please get comments for IP address 172.16.254.1 on VirusTotal with the limit of 15. Use my API key DEF456.",
353
+ "Output": "vt_get_comments_on_ip_address(ip = \"172.16.254.1\", x_apikey = \"DEF456\", limit = 15)"
354
+ },
355
+ {
356
+ "Input": "Can you help me retrieve comments from VirusTotal for the IP 10.0.0.1, continue from cursor 'hij'? My API key is XYZ789",
357
+ "Output": "vt_get_comments_on_ip_address(ip = \"10.0.0.1\", x_apikey = \"XYZ789\", cursor = \"hij\")"
358
+ },
359
+ {
360
+ "Input": "Fetch comments for IP 192.168.1.1 from VirusTotal, limit them to 30. My key is ABC321.",
361
+ "Output": "vt_get_comments_on_ip_address(ip = \"192.168.1.1\", x_apikey = \"ABC321\", limit = 30)"
362
+ },
363
+ {
364
+ "Input": "I need the comments from VirusTotal for the IP 203.0.113.0, continuing from cursor 'nop'. Use my API key GHI654",
365
+ "Output": "vt_get_comments_on_ip_address(ip = \"203.0.113.0\", x_apikey = \"GHI654\", cursor = \"nop\")"
366
+ },
367
+ {
368
+ "Input": "Can you help me add this comment to IP address 12.234.56.126 on VirusTotal? My key is my_api. The json of comments is here: {\"type\": \"comment\", \"attributes\": {\"text\": \"Lorem ipsum dolor sit...\"}}",
369
+ "Output": "vt_add_comment_to_ip_address(ip = \"12.234.56.126\", data = {\"type\": \"comment\", \"attributes\": {\"text\": \"Lorem ipsum dolor sit...\"}}, x_apikey = \"my_api\")"
370
+ },
371
+ {
372
+ "Input": "I want to post a comment for the IP address 192.168.0.1 on VirusTotal. My API key is KEY123. The json for comment is: {\"type\": \"comment\", \"attributes\": {\"text\": \"This looks suspicious #malware\"}}",
373
+ "Output": "vt_add_comment_to_ip_address(ip = \"192.168.0.1\", data = {\"type\": \"comment\", \"attributes\": {\"text\": \"This looks suspicious #malware\"}}, x_apikey = \"KEY123\")"
374
+ },
375
+ {
376
+ "Input": "Please add a comment to the IP address 172.16.254.1 on VirusTotal. Use my API key DEF456. The comment json is: {\"type\": \"comment\", \"attributes\": {\"text\": \"Clean IP #safe\"}}",
377
+ "Output": "vt_add_comment_to_ip_address(ip = \"172.16.254.1\", data = {\"type\": \"comment\", \"attributes\": {\"text\": \"Clean IP #safe\"}}, x_apikey = \"DEF456\")"
378
+ },
379
+ {
380
+ "Input": "Can we post this comment for 10.0.0.1 on VirusTotal? My API key is XYZ789. The comment json is: {\"type\": \"comment\", \"attributes\": {\"text\": \"Needs review #unsure\"}}",
381
+ "Output": "vt_add_comment_to_ip_address(ip = \"10.0.0.1\", data = {\"type\": \"comment\", \"attributes\": {\"text\": \"Needs review #unsure\"}}, x_apikey = \"XYZ789\")"
382
+ },
383
+ {
384
+ "Input": "Could you help me add a comment to IP 192.168.1.1 on VirusTotal? My key is ABC321. Here is the comment json: {\"type\": \"comment\", \"attributes\": {\"text\": \"Confirmed #malware\"}}",
385
+ "Output": "vt_add_comment_to_ip_address(ip = \"192.168.1.1\", data = {\"type\": \"comment\", \"attributes\": {\"text\": \"Confirmed #malware\"}}, x_apikey = \"ABC321\")"
386
+ },
387
+ {
388
+ "Input": "Post this comment for IP 203.0.113.0 on VirusTotal. My API key is GHI654. The comment json is: {\"type\": \"comment\", \"attributes\": {\"text\": \"Checked #clean\"}}",
389
+ "Output": "vt_add_comment_to_ip_address(ip = \"203.0.113.0\", data = {\"type\": \"comment\", \"attributes\": {\"text\": \"Checked #clean\"}}, x_apikey = \"GHI654\")"
390
+ },
391
+ {
392
+ "Input": "Could you post a new comment for the IP 10.5.1.1 on VirusTotal? Here is my API key: KEY124. Comment content: {\"type\": \"comment\", \"attributes\": {\"text\": \"#unknown threat detected\"}}",
393
+ "Output": "vt_add_comment_to_ip_address(ip = \"10.5.1.1\", data = {\"type\": \"comment\", \"attributes\": {\"text\": \"#unknown threat detected\"}}, x_apikey = \"KEY124\")"
394
+ },
395
+ {
396
+ "Input": "Please submit a comment on VirusTotal for IP 123.45.67.89. My access key is DEF789. The JSON for the comment is: {\"type\": \"comment\", \"attributes\": {\"text\": \"Seems to be a #clean IP\"}}",
397
+ "Output": "vt_add_comment_to_ip_address(ip = \"123.45.67.89\", data = {\"type\": \"comment\", \"attributes\": {\"text\": \"Seems to be a #clean IP\"}}, x_apikey = \"DEF789\")"
398
+ },
399
+ {
400
+ "Input": "Add this comment on VirusTotal for the IP address 192.0.2.1: {\"type\": \"comment\", \"attributes\": {\"text\": \"#suspicious activity observed\"}}. My API key is XYZ987.",
401
+ "Output": "vt_add_comment_to_ip_address(ip = \"192.0.2.1\", data = {\"type\": \"comment\", \"attributes\": {\"text\": \"#suspicious activity observed\"}}, x_apikey = \"XYZ987\")"
402
+ },
403
+ {
404
+ "Input": "Let's leave a comment for IP 198.51.100.0 on VirusTotal. My API key: ABC654. Comment JSON: {\"type\": \"comment\", \"attributes\": {\"text\": \"IP seems #safe and clear\"}}",
405
+ "Output": "vt_add_comment_to_ip_address(ip = \"198.51.100.0\", data = {\"type\": \"comment\", \"attributes\": {\"text\": \"IP seems #safe and clear\"}}, x_apikey = \"ABC654\")"
406
+ },
407
+ {
408
+ "Input": "I need to comment on the IP 203.0.113.1 in VirusTotal. Here is my API key: GHI765. The comment to post is: {\"type\": \"comment\", \"attributes\": {\"text\": \"#malware detected in traffic\"}}",
409
+ "Output": "vt_add_comment_to_ip_address(ip = \"203.0.113.1\", data = {\"type\": \"comment\", \"attributes\": {\"text\": \"#malware detected in traffic\"}}, x_apikey = \"GHI765\")"
410
+ },
411
+ {
412
+ "Input": "Can you help me get files that communicate with the IP address 12.234.56.126 on VirusTotal? My key is my_api. Note that the max number to retrieve is 10, and the continuation cursor is 'pointer'. Thanks.",
413
+ "Output": "vt_get_objects_related_to_ip_address(ip = \"12.234.56.126\", relationship = \"communicating_files\", x_apikey = \"my_api\", limit = 10, cursor = \"pointer\")"
414
+ },
415
+ {
416
+ "Input": "I'd like to fetch comments related to IP 23.45.67.8 from VirusTotal. Use the API key 'sec_key1'. Could you retrieve a maximum of 15 entries?",
417
+ "Output": "vt_get_objects_related_to_ip_address(ip = \"23.45.67.8\", relationship = \"comments\", x_apikey = \"sec_key1\", limit = 15)"
418
+ },
419
+ {
420
+ "Input": "Please help me access graphs that include IP 34.56.78.9 on VirusTotal using 'sec_key2'.",
421
+ "Output": "vt_get_objects_related_to_ip_address(ip = \"34.56.78.9\", relationship = \"graphs\", x_apikey = \"sec_key2\")"
422
+ },
423
+ {
424
+ "Input": "How can I view files that have the IP address 45.67.89.0 in them on VirusTotal? I have the API key 'sec_key3'. Fetch a max of 20.",
425
+ "Output": "vt_get_objects_related_to_ip_address(ip = \"45.67.89.0\", relationship = \"referrer_files\", x_apikey = \"sec_key3\", limit = 20)"
426
+ },
427
+ {
428
+ "Input": "I'm looking for SSL certificates associated with the IP 56.78.90.1 on VirusTotal. My API key for this task is 'sec_key4'.",
429
+ "Output": "vt_get_objects_related_to_ip_address(ip = \"56.78.90.1\", relationship = \"historical_ssl_certificates\", x_apikey = \"sec_key4\")"
430
+ },
431
+ {
432
+ "Input": "Help me retrieve a list of resolutions for IP 67.89.0.1 on VirusTotal. I'll use the API key 'sec_key5' and need the first 25 records.",
433
+ "Output": "vt_get_objects_related_to_ip_address(ip = \"67.89.0.1\", relationship = \"resolutions\", x_apikey = \"sec_key5\", limit = 25)"
434
+ },
435
+ {
436
+ "Input": "Retrieve WHOIS information for the IP address 98.76.54.32 using the API key 'alpha_key'.",
437
+ "Output": "vt_get_objects_related_to_ip_address(ip = \"98.76.54.32\", relationship = \"historical_whois\", x_apikey = \"alpha_key\")"
438
+ },
439
+ {
440
+ "Input": "I want to see all files that were downloaded from IP 123.45.67.8. My API key is 'beta_key'. Limit it to 30 results.",
441
+ "Output": "vt_get_objects_related_to_ip_address(ip = \"123.45.67.8\", relationship = \"downloaded_files\", x_apikey = \"beta_key\", limit = 30)"
442
+ },
443
+ {
444
+ "Input": "Show me URLs related to IP 87.65.43.21 with the key 'gamma_key'. Also, set the continuation cursor to 'next_page'.",
445
+ "Output": "vt_get_objects_related_to_ip_address(ip = \"87.65.43.21\", relationship = \"urls\", x_apikey = \"gamma_key\", cursor = \"next_page\")"
446
+ },
447
+ {
448
+ "Input": "Fetch community posted comments in the IP's related objects for 109.87.65.43. I'll be using 'delta_key' for this.",
449
+ "Output": "vt_get_objects_related_to_ip_address(ip = \"109.87.65.43\", relationship = \"related_comments\", x_apikey = \"delta_key\")"
450
+ },
451
+ {
452
+ "Input": "I'd like a list of threat actors related to the IP 192.168.1.1. Use the key 'epsilon_key' and get only the first 5.",
453
+ "Output": "vt_get_objects_related_to_ip_address(ip = \"192.168.1.1\", relationship = \"related_threat_actors\", x_apikey = \"epsilon_key\", limit = 5)"
454
+ },
455
+ {
456
+ "Input": "Can you help me get descriptors of files that communicate with the IP address 12.234.56.126 on VirusTotal? My key is my_api. Note that the max number to retrieve is 10, and the continuation cursor is 'current_cursor'. Only return the object's IDs and potential context attributes, don't return all attributes",
457
+ "Output": "vt_get_object_descriptors_related_to_ip_address(ip = \"12.234.56.126\", relationship = \"communicating_files\", x_apikey = \"my_api\", limit = 10, cursor = \"current_cursor\")"
458
+ },
459
+ {
460
+ "Input": "I'd like the IDs and context attributes of files communicating with IP 178.34.55.101 on VirusTotal. Please utilize the 'super_api' key and restrict results to 15, setting the cursor to 'next_set'.",
461
+ "Output": "vt_get_object_descriptors_related_to_ip_address(ip = \"178.34.55.101\", relationship = \"communicating_files\", x_apikey = \"super_api\", limit = 15, cursor = \"next_set\")"
462
+ },
463
+ {
464
+ "Input": "On VirusTotal, fetch the IDs for the files that were downloaded from IP 56.87.45.23. Use my 'pro_api' key and set a max of 20 results. If possible, use the 'start_cursor' for continuation.",
465
+ "Output": "vt_get_object_descriptors_related_to_ip_address(ip = \"56.87.45.23\", relationship = \"downloaded_files\", x_apikey = \"pro_api\", limit = 20, cursor = \"start_cursor\")"
466
+ },
467
+ {
468
+ "Input": "I want descriptors of comments related to IP 129.56.78.90 on VirusTotal. For this, apply the 'advanced_api' key and keep the limit to 5. Use the cursor named 'page_two'.",
469
+ "Output": "vt_get_object_descriptors_related_to_ip_address(ip = \"129.56.78.90\", relationship = \"comments\", x_apikey = \"advanced_api\", limit = 5, cursor = \"page_two\")"
470
+ },
471
+ {
472
+ "Input": "Fetch me the IDs of files that include IP 201.202.203.204 on VirusTotal. Use the key 'ultimate_api'. Also, restrict it to 10 results, and set the cursor to 'cont_position'.",
473
+ "Output": "vt_get_object_descriptors_related_to_ip_address(ip = \"201.202.203.204\", relationship = \"referrer_files\", x_apikey = \"ultimate_api\", limit = 10, cursor = \"cont_position\")"
474
+ },
475
+ {
476
+ "Input": "Provide the WHOIS data descriptors for the IP 123.123.123.123 on VirusTotal. For this task, employ the 'elite_api' key and only retrieve a maximum of 7 results. Also, I'd appreciate if you can set the continuation cursor to 'next_seven'.",
477
+ "Output": "vt_get_object_descriptors_related_to_ip_address(ip = \"123.123.123.123\", relationship = \"historical_whois\", x_apikey = \"elite_api\", limit = 7, cursor = \"next_seven\")"
478
+ },
479
+ {
480
+ "Input": "For IP 245.67.89.10 on VirusTotal, get the IDs of files that reference it. My key is 'api_key_1'. Limit it to 12 and use the cursor 'cursor_a'.",
481
+ "Output": "vt_get_object_descriptors_related_to_ip_address(ip = \"245.67.89.10\", relationship = \"referrer_files\", x_apikey = \"api_key_1\", limit = 12, cursor = \"cursor_a\")"
482
+ },
483
+ {
484
+ "Input": "Using 'api_key_2', retrieve the IDs of graphs containing IP 145.34.45.56 on VirusTotal. Don't forget to set the cursor as 'cursor_b' and limit the results to 8.",
485
+ "Output": "vt_get_object_descriptors_related_to_ip_address(ip = \"145.34.45.56\", relationship = \"graphs\", x_apikey = \"api_key_2\", limit = 8, cursor = \"cursor_b\")"
486
+ },
487
+ {
488
+ "Input": "I'd like IDs of files downloaded from IP 77.88.99.00 on VirusTotal. My access key is 'api_key_3'. Kindly limit to 15 and use 'cursor_c' as the continuation point.",
489
+ "Output": "vt_get_object_descriptors_related_to_ip_address(ip = \"77.88.99.00\", relationship = \"downloaded_files\", x_apikey = \"api_key_3\", limit = 15, cursor = \"cursor_c\")"
490
+ },
491
+ {
492
+ "Input": "With the key 'api_key_4', obtain IDs of SSL certificates linked to IP 88.77.66.55 on VirusTotal. Keep the maximum results to 20 and set the cursor at 'cursor_d'.",
493
+ "Output": "vt_get_object_descriptors_related_to_ip_address(ip = \"88.77.66.55\", relationship = \"historical_ssl_certificates\", x_apikey = \"api_key_4\", limit = 20, cursor = \"cursor_d\")"
494
+ },
495
+ {
496
+ "Input": "Fetch me the IDs related to threat actors of IP 22.33.44.55 on VirusTotal. Utilize the 'api_key_5' for this request. Also, restrict to 5 results and apply the 'cursor_e' cursor.",
497
+ "Output": "vt_get_object_descriptors_related_to_ip_address(ip = \"22.33.44.55\", relationship = \"related_threat_actors\", x_apikey = \"api_key_5\", limit = 5, cursor = \"cursor_e\")"
498
+ },
499
+ {
500
+ "Input": "Can you help me get votes on this IP address? example.com",
501
+ "Output": "vt_get_votes_on_ip_address(ip = \"example.com\")"
502
+ },
503
+ {
504
+ "Input": "Can you fetch me the votes related to this IP address: mywebsite.com?",
505
+ "Output": "vt_get_votes_on_ip_address(ip = \"mywebsite.com\")"
506
+ },
507
+ {
508
+ "Input": "I'd like to see the votes for the IP address at samplepage.net. Can you help?",
509
+ "Output": "vt_get_votes_on_ip_address(ip = \"samplepage.net\")"
510
+ },
511
+ {
512
+ "Input": "I'm interested in understanding the votes associated with the IP address testwebsite.org. Could you retrieve that for me?",
513
+ "Output": "vt_get_votes_on_ip_address(ip = \"testwebsite.org\")"
514
+ },
515
+ {
516
+ "Input": "Could you show me the votes for the IP located at mysite.io?",
517
+ "Output": "vt_get_votes_on_ip_address(ip = \"mysite.io\")"
518
+ },
519
+ {
520
+ "Input": "I'm keen to find out the votes for the IP address http://checkthisout.net. Please help.",
521
+ "Output": "vt_get_votes_on_ip_address(ip = \"checkthisout.net\")"
522
+ },
523
+ {
524
+ "Input": "Could you pull up the votes for the IP from http://inspectlink.com for me?",
525
+ "Output": "vt_get_votes_on_ip_address(ip = \"inspectlink.com\")"
526
+ },
527
+ {
528
+ "Input": "I'd appreciate if you could fetch the votes associated with the IP address http://viewpage.net.",
529
+ "Output": "vt_get_votes_on_ip_address(ip = \"viewpage.net\")"
530
+ },
531
+ {
532
+ "Input": "I need to understand the votes tied to the IP address http://explorerweb.org. Can you retrieve it?",
533
+ "Output": "vt_get_votes_on_ip_address(ip = \"explorerweb.org\")"
534
+ },
535
+ {
536
+ "Input": "Please help me get the votes associated with the IP of http://digdeep.io.",
537
+ "Output": "vt_get_votes_on_ip_address(ip = \"digdeep.io\")"
538
+ },
539
+ {
540
+ "Input": "I'm looking to find out the votes connected to the IP address http://surfthis.net. Can you assist?",
541
+ "Output": "vt_get_votes_on_ip_address(ip = \"surfthis.net\")"
542
+ },
543
+ {
544
+ "Input": "Can you gather votes for the IP address 12.23.145.89?",
545
+ "Output": "vt_get_votes_on_ip_address(ip = \"12.23.145.89\")"
546
+ },
547
+ {
548
+ "Input": "Would you be able to fetch the votes for 15.24.135.80?",
549
+ "Output": "vt_get_votes_on_ip_address(ip = \"15.24.135.80\")"
550
+ },
551
+ {
552
+ "Input": "I'm interested in the votes related to the IP 18.25.143.95. Could you help me retrieve them?",
553
+ "Output": "vt_get_votes_on_ip_address(ip = \"18.25.143.95\")"
554
+ },
555
+ {
556
+ "Input": "Please provide the votes associated with the IP address 12.26.155.88.",
557
+ "Output": "vt_get_votes_on_ip_address(ip = \"12.26.155.88\")"
558
+ },
559
+ {
560
+ "Input": "Can you assist in fetching votes for the IP 14.22.132.81?",
561
+ "Output": "vt_get_votes_on_ip_address(ip = \"14.22.132.81\")"
562
+ },
563
+ {
564
+ "Input": "Can you help me add a vote to an IP address 12.234.56.126 on VirusTotal? My key is my_api. The json of vote is here: {\"type\": \"vote\", \"attributes\": {\"verdict\": \"malicious\"}}",
565
+ "Output": "vt_add_votes_to_ip_address(ip = \"12.234.56.126\", data = {\"type\": \"vote\", \"attributes\": {\"verdict\": \"malicious\"}}, x_apikey = \"my_api\")"
566
+ },
567
+ {
568
+ "Input": "I want to submit a vote for the IP address 15.234.67.128 on VirusTotal. My access key is 'access_api'. Here's the vote details: {\"type\": \"vote\", \"attributes\": {\"verdict\": \"harmless\"}}",
569
+ "Output": "vt_add_votes_to_ip_address(ip = \"15.234.67.128\", data = {\"type\": \"vote\", \"attributes\": {\"verdict\": \"harmless\"}}, x_apikey = \"access_api\")"
570
+ },
571
+ {
572
+ "Input": "Using my API key 'unique_api', I'd like to cast a malicious vote for 14.235.68.129 on VirusTotal. Here's the vote structure: {\"type\": \"vote\", \"attributes\": {\"verdict\": \"malicious\"}}",
573
+ "Output": "vt_add_votes_to_ip_address(ip = \"14.235.68.129\", data = {\"type\": \"vote\", \"attributes\": {\"verdict\": \"malicious\"}}, x_apikey = \"unique_api\")"
574
+ },
575
+ {
576
+ "Input": "Can you assist me in marking the IP 16.236.69.130 as harmless on VirusTotal? Here's the voting json: {\"type\": \"vote\", \"attributes\": {\"verdict\": \"harmless\"}}. Use the API key 'secret_api'.",
577
+ "Output": "vt_add_votes_to_ip_address(ip = \"16.236.69.130\", data = {\"type\": \"vote\", \"attributes\": {\"verdict\": \"harmless\"}}, x_apikey = \"secret_api\")"
578
+ },
579
+ {
580
+ "Input": "For IP 17.237.70.131, I'd like to record a vote indicating it's malicious. My VirusTotal API token is 'token_api'. Here's the JSON for the vote: {\"type\": \"vote\", \"attributes\": {\"verdict\": \"malicious\"}}",
581
+ "Output": "vt_add_votes_to_ip_address(ip = \"17.237.70.131\", data = {\"type\": \"vote\", \"attributes\": {\"verdict\": \"malicious\"}}, x_apikey = \"token_api\")"
582
+ },
583
+ {
584
+ "Input": "I've determined IP 18.238.71.132 to be harmless. How can I add this vote on VirusTotal with my API key 'public_api'? The voting structure is: {\"type\": \"vote\", \"attributes\": {\"verdict\": \"harmless\"}}",
585
+ "Output": "vt_add_votes_to_ip_address(ip = \"18.238.71.132\", data = {\"type\": \"vote\", \"attributes\": {\"verdict\": \"harmless\"}}, x_apikey = \"public_api\")"
586
+ },
587
+ {
588
+ "Input": "I've got an IP, 19.239.72.133, that I want to label as 'malicious' on VirusTotal. Can you assist with that using my API key 'key_one'? The voting structure should be like this: {\"type\": \"vote\", \"attributes\": {\"verdict\": \"malicious\"}}",
589
+ "Output": "vt_add_votes_to_ip_address(ip = \"19.239.72.133\", data = {\"type\": \"vote\", \"attributes\": {\"verdict\": \"malicious\"}}, x_apikey = \"key_one\")"
590
+ },
591
+ {
592
+ "Input": "Using the API key 'key_two', can I cast a harmless vote for the IP address 20.240.73.134 on VirusTotal? The voting data is: {\"type\": \"vote\", \"attributes\": {\"verdict\": \"harmless\"}}",
593
+ "Output": "vt_add_votes_to_ip_address(ip = \"20.240.73.134\", data = {\"type\": \"vote\", \"attributes\": {\"verdict\": \"harmless\"}}, x_apikey = \"key_two\")"
594
+ },
595
+ {
596
+ "Input": "I suspect the IP 21.241.74.135 is benign. I'd like to mark it as such on VirusTotal using 'key_three'. The vote details are: {\"type\": \"vote\", \"attributes\": {\"verdict\": \"harmless\"}}",
597
+ "Output": "vt_add_votes_to_ip_address(ip = \"21.241.74.135\", data = {\"type\": \"vote\", \"attributes\": {\"verdict\": \"harmless\"}}, x_apikey = \"key_three\")"
598
+ },
599
+ {
600
+ "Input": "With my 'key_four', I want to submit a vote indicating IP 22.242.75.136 is malicious on VirusTotal. Here's the voting JSON: {\"type\": \"vote\", \"attributes\": {\"verdict\": \"malicious\"}}",
601
+ "Output": "vt_add_votes_to_ip_address(ip = \"12.234.56.126\", data = {\"type\": \"vote\", \"attributes\": {\"verdict\": \"malicious\"}}, x_apikey = \"key_four\")"
602
+ },
603
+ {
604
+ "Input": "Can I use 'key_five' to designate IP 23.243.76.137 as harmless on VirusTotal? The voting structure I have is: {\"type\": \"vote\", \"attributes\": {\"verdict\": \"harmless\"}}",
605
+ "Output": "vt_add_votes_to_ip_address(ip = \"23.243.76.137\", data = {\"type\": \"vote\", \"attributes\": {\"verdict\": \"harmless\"}}, x_apikey = \"key_five\")"
606
+ }
607
+ ]
logo.png ADDED
strings.py ADDED
@@ -0,0 +1,1417 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+
2
+ # The natural language descriptions of different APIs
3
+ api_descriptions = {
4
+ "Climate": "The Climate API, provided by the National Climatic Data Center (NCDC), offers access to a comprehensive database of weather and climate data, catering to developers who want to create custom scripts or programs. The API allows up to five requests per second and a maximum of 10,000 requests per day.",
5
+ "Heldout_Combined": "This dataset is obtained from the stack (BigCode). The stack is primarily used as a pre-training dataset for Code LLMs, aiding in tasks like code completion from natural language, documentation generation, and auto-completion of code snippets. \n\n Note that due to specific policies, the stack data are not publicly available yet, so we didn't provide examples here. Thanks for your understanding!",
6
+ "Places_API": "The Places API by Google, part of the Google Maps Platform, offers detailed information about over 200 million places worldwide, including ratings, reviews, and business data. It enhances user experience by providing features like accessibility information, special and secondary opening hours, editorial summaries, detailed dining and shopping service attributes, and the ability to sort and auto-translate reviews.",
7
+ "VT_Multi_Dependency": "Built on top of the VirusTotal (VT) dataset, we added 17 supplementary APIs to achieve more advanced functionalities. Multi_Dependency means that in order to fulfill the task requested by user's query, the model needs to call multiple apis, where some apis rely on the results of other apis.",
8
+ "VT_Multi_Disconnected": "Built on top of the VirusTotal (VT) dataset, we added 17 supplementary APIs to achieve more advanced functionalites. Disconnected means that in order to fultill the task requested by the user's query, the model needs to call multiple apis, where the apis don't repy on each other.",
9
+ "OTX": "AlienVault Open Threat Exchange (OTX) is a global community-based platform where participants can share and collaborate on threat intelligence in real-time, enhancing their ability to respond to emerging cybersecurity threats. OTX has 5 categories of APIs, and contains a total number of 40 APIs. In our dataset we selected a subset of OTX.",
10
+ "CVECPE": "CVEs and CPEs are critical in cybersecurity. CVE search and CPE search are tools provided by NVDLib that can find CVE and CPE items based on dates, keywords, severities, etc. These APIs are hard for LLMs to handle due to its large number of args, 47 args for searchCVE and 11 args for searchCPE, respectively.",
11
+ "VirusTotal": "VirusTotal is a well-accepted tool in cybersecurity that can analyze files and URLs for viruses, worms, trojans, etc. using a variety of antivirus engines and website scanners. VirusTotal is hard for LLMs to use because it has 8 categories, contains a total number of 208 APIs. We selected a subset in our experiments. In particular, note that many of the APIs have similar functionalites, with specific differences that are important, non-negligible but hard to find.",
12
+ "CVECPE_Multi_Dependency": "Built on top of the CVECPE dataset, we added 12 supplementary APIs to achieve more advanced functionalities. Multi_Dependency means that in order to fulfill the task requested by user's query, the model needs to call multiple apis, where some apis rely on the results of other apis."
13
+ }
14
+
15
+
16
+ func_definitions = {
17
+ "Climate": [("get_latitude_longitude(location: str)",
18
+ """
19
+ Given a city name, this function provides the latitude and longitude of the specific location.
20
+
21
+ Args:
22
+ - location: This can be a city like 'Austin', or a place like 'Austin Airport', etc.
23
+ """),
24
+ ("get_current_location()",
25
+ """
26
+ Returns the current location. ONLY use this if the user has not provided an explicit location in the query.
27
+
28
+ Returns a string representation of the city, such as "Austin". This will not return a latitude or longitude.
29
+ """),
30
+ ("find_nearby_stations(lat_long : tuple)",
31
+ """
32
+ This endpoint provides a list of nearby weather stations for a given geographical location. Please provide the geographical location as a latitude and longitude.
33
+
34
+ Args:
35
+ - lat_long: This argument should be a tuple of the latitude as the first element and the longitude as the second element.
36
+
37
+ Returns:
38
+ - A list of dictionaries about the various stations near you.
39
+ """),
40
+ ("get_nearest_station_id(nearby_stations)",
41
+ """
42
+ Given a list of nearby stations, returns the one nearest to you and provides the system ID for it alone.
43
+
44
+ Args:
45
+ - nearby_stations: A list of nearby stations in dictionary format.
46
+
47
+ Returns:
48
+ The station_id alone for the nearest station in the list of the stations provided.
49
+ """),
50
+ ("get_timezone(lat_long)",
51
+ """
52
+ This gets the timezone for a given latlong.
53
+
54
+ Args:
55
+ - lat_long: The latitude and longitude of the area you want to query the timezone for.
56
+ """),
57
+ ("get_hourly_observation(station_id, start_time, end_time, time_zone)",
58
+ """
59
+ Returns hourly observations between start_time and end_time.
60
+
61
+ Please ensure that the start and end times are provided in the format "YYYY-MM-DD".
62
+ Please provide the timezone for your input as well!
63
+
64
+ Args:
65
+ - station_id: The station_id for the station you're interested in
66
+ - start_time : The time span to start pulling hourly observations for. Should be in format of "YYYY-MM-DD".
67
+ - end_time: The time span to end pulling hourly observations for. Should be in format of "YYYY-MM-DD".
68
+ - timezone: The timezone string id for the location you're asking for.
69
+
70
+ Returns:
71
+ The list of hourly observations for your station and timespan.
72
+ """),
73
+ ("subtract_time_delta(date_time_str, delta_days)",
74
+ """
75
+ Subtracts a time delta from the date part of a given date time string and returns
76
+ the new date string with the updated date.
77
+
78
+ DO NOT use this if delta_days is 0.
79
+
80
+ :param date_time_str: The date time string in format 'YYYY-MM-DD'.
81
+ :param delta_days: Number of days to subtract. HAS TO BE LARGER THAN 0.
82
+ :return: New date string with the updated date after subtracting the delta.
83
+ """),
84
+ ("get_current_time_at_location(lat_long)",
85
+ """
86
+ Returns the current time at a given location.
87
+
88
+ Args:
89
+ - lat_long: The latitude and longitude of the location of interest.
90
+ """)],
91
+ "Heldout_Combined": [("", "")],
92
+ "Places_API": [("get_current_location()",
93
+ """
94
+ Returns the current location. ONLY use this if the user has not provided an explicit location in the query.
95
+ """),
96
+ ("sort_results(places, sort: str, ascending: bool)",
97
+ """
98
+ Sorts the results by either 'distance', 'rating' or 'price'.
99
+
100
+ Args
101
+ - places: The output list from the recommendations.
102
+ - sort (str): If set, sorts by either 'distance' or 'rating' or 'price'. ONLY supports 'distance' or 'rating' or 'price'.
103
+ - ascending (bool): If ascending is set, setting this boolean to true will sort the results by lower values first.
104
+ """),
105
+ ("get_latitude_longitude(location: str)",
106
+ """
107
+ Given a city name, this function provides the latitude and longitude of the specific location.
108
+
109
+ Args
110
+ - location: This can be a city like 'Austin', or a place like 'Austin Airport', etc.
111
+ """),
112
+ ("get_distance(place_1: str, place_2: str)",
113
+ """
114
+ Provides distance between two locations. Do NOT provide latitude longitude, but rather, provide the string descriptions.
115
+
116
+ Args
117
+ - place_1: The first location.
118
+ - place_2: The second location.
119
+ """),
120
+ ("get_recommendations(topics: list, lat_long: tuple)",
121
+ """
122
+ Returns the recommendations for a specific topic that is of interest. Remember, a topic IS NOT an establishment. For establishments, please use anothher function.
123
+
124
+ Args
125
+ - topics (list): A list of topics of interest to pull recommendations for. Can be multiple words.
126
+ - lat_long (tuple): The lat_long of interest.
127
+ """),
128
+ ("find_places_near_location(type_of_place: list, location: str, radius_miles: int = 50)",
129
+ """
130
+ Find places close to a very defined location.
131
+
132
+ Args
133
+ - type_of_place (list): The type of place. This can be something like 'restaurant' or 'airport'. Make sure that it is a physical location. You can provide multiple words.
134
+ - location (str): The location for the search. This can be a city's name, region, or anything that specifies the location.
135
+ - radius_miles (int): Optional. The max distance from the described location to limit the search. Distance is specified in miles.
136
+ """),
137
+ ("get_some_reviews(place_names: list, location: str = None)",
138
+ """
139
+ Given an establishment (or place) name, return reviews about the establishment.
140
+
141
+ Args
142
+ - place_names (list): The name of the establishment. This should be a physical location name. You can provide multiple inputs.
143
+ - location (str) : The location where the restaurant is located. Optional argument.
144
+ """)],
145
+ "VT_Multi_Dependency": [("vt_validate_historical_ssl_certificates(historical_ssl_certificates: list, x_apikey: str)",
146
+ """This function takes historical SSL certificates as input and checks if there is at least one valid SSL certificate present inside the provided historical data. It validates the SSL certificate by checking whether it is not expired and its issuing authority is trustworthy.
147
+
148
+ Args:
149
+ - historical_ssl_certificates: list, required, List of SSL certificates in the history
150
+ - x_apikey: string, required, Your API key
151
+ """),
152
+ ("vt_get_threat_actors_main_source_region(threat_actors: list, x_apikey: str)",
153
+ """This function takes a list of threat actor objects and returns the primary source region among them. Each threat actor object has an attribute 'source region', and the function analyses this attribute across all objects to determine and return the most common source region, deemed as the 'main' source region.
154
+
155
+ Args:
156
+ - threat_actors: list, required, List of threat actor objects
157
+ - x_apikey: string, required, Your API key.
158
+ """),
159
+ ("vt_get_threat_actors_latest_modification_date(threat_actor_objects: list, x_apikey: str)",
160
+ """This function retrieves the latest modification date from a list of threat actor objects. It iterates through each threat actor object, checks its modification date, and returns the most recent modification date.
161
+
162
+ Args:
163
+ - threat_actor_objects: list of objects, required, A list of threat actor objects.
164
+ - x_apikey: string, required, Your API key.
165
+ """),
166
+ ("convert_unix_timestamp_to_date(unix_timestamp: int)",
167
+ """Converts a UNIX timestamp to a human-readable date in the format 'YYYY/MM/DD'.
168
+
169
+ Args:
170
+ - unix_timestamp: integer, required, The UNIX timestamp to be converted.
171
+ """),
172
+ ("vt_is_date_within_range(timestamp: int, start: str, end: str)",
173
+ """Checks if a given Unix timestamp is within a specified date range. The range is specified by 'start' and 'end' dates formatted as 'YYYY/MM/DD'. It's permissible for only one of 'start' or 'end' to be present in the function call. If 'start' is not provided, the function checks if the timestamp is earlier than or equal to the 'end' date. Similarly, If 'end' is not provided, the function checks if the timestamp is later than or equal to the 'start' date.
174
+
175
+ Args:
176
+ - timestamp: int, required, Unix timestamp
177
+ - start: string, optional, Start of the date range in 'YYYY/MM/DD' format
178
+ - end: string, optional, End of the date range in 'YYYY/MM/DD' format
179
+ """),
180
+ ("vt_get_last_analysis_date_from_report(report: dict)",
181
+ """This function retrieves the last analysis date from the domain report collected by VirusTotal. The returned date is in Unix timestamp format.
182
+
183
+ Args:
184
+ - report: dict, required, The domain report collected by vt_get_domain_report function.
185
+ """),
186
+ ("vt_get_comments_on_multiple_domains(domains: list, x_apikey: str, limit: int, cursor: str)",
187
+ """This function will retrieve comments for each specified domain in the given list.
188
+
189
+ Args:
190
+ - domains, list of strings, required, List of domain names
191
+ - x_apikey, string, required, Your API key
192
+ - limit, int32, optional, Maximum number of comments to retrieve for each domain
193
+ - cursor, string, optional, Continuation cursor
194
+ """),
195
+ ("vt_get_multiple_domain_reports(domains: list, x_apikey: str)",
196
+ """retrieves reports for a list of domains provided. For each domain in the list, it requests the collected information regarding that domain from VirusTotal.
197
+
198
+ Args:
199
+ - domains: list of strings, required, A list of Domain names
200
+ - x_apikey: string, required, Your API key
201
+ """),
202
+ ("vt_get_majority_vote(votes: dict)",
203
+ """This function takes a dictionary of votes returns the name with the majority votes. If the votes are equal, it will return the first encountered key in the dictionary.
204
+
205
+ Args:
206
+ - votes: dictionary, required, dictionary of votes
207
+ """),
208
+ ("count_items_in_list(input_list: list)",
209
+ """This function takes a list as an input and returns the number of items present in the list.
210
+
211
+ Args:
212
+ - input_list: list, required, List whose items are to be counted
213
+ """),
214
+ ("extract_resolution_date(dns_res_obj: object)",
215
+ """Extracts the date of DNS resolution from a DNS resolution object. The date is returned as a Unix timestamp.
216
+
217
+ Args:
218
+ - dns_res_obj: object, required, The DNS resolution object from which the date of resolution is to be extracted.
219
+ """),
220
+ ("calculate_sum_of_numbers(num1: int, num2: int)",
221
+ """Computes the sum of two numbers provided. Input numbers can be either integer or floating-point values.
222
+
223
+ Args:
224
+ - num1: Integer or Float, required, The first number
225
+ - num2: Integer or Float, required, The second number
226
+ """),
227
+ ("get_first_object_from_list(list_of_objects: list)",
228
+ """Retrieves the first object from a given list. If the list is empty, it return `None`.
229
+
230
+ Args:
231
+ - list_of_objects: list, required, List containing objects from which the function will pick out the first object.
232
+ """),
233
+ ("get_random_object_from_list(list_of_objects: list)",
234
+ """This function selects and returns a random object from a list of objects. It is designed to handle any list length, including empty lists.
235
+
236
+ Args:
237
+ - list_of_objects: list, required, List containing objects from which the function will pick out a random object.
238
+ """),
239
+ ("resolve_ip_to_domain_and_parent_domain(ip_address: str)",
240
+ """Resolves an IP address to its associated domain and parent domain. This function leverages DNS resolution to determine the domain associated with the given IP address and then extracts the parent domain from the resolved domain.
241
+
242
+ Args:
243
+ - ip_address (string, required): The IP address to be resolved. Returns:
244
+ - tuple: A tuple containing the domain and parent domain if resolution is successful; otherwise, None for both.
245
+ """),
246
+ ("extract_domain_and_parent_domain(url: str)",
247
+ """Extracts the domain and parent domain from a given URL.
248
+
249
+ Args:
250
+ - url (string, required): The URL from which to extract the domain and parent domain.
251
+
252
+ Returns:
253
+ - tuple: A tuple containing the domain and parent domain.
254
+ """),
255
+ ("merge_two_lists(list1: list, list2: list)",
256
+ """Merges two lists of objects into a single list. This function takes in two lists and returns a combined list containing elements from both lists. Duplicates are not removed.
257
+
258
+ Args:
259
+ - list1 (list, required): The first list of objects to be merged.
260
+ - list2 (list, required): The second list of objects to be merged.
261
+
262
+ Returns:
263
+ - list: A merged list containing elements from both input lists.
264
+ """),
265
+ ("vt_get_votes_on_ip_address(ip: str)", """
266
+ This function will retrieve votes on a provided IP address.
267
+
268
+ Args:
269
+ - ip: string, required, ip address
270
+ """),
271
+ ("vt_get_comments_on_domain(domain: str, x_apikey: str, limit: int = None, cursor: str = None)",
272
+ """
273
+ This function will retrieve comments on a specified domain.
274
+
275
+ Args:
276
+ - domain, string, required, Domain name
277
+ - x-apikey, string, required, Your API key
278
+ - limit, int32, optional, Maximum number of comments to retrieve
279
+ - cursor, string, optional, Continuation cursor
280
+ """),
281
+ ("vt_get_object_descriptors_related_to_domain(domain: str, relationship: str, x_apikey: str, limit: int = None, cursor: str = None)",
282
+ """
283
+ This specifically returns related object's IDs (and context attributes, if any). Please note that this will not return all attributes. This will return objects relating to a domain.
284
+
285
+ - caa_records: Records CAA for the domain.
286
+ - cname_records: Records CNAME for the domain.
287
+ - comments: Community posted comments about the domain.
288
+ - communicating_files: Files that communicate with the domain.
289
+ - downloaded_files: Files downloaded from that domain.
290
+ - graphs: All graphs that include the domain.
291
+ - historical_ssl_certificates: SSL certificates associated with the domain.
292
+ - historical_whois: WHOIS information for the domain.
293
+ - immediate_parent: Domain's immediate parent.
294
+ - mx_records: Records MX for the domain.
295
+ - ns_records: Records NS for the domain.
296
+ - parent: Domain's top parent.
297
+ - referrer_files: Refers to any and all files that contain this domain.
298
+ - related_comments: Community posted comments in the domain's related objects.
299
+ - related_references: Refers to the References related to the domain.
300
+ - related_threat_actors: Refers to the threat actors related to the domain. A list of Threat Actors.
301
+ - resolutions: DNS resolutions for the domain.
302
+ - soa_records: Records SOA for the domain.
303
+ - siblings: Refers to the Domain's sibling domains.
304
+ - subdomains: Refers to the Domain's subdomains.
305
+ - urls: Refers to the URLs that contain this domain.
306
+ - user_votes: Refers to the current user's votes.
307
+
308
+ Args:
309
+ - domain: string, required, Domain name
310
+ - relationship: string, required, Relationship name (see table)
311
+ - x-apikey: string, required, Your API key
312
+ - limit: int32, optional, Maximum number of comments to retrieve
313
+ - cursor: string, optional, Continuation cursor
314
+ """),
315
+ ("vt_get_objects_related_to_domain(domain: str, relationship: str, x_apikey: str, limit: int = None, cursor: str = None)",
316
+ """
317
+ Objects are a key concept in the VirusTotal API. Each object has an identifier and a type.
318
+ Each object has an associated URL, and each domain is associated with objects.
319
+ This function returns ALL of the objects related to the domain, based on the specified relationship.
320
+
321
+ The following describe the valid relationship:
322
+ - caa_records: Records CAA for the domain.
323
+ - cname_records: Records CNAME for the domain.
324
+ - comments: Community posted comments about the domain.
325
+ - communicating_files: Files that communicate with the domain.
326
+ - downloaded_files: Files downloaded from that domain.
327
+ - graphs: All graphs that include the domain.
328
+ - historical_ssl_certificates: SSL certificates associated with the domain.
329
+ - historical_whois: WHOIS information for the domain.
330
+ - immediate_parent: Domain's immediate parent.
331
+ - mx_records: Records MX for the domain.
332
+ - ns_records: Records NS for the domain.
333
+ - parent: Domain's top parent.
334
+ - referrer_files: Refers to any and all files that contain this domain.
335
+ - related_comments: Community posted comments in the domain's related objects.
336
+ - related_references: Refers to the References related to the domain.
337
+ - related_threat_actors: Refers to the threat actors related to the domain. A list of Threat Actors.
338
+ - resolutions: DNS resolutions for the domain.
339
+ - soa_records: Records SOA for the domain.
340
+ - siblings: Refers to the Domain's sibling domains.
341
+ - subdomains: Refers to the Domain's subdomains.
342
+ - urls: Refers to the URLs that contain this domain.
343
+ - user_votes: Refers to the current user's votes.
344
+
345
+
346
+ Args:
347
+ - domain: string, required, Domain name
348
+ - relationship, string, required, Relationship name (see table)
349
+ - x-apikey, string, required, Your API key
350
+ - limit, int32, optional, Maximum number of comments to retrieve
351
+ - cursor, string, optional, Continuation cursor
352
+ """),
353
+ ("vt_get_object_descriptors_related_to_ip_address(ip: str, relationship: str, x_apikey: str, limit: int = None, cursor: str = None)",
354
+ """
355
+ This specifically returns related object's IDs (and context attributes, if any). Please note that this will not return all attributes.
356
+
357
+ You are expected to provide the relationship to the object you're interested in. The valid relationships are as follows.
358
+
359
+ The relationships are documented here:
360
+ - comments: The comments for the IP address.
361
+ - communicating_files: Files that communicate with the IP address.
362
+ - downloaded_files: Files downloaded from the IP address. VT Enterprise users only.
363
+ - graphs: Graphs including the IP address.
364
+ - historical_ssl_certificates: SSL certificates associated with the IP.
365
+ - historical_whois: WHOIS information for the IP address. Retrurns a list of Whois attributes.
366
+ - related_comments: Community posted comments in the IP's related objects.
367
+ - related_references: Returns the references related to the IP address.
368
+ - related_threat_actors: Threat actors related to the IP address.
369
+ - referrer_files: Files containing the IP address.
370
+ - resolutions: Resolves the IP addresses.
371
+ - urls: Returns a list of URLs related to the IP address.
372
+
373
+ Here are some useful descriptions of the arguments in this API, with the format - name of this argument: type of the data, required or optional, description of this argument.
374
+ - ip: string, required, IP address
375
+ - relationship: string, required, Relationship name (see table)
376
+ - x-apikey: string, required, Your API key
377
+ - limit: int32, optional, Maximum number of comments to retrieve
378
+ - cursor: string, optional, Continuation cursor
379
+ """),
380
+ ("vt_add_comment_to_ip_address(ip: str, data: dict, x_apikey: str)",
381
+ """
382
+ With this function you can post a comment for a given IP address. The body for the POST request must be the JSON representation of a comment object. Notice however that you don't need to provide an ID for the object, as they are automatically generated for new comments.
383
+ However, please note that you will need to provide a valid data JSON for using this function.
384
+
385
+ Any word starting with # in your comment's text will be considered a tag, and added to the comment's tag attribute.
386
+
387
+ Returns a Comment object.
388
+
389
+ Args:
390
+ - ip: string, required, IP address
391
+ - data: json, required, A comment object
392
+ - x-apikey: string, required, Your API key
393
+ """),
394
+ ("vt_get_comments_on_ip_address(ip: str, x_apikey: str, limit: int = None, cursor: str = None)",
395
+ """
396
+ Retrieves the comments on a provided IP address. Returns a list of Comment objects.
397
+
398
+ Args:
399
+ - ip, string, required, IP address
400
+ - x-apikey, string, required, Your API key
401
+ - limit, int32, optional, Maximum number of comments to retrieve
402
+ - cursor, string, optional, Continuation cursor
403
+ """),
404
+ ("vt_get_domain_report(domain: str, x_apikey: str)",
405
+ """
406
+ Retrieves a domain report. These reports contain information regarding the domain itself that VirusTotal has collected.
407
+
408
+ Args:
409
+ - domain: string, required, Domain name
410
+ - x-apikey: string, required, Your API key
411
+ """),
412
+ ("vt_add_votes_to_ip_address(ip: str, data: dict, x_apikey: str)",
413
+ """
414
+ With this function you can post a vote for a given file. The body for the POST request must be the JSON representation of a vote object. Note however that you don't need to provide an ID for the object, as they are automatically generated for new votes. The verdict attribute must have be either harmless or malicious.
415
+
416
+ Please ensure that the JSON object you provide conforms accurately to valid JSON standards.
417
+
418
+ Args:
419
+ - ip, string, required, IP address
420
+ - data, json, Vote object
421
+ - x-apikey, string, required, Your API key
422
+ """),
423
+ ("vt_get_ip_address_report",
424
+ """
425
+ Retrieve an IP address report. These reports condense all of the recent activity that VirusTotal has seen for the resource under consideration, as well as contextual information about it.
426
+ This function specifically generates these reports using the IP address parameter.
427
+
428
+ Args:
429
+ - ip: string, required, IP address
430
+ - x-apikey: string, required, Your API key
431
+ """),
432
+ ("vt_get_objects_related_to_ip_address(ip: str, relationship: str, x_apikey: str, limit: int = None, cursor: str = None)",
433
+ """
434
+ IP addresses have number of relationships to other objects. This returns ALL objects that fit the relationship.
435
+
436
+ The relationships are documented here:
437
+ - comments: The comments for the IP address. Returns a list of comments.
438
+ - communicating_files: Files that communicate with the IP address. Returns a list of files.
439
+ - downloaded_files: Files downloaded from the IP address. VT Enterprise users only. Returns a list of files.
440
+ - graphs: Graphs including the IP address. Returns a list of graphs.
441
+ - historical_ssl_certificates: SSL certificates associated with the IP. Returns a list of SSL certificates.
442
+ - historical_whois: WHOIS information for the IP address. Retrurns a list of Whois attributes.
443
+ - related_comments: Community posted comments in the IP's related objects. Returns a list of comments.
444
+ - related_references: Returns the references related to the IP address. Returns a list of References.
445
+ - related_threat_actors: Threat actors related to the IP address. Returns a list of threat actors.
446
+ - referrer_files: Files containing the IP address. Returns a list of Files.
447
+ - resolutions: Resolves the IP addresses. Returns a list of resolutions.
448
+ - urls: Returns a list of URLs related to the IP address. Returns a list of URLs.
449
+
450
+ Args:
451
+ - ip, string, required, IP address
452
+ - relationship, string, required, Relationship name (see the list of items from above)
453
+ - x-apikey, string, required, Your API key
454
+ - limit, int32, optional, Maximum number of comments to retrieve
455
+ - cursor, string, optional, Continuation cursor
456
+ """),
457
+ ("vt_get_dns_resolution_object(id: str, x_apikey: str)",
458
+ """
459
+ This endpoint retrieves a Resolution object by its ID. A resolution object ID is made by appending the IP and the domain it resolves to together.
460
+
461
+ Domain-IP resolutions. Resolution objects include the following attributes:
462
+ date: <integer> date when the resolution was made (UTC timestamp).
463
+ host_name: <string> domain or subdomain requested to the resolver.
464
+ host_name_last_analysis_stats: <dictionary> last detection stats from the resolution's domain. Similar to the domains's last_analysis_stats attribute.
465
+ ip_address: <string> IP address the domain was resolved to.
466
+ ip_address_last_analysis_stats: <dictionary> last detection stats from the resolution's IP address. Similar to the IP address' last_analysis_stats attribute.
467
+ resolver: <string> source of the resolution.
468
+
469
+ Args:
470
+ - id: string, required, Resolution object ID
471
+ - x-apikey: string, required, Your API key
472
+ """)],
473
+ "VT_Multi_Disconnected": [("vt_validate_historical_ssl_certificates(historical_ssl_certificates: list, x_apikey: str)",
474
+ """This function takes historical SSL certificates as input and checks if there is at least one valid SSL certificate present inside the provided historical data. It validates the SSL certificate by checking whether it is not expired and its issuing authority is trustworthy.
475
+
476
+ Args:
477
+ - historical_ssl_certificates: list, required, List of SSL certificates in the history
478
+ - x_apikey: string, required, Your API key
479
+ """),
480
+ ("vt_get_threat_actors_main_source_region(threat_actors: list, x_apikey: str)",
481
+ """This function takes a list of threat actor objects and returns the primary source region among them. Each threat actor object has an attribute 'source region', and the function analyses this attribute across all objects to determine and return the most common source region, deemed as the 'main' source region.
482
+
483
+ Args:
484
+ - threat_actors: list, required, List of threat actor objects
485
+ - x_apikey: string, required, Your API key.
486
+ """),
487
+ ("vt_get_threat_actors_latest_modification_date(threat_actor_objects: list, x_apikey: str)",
488
+ """This function retrieves the latest modification date from a list of threat actor objects. It iterates through each threat actor object, checks its modification date, and returns the most recent modification date.
489
+
490
+ Args:
491
+ - threat_actor_objects: list of objects, required, A list of threat actor objects.
492
+ - x_apikey: string, required, Your API key.
493
+ """),
494
+ ("convert_unix_timestamp_to_date(unix_timestamp: int)",
495
+ """Converts a UNIX timestamp to a human-readable date in the format 'YYYY/MM/DD'.
496
+
497
+ Args:
498
+ - unix_timestamp: integer, required, The UNIX timestamp to be converted.
499
+ """),
500
+ ("vt_is_date_within_range(timestamp: int, start: str, end: str)",
501
+ """Checks if a given Unix timestamp is within a specified date range. The range is specified by 'start' and 'end' dates formatted as 'YYYY/MM/DD'. It's permissible for only one of 'start' or 'end' to be present in the function call. If 'start' is not provided, the function checks if the timestamp is earlier than or equal to the 'end' date. Similarly, If 'end' is not provided, the function checks if the timestamp is later than or equal to the 'start' date.
502
+
503
+ Args:
504
+ - timestamp: int, required, Unix timestamp
505
+ - start: string, optional, Start of the date range in 'YYYY/MM/DD' format
506
+ - end: string, optional, End of the date range in 'YYYY/MM/DD' format
507
+ """),
508
+ ("vt_get_last_analysis_date_from_report(report: dict)",
509
+ """This function retrieves the last analysis date from the domain report collected by VirusTotal. The returned date is in Unix timestamp format.
510
+
511
+ Args:
512
+ - report: dict, required, The domain report collected by vt_get_domain_report function.
513
+ """),
514
+ ("vt_get_comments_on_multiple_domains(domains: list, x_apikey: str, limit: int, cursor: str)",
515
+ """This function will retrieve comments for each specified domain in the given list.
516
+
517
+ Args:
518
+ - domains, list of strings, required, List of domain names
519
+ - x_apikey, string, required, Your API key
520
+ - limit, int32, optional, Maximum number of comments to retrieve for each domain
521
+ - cursor, string, optional, Continuation cursor
522
+ """),
523
+ ("vt_get_multiple_domain_reports(domains: list, x_apikey: str)",
524
+ """retrieves reports for a list of domains provided. For each domain in the list, it requests the collected information regarding that domain from VirusTotal.
525
+
526
+ Args:
527
+ - domains: list of strings, required, A list of Domain names
528
+ - x_apikey: string, required, Your API key
529
+ """),
530
+ ("vt_get_majority_vote(votes: dict)",
531
+ """This function takes a dictionary of votes returns the name with the majority votes. If the votes are equal, it will return the first encountered key in the dictionary.
532
+
533
+ Args:
534
+ - votes: dictionary, required, dictionary of votes
535
+ """),
536
+ ("count_items_in_list(input_list: list)",
537
+ """This function takes a list as an input and returns the number of items present in the list.
538
+
539
+ Args:
540
+ - input_list: list, required, List whose items are to be counted
541
+ """),
542
+ ("extract_resolution_date(dns_res_obj: object)",
543
+ """Extracts the date of DNS resolution from a DNS resolution object. The date is returned as a Unix timestamp.
544
+
545
+ Args:
546
+ - dns_res_obj: object, required, The DNS resolution object from which the date of resolution is to be extracted.
547
+ """),
548
+ ("calculate_sum_of_numbers(num1: int, num2: int)",
549
+ """Computes the sum of two numbers provided. Input numbers can be either integer or floating-point values.
550
+
551
+ Args:
552
+ - num1: Integer or Float, required, The first number
553
+ - num2: Integer or Float, required, The second number
554
+ """),
555
+ ("get_first_object_from_list(list_of_objects: list)",
556
+ """Retrieves the first object from a given list. If the list is empty, it return `None`.
557
+
558
+ Args:
559
+ - list_of_objects: list, required, List containing objects from which the function will pick out the first object.
560
+ """),
561
+ ("get_random_object_from_list(list_of_objects: list)",
562
+ """This function selects and returns a random object from a list of objects. It is designed to handle any list length, including empty lists.
563
+
564
+ Args:
565
+ - list_of_objects: list, required, List containing objects from which the function will pick out a random object.
566
+ """),
567
+ ("resolve_ip_to_domain_and_parent_domain(ip_address: str)",
568
+ """Resolves an IP address to its associated domain and parent domain. This function leverages DNS resolution to determine the domain associated with the given IP address and then extracts the parent domain from the resolved domain.
569
+
570
+ Args:
571
+ - ip_address (string, required): The IP address to be resolved. Returns:
572
+ - tuple: A tuple containing the domain and parent domain if resolution is successful; otherwise, None for both.
573
+ """),
574
+ ("extract_domain_and_parent_domain(url: str)",
575
+ """Extracts the domain and parent domain from a given URL.
576
+
577
+ Args:
578
+ - url (string, required): The URL from which to extract the domain and parent domain.
579
+
580
+ Returns:
581
+ - tuple: A tuple containing the domain and parent domain.
582
+ """),
583
+ ("merge_two_lists(list1: list, list2: list)",
584
+ """Merges two lists of objects into a single list. This function takes in two lists and returns a combined list containing elements from both lists. Duplicates are not removed.
585
+
586
+ Args:
587
+ - list1 (list, required): The first list of objects to be merged.
588
+ - list2 (list, required): The second list of objects to be merged.
589
+
590
+ Returns:
591
+ - list: A merged list containing elements from both input lists.
592
+ """),
593
+ ("vt_get_votes_on_ip_address(ip: str)", """
594
+ This function will retrieve votes on a provided IP address.
595
+
596
+ Args:
597
+ - ip: string, required, ip address
598
+ """),
599
+ ("vt_get_comments_on_domain(domain: str, x_apikey: str, limit: int = None, cursor: str = None)",
600
+ """
601
+ This function will retrieve comments on a specified domain.
602
+
603
+ Args:
604
+ - domain, string, required, Domain name
605
+ - x-apikey, string, required, Your API key
606
+ - limit, int32, optional, Maximum number of comments to retrieve
607
+ - cursor, string, optional, Continuation cursor
608
+ """),
609
+ ("vt_get_object_descriptors_related_to_domain(domain: str, relationship: str, x_apikey: str, limit: int = None, cursor: str = None)",
610
+ """
611
+ This specifically returns related object's IDs (and context attributes, if any). Please note that this will not return all attributes. This will return objects relating to a domain.
612
+
613
+ - caa_records: Records CAA for the domain.
614
+ - cname_records: Records CNAME for the domain.
615
+ - comments: Community posted comments about the domain.
616
+ - communicating_files: Files that communicate with the domain.
617
+ - downloaded_files: Files downloaded from that domain.
618
+ - graphs: All graphs that include the domain.
619
+ - historical_ssl_certificates: SSL certificates associated with the domain.
620
+ - historical_whois: WHOIS information for the domain.
621
+ - immediate_parent: Domain's immediate parent.
622
+ - mx_records: Records MX for the domain.
623
+ - ns_records: Records NS for the domain.
624
+ - parent: Domain's top parent.
625
+ - referrer_files: Refers to any and all files that contain this domain.
626
+ - related_comments: Community posted comments in the domain's related objects.
627
+ - related_references: Refers to the References related to the domain.
628
+ - related_threat_actors: Refers to the threat actors related to the domain. A list of Threat Actors.
629
+ - resolutions: DNS resolutions for the domain.
630
+ - soa_records: Records SOA for the domain.
631
+ - siblings: Refers to the Domain's sibling domains.
632
+ - subdomains: Refers to the Domain's subdomains.
633
+ - urls: Refers to the URLs that contain this domain.
634
+ - user_votes: Refers to the current user's votes.
635
+
636
+ Args:
637
+ - domain: string, required, Domain name
638
+ - relationship: string, required, Relationship name (see table)
639
+ - x-apikey: string, required, Your API key
640
+ - limit: int32, optional, Maximum number of comments to retrieve
641
+ - cursor: string, optional, Continuation cursor
642
+ """),
643
+ ("vt_get_objects_related_to_domain(domain: str, relationship: str, x_apikey: str, limit: int = None, cursor: str = None)",
644
+ """
645
+ Objects are a key concept in the VirusTotal API. Each object has an identifier and a type.
646
+ Each object has an associated URL, and each domain is associated with objects.
647
+ This function returns ALL of the objects related to the domain, based on the specified relationship.
648
+
649
+ The following describe the valid relationship:
650
+ - caa_records: Records CAA for the domain.
651
+ - cname_records: Records CNAME for the domain.
652
+ - comments: Community posted comments about the domain.
653
+ - communicating_files: Files that communicate with the domain.
654
+ - downloaded_files: Files downloaded from that domain.
655
+ - graphs: All graphs that include the domain.
656
+ - historical_ssl_certificates: SSL certificates associated with the domain.
657
+ - historical_whois: WHOIS information for the domain.
658
+ - immediate_parent: Domain's immediate parent.
659
+ - mx_records: Records MX for the domain.
660
+ - ns_records: Records NS for the domain.
661
+ - parent: Domain's top parent.
662
+ - referrer_files: Refers to any and all files that contain this domain.
663
+ - related_comments: Community posted comments in the domain's related objects.
664
+ - related_references: Refers to the References related to the domain.
665
+ - related_threat_actors: Refers to the threat actors related to the domain. A list of Threat Actors.
666
+ - resolutions: DNS resolutions for the domain.
667
+ - soa_records: Records SOA for the domain.
668
+ - siblings: Refers to the Domain's sibling domains.
669
+ - subdomains: Refers to the Domain's subdomains.
670
+ - urls: Refers to the URLs that contain this domain.
671
+ - user_votes: Refers to the current user's votes.
672
+
673
+
674
+ Args:
675
+ - domain: string, required, Domain name
676
+ - relationship, string, required, Relationship name (see table)
677
+ - x-apikey, string, required, Your API key
678
+ - limit, int32, optional, Maximum number of comments to retrieve
679
+ - cursor, string, optional, Continuation cursor
680
+ """),
681
+ ("vt_get_object_descriptors_related_to_ip_address(ip: str, relationship: str, x_apikey: str, limit: int = None, cursor: str = None)",
682
+ """
683
+ This specifically returns related object's IDs (and context attributes, if any). Please note that this will not return all attributes.
684
+
685
+ You are expected to provide the relationship to the object you're interested in. The valid relationships are as follows.
686
+
687
+ The relationships are documented here:
688
+ - comments: The comments for the IP address.
689
+ - communicating_files: Files that communicate with the IP address.
690
+ - downloaded_files: Files downloaded from the IP address. VT Enterprise users only.
691
+ - graphs: Graphs including the IP address.
692
+ - historical_ssl_certificates: SSL certificates associated with the IP.
693
+ - historical_whois: WHOIS information for the IP address. Retrurns a list of Whois attributes.
694
+ - related_comments: Community posted comments in the IP's related objects.
695
+ - related_references: Returns the references related to the IP address.
696
+ - related_threat_actors: Threat actors related to the IP address.
697
+ - referrer_files: Files containing the IP address.
698
+ - resolutions: Resolves the IP addresses.
699
+ - urls: Returns a list of URLs related to the IP address.
700
+
701
+ Here are some useful descriptions of the arguments in this API, with the format - name of this argument: type of the data, required or optional, description of this argument.
702
+ - ip: string, required, IP address
703
+ - relationship: string, required, Relationship name (see table)
704
+ - x-apikey: string, required, Your API key
705
+ - limit: int32, optional, Maximum number of comments to retrieve
706
+ - cursor: string, optional, Continuation cursor
707
+ """),
708
+ ("vt_add_comment_to_ip_address(ip: str, data: dict, x_apikey: str)",
709
+ """
710
+ With this function you can post a comment for a given IP address. The body for the POST request must be the JSON representation of a comment object. Notice however that you don't need to provide an ID for the object, as they are automatically generated for new comments.
711
+ However, please note that you will need to provide a valid data JSON for using this function.
712
+
713
+ Any word starting with # in your comment's text will be considered a tag, and added to the comment's tag attribute.
714
+
715
+ Returns a Comment object.
716
+
717
+ Args:
718
+ - ip: string, required, IP address
719
+ - data: json, required, A comment object
720
+ - x-apikey: string, required, Your API key
721
+ """),
722
+ ("vt_get_comments_on_ip_address(ip: str, x_apikey: str, limit: int = None, cursor: str = None)",
723
+ """
724
+ Retrieves the comments on a provided IP address. Returns a list of Comment objects.
725
+
726
+ Args:
727
+ - ip, string, required, IP address
728
+ - x-apikey, string, required, Your API key
729
+ - limit, int32, optional, Maximum number of comments to retrieve
730
+ - cursor, string, optional, Continuation cursor
731
+ """),
732
+ ("vt_get_domain_report(domain: str, x_apikey: str)",
733
+ """
734
+ Retrieves a domain report. These reports contain information regarding the domain itself that VirusTotal has collected.
735
+
736
+ Args:
737
+ - domain: string, required, Domain name
738
+ - x-apikey: string, required, Your API key
739
+ """),
740
+ ("vt_add_votes_to_ip_address(ip: str, data: dict, x_apikey: str)",
741
+ """
742
+ With this function you can post a vote for a given file. The body for the POST request must be the JSON representation of a vote object. Note however that you don't need to provide an ID for the object, as they are automatically generated for new votes. The verdict attribute must have be either harmless or malicious.
743
+
744
+ Please ensure that the JSON object you provide conforms accurately to valid JSON standards.
745
+
746
+ Args:
747
+ - ip, string, required, IP address
748
+ - data, json, Vote object
749
+ - x-apikey, string, required, Your API key
750
+ """),
751
+ ("vt_get_ip_address_report",
752
+ """
753
+ Retrieve an IP address report. These reports condense all of the recent activity that VirusTotal has seen for the resource under consideration, as well as contextual information about it.
754
+ This function specifically generates these reports using the IP address parameter.
755
+
756
+ Args:
757
+ - ip: string, required, IP address
758
+ - x-apikey: string, required, Your API key
759
+ """),
760
+ ("vt_get_objects_related_to_ip_address(ip: str, relationship: str, x_apikey: str, limit: int = None, cursor: str = None)",
761
+ """
762
+ IP addresses have number of relationships to other objects. This returns ALL objects that fit the relationship.
763
+
764
+ The relationships are documented here:
765
+ - comments: The comments for the IP address. Returns a list of comments.
766
+ - communicating_files: Files that communicate with the IP address. Returns a list of files.
767
+ - downloaded_files: Files downloaded from the IP address. VT Enterprise users only. Returns a list of files.
768
+ - graphs: Graphs including the IP address. Returns a list of graphs.
769
+ - historical_ssl_certificates: SSL certificates associated with the IP. Returns a list of SSL certificates.
770
+ - historical_whois: WHOIS information for the IP address. Retrurns a list of Whois attributes.
771
+ - related_comments: Community posted comments in the IP's related objects. Returns a list of comments.
772
+ - related_references: Returns the references related to the IP address. Returns a list of References.
773
+ - related_threat_actors: Threat actors related to the IP address. Returns a list of threat actors.
774
+ - referrer_files: Files containing the IP address. Returns a list of Files.
775
+ - resolutions: Resolves the IP addresses. Returns a list of resolutions.
776
+ - urls: Returns a list of URLs related to the IP address. Returns a list of URLs.
777
+
778
+ Args:
779
+ - ip, string, required, IP address
780
+ - relationship, string, required, Relationship name (see the list of items from above)
781
+ - x-apikey, string, required, Your API key
782
+ - limit, int32, optional, Maximum number of comments to retrieve
783
+ - cursor, string, optional, Continuation cursor
784
+ """),
785
+ ("vt_get_dns_resolution_object(id: str, x_apikey: str)",
786
+ """
787
+ This endpoint retrieves a Resolution object by its ID. A resolution object ID is made by appending the IP and the domain it resolves to together.
788
+
789
+ Domain-IP resolutions. Resolution objects include the following attributes:
790
+ date: <integer> date when the resolution was made (UTC timestamp).
791
+ host_name: <string> domain or subdomain requested to the resolver.
792
+ host_name_last_analysis_stats: <dictionary> last detection stats from the resolution's domain. Similar to the domains's last_analysis_stats attribute.
793
+ ip_address: <string> IP address the domain was resolved to.
794
+ ip_address_last_analysis_stats: <dictionary> last detection stats from the resolution's IP address. Similar to the IP address' last_analysis_stats attribute.
795
+ resolver: <string> source of the resolution.
796
+
797
+ Args:
798
+ - id: string, required, Resolution object ID
799
+ - x-apikey: string, required, Your API key
800
+ """)],
801
+ "OTX": [("getIndicatorForIPv4(apiKey: str, ip: str, section: str)",
802
+ """
803
+ Retrieves comprehensive information for a specific IPv4 address from the AlienVault database. This function provides varied data types. 'general' section includes general information about the IP, geo data, and lists of other available sections. 'reputation' provides OTX data on observed malicious activity by AlienVault Labs. 'geo' details extensive geographic data such as country code and coordinates. 'malware' section shows malware samples associated with the IP, 'urlList' reveals URLs linked to the IP, and 'passiveDns' offers passive DNS information about hostnames/domains associated with the IP.
804
+
805
+ Args:
806
+ - apiKey: string, required, Your AlienVault API key
807
+ - ip: string, required, IPv4 address to query
808
+ - section: string, required, Specific data section to retrieve (options: general, reputation, geo, malware, urlList, passiveDns)
809
+ """),
810
+ ("getIndicatorForIPv6(apiKey: str, ip: str, section: str)",
811
+ """
812
+ Retrieves comprehensive information for a specific IPv6 address from the AlienVault database. This function allows you to obtain various types of data. The 'general' section provides general information about the IP, including geo data, and a list of other available sections. 'reputation' offers OTX data on malicious activity observed by AlienVault Labs. 'geo' details more verbose geographic data such as country code and coordinates. 'malware' reveals malware samples connected to the IP, and 'urlList' shows URLs associated with the IP. Lastly, 'passiveDns' includes passive DNS information about hostnames/domains pointing to this IP.
813
+
814
+ Args:
815
+ - apiKey: string, required, Your AlienVault API key
816
+ - ip: string, required, IPv6 address to query
817
+ - section: string, required, Specific data section to retrieve (options: general, reputation, geo, malware, urlList, passiveDns)
818
+ """),
819
+ ("getIndicatorForDomain(apiKey: str, domain: str, section: str)",
820
+ """
821
+ Retrieves a comprehensive overview for a given domain name from the AlienVault database. This function provides various data types about the domain. The 'general' section includes general information about the domain, such as geo data, and lists of other available sections. 'geo' provides detailed geographic data including country code and coordinates. The 'malware' section indicates malware samples associated with the domain. 'urlList' shows URLs linked to the domain, 'passiveDns' details passive DNS information about hostnames/domains associated with the domain, and 'whois' gives Whois records for the domain.
822
+
823
+ Args:
824
+ - apiKey: string, required, Your AlienVault API key
825
+ - domain: string, required, Domain address to query
826
+ - section: string, required, Specific data section to retrieve (options: general, geo, malware, urlList, passiveDns, whois)
827
+ """),
828
+ ("getIndicatorForHostname(apiKey: str, hostname: str, section: str)",
829
+ """
830
+ Retrieves detailed information for a specific hostname from the AlienVault database. This function provides various data types about the hostname. The 'general' section includes general information about the IP, geo data, and lists of other available sections. 'geo' provides detailed geographic data including country code and coordinates. The 'malware' section indicates malware samples associated with the hostname. 'urlList' shows URLs linked to the hostname, and 'passiveDns' details passive DNS information about hostnames/domains associated with the hostname.
831
+
832
+ Args:
833
+ - apiKey: string, required, Your AlienVault API key
834
+ - hostname: string, required, Single hostname address to query
835
+ - section: string, required, Specific data section to retrieve (options: general, geo, malware, urlList, passiveDns)
836
+ """),
837
+ ("getIndicatorForFileHashes(apiKey: str, fileHash: str, section: str)",
838
+ """
839
+ Retrieves information related to a specific file hash from the AlienVault database. This function provides two types of data: 'general', which includes general metadata about the file hash and a list of other available sections for the hash; and 'analysis', which encompasses both dynamic and static analysis of the file, including Cuckoo analysis, exiftool, etc.
840
+
841
+ Args:
842
+ - apiKey: string, required, Your AlienVault API key
843
+ - fileHash: string, required, Single file hash to query
844
+ - section: string, required, Specific data section to retrieve (options: general, analysis)
845
+ """),
846
+ ("getIndicatorForUrl(apiKey: str, url: str, section: str)",
847
+ """
848
+ Retrieves information related to a specific URL from the AlienVault database. This function offers two types of data: 'general', which includes historical geographic information, any pulses this indicator is on, and a list of other available sections for this URL; and 'url_list', which provides full results from AlienVault Labs URL analysis, potentially including multiple entries.
849
+
850
+ Args:
851
+ - apiKey: string, required, Your AlienVault API key
852
+ - url: string, required, Single URL to query
853
+ - section: string, required, Specific data section to retrieve (options: general, url_list)
854
+ """),
855
+ ("getIndicatorForCVE(apiKey: str, cve: str, section: str)",
856
+ """
857
+ Retrieves information related to a specific CVE (Common Vulnerability Enumeration) from the AlienVault database. This function offers detailed data on CVEs. The 'General' section includes MITRE CVE data, such as CPEs (Common Platform Enumerations), CWEs (Common Weakness Enumerations), and other relevant details. It also provides information on any pulses this indicator is on, and lists other sections currently available for this CVE.
858
+
859
+ Args:
860
+ - apiKey: string, required, Your AlienVault API key
861
+ - cve: string, required, Specific CVE identifier to query (e.g., 'CVE-2014-0160')
862
+ - section: string, required, Specific data section to retrieve ('general' only)
863
+ """),
864
+ ("getIndicatorForNIDS(apiKey: str, nids: str, section: str)",
865
+ """
866
+ Retrieves metadata information for a specific Network Intrusion Detection System (NIDS) indicator from the AlienVault database. This function is designed to provide general metadata about NIDS indicators.
867
+
868
+ Args:
869
+ - apiKey: string, required, Your AlienVault API key
870
+ - nids: string, required, Specific NIDS indicator to query (e.g., '2820184')
871
+ - section: string, required, Specific data section to retrieve ('general' only)
872
+ """),
873
+ ("getIndicatorForCorrelationRules(apiKey: str, correlationRule: str, section: str)",
874
+ """
875
+ Retrieves metadata information related to a specific Correlation Rule from the AlienVault database. This function is designed to provide general metadata about Correlation Rules used in network security and event correlation. Correlation Rules are crucial for identifying patterns and potential security threats in network data.
876
+
877
+ Args:
878
+ - apiKey: string, required, Your AlienVault API key
879
+ - correlationRule: string, required, Specific Correlation Rule identifier to query (e.g., '572f8c3c540c6f0161677877')
880
+ - section: string, required, Specific data section to retrieve ('general' only)
881
+ """)],
882
+ "CVECPE": [("searchCVE(cpeName: str, cveId: str, cvssV2Metrics: str, cvssV2Severity: str, cvssV3Metrics: str, cvssV3Severity: str, cweId: str, hasCertAlerts: bool, hasCertNotes: bool, hasKev: bool, hasOval: bool, isVulnerable: bool, keywordExactMatch: bool, keywordSearch: str, lastModStartDate: str, lastModEndDate: str, noRejected: bool, pubStartDate: str, pubEndDate: str, sourceIdentifier: str, versionEnd: str, versionEndType: str, versionStart: str, versionStartType: str, virtualMatchString: str, limit: int, delay: int, key: str, verbose: bool)",
883
+ """
884
+ Build and send GET request then return list of objects containing a collection of CVEs. For more information on the parameters available, please visit https://nvd.nist.gov/developers/vulnerabilities
885
+
886
+ Args:
887
+ - cpeName (str): Please do not confuse this with keywordSearch; this requires the argument to start with "cpe", whereas the keywordSearch argument allows for arbitrary keywords. This value will be compared agains the CPE Match Criteria within a CVE applicability statement. (i.e. find the vulnerabilities attached to that CPE). Partial match strings are allowed.
888
+
889
+ - cveId (str): Please pass in a string integer, like "1" or "30". Returns a single CVE that already exists in the NVD.
890
+
891
+ - cvssV2Metrics (str): This parameter returns only the CVEs that match the provided CVSSv2 vector string. Either full or partial vector strings may be used. This parameter cannot be used in requests that include cvssV3Metrics.
892
+
893
+ - cvssV2Severity (str): Find vulnerabilities having a LOW, MEDIUM, or HIGH version 2 severity.
894
+
895
+ - cvssV3Metrics (str): This parameter returns only the CVEs that match the provided CVSSv3 vector string. Either full or partial vector strings may be used. This parameter cannot be used in requests that include cvssV2Metrics.
896
+
897
+ - cvssV3Severity (str): Find vulnerabilities having a LOW, MEDIUM, HIGH, or CRITICAL version 3 severity.
898
+
899
+ - cweId (str): Please pass in a string integer, like "1" or "30". Filter collection by CWE (Common Weakness Enumeration) ID. You can find a list at https://cwe.mitre.org/. A CVE can have multiple CWE IDs assigned to it.
900
+
901
+ - hasCertAlerts (bool): Returns CVE that contain a Technical Alert from US-CERT.
902
+
903
+ - hasCertNotes (bool): Returns CVE that contain a Vulnerability Note from CERT/CC.
904
+
905
+ - hasOval (bool): Returns CVE that contain information from MITRE's Open Vulnerability and Assessment Language (OVAL) before this transitioned to the Center for Internet Security (CIS).
906
+
907
+ - isVulnerable (bool): Returns CVE associated with a specific CPE, where the CPE is also considered vulnerable. REQUIRES cpeName parameter. isVulnerable is not compatible with virtualMatchString parameter.
908
+
909
+ - keywordExactMatch (bool): When keywordSearch is used along with keywordExactmatch, it will search the NVD for CVEs containing exactly what was passed to keywordSearch. REQUIRES keywordSearch.
910
+
911
+ - keywordSearch (str): Searches CVEs where a word or phrase is found in the current description. If passing multiple keywords with a space character in between then each word must exist somewhere in the description, not necessarily together unless keywordExactMatch=True is passed to searchCVE.
912
+
913
+ - lastModStartDate (str,datetime obj): These parameters return only the CVEs that were last modified during the specified period. If a CVE has been modified more recently than the specified period, it will not be included in the response. If filtering by the last modified date, both lastModStartDate and lastModEndDate are REQUIRED. The maximum allowable range when using any date range parameters is 120 consecutive days.
914
+
915
+ - lastModEndDate (str, datetime obj): Required if using lastModStartDate.
916
+
917
+ - noRejected (bool): Filters out all CVEs that are in a reject or rejected status. Searches without this parameter include rejected CVEs.
918
+
919
+ - pubStartDate (str,datetime obj): These parameters return only the CVEs that were added to the NVD (i.e., published) during the specified period. If filtering by the published date, both pubStartDate and pubEndDate are REQUIRED. The maximum allowable range when using any date range parameters is 120 consecutive days.
920
+
921
+ - pubEndDate (str, datetime obj): Required if using pubStartDate.
922
+
923
+ - sourceIdentifier (str): Returns CVE where the data source of the CVE is the value that is passed to sourceIdentifier.
924
+
925
+ - versionEnd (str): Must be combined with versionEndType and virtualMatchString. Returns only the CVEs associated with CPEs in specific version ranges.
926
+
927
+ - versionEndType (str): Must be combined with versionEnd and virtualMatchString. Valid values are including or excluding. Denotes to include the specified version in versionEnd, or exclude it.
928
+
929
+ - versionStart (str): Must be combined with versionStartType and virtualMatchString. Returns only CVEs with specific versions. Requests that include versionStart cannot include a version component in the virtualMatchString.
930
+
931
+ - versionStartType (str): Must be combined with versionStart and virtualMatchString. Valid values are including or excluding. Denotes to include the specified version in versionStart, or exclude it.
932
+
933
+ - virtualMatchString (str): A more broad filter compared to cpeName. The cpe match string that is passed to virtualMatchString is compared against the CPE Match Criteria present on CVE applicability statements.
934
+
935
+ - limit (int): Custom argument to limit the number of results of the search. Allowed any number between 1 and 2000.
936
+
937
+ - delay (int): Can only be used if an API key is provided. This allows the user to define a delay. The delay must be greater than 0.6 seconds. The NVD API recommends scripts sleep for atleast 6 seconds in between requests.
938
+
939
+ - key (str): NVD API Key. Allows for the user to define a delay. NVD recommends scripts sleep 6 seconds in between requests. If no valid API key is provided, requests are sent with a 6 second delay.
940
+
941
+ - verbose (bool): Prints the URL request for debugging purposes.
942
+ """),
943
+ ("searchCPE(cpeNameId: str, cpeMatchString: str, keywordExactMatch: bool, keywordSearch: str, lastModStartDate: str, lastModEndDate: str, matchCriteriaId: str, limit: int, key: str, delay: int, verbose: bool)",
944
+ """
945
+ Build and send GET request then return list of objects containing a collection of CPEs.
946
+
947
+ Args:
948
+ - cpeNameId (str) Returns a specific CPE record using its UUID. If a correctly formatted UUID is passed but it does not exist, it will return empty results. The UUID is the cpeNameId value when searching CPE.
949
+
950
+ - cpeMatchString (str) Use a partial CPE name to search for other CPE names.
951
+
952
+ - keywordExactMatch (bool) Searches metadata within CPE title and reference links for an exact match of the phrase or word passed to it. Must be included with keywordSearch.
953
+
954
+ - keywordSearch (str) Returns CPE records where a word or phrase is found in the metadata title or reference links. Space characters act as an AND statement.
955
+
956
+ - lastModStartDate (str/datetime obj) CPE last modification start date. Maximum 120 day range. A start and end date is required. All times are in UTC 00:00. A datetime object or string can be passed as a date. NVDLib will automatically parse the datetime object into the correct format. String Example: '2020-06-28 00:00'
957
+
958
+ - lastModEndDate (str/datetime obj) CPE last modification end date. Maximum 120 day range. Must be included with lastModStartDate. Example: ‘2020-06-28 00:00’
959
+
960
+ - limit (int) Limits the number of results of the search.
961
+
962
+ - key (str) NVD API Key. Allows for a request every 0.6 seconds instead of 6 seconds.
963
+
964
+ - delay (int) Can only be used if an API key is provided. The amount of time to sleep in between requests. Must be a value above 0.6 seconds if an API key is present. delay is set to 6 seconds if no API key is passed.
965
+
966
+ - verbose (bool) Prints the URL request for debugging purposes.
967
+ """)],
968
+ "VirusTotal": [("vt_get_votes_on_ip_address(ip: str)", """
969
+ This function will retrieve votes on a provided IP address.
970
+
971
+ Args:
972
+ - ip: string, required, ip address
973
+ """),
974
+ ("vt_get_comments_on_domain(domain: str, x_apikey: str, limit: int = None, cursor: str = None)",
975
+ """
976
+ This function will retrieve comments on a specified domain.
977
+
978
+ Args:
979
+ - domain, string, required, Domain name
980
+ - x-apikey, string, required, Your API key
981
+ - limit, int32, optional, Maximum number of comments to retrieve
982
+ - cursor, string, optional, Continuation cursor
983
+ """),
984
+ ("vt_get_object_descriptors_related_to_domain(domain: str, relationship: str, x_apikey: str, limit: int = None, cursor: str = None)",
985
+ """
986
+ This specifically returns related object's IDs (and context attributes, if any). Please note that this will not return all attributes. This will return objects relating to a domain.
987
+
988
+ - caa_records: Records CAA for the domain.
989
+ - cname_records: Records CNAME for the domain.
990
+ - comments: Community posted comments about the domain.
991
+ - communicating_files: Files that communicate with the domain.
992
+ - downloaded_files: Files downloaded from that domain.
993
+ - graphs: All graphs that include the domain.
994
+ - historical_ssl_certificates: SSL certificates associated with the domain.
995
+ - historical_whois: WHOIS information for the domain.
996
+ - immediate_parent: Domain's immediate parent.
997
+ - mx_records: Records MX for the domain.
998
+ - ns_records: Records NS for the domain.
999
+ - parent: Domain's top parent.
1000
+ - referrer_files: Refers to any and all files that contain this domain.
1001
+ - related_comments: Community posted comments in the domain's related objects.
1002
+ - related_references: Refers to the References related to the domain.
1003
+ - related_threat_actors: Refers to the threat actors related to the domain. A list of Threat Actors.
1004
+ - resolutions: DNS resolutions for the domain.
1005
+ - soa_records: Records SOA for the domain.
1006
+ - siblings: Refers to the Domain's sibling domains.
1007
+ - subdomains: Refers to the Domain's subdomains.
1008
+ - urls: Refers to the URLs that contain this domain.
1009
+ - user_votes: Refers to the current user's votes.
1010
+
1011
+ Args:
1012
+ - domain: string, required, Domain name
1013
+ - relationship: string, required, Relationship name (see table)
1014
+ - x-apikey: string, required, Your API key
1015
+ - limit: int32, optional, Maximum number of comments to retrieve
1016
+ - cursor: string, optional, Continuation cursor
1017
+ """),
1018
+ ("vt_get_objects_related_to_domain(domain: str, relationship: str, x_apikey: str, limit: int = None, cursor: str = None)",
1019
+ """
1020
+ Objects are a key concept in the VirusTotal API. Each object has an identifier and a type.
1021
+ Each object has an associated URL, and each domain is associated with objects.
1022
+ This function returns ALL of the objects related to the domain, based on the specified relationship.
1023
+
1024
+ The following describe the valid relationship:
1025
+ - caa_records: Records CAA for the domain.
1026
+ - cname_records: Records CNAME for the domain.
1027
+ - comments: Community posted comments about the domain.
1028
+ - communicating_files: Files that communicate with the domain.
1029
+ - downloaded_files: Files downloaded from that domain.
1030
+ - graphs: All graphs that include the domain.
1031
+ - historical_ssl_certificates: SSL certificates associated with the domain.
1032
+ - historical_whois: WHOIS information for the domain.
1033
+ - immediate_parent: Domain's immediate parent.
1034
+ - mx_records: Records MX for the domain.
1035
+ - ns_records: Records NS for the domain.
1036
+ - parent: Domain's top parent.
1037
+ - referrer_files: Refers to any and all files that contain this domain.
1038
+ - related_comments: Community posted comments in the domain's related objects.
1039
+ - related_references: Refers to the References related to the domain.
1040
+ - related_threat_actors: Refers to the threat actors related to the domain. A list of Threat Actors.
1041
+ - resolutions: DNS resolutions for the domain.
1042
+ - soa_records: Records SOA for the domain.
1043
+ - siblings: Refers to the Domain's sibling domains.
1044
+ - subdomains: Refers to the Domain's subdomains.
1045
+ - urls: Refers to the URLs that contain this domain.
1046
+ - user_votes: Refers to the current user's votes.
1047
+
1048
+
1049
+ Args:
1050
+ - domain: string, required, Domain name
1051
+ - relationship, string, required, Relationship name (see table)
1052
+ - x-apikey, string, required, Your API key
1053
+ - limit, int32, optional, Maximum number of comments to retrieve
1054
+ - cursor, string, optional, Continuation cursor
1055
+ """),
1056
+ ("vt_get_object_descriptors_related_to_ip_address(ip: str, relationship: str, x_apikey: str, limit: int = None, cursor: str = None)",
1057
+ """
1058
+ This specifically returns related object's IDs (and context attributes, if any). Please note that this will not return all attributes.
1059
+
1060
+ You are expected to provide the relationship to the object you're interested in. The valid relationships are as follows.
1061
+
1062
+ The relationships are documented here:
1063
+ - comments: The comments for the IP address.
1064
+ - communicating_files: Files that communicate with the IP address.
1065
+ - downloaded_files: Files downloaded from the IP address. VT Enterprise users only.
1066
+ - graphs: Graphs including the IP address.
1067
+ - historical_ssl_certificates: SSL certificates associated with the IP.
1068
+ - historical_whois: WHOIS information for the IP address. Retrurns a list of Whois attributes.
1069
+ - related_comments: Community posted comments in the IP's related objects.
1070
+ - related_references: Returns the references related to the IP address.
1071
+ - related_threat_actors: Threat actors related to the IP address.
1072
+ - referrer_files: Files containing the IP address.
1073
+ - resolutions: Resolves the IP addresses.
1074
+ - urls: Returns a list of URLs related to the IP address.
1075
+
1076
+ Here are some useful descriptions of the arguments in this API, with the format - name of this argument: type of the data, required or optional, description of this argument.
1077
+ - ip: string, required, IP address
1078
+ - relationship: string, required, Relationship name (see table)
1079
+ - x-apikey: string, required, Your API key
1080
+ - limit: int32, optional, Maximum number of comments to retrieve
1081
+ - cursor: string, optional, Continuation cursor
1082
+ """),
1083
+ ("vt_add_comment_to_ip_address(ip: str, data: dict, x_apikey: str)",
1084
+ """
1085
+ With this function you can post a comment for a given IP address. The body for the POST request must be the JSON representation of a comment object. Notice however that you don't need to provide an ID for the object, as they are automatically generated for new comments.
1086
+ However, please note that you will need to provide a valid data JSON for using this function.
1087
+
1088
+ Any word starting with # in your comment's text will be considered a tag, and added to the comment's tag attribute.
1089
+
1090
+ Returns a Comment object.
1091
+
1092
+ Args:
1093
+ - ip: string, required, IP address
1094
+ - data: json, required, A comment object
1095
+ - x-apikey: string, required, Your API key
1096
+ """),
1097
+ ("vt_get_comments_on_ip_address(ip: str, x_apikey: str, limit: int = None, cursor: str = None)",
1098
+ """
1099
+ Retrieves the comments on a provided IP address. Returns a list of Comment objects.
1100
+
1101
+ Args:
1102
+ - ip, string, required, IP address
1103
+ - x-apikey, string, required, Your API key
1104
+ - limit, int32, optional, Maximum number of comments to retrieve
1105
+ - cursor, string, optional, Continuation cursor
1106
+ """),
1107
+ ("vt_get_domain_report(domain: str, x_apikey: str)",
1108
+ """
1109
+ Retrieves a domain report. These reports contain information regarding the domain itself that VirusTotal has collected.
1110
+
1111
+ Args:
1112
+ - domain: string, required, Domain name
1113
+ - x-apikey: string, required, Your API key
1114
+ """),
1115
+ ("vt_add_votes_to_ip_address(ip: str, data: dict, x_apikey: str)",
1116
+ """
1117
+ With this function you can post a vote for a given file. The body for the POST request must be the JSON representation of a vote object. Note however that you don't need to provide an ID for the object, as they are automatically generated for new votes. The verdict attribute must have be either harmless or malicious.
1118
+
1119
+ Please ensure that the JSON object you provide conforms accurately to valid JSON standards.
1120
+
1121
+ Args:
1122
+ - ip, string, required, IP address
1123
+ - data, json, Vote object
1124
+ - x-apikey, string, required, Your API key
1125
+ """),
1126
+ ("vt_get_ip_address_report",
1127
+ """
1128
+ Retrieve an IP address report. These reports condense all of the recent activity that VirusTotal has seen for the resource under consideration, as well as contextual information about it.
1129
+ This function specifically generates these reports using the IP address parameter.
1130
+
1131
+ Args:
1132
+ - ip: string, required, IP address
1133
+ - x-apikey: string, required, Your API key
1134
+ """),
1135
+ ("vt_get_objects_related_to_ip_address(ip: str, relationship: str, x_apikey: str, limit: int = None, cursor: str = None)",
1136
+ """
1137
+ IP addresses have number of relationships to other objects. This returns ALL objects that fit the relationship.
1138
+
1139
+ The relationships are documented here:
1140
+ - comments: The comments for the IP address. Returns a list of comments.
1141
+ - communicating_files: Files that communicate with the IP address. Returns a list of files.
1142
+ - downloaded_files: Files downloaded from the IP address. VT Enterprise users only. Returns a list of files.
1143
+ - graphs: Graphs including the IP address. Returns a list of graphs.
1144
+ - historical_ssl_certificates: SSL certificates associated with the IP. Returns a list of SSL certificates.
1145
+ - historical_whois: WHOIS information for the IP address. Retrurns a list of Whois attributes.
1146
+ - related_comments: Community posted comments in the IP's related objects. Returns a list of comments.
1147
+ - related_references: Returns the references related to the IP address. Returns a list of References.
1148
+ - related_threat_actors: Threat actors related to the IP address. Returns a list of threat actors.
1149
+ - referrer_files: Files containing the IP address. Returns a list of Files.
1150
+ - resolutions: Resolves the IP addresses. Returns a list of resolutions.
1151
+ - urls: Returns a list of URLs related to the IP address. Returns a list of URLs.
1152
+
1153
+ Args:
1154
+ - ip, string, required, IP address
1155
+ - relationship, string, required, Relationship name (see the list of items from above)
1156
+ - x-apikey, string, required, Your API key
1157
+ - limit, int32, optional, Maximum number of comments to retrieve
1158
+ - cursor, string, optional, Continuation cursor
1159
+ """),
1160
+ ("vt_get_dns_resolution_object(id: str, x_apikey: str)",
1161
+ """
1162
+ This endpoint retrieves a Resolution object by its ID. A resolution object ID is made by appending the IP and the domain it resolves to together.
1163
+
1164
+ Domain-IP resolutions. Resolution objects include the following attributes:
1165
+ date: <integer> date when the resolution was made (UTC timestamp).
1166
+ host_name: <string> domain or subdomain requested to the resolver.
1167
+ host_name_last_analysis_stats: <dictionary> last detection stats from the resolution's domain. Similar to the domains's last_analysis_stats attribute.
1168
+ ip_address: <string> IP address the domain was resolved to.
1169
+ ip_address_last_analysis_stats: <dictionary> last detection stats from the resolution's IP address. Similar to the IP address' last_analysis_stats attribute.
1170
+ resolver: <string> source of the resolution.
1171
+
1172
+ Args:
1173
+ - id: string, required, Resolution object ID
1174
+ - x-apikey: string, required, Your API key
1175
+ """)],
1176
+ "CVECPE_Multi_Dependency": [("mergeCPEs(list1: list, list2: list)",
1177
+ """Combines two lists of CPEs into one.
1178
+
1179
+ Args:
1180
+ - list1 (list): List of CPEs. Each object in the list should contain a collection of CPEs.
1181
+ - list2 (list): Another list of CPEs. Each object in this list should also contain a collection of CPEs.
1182
+
1183
+ Returns:
1184
+ - combined_list (list): A combined list of CPEs from both the input lists.
1185
+ """
1186
+ ),
1187
+ ("mergeCVEs(list1: list, list2: list)",
1188
+ """This function takes two lists of objects each containing a collection of CVEs, and combines them into a single list.
1189
+
1190
+ Args:
1191
+ - list1 (list): First list of objects each holding details of a CVE. Each object in this list represents a CVE (Common Vulnerabilities and Exposures) in the format defined by the NVD (National Vulnerability Database).
1192
+ - list2 (list): Second list of objects each holding details of a CVE. Like list1, each object represents a CVE in the format defined by the NVD.
1193
+
1194
+ Returns:
1195
+ - list: A single list that combines all objects from list1 and list2. Hence, the resulting list is a collection of CVEs taken from both input lists.
1196
+ """),
1197
+ ("sortCPEsByLastMod(cpeList: list, descending: bool)",
1198
+ """Sorts a list of object collections of CPEs by their last modification time.
1199
+
1200
+ Args:
1201
+ - cpeList (list): The list of object collections of CPEs that need to be sorted. Each object collection has a lastModified field.
1202
+ - descending (bool): Determines the order of sort. If True, CPEs will be sorted in descending order of 'last modification time'. If False, the sorting will be in ascending order. Default value is True.
1203
+
1204
+ Returns:
1205
+ - List of object collections of CPEs sorted by the lastModified field.
1206
+ """),
1207
+ ("filterDeprecatedCPEs(cpeList: list)",
1208
+ """Loop through the CPE objects in the list and return the ones that are not deprecated.
1209
+
1210
+ Args:
1211
+ - cpeList (list): A list of CPE objects. Each CPE object has a 'deprecated' key. If the value of this key is False, it means the CPE object is not deprecated.
1212
+
1213
+ Returns:
1214
+ - cpeList (list): This function will return a list of non-deprecated CPE objects."""),
1215
+ ("filterCVEsBySeverity(cveList: list, severityLevel: str)",
1216
+ """Returns a list of CVE objects from the given collection that have the provided severity level.
1217
+
1218
+ Args:
1219
+ - cveList: list, required, List of objects containing a collection of CVEs. Each CVE object is expected to have 'cvssV2Severity' and/or 'cvssV3Severity' properties reflecting the severity level of the vulnerability.
1220
+ - severityLevel: str, required, The severity level with which to filter the CVEs. Accepts 'LOW', 'MEDIUM', 'HIGH' for both 'cvssV2Severity' and 'cvssV3Severity', and 'CRITICAL' for 'cvssV3Severity' only.
1221
+
1222
+ Returns:
1223
+ - matchingCVEs: list, Only the objects from the given CVE list that have the provided severity level."""),
1224
+ ("filterCVEByLanguage(cve_list: list, language: str)",
1225
+ """Filters a collection of CVE (Common Vulnerabilities and Exposures) objects and returns a list of the ones that have descriptions for a specific language.
1226
+
1227
+ Args:
1228
+ - cve_list (list): A list of CVE objects. Each object should contain information about a particular CVE, including its description available in various languages.
1229
+ - language (str): Language code for which the function will check in the description field of the CVE objects. This must follow the ISO 639-1 language codes, such as 'en' for English, 'es' for Spanish, and 'de' for German, etc.
1230
+
1231
+ Returns:
1232
+ - A list of CVE objects from the original collection that contain a description in the specified language. If no matching CVE objects are found, returns an empty list."""),
1233
+ ("sortCVEsByModDate(cve_list: list, descending: bool)",
1234
+ """This function sorts a list of CVE objects by their last modification date.
1235
+ Args:
1236
+ - cve_list (list of CVE objects): A required list of CVE objects. Each object should at least have a property for last modification date.
1237
+ - descending (bool, optional): If set to True, the list will be sorted in descending order (most recently modified first). Defaults to True.
1238
+
1239
+ Returns:
1240
+ - list of CVE objects: Sorted list of CVE objects."""),
1241
+ ("sortCVEsByCVSSv2Score(cve_list: list, descending: bool)",
1242
+ """Accepts a list of CVE objects and sorts them by their CVSS Version 2.0 base scores. If a CVE object does not contain a CVSS v2 score, it is assumed to have the lowest possible score (i.e., 0).
1243
+ Args:
1244
+ - cve_list (list): List of CVE objects, where each object contains details such as CVE identifier, CVSS v2 and v3 scores, etc.
1245
+ - descending (bool, optional): If set to True, the list will be sorted in descending order (highest CVSSv2Score first). Defaults to True.
1246
+
1247
+ Returns:
1248
+ - list: The input list of CVEs sorted in decreasing order of their CVSS Version 2.0 base scores."""),
1249
+ ("sortCVEsByCVSSv3Score(cve_list: list, descending: bool)",
1250
+ """Accepts a list of CVE objects and sorts them by their CVSS Version 3.x base scores. If a CVE object does not contain a CVSS v3 score, it is assumed to have the lowest possible score (i.e., 0).
1251
+
1252
+ Args:
1253
+ - cve_list (list): List of CVE objects, where each object contains details such as CVE identifier, CVSS v2 and v3 scores, etc.
1254
+ - descending (bool, optional): If set to True, the list will be sorted in descending order (highest CVSSv3Score first). Defaults to True.
1255
+
1256
+ Returns:
1257
+ - list: The input list of CVEs sorted in decreasing order of their CVSS Version 3.x base scores."""),
1258
+ ("countCVEsBySeverity(cve_list: list)",
1259
+ """Analyze a list of CVE objects, and return a dictionary with counts of CVEs according to their 'cvssV3Severity' (LOW, MEDIUM, HIGH, CRITICAL).
1260
+
1261
+ Args:
1262
+ - cve_list (list): A list of dictionary objects each representing a CVE. Each dictionary should include a 'cvssV3Severity' key.
1263
+
1264
+ Returns:
1265
+ - dict: A dictionary with keys as 'LOW', 'MEDIUM', 'HIGH', 'CRITICAL' and values as counts of CVEs having corresponding 'cvssV3Severity'."""),
1266
+ ("get_first_object_from_list(list_of_objects: list)",
1267
+ """Retrieves the first object from a given list. If the list is empty, it return `None`.
1268
+
1269
+ Args:
1270
+ - list_of_objects: list, required, List containing objects from which the function will pick out the first object."""),
1271
+ ("getCPEName(cpeObject: object)",
1272
+ """This function takes a CPE object and extracts the CPE name.
1273
+
1274
+ Args:
1275
+ - cpeObject: A CPE object from which the CPE name is to be extracted. The object should have a 'cpeName' field,
1276
+
1277
+ Returns:
1278
+ - str: The CPE name retrieved from the CPE object."""),
1279
+ ("search_backup_keywords(cvecpeList: list, backup_keyword: str)",
1280
+ """This function takes in a backup keyword and a list of CVE or CPE items found by an initial searchCVE or searchCPE. If the list is empty, the function will search again using the backup keyword instead of the original keyword. If it is not empty, the function returns the original searched results.
1281
+
1282
+ Args:
1283
+ - cvecpeList, list, required, This arg takes in a list of CVE or CPE items.
1284
+ - backup_keyword, str, required, The backup keyword to search if the original keyword doesn't lead to corresponding results.
1285
+ """),
1286
+ ("compare_cvecpes(cvecpeList1: list, cvecpeList2: list)",
1287
+ """This function can compare the contents of two lists of provided CVE or CPE items, summarizing the common parts and differences between the two lists.
1288
+
1289
+ Args:
1290
+ - cvecpeList1, list, required, This arg takes in a list of CVE or CPE items to compare with another list.
1291
+ - cvecpeList2", list, required, This arg takes in a list of CVE or CPE items to compare with another list.
1292
+ """),
1293
+ ("verify_and_process_data_range_end(startdate: str, enddate: str)",
1294
+ """This function can verify whether the range of dates being searched is within 3 months. If true, it returns the original enddate. If not, it will automatically truncate and return an appropriate enddate resulting in a 3-month time span. Note that searchCVE or searchCPE cannot handle time span longer than 3 months.
1295
+
1296
+ Args:
1297
+ - startdate, str, required, The start date of the searched time span.
1298
+ - enddate", str, required, The end date of the searched time span.
1299
+ """),
1300
+ ("verify_and_process_data_range_start(startdate: str, enddate: str)",
1301
+ """{This function can verify whether the range of dates being searched is within 3 months. If true, it returns the original startdate. If not, it will automatically truncate and return an appropriate startdate resulting in a 3-month time span. Note that searchCVE or searchCPE cannot handle time span longer than 3 months.
1302
+
1303
+ Args:
1304
+ - startdate, str, required, The start date of the searched time span.
1305
+ - enddate, str, required, The end date of the searched time span.
1306
+ """),
1307
+ ("summarize_cvecpes(cvecpeList: list)",
1308
+ """{This function can summarize the contents of provided CVE or CPE items.
1309
+
1310
+ Args:
1311
+ - cvecpeList: list, required, This arg takes in a list of CVE or CPE items.
1312
+ """),
1313
+ ("count_cvecpe_items(cvecpeList: list)",
1314
+ """{This function counts the total number of CVE and CPE items provided in the arg.
1315
+
1316
+ Args:
1317
+ - cvecpeList, list, required, This arg takes in a list of CVE or CPE items.
1318
+ """),
1319
+ ("searchCVE(cpeName: str, cveId: str, cvssV2Metrics: str, cvssV2Severity: str, cvssV3Metrics: str, cvssV3Severity: str, cweId: str, hasCertAlerts: bool, hasCertNotes: bool, hasKev: bool, hasOval: bool, isVulnerable: bool, keywordExactMatch: bool, keywordSearch: str, lastModStartDate: str, lastModEndDate: str, noRejected: bool, pubStartDate: str, pubEndDate: str, sourceIdentifier: str, versionEnd: str, versionEndType: str, versionStart: str, versionStartType: str, virtualMatchString: str, limit: int, delay: int, key: str, verbose: bool)",
1320
+ """
1321
+ Build and send GET request then return list of objects containing a collection of CVEs. For more information on the parameters available, please visit https://nvd.nist.gov/developers/vulnerabilities
1322
+
1323
+ Args:
1324
+ - cpeName (str): Please do not confuse this with keywordSearch; this requires the argument to start with "cpe", whereas the keywordSearch argument allows for arbitrary keywords. This value will be compared agains the CPE Match Criteria within a CVE applicability statement. (i.e. find the vulnerabilities attached to that CPE). Partial match strings are allowed.
1325
+
1326
+ - cveId (str): Please pass in a string integer, like "1" or "30". Returns a single CVE that already exists in the NVD.
1327
+
1328
+ - cvssV2Metrics (str): This parameter returns only the CVEs that match the provided CVSSv2 vector string. Either full or partial vector strings may be used. This parameter cannot be used in requests that include cvssV3Metrics.
1329
+
1330
+ - cvssV2Severity (str): Find vulnerabilities having a LOW, MEDIUM, or HIGH version 2 severity.
1331
+
1332
+ - cvssV3Metrics (str): This parameter returns only the CVEs that match the provided CVSSv3 vector string. Either full or partial vector strings may be used. This parameter cannot be used in requests that include cvssV2Metrics.
1333
+
1334
+ - cvssV3Severity (str): Find vulnerabilities having a LOW, MEDIUM, HIGH, or CRITICAL version 3 severity.
1335
+
1336
+ - cweId (str): Please pass in a string integer, like "1" or "30". Filter collection by CWE (Common Weakness Enumeration) ID. You can find a list at https://cwe.mitre.org/. A CVE can have multiple CWE IDs assigned to it.
1337
+
1338
+ - hasCertAlerts (bool): Returns CVE that contain a Technical Alert from US-CERT.
1339
+
1340
+ - hasCertNotes (bool): Returns CVE that contain a Vulnerability Note from CERT/CC.
1341
+
1342
+ - hasOval (bool): Returns CVE that contain information from MITRE's Open Vulnerability and Assessment Language (OVAL) before this transitioned to the Center for Internet Security (CIS).
1343
+
1344
+ - isVulnerable (bool): Returns CVE associated with a specific CPE, where the CPE is also considered vulnerable. REQUIRES cpeName parameter. isVulnerable is not compatible with virtualMatchString parameter.
1345
+
1346
+ - keywordExactMatch (bool): When keywordSearch is used along with keywordExactmatch, it will search the NVD for CVEs containing exactly what was passed to keywordSearch. REQUIRES keywordSearch.
1347
+
1348
+ - keywordSearch (str): Searches CVEs where a word or phrase is found in the current description. If passing multiple keywords with a space character in between then each word must exist somewhere in the description, not necessarily together unless keywordExactMatch=True is passed to searchCVE.
1349
+
1350
+ - lastModStartDate (str,datetime obj): These parameters return only the CVEs that were last modified during the specified period. If a CVE has been modified more recently than the specified period, it will not be included in the response. If filtering by the last modified date, both lastModStartDate and lastModEndDate are REQUIRED. The maximum allowable range when using any date range parameters is 120 consecutive days.
1351
+
1352
+ - lastModEndDate (str, datetime obj): Required if using lastModStartDate.
1353
+
1354
+ - noRejected (bool): Filters out all CVEs that are in a reject or rejected status. Searches without this parameter include rejected CVEs.
1355
+
1356
+ - pubStartDate (str,datetime obj): These parameters return only the CVEs that were added to the NVD (i.e., published) during the specified period. If filtering by the published date, both pubStartDate and pubEndDate are REQUIRED. The maximum allowable range when using any date range parameters is 120 consecutive days.
1357
+
1358
+ - pubEndDate (str, datetime obj): Required if using pubStartDate.
1359
+
1360
+ - sourceIdentifier (str): Returns CVE where the data source of the CVE is the value that is passed to sourceIdentifier.
1361
+
1362
+ - versionEnd (str): Must be combined with versionEndType and virtualMatchString. Returns only the CVEs associated with CPEs in specific version ranges.
1363
+
1364
+ - versionEndType (str): Must be combined with versionEnd and virtualMatchString. Valid values are including or excluding. Denotes to include the specified version in versionEnd, or exclude it.
1365
+
1366
+ - versionStart (str): Must be combined with versionStartType and virtualMatchString. Returns only CVEs with specific versions. Requests that include versionStart cannot include a version component in the virtualMatchString.
1367
+
1368
+ - versionStartType (str): Must be combined with versionStart and virtualMatchString. Valid values are including or excluding. Denotes to include the specified version in versionStart, or exclude it.
1369
+
1370
+ - virtualMatchString (str): A more broad filter compared to cpeName. The cpe match string that is passed to virtualMatchString is compared against the CPE Match Criteria present on CVE applicability statements.
1371
+
1372
+ - limit (int): Custom argument to limit the number of results of the search. Allowed any number between 1 and 2000.
1373
+
1374
+ - delay (int): Can only be used if an API key is provided. This allows the user to define a delay. The delay must be greater than 0.6 seconds. The NVD API recommends scripts sleep for atleast 6 seconds in between requests.
1375
+
1376
+ - key (str): NVD API Key. Allows for the user to define a delay. NVD recommends scripts sleep 6 seconds in between requests. If no valid API key is provided, requests are sent with a 6 second delay.
1377
+
1378
+ - verbose (bool): Prints the URL request for debugging purposes.
1379
+ """),
1380
+ ("searchCPE(cpeNameId: str, cpeMatchString: str, keywordExactMatch: bool, keywordSearch: str, lastModStartDate: str, lastModEndDate: str, matchCriteriaId: str, limit: int, key: str, delay: int, verbose: bool)",
1381
+ """
1382
+ Build and send GET request then return list of objects containing a collection of CPEs.
1383
+
1384
+ Args:
1385
+ - cpeNameId (str) Returns a specific CPE record using its UUID. If a correctly formatted UUID is passed but it does not exist, it will return empty results. The UUID is the cpeNameId value when searching CPE.
1386
+
1387
+ - cpeMatchString (str) Use a partial CPE name to search for other CPE names.
1388
+
1389
+ - keywordExactMatch (bool) Searches metadata within CPE title and reference links for an exact match of the phrase or word passed to it. Must be included with keywordSearch.
1390
+
1391
+ - keywordSearch (str) Returns CPE records where a word or phrase is found in the metadata title or reference links. Space characters act as an AND statement.
1392
+
1393
+ - lastModStartDate (str/datetime obj) CPE last modification start date. Maximum 120 day range. A start and end date is required. All times are in UTC 00:00. A datetime object or string can be passed as a date. NVDLib will automatically parse the datetime object into the correct format. String Example: '2020-06-28 00:00'
1394
+
1395
+ - lastModEndDate (str/datetime obj) CPE last modification end date. Maximum 120 day range. Must be included with lastModStartDate. Example: ‘2020-06-28 00:00’
1396
+
1397
+ - limit (int) Limits the number of results of the search.
1398
+
1399
+ - key (str) NVD API Key. Allows for a request every 0.6 seconds instead of 6 seconds.
1400
+
1401
+ - delay (int) Can only be used if an API key is provided. The amount of time to sleep in between requests. Must be a value above 0.6 seconds if an API key is present. delay is set to 6 seconds if no API key is passed.
1402
+
1403
+ - verbose (bool) Prints the URL request for debugging purposes.
1404
+ """)]
1405
+ }
1406
+
1407
+
1408
+ CVECPE_Explain = (
1409
+ "NVDLib is a Python API wrapper for the NIST National Vulnerability Database (NVD). "
1410
+ "It allows pulling data on known CVEs, including CVE ID, description, reference links, CWE, "
1411
+ "CPE applicability statements, optional CPE names, CVSS scores or metrics, and CVE publication and modified dates. "
1412
+ "Features include searching the NVD for CVEs by keywords, dates, cweID, CVSS metrics, CPE strings, US-CERT alerts, "
1413
+ "and more. It also enables searching for CPE names using modification dates, keywords, and CPE match strings. "
1414
+ "Data can be easily accessed as class attributes. If no API key is provided, NVDLib defaults to a 6-second delay "
1415
+ "between requests as recommended by NVD."
1416
+ )
1417
+