Class CompromisedCredentialsFindingDetail
Sample compromised credential detail.
Implements
Inherited Members
Namespace: Google.Apis.ThreatIntelligenceService.v1beta.Data
Assembly: Google.Apis.ThreatIntelligenceService.v1beta.dll
Syntax
public class CompromisedCredentialsFindingDetail : IDirectResponseSchemaProperties
Author
Optional. Reference to the author this detail was extracted from. This is deprecated and will be removed.
Declaration
[JsonProperty("author")]
public virtual string Author { get; set; }Property Value
| Type | Description |
|---|---|
| string |
CredentialService
Optional. Claimed site the credential is intended for.
Declaration
[JsonProperty("credentialService")]
public virtual string CredentialService { get; set; }Property Value
| Type | Description |
|---|---|
| string |
DarkWebDoc
Optional. Reference to the dark web document. This is deprecated and will be removed.
Declaration
[JsonProperty("darkWebDoc")]
public virtual string DarkWebDoc { get; set; }Property Value
| Type | Description |
|---|---|
| string |
ETag
The ETag of the item.
Declaration
public virtual string ETag { get; set; }Property Value
| Type | Description |
|---|---|
| string |
ExternalReferenceUri
Optional. This will contain a link to the external reference for this credential. If set, this is a link back to the DTM product to allow customers to get additional context about this finding.
Declaration
[JsonProperty("externalReferenceUri")]
public virtual string ExternalReferenceUri { get; set; }Property Value
| Type | Description |
|---|---|
| string |
FileDump
Optional. If the source of the credential was from a file dump this will contain the name of the file the credential was found in. This can be used by customers for context on where the credential was found and to try to find other references to the file in the wild.
Declaration
[JsonProperty("fileDump")]
public virtual string FileDump { get; set; }Property Value
| Type | Description |
|---|---|
| string |
FileDumpHashes
Optional. A list of hashes of the file dump. These will be prefixed with the algorithm. Example: "sha256:"
Declaration
[JsonProperty("fileDumpHashes")]
public virtual IList<string> FileDumpHashes { get; set; }Property Value
| Type | Description |
|---|---|
| IList<string> |
FileDumpSizeBytes
Optional. If file_dump is set this will contain the size of the dump file in bytes. File dumps can be very large.
Declaration
[JsonProperty("fileDumpSizeBytes")]
public virtual long? FileDumpSizeBytes { get; set; }Property Value
| Type | Description |
|---|---|
| long? |
Forum
Optional. Reference to the forum this detail was extracted from. This is deprecated and will be removed.
Declaration
[JsonProperty("forum")]
public virtual string Forum { get; set; }Property Value
| Type | Description |
|---|---|
| string |
MalwareFamily
Optional. This will indicate the malware family that leaked this credential, if known.
Declaration
[JsonProperty("malwareFamily")]
public virtual string MalwareFamily { get; set; }Property Value
| Type | Description |
|---|---|
| string |
PostedTime
object representation of PostedTimeRaw.
Declaration
[JsonIgnore]
[Obsolete("This property is obsolete and may behave unexpectedly; please use PostedTimeDateTimeOffset instead.")]
public virtual object PostedTime { get; set; }Property Value
| Type | Description |
|---|---|
| object |
PostedTimeDateTimeOffset
DateTimeOffset representation of PostedTimeRaw.
Declaration
[JsonIgnore]
public virtual DateTimeOffset? PostedTimeDateTimeOffset { get; set; }Property Value
| Type | Description |
|---|---|
| DateTimeOffset? |
PostedTimeRaw
Optional. This indicates our best guess as to when the credential was leaked to the particular venue that triggered this finding. This is not necessarily the time the credential was actually leaked and it may not always be be accurate.
Declaration
[JsonProperty("postedTime")]
public virtual string PostedTimeRaw { get; set; }Property Value
| Type | Description |
|---|---|
| string |
SourceUri
Optional. If the source of a credential is publicly addressable this will contain a uri to the where the credential was found.
Declaration
[JsonProperty("sourceUri")]
public virtual string SourceUri { get; set; }Property Value
| Type | Description |
|---|---|
| string |
UserKey
Required. This field will always be set and will be used to identify the user named in the credential leak. In cases where customers are authorized to see the actual user key this will be set to the actual user key. In cases where the customer is not authorized to see the actual user key this will be set to a hash of the user key. The hashed value is an intentionally opaque value that is not intended to be used for any other purpose than to uniquely identify the user in the context of this specific customer, service domain, and user name. Example: "user@example.com" or "redacted:".
Declaration
[JsonProperty("userKey")]
public virtual string UserKey { get; set; }Property Value
| Type | Description |
|---|---|
| string |
UserSecretEvidence
Optional. Claimed evidence of the password/secret. This will always be hashed. In the event where the plaintext password is known it will be set to "redacted:" where the same hash will be presented when the same password is found for the same organization for the same service. Redaction is done by hashing the password with a salt that is unique to the customer organization and service. In the event where the plaintext password is not known it will be set to ":" where the algorithm is the hash algorithm used and the hash is the hash of the password using that algorithm. In the event we don't know the exact algorithm used we will set it to "hashed:".
Declaration
[JsonProperty("userSecretEvidence")]
public virtual string UserSecretEvidence { get; set; }Property Value
| Type | Description |
|---|---|
| string |