list_exploitations
Retrieve exploitation data to identify vulnerabilities exploited in the wild, including detection signatures, frequency, and timeframes for security analysis.
Instructions
Get exploitation data
Use this to look up exploitation data when you want to know if vulnerabilities have been exploited in the wild, and who detected the exploitations. This function retrieves a list of exploitation incidents with filtering and sorting options.
The data can help identify:
Recent exploitations in the wild
Which detection signatures identified the exploitations
Frequency of exploitation activities (count)
Timeframes of exploitation activities
Args: offset (int, optional): The number of items to skip before starting to collect the result set. Defaults to 0. limit (int, optional): The maximum number of items to return. Minimum value is 1. Defaults to 10 (API default is 100). sort (str, optional): Field to sort by - either 'count', 'created_at', or 'updated_at'. Defaults to 'created_at'. order (str, optional): Sort order - either 'asc' or 'desc'. Defaults to 'desc'.
Returns: Dict[str, Any]: Dictionary containing: - data: List of exploitation records with fields including: - uuid - begins_at - ends_at - count - detection_signature_uuid - detection_signature_name - detection_signature_source - detection_signature_method - created_at - updated_at
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| offset | No | ||
| limit | No | ||
| sort | No | created_at | |
| order | No | desc |
Implementation Reference
- The handler function for the 'list_exploitations' MCP tool, decorated with @mcp.tool() for registration and implementing the tool logic by forwarding to malloryai_client.exploitations.list_exploitations with pagination and sorting parameters.@mcp.tool() @handle_api_errors async def list_exploitations( offset: int = 0, limit: int = 10, sort: str = "created_at", order: str = "desc", ) -> Dict[str, Any]: """Get exploitation data Use this to look up exploitation data when you want to know if vulnerabilities have been exploited in the wild, and who detected the exploitations. This function retrieves a list of exploitation incidents with filtering and sorting options. The data can help identify: - Recent exploitations in the wild - Which detection signatures identified the exploitations - Frequency of exploitation activities (count) - Timeframes of exploitation activities Args: offset (int, optional): The number of items to skip before starting to collect the result set. Defaults to 0. limit (int, optional): The maximum number of items to return. Minimum value is 1. Defaults to 10 (API default is 100). sort (str, optional): Field to sort by - either 'count', 'created_at', or 'updated_at'. Defaults to 'created_at'. order (str, optional): Sort order - either 'asc' or 'desc'. Defaults to 'desc'. Returns: Dict[str, Any]: Dictionary containing: - data: List of exploitation records with fields including: - uuid - begins_at - ends_at - count - detection_signature_uuid - detection_signature_name - detection_signature_source - detection_signature_method - created_at - updated_at """ return await malloryai_client.exploitations.list_exploitations( offset=offset, limit=limit, sort=sort, order=order )