list_exploitations

Retrieve exploitation data to identify vulnerabilities actively exploited in the wild, including detection signatures, frequency, and timeframes. Filter and sort by count, creation, or update time for actionable insights.

Instructions

Get exploitation data

Use this to look up exploitation data when you want to know if vulnerabilities have been exploited in the wild, and who detected the exploitations. This function retrieves a list of exploitation incidents with filtering and sorting options.

The data can help identify:

Recent exploitations in the wild
Which detection signatures identified the exploitations
Frequency of exploitation activities (count)
Timeframes of exploitation activities

Args: offset (int, optional): The number of items to skip before starting to collect the result set. Defaults to 0. limit (int, optional): The maximum number of items to return. Minimum value is 1. Defaults to 10 (API default is 100). sort (str, optional): Field to sort by - either 'count', 'created_at', or 'updated_at'. Defaults to 'created_at'. order (str, optional): Sort order - either 'asc' or 'desc'. Defaults to 'desc'.

Returns: Dict[str, Any]: Dictionary containing: - data: List of exploitation records with fields including: - uuid - begins_at - ends_at - count - detection_signature_uuid - detection_signature_name - detection_signature_source - detection_signature_method - created_at - updated_at

Input Schema

Name	Required	Default
`limit`	No
`offset`	No
`order`	No	desc
`sort`	No	created_at

Input Schema (JSON Schema)

{
  "properties": {
    "limit": {
      "default": 10,
      "title": "Limit",
      "type": "integer"
    },
    "offset": {
      "default": 0,
      "title": "Offset",
      "type": "integer"
    },
    "order": {
      "default": "desc",
      "title": "Order",
      "type": "string"
    },
    "sort": {
      "default": "created_at",
      "title": "Sort",
      "type": "string"
    }
  },
  "title": "list_exploitationsArguments",
  "type": "object"
}

Mallory MCP Server