{"id":33245381,"url":"https://github.com/OTRF/API-To-Event","last_synced_at":"2026-03-29T21:00:44.657Z","repository":{"id":108956297,"uuid":"195734897","full_name":"OTRF/API-To-Event","owner":"OTRF","description":"A repo to document API functions mapped to security events across diverse platforms","archived":false,"fork":false,"pushed_at":"2019-11-01T02:07:46.000Z","size":25,"stargazers_count":74,"open_issues_count":0,"forks_count":18,"subscribers_count":7,"default_branch":"master","last_synced_at":"2026-02-26T01:27:21.744Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/OTRF.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2019-07-08T04:10:45.000Z","updated_at":"2025-12-22T10:23:29.000Z","dependencies_parsed_at":"2023-09-08T14:00:54.562Z","dependency_job_id":null,"html_url":"https://github.com/OTRF/API-To-Event","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/OTRF/API-To-Event","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OTRF%2FAPI-To-Event","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OTRF%2FAPI-To-Event/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OTRF%2FAPI-To-Event/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OTRF%2FAPI-To-Event/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/OTRF","download_url":"https://codeload.github.com/OTRF/API-To-Event/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OTRF%2FAPI-To-Event/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31164979,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-29T18:55:37.765Z","status":"ssl_error","status_checked_at":"2026-03-29T18:55:04.089Z","response_time":89,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-11-16T21:00:32.225Z","updated_at":"2026-03-29T21:00:44.651Z","avatar_url":"https://github.com/OTRF.png","language":null,"readme":"# API-To-Event\n\nA repo focused primarily on documenting the relationships between API functions and security events that get generated when using such functions. This project leverages other projects to be able to validate and abstract the use of those apis:\n\n* Windows\n    * [PSReflect-Functions](https://github.com/jaredcatkinson/PSReflect-Functions)\n    * [PurpleSharp](https://github.com/mvelazc0/PurpleSharp)\n* AWS\n    * [Boto3](https://github.com/boto/boto3)\n    * [Pacu](https://github.com/RhinoSecurityLabs/pacu)\n\nIn addition, any dataset generated while testing and validating events will be stored in the [Mordor](https://github.com/Cyb3rWard0g/mordor) project.\n\n# Goals\n\n* Share lists of API functions mapped to security events\n* Help security analysts to understand what it is that can trigger specific security events\n* Enhance detections adding context on API functionality\n\n# Getting Started\n\n* [List of API-To-Events](https://docs.google.com/spreadsheets/d/1Y3MHsgDWj_xH4qrqIMs4kYJq1FSuqv4LqIrcX24L10A/edit?usp=sharing)\n\n# Authors\n\n* Roberto Rodriguez [@Cyb3rWard0g](https://twitter.com/Cyb3rWard0g)\n\n# Contributing\n\nThere are a few things that we would like to accomplish with this repo as shown in the To-Do list below. Share new API functions mapped to security events.\n\n# License: GPL-3.0\n\n[ API-To-Event's GNU General Public License](https://github.com/Cyb3rWard0g/API-to-Event/blob/master/LICENSE)\n\n# To-Do\n\n- [ ] Map project mappings to Mordor datasets (ATT\u0026CK)\n- [ ] Document AWS APIs to CloudTrail Logs\n\nMore coming soon...\n","funding_links":[],"categories":["Blue Team"],"sub_categories":["Threat Hunting"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FOTRF%2FAPI-To-Event","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FOTRF%2FAPI-To-Event","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FOTRF%2FAPI-To-Event/lists"}