Pack Contributors:
- Mandar Naik
- nikstuckenbrock
- Lizz Boice
- Ali Sawyer
Contributions are welcome and appreciated. For more info, visit our Contribution Guide.
Community Common Scripts
- Details
- Content
- Dependencies
- Version History
A pack that contains community scripts
Pack Contributors:
- Mandar Naik
- nikstuckenbrock
- Lizz Boice
- Ali Sawyer
Contributions are welcome and appreciated. For more info, visit our Contribution Guide.
Automations
| Name | Description |
|---|---|
| CreateArrayWithDuplicates | Will create an array object in context from a given string input , allowing for duplicate values to be retained Output is to ContextKey.array as JSON does not permit duplicate key names e.g., ContextKey.array.value1, ContextKey.array.value2, ContextKey.array.value3, etc. |
| Json2HtmlTable | Converts JSON objects to HTML tables. |
| IPCalcReturnSubnetNetwork | An Automation Script to return subnet network ID |
| InvertEveryTwoItems | This transformer will invert every two items in an array. If the total of items in the array is an odd number the last item will be removed If the item is not an array the output will be same passed object. |
| VersionLessThan | Tests whether left side version number is less than right side version number. Version numbers need to have at least a major and minor version component to be considered valid. E.g. 1.0 |
| FindPlaybookCustomDependencies | Find custom scripts and integration dependencies used inside of playbooks. |
| CreateFileFromPathObject | This automation is being executed by the "GetFilePathPreProcessing" pre-processing script that collects the paths and names of attachments of an incoming incident, then passes it to this automation that reads the files and creates them in an existing incident |
| MarkdownToHTML | Converts Markdown to HTML. |
| RetrievePlaybookDependencies | Retrieves all Playbook (and Sub-Playbook) Names, Integrations, Automation Scripts, Commands not using-brand, and lists for a provided Playbook name. Also accepts inputs for incident types, layouts, incident fields, indicator fields, jobs, mappers, and pre-process rules connected to the parent playbook. Results can be output as an HTML or Markdown list. |
| MinList | Gets the minimum value from list |
| GetListDatawithKeyword | This transformer will get list of array elements by providing keyword. List data format |
| GetFields | Retrieves fields from an object using dot notation |
| IPCalcReturnAddressBinary | An automation script to return address in binary format |
| ExtFilter | Advanced Filter. It enables you to make filters with complex conditions. |
| DateTimeToADTime | Converts unix time to AD Integer8 time. This is used in many AD date fields like pwdLastSet. |
| IPCalcReturnAddressIANAAllocation | An automation script to return address IANA information |
| PHash | Script to create a perceptual hash of an image (or file) stored in the incident. Wrapps https://pypi.org/project/ImageHash/ |
| VersionEqualTo | Tests whether left side version number is equal to right side version number. |
| IPCalcReturnSubnetBroadcastAddress | An Automation Script to return subnet broadcast address |
DeleteIncidentsByQuery | Use this automation to delete incidents using query parameter with the same format as used in incidents search. Core REST API integration instance should be created. |
| CalculateTimeSpan | Calculates the time span between two dates using Powershell's A timespan with a start date of "2022-04-02T15:42:48" and end date of "2022-04-12T16:55:07" would return the following: Days : 10 |
| RandomPhotoNasa | This automation script will pull a random image from https://images.nasa.gov based on the search parameter provided. If the script is used within a widget, it will output an image in markdown format. If it is used anywhere else it will output an image in markdown format and also context data. |
| DisplayTaggedWarroomEntries | Display warroom entries in a dynamic section which are tagged with 'report' |
| IPCalcReturnSubnetAddresses | An automation script to return subnet addresses |
| GetFilePathPreProcessing | This is a pre-processing script that is used to create the attachments of incoming incidents in an existing incident, then drop the incoming incident. |
| Defang | Defangs IP, Mail and URL address to prevent them from being recognized. |
| MissingElements | Returns the list of missing elements from an input list of integers. e.g. [12,14,16] -> [13,15]. |
| DisplayIndicatorReputationContent | Display the indicator context object in markdown format in a dynamic section layout |
| jq | Deprecated. Use JMESPath transformer from the Filters and Transformers content pack instead. |
ConvertUTCEpochTimeToTimeStamp | This transformer convert the Epoch or UTC timestamp to desired stamp |
| redactindicator | Redactindicator can help you to defang/redact any kind of indicator (IPv4, url, domain and email), IP addresses will be in the dotted representation like 8.8.8[.].8, all domains will be example[.]com. Optional you can define a "searchkey" which does not to be case sensitive, which will be replaced as <REDACTED>. |
| VersionGreaterThan | Tests whether left side version number is greater than right side version number. Version numbers need to have at least a major and minor version component to be considered valid. E.g. 1.0 |
| GetIndexOfArrayValue | This transformer will get an index of an element from an array. |
| RandomElementFromList | randomly select elements from a list in Python |
| StripAccentMarksFromString | Strip accent marks (diacritics) from a given string. |
| delete_expired_indicator_with_exlusion | deletes expired indicators. |
| isArrayItemInList | This automation is for comparing array(list) data of context to existing lists on XSOAR server. You can avoid using loop of sub-playbook. |
| CreatePlbkDoc | Purpose: This automation will produce docx file detailing the tasks in the given playbook. It can produce a table or paragraph format of the report. Author: Mahmood Azmat Input1: Name of the playbook (Mandatory) Requirements: This automation requires "Core REST API" integration enabled and connected to the XSOAR itself. Automation uses it to read the objects of the playbook. |
SSLVerifier | Use this automation to check for validity of your SSL certificate and get the time until expiration. |
| DeleteIndicators | Delete indicators based on query, values, or IDs. |
| GetIndicatorCustomFieldsByQuery | Returns indicator custom fields into the context by the given query. |
| GetAskLinks | Creates external ask links for the |
| BatchData | This Automation takes in a string of comma separated items and returns a dictionary of with the defined chunk size. |
| RetrievePlaybooksAndIntegrations | Deprecated. Use RetrievePlaybookDependencies instead. Retrieves all Playbook (and Sub-Playbook) Names and Integrations for a provided Playbook name |
| CompareList | Compares two lists. |
| IPCalcCheckSubnetCollision | An automation script to return subnet collision result |
| DateTimeNowToEpoch | Returns the current datetime as an epoch value for use in timestamp comparisons. |
| CreateEDLInstance | Use this automation to create an EDL instance on XSOAR. |
| MaxList | Gets the maximum value from list |
MapRegex | This transformer will take in a value and transform it based on multiple regular expressions defined in a JSON dictionary structure. The key:value pair of the JSON dictionary should be: "desired outcome": "regex to match" For example: { The transformer will match in order of dictionary entries. |
| DateTimeToLDAPTime | Converts the given time to an LDAP timestamp. |
| RemoveEmptyEvidence | The automation removes evidence based on a query performed on the evidence content, |
| GenerateRandomJSON | Generate a list of random dictionaries, using Faker Python library. For more information, please visit https://faker.readthedocs.io |
| GetIndicatorDBotScoreFromContext | Get the final verdict from the DBotScore of the context. |
Automations
| Name | Description |
|---|---|
| RetrievePlaybookDependencies | Retrieves all Playbook (and Sub-Playbook) Names, Integrations, Automation Scripts, Commands not using-brand, and lists for a provided Playbook name. Also accepts inputs for incident types, layouts, incident fields, indicator fields, jobs, mappers, and pre-process rules connected to the parent playbook. Results can be output as an HTML or Markdown list. |
| MissingElements | Returns the list of missing elements from an input list of integers. e.g. [12,14,16] -> [13,15]. |
| DateTimeNowToEpoch | Returns the current datetime as an epoch value for use in timestamp comparisons. |
| DateTimeToLDAPTime | Converts the given time to an LDAP timestamp. |
| VersionEqualTo | Tests whether left side version number is equal to right side version number. |
| GenerateRandomJSON | Generate a list of random dictionaries, using Faker Python library. For more information, please visit https://faker.readthedocs.io |
| IPCalcReturnSubnetBroadcastAddress | An Automation Script to return subnet broadcast address |
| RandomElementFromList | randomly select elements from a list in Python |
| CompareList | Compares two lists. |
| jq | Deprecated. Use JMESPath transformer from the Filters and Transformers content pack instead. |
| delete_expired_indicator_with_exlusion | deletes expired indicators. |
| RetrievePlaybooksAndIntegrations | Deprecated. Use RetrievePlaybookDependencies instead. Retrieves all Playbook (and Sub-Playbook) Names and Integrations for a provided Playbook name |
| GetFields | Retrieves fields from an object using dot notation |
| IPCalcReturnSubnetAddresses | An automation script to return subnet addresses |
| CalculateTimeSpan | Calculates the time span between two dates using Powershell's A timespan with a start date of "2022-04-02T15:42:48" and end date of "2022-04-12T16:55:07" would return the following: Days : 10 |
| IPCalcReturnAddressIANAAllocation | An automation script to return address IANA information |
| FindPlaybookCustomDependencies | Find custom scripts and integration dependencies used inside of playbooks. |
| InvertEveryTwoItems | This transformer will invert every two items in an array. If the total of items in the array is an odd number the last item will be removed If the item is not an array the output will be same passed object. |
| IPCalcReturnSubnetNetwork | An Automation Script to return subnet network ID |
| redactindicator | Redactindicator can help you to defang/redact any kind of indicator (IPv4, url, domain and email), IP addresses will be in the dotted representation like 8.8.8[.].8, all domains will be example[.]com. Optional you can define a "searchkey" which does not to be case sensitive, which will be replaced as <REDACTED>. |
| StripAccentMarksFromString | Strip accent marks (diacritics) from a given string. |
| GetListDatawithKeyword | This transformer will get list of array elements by providing keyword. List data format |
| MarkdownToHTML | Converts Markdown to HTML. |
| CreateEDLInstance | Use this automation to create an EDL instance on XSOAR. |
| Json2HtmlTable | Converts JSON objects to HTML tables. |
| isArrayItemInList | This automation is for comparing array(list) data of context to existing lists on XSOAR server. You can avoid using loop of sub-playbook. |
| DeleteIndicators | Delete indicators based on query, values, or IDs. |
MapRegex | This transformer will take in a value and transform it based on multiple regular expressions defined in a JSON dictionary structure. The key:value pair of the JSON dictionary should be: "desired outcome": "regex to match" For example: { The transformer will match in order of dictionary entries. |
| RemoveEmptyEvidence | The automation removes evidence based on a query performed on the evidence content, |
| VersionLessThan | Tests whether left side version number is less than right side version number. Version numbers need to have at least a major and minor version component to be considered valid. E.g. 1.0 |
| GetIndicatorCustomFieldsByQuery | Returns indicator custom fields into the context by the given query. |
| Defang | Defangs IP, Mail and URL address to prevent them from being recognized. |
| RandomPhotoNasa | This automation script will pull a random image from https://images.nasa.gov based on the search parameter provided. If the script is used within a widget, it will output an image in markdown format. If it is used anywhere else it will output an image in markdown format and also context data. |
| DateTimeToADTime | Converts unix time to AD Integer8 time. This is used in many AD date fields like pwdLastSet. |
| VersionGreaterThan | Tests whether left side version number is greater than right side version number. Version numbers need to have at least a major and minor version component to be considered valid. E.g. 1.0 |
| IPCalcCheckSubnetCollision | An automation script to return subnet collision result |
| MinList | Gets the minimum value from list |
| DisplayTaggedWarroomEntries | Display warroom entries in a dynamic section which are tagged with 'report' |
| GetAskLinks | Creates external ask links for the |
| BatchData | This Automation takes in a string of comma separated items and returns a dictionary of with the defined chunk size. |
| GetIndexOfArrayValue | This transformer will get an index of an element from an array. |
| ExtFilter | Advanced Filter. It enables you to make filters with complex conditions. |
SSLVerifier | Use this automation to check for validity of your SSL certificate and get the time until expiration. |
| CreateFileFromPathObject | This automation is being executed by the "GetFilePathPreProcessing" pre-processing script that collects the paths and names of attachments of an incoming incident, then passes it to this automation that reads the files and creates them in an existing incident |
ConvertUTCEpochTimeToTimeStamp | This transformer convert the Epoch or UTC timestamp to desired stamp |
| IPCalcReturnAddressBinary | An automation script to return address in binary format |
| CreatePlbkDoc | Purpose: This automation will produce docx file detailing the tasks in the given playbook. It can produce a table or paragraph format of the report. Author: Mahmood Azmat Input1: Name of the playbook (Mandatory) Requirements: This automation requires "Core REST API" integration enabled and connected to the XSOAR itself. Automation uses it to read the objects of the playbook. |
| GetIndicatorDBotScoreFromContext | Get the final verdict from the DBotScore of the context. |
| MaxList | Gets the maximum value from list |
| CreateArrayWithDuplicates | Will create an array object in context from a given string input , allowing for duplicate values to be retained Output is to ContextKey.array as JSON does not permit duplicate key names e.g., ContextKey.array.value1, ContextKey.array.value2, ContextKey.array.value3, etc. |
| GetFilePathPreProcessing | This is a pre-processing script that is used to create the attachments of incoming incidents in an existing incident, then drop the incoming incident. |
DeleteIncidentsByQuery | Use this automation to delete incidents using query parameter with the same format as used in incidents search. Core REST API integration instance should be created. |
DeleteAlertsByQuery | Use this automation to delete alerts using query parameter with the same format as used in alerts search. Core REST API integration instance should be created. |
| DisplayIndicatorReputationContent | Display the indicator context object in markdown format in a dynamic section layout |
| PHash | Script to create a perceptual hash of an image (or file) stored in the incident. Wrapps https://pypi.org/project/ImageHash/ |
Required Content Packs (3)
| Pack Name | Pack By |
|---|---|
| Base | By: Cortex XSOAR |
| Common Scripts | By: Cortex XSOAR |
| Cortex REST API | By: Cortex XSOAR |
Optional Content Packs (0)
| Pack Name | Pack By |
|---|
All level dependencies (3)
| Pack Name | Pack By |
|---|---|
| Common Scripts | By: Cortex XSOAR |
| Base | By: Cortex XSOAR |
| Cortex REST API | By: Cortex XSOAR |
1.3.22 - 4847835 (September 11, 2025)
- 41193
Download
Scripts
MapRegex
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
GetIndexOfArrayValue
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
MaxList
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
IPCalcReturnSubnetNetwork
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
SSLVerifier
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
StripAccentMarksFromString
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
IPCalcReturnSubnetAddresses
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
RandomPhotoNasa
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
CreateFileFromPathObject
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
redactindicator
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
ConvertUTCEpochTimeToTimeStamp
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
GetFilePathPreProcessing
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
CompareList
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
DeleteIndicators
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
DeleteIncidentsByQuery
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
InvertEveryTwoItems
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
DateTimeToLDAPTime
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
IPCalcReturnAddressBinary
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
GetIndicatorCustomFieldsByQuery
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
DisplayTaggedWarroomEntries
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
RemoveEmptyEvidence
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
GetFields
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
GetListDatawithKeyword
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
Defang
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
isArrayItemInList
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
MinList
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
CreateEDLInstance
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
IPCalcReturnAddressIANAAllocation
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
BatchData
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
delete_expired_indicator_with_exlusion
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
CreateArrayWithDuplicates
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
IPCalcReturnSubnetBroadcastAddress
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
DisplayIndicatorReputationContent
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
DateTimeToADTime
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
IPCalcCheckSubnetCollision
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
RetrievePlaybookDependencies
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
RandomElementFromList
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
- 41193
Download
1.3.21 - 4770511 (September 4, 2025)
- 41158
Download
Scripts
New: MissingElements
- New: Added a new script- MissingElements that Returns the list of missing elements from an input list of integers.
e.g. [12,14,16] -> [13,15]
GetAskLinks
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
GetIndicatorDBotScoreFromContext
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
ExtFilter
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
DateTimeNowToEpoch
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
- 41158
Download
1.3.18 - R3980324 (June 26, 2025)
- 40089
- 40198
Download
Scripts
Json2HtmlTable
- Added support for the custom_styling argument to insert custom css styling before the table object.
- Added support for the table_attributes argument to add various table attributes. e.g. pass id=”infotable” or class=”bootstrapclass”/data*.
- Updated the Docker image to: demisto/py3-tools:1.0.0.3205634.
- 40089
- 40198
Download
1.3.16 - R2988287 (March 26, 2025)
- 39009
Download
Scripts
MaxList
- Metadata and documentation improvements.
IPCalcReturnSubnetAddresses
- Metadata and documentation improvements.
SSLVerifier
- Metadata and documentation improvements.
redactindicator
- Metadata and documentation improvements.
MinList
- Metadata and documentation improvements.
GetListDatawithKeyword
- Metadata and documentation improvements.
CreatePlbkDoc
- Metadata and documentation improvements.
CreateArrayWithDuplicates
- Metadata and documentation improvements.
BatchData
- Metadata and documentation improvements.
IPCalcReturnSubnetNetwork
- Metadata and documentation improvements.
RandomElementFromList
- Metadata and documentation improvements.
GetFields
- Metadata and documentation improvements.
RetrievePlaybookDependencies
- Metadata and documentation improvements.
MapRegex
- Metadata and documentation improvements.
DisplayTaggedWarroomEntries
- Metadata and documentation improvements.
CompareList
- Metadata and documentation improvements.
isArrayItemInList
- Metadata and documentation improvements.
DeleteIndicators
- Metadata and documentation improvements.
IPCalcReturnAddressBinary
- Metadata and documentation improvements.
DateTimeToADTime
- Metadata and documentation improvements.
IPCalcReturnSubnetBroadcastAddress
- Metadata and documentation improvements.
CreateEDLInstance
- Metadata and documentation improvements.
RandomPhotoNasa
- Metadata and documentation improvements.
GetAskLinks
- Metadata and documentation improvements.
ConvertUTCEpochTimeToTimeStamp
- Metadata and documentation improvements.
Defang
- Metadata and documentation improvements.
GetIndicatorCustomFieldsByQuery
- Metadata and documentation improvements.
GetIndicatorDBotScoreFromContext
- Metadata and documentation improvements.
GetFilePathPreProcessing
- Metadata and documentation improvements.
Json2HtmlTable
- Metadata and documentation improvements.
MarkdownToHTML
- Metadata and documentation improvements.
DateTimeNowToEpoch
- Metadata and documentation improvements.
CreateFileFromPathObject
- Metadata and documentation improvements.
DeleteIncidentsByQuery
- Metadata and documentation improvements.
GenerateRandomJSON
- Metadata and documentation improvements.
DateTimeToLDAPTime
- Metadata and documentation improvements.
IPCalcCheckSubnetCollision
- Metadata and documentation improvements.
DisplayIndicatorReputationContent
- Metadata and documentation improvements.
GetIndexOfArrayValue
- Metadata and documentation improvements.
ExtFilter
- Metadata and documentation improvements.
IPCalcReturnAddressIANAAllocation
- Metadata and documentation improvements.
delete_expired_indicator_with_exlusion
- Metadata and documentation improvements.
jq
- Metadata and documentation improvements.
PHash
- Metadata and documentation improvements.
StripAccentMarksFromString
- Metadata and documentation improvements.
- 39009
Download
1.3.15 - 2395597 (February 10, 2025)
- 38552
- 38543
- 38544
- 38546
- 38547
Download
Scripts
VersionLessThan
- Updated the Docker image to: demisto/powershell:7.4.6.117357.
VersionGreaterThan
- Updated the Docker image to: demisto/powershell:7.4.6.117357.
VersionEqualTo
- Updated the Docker image to: demisto/powershell:7.4.6.117357.
CalculateTimeSpan
- Updated the Docker image to: demisto/powershell:7.4.6.117357.
- 38552
- 38543
- 38544
- 38546
- 38547
Download
1.3.8 - 1809308 (December 15, 2024)
- 37567
- 37564
- 37565
Download
Scripts
SSLVerifier
- Updated the Docker image to: demisto/python3:3.11.10.115186.
delete_expired_indicator_with_exlusion
- Updated the Docker image to: demisto/python3:3.11.10.115186.
MaxList
- Updated the Docker image to: demisto/python3:3.11.10.115186.
GetFields
- Updated the Docker image to: demisto/python3:3.11.10.115186.
InvertEveryTwoItems
- Updated the Docker image to: demisto/python3:3.11.10.115186.
ConvertUTCEpochTimeToTimeStamp
- Updated the Docker image to: demisto/python3:3.11.10.115186.
MapRegex
- Updated the Docker image to: demisto/python3:3.11.10.115186.
MinList
- Updated the Docker image to: demisto/python3:3.11.10.115186.
CompareList
- Updated the Docker image to: demisto/python3:3.11.10.115186.
DisplayTaggedWarroomEntries
- Updated the Docker image to: demisto/python3:3.11.10.115186.
RandomElementFromList
- Updated the Docker image to: demisto/python3:3.11.10.115186.
IPCalcCheckSubnetCollision
- Updated the Docker image to: demisto/python3:3.11.10.115186.
IPCalcReturnSubnetNetwork
- Updated the Docker image to: demisto/python3:3.11.10.115186.
IPCalcReturnAddressIANAAllocation
- Updated the Docker image to: demisto/python3:3.11.10.115186.
IPCalcReturnSubnetAddresses
- Updated the Docker image to: demisto/python3:3.11.10.115186.
CreateFileFromPathObject
- Updated the Docker image to: demisto/python3:3.11.10.115186.
DisplayIndicatorReputationContent
- Updated the Docker image to: demisto/python3:3.11.10.115186.
DateTimeToADTime
- Updated the Docker image to: demisto/python3:3.11.10.115186.
GetFilePathPreProcessing
- Updated the Docker image to: demisto/python3:3.11.10.115186.
IPCalcReturnSubnetBroadcastAddress
- Updated the Docker image to: demisto/python3:3.11.10.115186.
isArrayItemInList
- Updated the Docker image to: demisto/python3:3.11.10.115186.
DateTimeToLDAPTime
- Updated the Docker image to: demisto/python3:3.11.10.115186.
StripAccentMarksFromString
- Updated the Docker image to: demisto/python3:3.11.10.115186.
BatchData
- Updated the Docker image to: demisto/python3:3.11.10.115186.
RandomPhotoNasa
- Updated the Docker image to: demisto/python3:3.11.10.115186.
CreateArrayWithDuplicates
- Updated the Docker image to: demisto/python3:3.11.10.115186.
IPCalcReturnAddressBinary
- Updated the Docker image to: demisto/python3:3.11.10.115186.
- 37567
- 37564
- 37565
Download
1.3.6 - 1748140 (December 4, 2024)
- 37528
- 37524
- 37525
- 37526
- 37527
Download
Scripts
ExtFilter
- Updated the Docker image to: demisto/python3:3.11.10.115186.
GetListDatawithKeyword
- Updated the Docker image to: demisto/python3:3.11.10.115186.
RemoveEmptyEvidence
- Updated the Docker image to: demisto/python3:3.11.10.115186.
GetAskLinks
- Updated the Docker image to: demisto/python3:3.11.10.115186.
DateTimeNowToEpoch
- Updated the Docker image to: demisto/python3:3.11.10.115186.
RetrievePlaybookDependencies
- Updated the Docker image to: demisto/python3:3.11.10.115186.
DeleteIncidentsByQuery
- Updated the Docker image to: demisto/python3:3.11.10.115186.
GetIndexOfArrayValue
- Updated the Docker image to: demisto/python3:3.11.10.115186.
GetIndicatorDBotScoreFromContext
- Updated the Docker image to: demisto/python3:3.11.10.115186.
redactindicator
- Updated the Docker image to: demisto/python3:3.11.10.115186.
CreateEDLInstance
- Updated the Docker image to: demisto/python3:3.11.10.115186.
- 37528
- 37524
- 37525
- 37526
- 37527
Download
1.3.4 - 1673120 (November 19, 2024)
- 37287
- 37283
Download
Scripts
VersionEqualTo
- Updated the Docker image to: demisto/powershell:7.4.6.116823.
CalculateTimeSpan
- Updated the Docker image to: demisto/powershell:7.4.6.116823.
VersionGreaterThan
- Updated the Docker image to: demisto/powershell:7.4.6.116823.
VersionLessThan
- Updated the Docker image to: demisto/powershell:7.4.6.116823.
- 37287
- 37283
Download
1.3.3 - 1666862 (November 18, 2024)
- 37214
- 37193
Download
Scripts
CalculateTimeSpan
- Updated the Docker image to: demisto/powershell:7.4.2.103657.
VersionEqualTo
- Updated the Docker image to: demisto/powershell:7.4.2.103657.
VersionGreaterThan
- Updated the Docker image to: demisto/powershell:7.4.2.103657.
VersionLessThan
- Updated the Docker image to: demisto/powershell:7.4.2.103657.
- 37214
- 37193
Download
1.3.1 - 1563308 (October 29, 2024)
- 36856
- 36845
- 36844
- 36843
- 36840
- 36837
- 36836
- 36832
- 36842
- 36841
- 36839
- 36838
- 36834
- 36835
- 36833
Download
Scripts
jq
- Updated the Docker image to: demisto/jq:1.0.0.113893.
CreatePlbkDoc
- Updated the Docker image to: demisto/sane-doc-reports:1.0.0.114696.
PHash
- Updated the Docker image to: demisto/python-phash:1.0.0.114718.
- 36856
- 36845
- 36844
- 36843
- 36840
- 36837
- 36836
- 36832
- 36842
- 36841
- 36839
- 36838
- 36834
- 36835
- 36833
Download
1.3.22 - 4847835 (September 11, 2025)
- 41193
Download
Scripts
MapRegex
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
GetIndexOfArrayValue
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
MaxList
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
IPCalcReturnSubnetNetwork
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
SSLVerifier
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
StripAccentMarksFromString
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
IPCalcReturnSubnetAddresses
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
RandomPhotoNasa
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
CreateFileFromPathObject
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
redactindicator
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
ConvertUTCEpochTimeToTimeStamp
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
GetFilePathPreProcessing
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
CompareList
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
DeleteIndicators
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
DeleteIncidentsByQuery
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
InvertEveryTwoItems
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
DateTimeToLDAPTime
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
IPCalcReturnAddressBinary
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
GetIndicatorCustomFieldsByQuery
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
DisplayTaggedWarroomEntries
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
RemoveEmptyEvidence
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
GetFields
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
GetListDatawithKeyword
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
Defang
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
isArrayItemInList
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
MinList
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
CreateEDLInstance
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
IPCalcReturnAddressIANAAllocation
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
BatchData
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
delete_expired_indicator_with_exlusion
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
CreateArrayWithDuplicates
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
IPCalcReturnSubnetBroadcastAddress
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
DisplayIndicatorReputationContent
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
DateTimeToADTime
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
IPCalcCheckSubnetCollision
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
RetrievePlaybookDependencies
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
RandomElementFromList
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
- 41193
Download
1.3.21 - 4761438 (September 4, 2025)
- 41158
Download
Scripts
New: MissingElements
- New: Added a new script- MissingElements that Returns the list of missing elements from an input list of integers.
e.g. [12,14,16] -> [13,15]
GetAskLinks
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
GetIndicatorDBotScoreFromContext
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
ExtFilter
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
DateTimeNowToEpoch
- Updated the Docker image to: demisto/python3:3.12.8.3296088.
- 41158
Download
1.3.18 - R3980324 (June 26, 2025)
- 40089
- 40198
Download
Scripts
Json2HtmlTable
- Added support for the custom_styling argument to insert custom css styling before the table object.
- Added support for the table_attributes argument to add various table attributes. e.g. pass id=”infotable” or class=”bootstrapclass”/data*.
- Updated the Docker image to: demisto/py3-tools:1.0.0.3205634.
- 40089
- 40198
Download
1.3.16 - R2988287 (March 26, 2025)
- 39009
Download
Scripts
MaxList
- Metadata and documentation improvements.
IPCalcReturnSubnetAddresses
- Metadata and documentation improvements.
SSLVerifier
- Metadata and documentation improvements.
redactindicator
- Metadata and documentation improvements.
MinList
- Metadata and documentation improvements.
GetListDatawithKeyword
- Metadata and documentation improvements.
CreatePlbkDoc
- Metadata and documentation improvements.
CreateArrayWithDuplicates
- Metadata and documentation improvements.
BatchData
- Metadata and documentation improvements.
IPCalcReturnSubnetNetwork
- Metadata and documentation improvements.
RandomElementFromList
- Metadata and documentation improvements.
GetFields
- Metadata and documentation improvements.
RetrievePlaybookDependencies
- Metadata and documentation improvements.
MapRegex
- Metadata and documentation improvements.
DisplayTaggedWarroomEntries
- Metadata and documentation improvements.
CompareList
- Metadata and documentation improvements.
isArrayItemInList
- Metadata and documentation improvements.
DeleteIndicators
- Metadata and documentation improvements.
IPCalcReturnAddressBinary
- Metadata and documentation improvements.
DateTimeToADTime
- Metadata and documentation improvements.
IPCalcReturnSubnetBroadcastAddress
- Metadata and documentation improvements.
CreateEDLInstance
- Metadata and documentation improvements.
RandomPhotoNasa
- Metadata and documentation improvements.
GetAskLinks
- Metadata and documentation improvements.
ConvertUTCEpochTimeToTimeStamp
- Metadata and documentation improvements.
Defang
- Metadata and documentation improvements.
GetIndicatorCustomFieldsByQuery
- Metadata and documentation improvements.
GetIndicatorDBotScoreFromContext
- Metadata and documentation improvements.
GetFilePathPreProcessing
- Metadata and documentation improvements.
Json2HtmlTable
- Metadata and documentation improvements.
MarkdownToHTML
- Metadata and documentation improvements.
DateTimeNowToEpoch
- Metadata and documentation improvements.
CreateFileFromPathObject
- Metadata and documentation improvements.
DeleteIncidentsByQuery
- Metadata and documentation improvements.
GenerateRandomJSON
- Metadata and documentation improvements.
DateTimeToLDAPTime
- Metadata and documentation improvements.
IPCalcCheckSubnetCollision
- Metadata and documentation improvements.
DisplayIndicatorReputationContent
- Metadata and documentation improvements.
GetIndexOfArrayValue
- Metadata and documentation improvements.
ExtFilter
- Metadata and documentation improvements.
IPCalcReturnAddressIANAAllocation
- Metadata and documentation improvements.
delete_expired_indicator_with_exlusion
- Metadata and documentation improvements.
jq
- Metadata and documentation improvements.
PHash
- Metadata and documentation improvements.
StripAccentMarksFromString
- Metadata and documentation improvements.
- 39009
Download
1.3.15 - 2429474 (February 11, 2025)
- 38552
- 38543
- 38544
- 38546
- 38547
Download
Scripts
VersionLessThan
- Updated the Docker image to: demisto/powershell:7.4.6.117357.
VersionGreaterThan
- Updated the Docker image to: demisto/powershell:7.4.6.117357.
VersionEqualTo
- Updated the Docker image to: demisto/powershell:7.4.6.117357.
CalculateTimeSpan
- Updated the Docker image to: demisto/powershell:7.4.6.117357.
- 38552
- 38543
- 38544
- 38546
- 38547
Download
1.3.8 - 1809308 (December 15, 2024)
- 37567
- 37564
- 37565
Download
Scripts
SSLVerifier
- Updated the Docker image to: demisto/python3:3.11.10.115186.
delete_expired_indicator_with_exlusion
- Updated the Docker image to: demisto/python3:3.11.10.115186.
MaxList
- Updated the Docker image to: demisto/python3:3.11.10.115186.
GetFields
- Updated the Docker image to: demisto/python3:3.11.10.115186.
InvertEveryTwoItems
- Updated the Docker image to: demisto/python3:3.11.10.115186.
ConvertUTCEpochTimeToTimeStamp
- Updated the Docker image to: demisto/python3:3.11.10.115186.
MapRegex
- Updated the Docker image to: demisto/python3:3.11.10.115186.
MinList
- Updated the Docker image to: demisto/python3:3.11.10.115186.
CompareList
- Updated the Docker image to: demisto/python3:3.11.10.115186.
DisplayTaggedWarroomEntries
- Updated the Docker image to: demisto/python3:3.11.10.115186.
RandomElementFromList
- Updated the Docker image to: demisto/python3:3.11.10.115186.
IPCalcCheckSubnetCollision
- Updated the Docker image to: demisto/python3:3.11.10.115186.
IPCalcReturnSubnetNetwork
- Updated the Docker image to: demisto/python3:3.11.10.115186.
IPCalcReturnAddressIANAAllocation
- Updated the Docker image to: demisto/python3:3.11.10.115186.
IPCalcReturnSubnetAddresses
- Updated the Docker image to: demisto/python3:3.11.10.115186.
CreateFileFromPathObject
- Updated the Docker image to: demisto/python3:3.11.10.115186.
DisplayIndicatorReputationContent
- Updated the Docker image to: demisto/python3:3.11.10.115186.
DateTimeToADTime
- Updated the Docker image to: demisto/python3:3.11.10.115186.
GetFilePathPreProcessing
- Updated the Docker image to: demisto/python3:3.11.10.115186.
IPCalcReturnSubnetBroadcastAddress
- Updated the Docker image to: demisto/python3:3.11.10.115186.
isArrayItemInList
- Updated the Docker image to: demisto/python3:3.11.10.115186.
DateTimeToLDAPTime
- Updated the Docker image to: demisto/python3:3.11.10.115186.
StripAccentMarksFromString
- Updated the Docker image to: demisto/python3:3.11.10.115186.
BatchData
- Updated the Docker image to: demisto/python3:3.11.10.115186.
RandomPhotoNasa
- Updated the Docker image to: demisto/python3:3.11.10.115186.
CreateArrayWithDuplicates
- Updated the Docker image to: demisto/python3:3.11.10.115186.
IPCalcReturnAddressBinary
- Updated the Docker image to: demisto/python3:3.11.10.115186.
- 37567
- 37564
- 37565
Download
1.3.6 - 1748140 (December 4, 2024)
- 37528
- 37524
- 37525
- 37526
- 37527
Download
Scripts
ExtFilter
- Updated the Docker image to: demisto/python3:3.11.10.115186.
GetListDatawithKeyword
- Updated the Docker image to: demisto/python3:3.11.10.115186.
RemoveEmptyEvidence
- Updated the Docker image to: demisto/python3:3.11.10.115186.
GetAskLinks
- Updated the Docker image to: demisto/python3:3.11.10.115186.
DateTimeNowToEpoch
- Updated the Docker image to: demisto/python3:3.11.10.115186.
RetrievePlaybookDependencies
- Updated the Docker image to: demisto/python3:3.11.10.115186.
DeleteIncidentsByQuery
- Updated the Docker image to: demisto/python3:3.11.10.115186.
GetIndexOfArrayValue
- Updated the Docker image to: demisto/python3:3.11.10.115186.
GetIndicatorDBotScoreFromContext
- Updated the Docker image to: demisto/python3:3.11.10.115186.
redactindicator
- Updated the Docker image to: demisto/python3:3.11.10.115186.
CreateEDLInstance
- Updated the Docker image to: demisto/python3:3.11.10.115186.
- 37528
- 37524
- 37525
- 37526
- 37527
Download
1.3.5 - 1675652 (November 20, 2024)
- 37271
Download
Scripts
VersionEqualTo
- Updated the Docker image to: demisto/powershell:7.4.6.116823.
CalculateTimeSpan
- Updated the Docker image to: demisto/powershell:7.4.6.116823.
VersionGreaterThan
- Updated the Docker image to: demisto/powershell:7.4.6.116823.
VersionLessThan
- Updated the Docker image to: demisto/powershell:7.4.6.116823.
GetIndicatorCustomFieldsByQuery
- Updated the Docker image to: demisto/python3:3.11.10.116439.
- 37271
Download
1.3.3 - 1666862 (November 18, 2024)
- 37214
- 37193
Download
Scripts
CalculateTimeSpan
- Updated the Docker image to: demisto/powershell:7.4.2.103657.
VersionEqualTo
- Updated the Docker image to: demisto/powershell:7.4.2.103657.
VersionGreaterThan
- Updated the Docker image to: demisto/powershell:7.4.2.103657.
VersionLessThan
- Updated the Docker image to: demisto/powershell:7.4.2.103657.
- 37214
- 37193
Download
1.3.1 - 1563308 (October 29, 2024)
- 36856
- 36845
- 36844
- 36843
- 36840
- 36837
- 36836
- 36832
- 36842
- 36841
- 36839
- 36838
- 36834
- 36835
- 36833
Download
Scripts
jq
- Updated the Docker image to: demisto/jq:1.0.0.113893.
CreatePlbkDoc
- Updated the Docker image to: demisto/sane-doc-reports:1.0.0.114696.
PHash
- Updated the Docker image to: demisto/python-phash:1.0.0.114718.
- 36856
- 36845
- 36844
- 36843
- 36840
- 36837
- 36836
- 36832
- 36842
- 36841
- 36839
- 36838
- 36834
- 36835
- 36833
Download
PLATFORMS
Cortex XSOARCortex XSIAM
INFO
| Supported By | Community | |
| Created | January 9, 2023 | |
| Last Release | October 29, 2025 |
WORKS WITH THE FOLLOWING INTEGRATIONS:
