Securitytrails

12 tools available

SecurityTrails is a cybersecurity platform providing comprehensive domain, IP, DNS, and WHOIS intelligence data. It offers historical DNS records, subdomain discovery, WHOIS history, associated domains, passive DNS datasets, and website technology detection to support threat hunting, brand protection, cyber forensics, and attack surface management.

security & identity toolsdeveloper tools
Connect Securitytrails Visit Securitytrails ↗

Connect Securitytrails to Definable to automate repetitive tasks, sync data with the rest of your stack, trigger on real-world events. Personas call Securitytrails's 12 tools directly from chat or scheduled flows. You can wire it into any persona to read, write, and react when an event fires.

Common workflows with Securitytrails

01

Trigger on event

  1. Listen for a new event
  2. Parse and validate the payload
  3. Take an action with the linked tool
02

Daily summary

  1. Pull yesterday's activity
  2. Summarise with the model of your choice
  3. Send the digest via email or Slack
03

Cross-tool sync

  1. Read records from one app
  2. Transform with a persona
  3. Write the result back via this integration

Securitytrails actions 12

Every Securitytrails action below is a callable tool any Definable persona can invoke.

Bulk Static Asset Rules

Bulk add or remove static asset rules for a SecurityTrails ASI project. Static asset rules define which domains/IPs are included or excluded from the project's monitoring scope. This operation processes up to 1000 rules (combined add + remove) per request. The API processes rules asynchronously, waiting up to 2 seconds for completion. If processing takes longer, task_ids are returned for status polling. Note: Requires a valid project_id from the List Projects endpoint. Use the Get Static Assets endpoint to verify changes after bulk operations complete.

Get Company Associated IPs

Tool to retrieve IPs associated with a company domain. Use when you need to find all IP addresses linked to an organization's domain name.

Get Domain Details

Retrieves comprehensive domain information from SecurityTrails including current DNS records, infrastructure details, and statistics. This tool fetches detailed DNS data (A, AAAA, MX, NS, SOA, TXT records) along with metadata about when records were first seen, which organizations own the infrastructure, and how many other domains share the same servers. Useful for domain reconnaissance, infrastructure mapping, security analysis, and understanding domain configurations. Returns structured data with typed fields for easy programmatic access by AI agents.

Get Domain SSL

Tool to fetch current and historical SSL certificate details for a hostname. Use when you need to retrieve SSL data after identifying the domain. Coverage limited to certificates indexed by SecurityTrails; private, internally-issued, or very recently issued certificates may be absent.

IP Search Statistics

Fetch aggregated statistics for IP addresses matching a DSL query. Returns top open ports by frequency, common reverse DNS patterns, and total count. Useful for analyzing IP infrastructure patterns, port distributions, and PTR records across specific IP ranges or reverse DNS domains.

List ASI Projects

Tool to list ASI projects available to the account. Use when you need project IDs for subsequent ASI operations.

Ping

Tool to test authentication and connectivity with the SecurityTrails API. Use after configuring API key.

Scroll Results

Tool to continue scrolling through DSL search results. Use after receiving a scroll_id from SECURITYTRAILS_SEARCH_IPS or SECURITYTRAILS_SQL_API_EXECUTE_QUERY to fetch the next batch of data. Call iteratively until no scroll_id is returned to retrieve all pages.

Search IPs

Tool to search IP addresses via SecurityTrails DSL. Use when you need to filter IPs with custom DSL queries. Results are paginated; use SecurityTrails scroll mechanisms for large result sets to avoid missing assets.

SQL API Execute Query

Execute SQL-like queries against SecurityTrails data. Query the 'hosts' table for domain/DNS information or the 'ips' table for IP address/ASN/port data. Returns up to 100 records per request with a scroll ID for pagination. Supports standard SQL syntax (SELECT, WHERE, AND, OR, IN, IS NULL) but does NOT support LIMIT clause.

SQL API Scroll Results

Tool to fetch next page of SQL query results. Use after obtaining scroll_id from initial SQL API response.

Temp Scrape Securitytrails Usage

Retrieve account usage information from the SecurityTrails API. This action fetches the current monthly usage and allowed monthly usage limits for your SecurityTrails API account. Use this to monitor your API quota consumption. Returns: On success (200): - current_monthly_usage: Your current API usage for the month - allowed_monthly_usage: Your total allowed monthly API quota On error: - status_code: HTTP status code - response_text: Error message from API

More security & identity tools integrations

All security & identity tools →
1password
Password manager and digital vault for secure credential storage and team collaboration
AbuseIPDB
AbuseIPDB is a project dedicated to helping make the internet safer by providing a central repository for reporting and checking IP addresses associated with malicious activities.
Anonyflow
AnonyFlow offers a simple and powerful service for encryption-based data anonymization and community sharing, enabling GDPR, CCPA, and HIPAA data privacy protection compliance.
Bitwarden
Bitwarden is a secure password management solution providing encrypted vaults, cross-platform sync, and enterprise-grade security tools for storing and sharing credentials
Borneo
Borneo is a data security and privacy platform designed for sensitive data discovery and remediation.
Callerapi
CallerAPI provides a white-label caller identification API that enhances customer trust, stops spam, fraud, and robocalls by offering branded caller ID solutions.

Frequently asked questions

What can I automate with Securitytrails on Definable?

Anything Securitytrails exposes through its API. Common security & identity tools workflows on Definable include automate repetitive tasks, sync data with the rest of your stack, trigger on real-world events. Personas can call any of the 12 Securitytrails tools directly, then chain the result into another integration without you writing code.

How does Securitytrails authentication work?

Securitytrails uses API_KEY on Definable. You connect once from the integrations page, scoped to the permissions you choose, and from then on any persona that has the integration enabled can act on your behalf. Tokens are encrypted at rest and rotated automatically.

Is the Securitytrails integration included in my Definable plan?

Yes — every Definable plan, including Starter, includes access to all 12 Securitytrails tools. You only need a separate Securitytrails subscription if Securitytrails itself charges per seat or per API call.

Is using Securitytrails through Definable secure?

Every call from a persona to Securitytrails is logged with the user, persona, prompt, and response. Tokens never leave Definable's secrets vault, scopes are configurable per persona, and you can revoke access at any time from the integration page.

How do I get started with Securitytrails on Definable?

Sign up for Definable, open the integrations page, find Securitytrails, and connect via OAuth or API key. You can immediately attach Securitytrails to any persona and start running workflows. The free Starter plan includes 5,000 credits/month.

What Securitytrails actions does Definable expose?

Definable exposes all 12 Securitytrails actions as callable tools — including `Bulk Static Asset Rules`, `Get Company Associated IPs`, `Get Domain Details`, plus 9 more. Each tool gets a typed parameter schema so personas know exactly how to call it.

Ready to automate with Securitytrails?

Wire it up in minutes. No coding required.

Start for free Schedule a demo
← All integrations