add ipdex in CTI getting started

AlteredCoder · AlteredCoder · commit 6fb78d3db294 · 2025-05-12T16:47:54.000+02:00
diff --git a/crowdsec-docs/unversioned/cti_api/getting_started.mdx b/crowdsec-docs/unversioned/cti_api/getting_started.mdx
@@ -48,6 +48,8 @@ On the next page you can create an API key by clicking the `+ New Key` button.
 
 ## Accessing the API
 
+### cURL
+
 You can test your newly created API key by running the following command in your terminal:
 
 :::info
@@ -216,6 +218,69 @@ And the default output looks something like this:
 
 </details>
 
+### ipdex
+
+You can interact with the CrowdSec CTI API with the [`ipdex`](https://github.com/crowdsecurity/ipdex) tool.
+
+First, initiliaze the tool with your API key:
+
+```console
+ipdex init
+```
+
+And then analyze an IP or a file of IPs:
+
+```console
+ipdex 193.105.134.155
+```
+
+<details>
+
+<summary>Command Output</summary>
+
+```console
+IP Information
+
+IP                       	193.105.134.155
+Reputation               	malicious
+Confidence               	high
+Country                  	SE 🇸🇪
+Autonomous System        	w1n ltd
+Reverse DNS              	N/A
+Range                    	193.105.134.0/24
+First Seen               	2023-06-23T01:15:00
+Last Seen                	2025-05-11T11:15:00
+Console URL              	https://app.crowdsec.net/cti/193.105.134.155
+Last Local Refresh       	2025-05-12 16:44:21
+
+Threat Information
+
+Behaviors
+                         	HTTP Scan
+                         	HTTP Bruteforce
+                         	SSH Bruteforce
+                         	... and 2 more
+
+
+Classifications
+                         	Spoofed User Agent
+                         	TOR exit node
+                         	VPN or Proxy
+                         	... and 1 more
+
+
+Blocklists
+                         	Extended AI-Detected VPN/Proxy
+                         	CrowdSec Intelligence Blocklist
+
+Target countries
+     🇺🇸 US             		29%
+     🇩🇪 DE             		15%
+     🇵🇱 PL             		12%
+                         	... and 2 more
+```
+</details>
+
 <AcademyPromo
   image="crowdsec_threat_intelligence.svg"
   description="Watch a short series of videos on how to get the most out of CrowdSec’s Cyber Threat Intelligence database"
