Python源码示例:OTXv2.OTXv2()
示例1
def otx(self):
otx_server = 'https://otx.alienvault.com/'
otx_conn = OTXv2(self.otx_api_key, server=otx_server)
domains = []
try:
query = otx_conn.get_indicator_details_full(IndicatorTypes.DOMAIN, self.artifact['name'])
domain_info = query['url_list']['url_list']
for item in domain_info:
if item['hostname'] not in domains:
domains.append(item['hostname'])
except Exception as err:
warning('Caught unknown exception: %s' % str(err))
self.artifact['data']['dnsbrute']['otx'] = domains
示例2
def connect(self, params):
api_key, otx_server = params.get(Input.API_KEY).get("secretKey", None), params.get(Input.URL)
try:
self.client = OTXv2(api_key, server=otx_server)
except Exception as e:
raise Exception(f"An error has occurred while connecting: {e}")
示例3
def __init__(self, *args, **kwargs):
super(OtxFeed, self).__init__(*args, **kwargs)
self.otx = OTXv2(yeti_config.get('otx', 'key'))
self.get_pulses()
示例4
def __init__(self):
self.otx = OTXv2(API_KEY, server=OTX_SERVER)
示例5
def setUp(self, api_key=''):
self.maxDiff = None
self.api_key = api_key or ALIEN_API_APIKEY
self.otx = OTXv2(self.api_key, server=ALIEN_DEV_SERVER)
示例6
def setUpClass(cls):
cls.otx2 = OTXv2(create_user(cls.user1, "password", cls.user1 + "@aveng.us", group_ids=[51, 64, 2931]), server=ALIEN_DEV_SERVER)
示例7
def setUpClass(cls):
for u in [cls.user1, cls.user2]:
cls.otx[u] = OTXv2(create_user(u, "password", u + "@aveng.us"), server=ALIEN_DEV_SERVER)
示例8
def test_user_agent(self):
o = OTXv2(self.api_key, server=ALIEN_DEV_SERVER, project='foo')
self.assertEqual(o.headers['User-Agent'], 'OTX Python foo/1.5.10')
o = OTXv2(self.api_key, server=ALIEN_DEV_SERVER, user_agent='foo')
self.assertEqual(o.headers['User-Agent'], 'foo')
示例9
def Search(self):
mod.display(self.module_name, "", "INFO", "Search in Alienvault OTX ...")
try:
if "otx_api_keys" in self.config:
otx = OTXv2(self.config["otx_api_keys"])
if self.type == "IPv4":
indicator = IndicatorTypes.IPv4
if self.type == "IPv6":
indicator = IndicatorTypes.IPv6
if self.type == "domain":
indicator = IndicatorTypes.DOMAIN
if self.type == "URL":
indicator = IndicatorTypes.URL
if self.type == "MD5":
indicator = IndicatorTypes.FILE_HASH_MD5
if self.type == "SHA1":
indicator = IndicatorTypes.FILE_HASH_SHA1
if self.type == "SHA256":
indicator = IndicatorTypes.FILE_HASH_SHA256
result = otx.get_indicator_details_full(indicator, self.ioc)
else:
mod.display(self.module_name,
self.ioc,
message_type="ERROR",
string="Please check if you have otx_api_keys field in btg.cfg")
return None
except:
mod.display(self.module_name,
self.ioc,
"ERROR",
"Could not perform the request, either you did not fill the otx_api_keys field or the key maximum request is reached")
return None
try:
if self.ioc == str(result["general"]["indicator"]):
_id = str(result["general"]["pulse_info"]["pulses"][0]["id"])
tags = ""
for tag in result["general"]["pulse_info"]["pulses"][0]["tags"]:
tags = tags + "%s " % tag
mod.display(self.module_name,
self.ioc,
"FOUND",
"Tags: %s| https://otx.alienvault.com/pulse/%s/" % (tags, _id))
except:
mod.display(self.module_name,
self.ioc,
message_type="NOT_FOUND",
string="Nothing found in OTX")
return None
