Commit Graph

370 Commits (57d49f9cd864cb0cee92544673c174b1f99d2d2a)

Author SHA1 Message Date
Raphaël Vinot 8f4040b806 new: Hashlookup integration 2021-11-30 14:59:48 +01:00
Raphaël Vinot 26948ed025 new: free text for UA, change order on capture page 2021-11-25 19:36:01 -05:00
Raphaël Vinot 58b50f2b24 new: Pass optional arbitrary HTTP headers to capture 2021-11-23 12:59:56 -08:00
Raphaël Vinot 4042ee9116 new: Add CORS config to submit 2021-11-08 16:47:39 -08:00
Raphaël Vinot b4771f63a7 new: config option to make capture private by default, better working on capture page
Related #279
2021-10-26 10:47:06 -04:00
Raphaël Vinot 9c9e26dde5 chg: Improve capture page
Related to #279
2021-10-25 17:19:58 -04:00
Raphaël Vinot 1f998b457f chg: use template 2021-10-18 13:06:43 +02:00
Raphaël Vinot 1a0fe677ab fix: Copy bodies before sending them over.
send_file in flask close the BytesIO, causing issue if we need to
re-access it.
2021-09-29 15:00:10 +02:00
Raphaël Vinot 6e9e3990c4 fix: Indexes not updated on tree rebuild, better handling of tree cache 2021-09-24 16:16:41 +02:00
Raphaël Vinot 48fc807e7d new: Add monitoring for pickle cache status 2021-09-24 12:02:28 +02:00
Raphaël Vinot 87c6925c7b new: IPs lookup against phishtank 2021-09-23 13:58:40 +02:00
Raphaël Vinot 404f9a3112 fix: Avoid exception if none key 2021-09-17 10:06:59 +02:00
Raphaël Vinot e7d9c1cb1a fix: return error message if urlscan isn't able to run the capture. 2021-09-17 09:51:52 +02:00
Raphaël Vinot cefb3fddbf new: Phishtank lookup. 2021-09-16 16:33:44 +02:00
Raphaël Vinot 39c7d14264 fix: make mypy happy 2021-09-08 12:50:56 +02:00
Raphaël Vinot cc4beeef35 fix: Pass listing (y/n) and proper referer to subsequent captures 2021-09-08 12:24:00 +02:00
Raphaël Vinot 902c8f81b6 chg: Improve error message if the capture fails
Fix #257
2021-09-07 18:16:01 +02:00
Raphaël Vinot dfbe40a52e chg: reorder imports 2021-09-07 16:00:07 +02:00
Raphaël Vinot 60f4a09d28 fix: Avoid "None" in URL field if no predefined URL is given. 2021-09-03 17:07:48 +02:00
Raphaël Vinot e213cb5ae8 fix: make mypy happy. 2021-09-03 17:05:26 +02:00
Raphaël Vinot dcfd9cc6a9 new: Re-capture a URL and change parameters. 2021-09-03 16:57:48 +02:00
Raphaël Vinot 7ea37ec617 fix: Avoid exception if capture finishes between two calls. 2021-09-01 16:57:20 +02:00
Raphaël Vinot c09adec333 chg: Improve logging. 2021-09-01 14:08:25 +02:00
Raphaël Vinot d41b7735dd chg: Improve storage, support both modes. 2021-08-26 15:49:19 +02:00
Raphaël Vinot bf700e7a7b chg: Major refactoring, move capture code to external script. 2021-08-25 13:36:48 +02:00
Raphaël Vinot 81390d5ea0 chg: cleanup in the mail lookyloo class 2021-08-24 18:32:54 +02:00
Raphaël Vinot 725a43cc44 new: Trigger a capture with a GET request from a browser.
Fix #248
2021-08-18 10:53:32 +02:00
Raphaël Vinot 9ff2bf8157 fix: avoid exception if submission is missing 2021-08-13 16:24:34 +02:00
Raphaël Vinot 3436f5bd4e chg: Improve urlscan support, get results. 2021-08-11 15:26:12 +02:00
Raphaël Vinot 7933670941 new: Integration with urlscan.io 2021-08-10 17:38:47 +02:00
Raphaël Vinot cc2e5a4159 Merge branch 'main' into restx 2021-07-05 09:54:37 +02:00
Raphaël Vinot 6abdd2db9a new: Add referer on details view 2021-06-29 11:18:10 -07:00
felalex 6a7787d8af fix: error in case of invalid proxy + username/password support 2021-06-29 18:00:44 +02:00
felalex a04d224c79 new: trying toget proxy field from /capture 2021-06-22 18:39:14 +02:00
Raphaël Vinot 1a9d409d90 Merge branch 'main' into restx 2021-06-17 09:51:57 -07:00
Raphaël Vinot c89689374e new: SRI validation on resources 2021-06-16 17:36:01 -07:00
Raphaël Vinot 7053ca7994
Merge branch 'main' into restx 2021-06-11 12:12:59 -07:00
Raphaël Vinot 89026e8f3b chg: move mypy config to pyproject 2021-06-11 10:15:03 -07:00
Raphaël Vinot c52509614e new: get capture info API call 2021-06-09 17:59:24 -07:00
Raphaël Vinot 810cceb263 new: Add more calls to the API, cleanup 2021-06-07 15:37:11 -07:00
Raphaël Vinot e5b76b3a2f chg: Move API into a new file, cleanup 2021-06-07 13:12:23 -07:00
Raphaël Vinot 7bf0b78754 new: Use flask-restx for the API 2021-06-04 17:30:14 -07:00
Raphaël Vinot 8c62a597e7 fix: Make mypy happy 2021-06-01 16:06:24 -07:00
Raphaël Vinot 3071a1a7c9 new: Add MISP lookup 2021-06-01 15:31:14 -07:00
Raphaël Vinot 53ef253c94 chg: Improve MISP push 2021-05-31 13:27:25 -07:00
Raphaël Vinot 53bc8324cd new: reference to parent on tree (if exists) 2021-05-27 15:23:04 -07:00
Raphaël Vinot 315a2733c3 new: Tickbox to confirm notification 2021-05-26 12:07:47 -07:00
Raphaël Vinot 8a5b1f263e new: Fake field to avoid dumb bots 2021-05-25 13:20:28 -07:00
Raphaël Vinot 11f05626b5 chg: Improve module auto trigger 2021-05-19 15:03:07 -07:00
Raphaël Vinot 7b4f5bd6d2 new: feature to hide captures with error 2021-05-19 10:18:43 -07:00
Raphaël Vinot 925bb9d48e new: priority for captures 2021-05-18 14:58:56 -07:00
Raphaël Vinot 3614a47275 chg: Make mypy happy 2021-05-17 18:29:46 -07:00
Raphaël Vinot bb214d9e2b chg: Use keywords only paramaters when relevant 2021-05-17 17:08:43 -07:00
Raphaël Vinot 5ee62d157f chg: Properly handle capture parents, avoid duplicates 2021-05-14 14:25:37 -07:00
Raphaël Vinot 1d5925d755 new: Keep captures parent, use extends in MISP export 2021-05-12 13:30:07 -07:00
Raphaël Vinot a47615fb0a chg: Make mypy happy 2021-05-11 22:09:07 -07:00
Raphaël Vinot 64d1ed785b fix: Blur cropped screenshot if too big
Fix #196
2021-04-28 18:13:10 +02:00
Raphaël Vinot 3389dcafd6 new: Add support for uwhoisd 2021-04-26 00:52:08 +02:00
Raphaël Vinot 39e894b7b0 fix: body hash page on direct access 2021-04-20 17:32:22 +02:00
Raphaël Vinot 9952e4de32 fix: remove UA - IP mapping from redis 2021-04-18 17:58:16 +02:00
Raphaël Vinot be1ca8d088 new: Disable FLoC 2021-04-18 01:43:50 +02:00
Raphaël Vinot dcc7cd1351 fix: Typos 2021-04-09 14:34:20 +02:00
Raphaël Vinot 7707d638cf new: Use async capture for the UI.
Add a method to make sure splash is up before trying to capture.
2021-04-08 19:15:53 +02:00
Raphaël Vinot 4d23d7ac36 chg: Remove extra code, return unziped resources 2021-04-08 01:05:11 +02:00
Raphaël Vinot ca0bd97689 new: Wait page when a capture is queued/ongoing 2021-04-01 18:51:42 +02:00
Raphaël Vinot b6ea1c24db new: Query capture status 2021-03-31 19:25:57 +02:00
Raphaël Vinot a8711a18f1 fix: Make mypy happy 2021-03-30 16:43:57 +02:00
Raphaël Vinot 9f88edd74d new: Check if an event with the same lookyloo capture is already on MISP
Fix #181
2021-03-30 16:32:04 +02:00
Raphaël Vinot 094b69f9b9 fix: Make cookie samesite only 2021-03-30 01:10:18 +02:00
Raphaël Vinot 9845f60322 fix: Pass the UA in bulk captures 2021-03-19 22:29:13 +01:00
Raphaël Vinot 2a55461286 new: Capture an URL on the rendered page, keep the session (WiP) 2021-03-19 17:52:20 +01:00
Raphaël Vinot cd7b050cb0 chg: rename and cleanup methods 2021-03-18 18:47:54 +01:00
Raphaël Vinot 25c1a6dbce chg: Use sorted cache whenever possible 2021-03-18 15:39:55 +01:00
Raphaël Vinot a909346fc1 fix: mypy error 2021-03-18 00:50:42 +01:00
Raphaël Vinot 49ae4490b2 new: (hidden) interface to search for hostnames and URLs 2021-03-18 00:40:14 +01:00
Raphaël Vinot aec6fe2632 fix: Make mypy happy 2021-03-04 18:21:36 +01:00
Raphaël Vinot 3ed7608f16 chg: Improve ressources listing 2021-03-04 18:10:54 +01:00
Raphaël Vinot 4488a9a492 fix: do not fail if MISP is not working 2021-02-12 12:06:26 +01:00
Raphaël Vinot b91bbe5f07 new: Show preview of embeded ressources if it is an image. 2021-02-09 22:01:20 +01:00
Raphaël Vinot d711fd3644 fix: Make get legacy user config quiet 2021-02-05 15:24:11 +01:00
Raphaël Vinot 39dd2021dd chg: Complete rework of the login system, add UI for MISP Push 2021-02-04 19:51:43 +01:00
Raphaël Vinot f7dac21e71 fix: Do not fail if cache_clean_user is gone from config 2021-02-03 12:39:19 +01:00
Raphaël Vinot ddb43d909f new: Lightweight auth and api key system 2021-02-02 22:04:33 +01:00
Raphaël Vinot c358c08640 fix: Make mypy happy. 2021-01-28 19:28:54 +01:00
Raphaël Vinot acfb0d1c26 new: Add push to MISP feature 2021-01-28 18:37:47 +01:00
Raphaël Vinot c8cc56f78b chg: Improve support of self generated user-agents 2021-01-20 20:54:37 +01:00
Raphaël Vinot f0c7e42bd9 new: center tree on landing page 2021-01-20 01:28:54 +01:00
Raphaël Vinot 1da32c404e chg: Better handling of big screenshots 2021-01-18 14:19:19 +01:00
Raphaël Vinot f9d8081efa fix: hidden view 2021-01-18 13:26:02 +01:00
Raphaël Vinot 8bd874e2b0 new: Add variable width thumbnail method 2021-01-18 12:30:07 +01:00
Raphaël Vinot 05b106f14b fix: Pass public_domain to index 2021-01-17 12:54:16 +01:00
Raphaël Vinot 026e0b7269 new: Add OpenGraph cards 2021-01-17 12:41:01 +01:00
Raphaël Vinot 6149df06eb chg: Make the cache entries a dataclass
Fix #99
2021-01-14 17:12:23 +01:00
Raphaël Vinot d4a2e68ceb chg: Properly rebuild cache 2021-01-13 15:35:29 +01:00
Raphaël Vinot 0d68844c90 chg: Refactoring and documenting 2021-01-12 17:22:51 +01:00
Raphaël Vinot 7d182b8f4a chg: cleanup download of urls in rendered content
fix #148
2021-01-11 15:19:29 +01:00
Fafner [_KeyZee_] a48a345215
Adding final page title in the details of the tree 2021-01-08 19:36:31 +01:00
Raphaël Vinot 33326c2463 new: Extract URLs from rendered pages 2021-01-08 13:03:23 +01:00
Raphaël Vinot c492674194 new: Add tooltips on every icons in the popup 2021-01-01 22:47:34 +01:00
Raphaël Vinot 9b18370fe1 fix: Properly generate meta keys related to the User Agents 2020-12-22 19:16:46 +01:00
Raphaël Vinot fcae1d42d0 new: Show images in tooltip in hostnode popup 2020-12-22 18:23:39 +01:00
Raphaël Vinot 0d2edb8ae3 new: Allow to use user UA for capture 2020-12-10 17:23:37 +01:00
Raphaël Vinot 3c6eca3567 new: Add screenshot thumbnail on tree, move links to the end of the node 2020-12-09 19:11:19 +01:00
Raphaël Vinot fbbfa3082d chg: Fix typing 2020-12-07 20:54:33 +01:00
Raphaël Vinot 8eab287721 new: Initial implementation of MISP export 2020-12-07 20:50:46 +01:00
Raphaël Vinot d353463548 chg: Simplify modules activation 2020-12-03 12:33:35 +01:00
Raphaël Vinot 287fdeb8e6 chg: Disable bookmarks by default 2020-11-29 23:56:42 +01:00
Raphaël Vinot d2bd113ab8 chg: Cleanup on stats page 2020-11-25 15:27:34 +01:00
Fafner [_KeyZee_] 17e7701807
adding a page for stats \o/ 2020-11-25 12:07:01 +01:00
Raphaël Vinot d964549e56 fix: Typing, dump to json 2020-11-24 21:01:30 +01:00
Raphaël Vinot c54d29601d chg: Fix typing 2020-11-24 18:19:53 +01:00
Fafner [_KeyZee_] a172c1f58a
adding a new api entry: stats 2020-11-24 16:46:57 +01:00
Raphaël Vinot a117a91341 new: Add feature to automatically trigger the modules on tree load 2020-11-22 23:23:42 +01:00
Raphaël Vinot 354f269218 new: Integrate categorization in indexing 2020-11-09 16:02:54 +01:00
Raphaël Vinot 8b00cf8801 chg: Document email notigication, disable URL entry points for disabled features
Fix #121
2020-11-05 16:08:19 +01:00
Raphaël Vinot 171cd4ecd2 chg: Pass max depth as parameter in the capture page
Related to #117
2020-11-03 19:26:28 +01:00
Raphaël Vinot 99c939fd7f chg: Rename scrape -> capture everywhere
Related to #118
2020-11-03 16:34:52 +01:00
Raphaël Vinot 5f4a97e11b fix: Typing meta 2020-10-29 14:19:17 +01:00
Raphaël Vinot da85aa0fb7 fix: Pre-sort entries on index 2020-10-29 13:29:13 +01:00
Raphaël Vinot 2802cfd46c new: Add captures categorization 2020-10-28 18:49:15 +01:00
Raphaël Vinot 068c92d5a4 new: API to query hostnames 2020-10-27 01:42:00 +01:00
Raphaël Vinot 39f88e9121 new: API to query URLs 2020-10-27 00:02:18 +01:00
Raphaël Vinot bdc0488e38 new: Hash lookup method 2020-10-23 20:51:15 +02:00
Raphaël Vinot fa56a3e1f0 chg: Cleanup UI, bump deps 2020-10-21 12:22:50 +02:00
Raphaël Vinot 4f52804361 chg: Make new version of mypy happy 2020-10-12 12:15:07 +02:00
Raphaël Vinot 90a9ff9bb5 chg: Refactoring, add get_hashes 2020-10-09 18:05:25 +02:00
Raphaël Vinot be2cd18d2b chg: Cleanup mypy config 2020-10-01 11:48:00 +02:00
Raphaël Vinot ef6eb1c253 new: Initial support for CNAME lookups 2020-09-25 17:23:10 +02:00
Raphaël Vinot 7a34095d9c new: Config option for Flask IP and Port, reorganize config loading 2020-09-21 16:41:30 +02:00
Raphaël Vinot 09a4ccd62e fix: require login when marking a whole tree as legitimate 2020-09-15 01:38:20 +02:00
Raphaël Vinot b06f02e101 new: Expose rendered content on hostnode page 2020-09-09 15:04:21 +02:00
Raphaël Vinot 9f4c77d5d2 chg: Cleanups, allow to add context from ressources page 2020-09-03 16:32:53 +02:00
Raphaël Vinot 407a9a5511 new: Download ressource from ressources page 2020-09-03 14:39:38 +02:00
Raphaël Vinot 370fda48e2 chg: disable mark capture as legitimate on public instance 2020-09-01 18:37:49 +02:00
Raphaël Vinot 8f242549fc chg: Allow to disable user context form 2020-08-31 16:34:28 +02:00
Raphaël Vinot 99550f439e fix: Typing 2020-08-28 18:26:47 +02:00
Raphaël Vinot 6866b49c87 chg: Add support for legitimate content context 2020-08-28 18:24:14 +02:00
Raphaël Vinot 97b5b2d77f chg: Working prototype for user-defined context 2020-08-28 18:03:52 +02:00
Raphaël Vinot c75b9e65fe chg: Remove known content from SaneJS module 2020-08-25 15:51:08 +02:00
Raphaël Vinot c5aabcf4a3 new: Initial commit to mark body responses as legitimate/malicious 2020-08-20 19:39:03 +02:00
Raphaël Vinot fa57435433 chg: Sanity check in email send 2020-08-20 15:05:27 +02:00
Raphaël Vinot b6c6c7756e new: Optionally blur screenshots by default (public instances) 2020-08-13 15:56:46 +02:00
Raphaël Vinot 2873773ee7 new: trigger to hide a capture from the front page (admin only) 2020-08-10 12:35:16 +02:00
Raphaël Vinot ed8ad7b945 new: Waiting messages on scraping page. 2020-08-07 17:06:25 +02:00
Raphaël Vinot b85c2b85a3 chg: Add status code description 2020-08-07 13:11:16 +02:00
Raphaël Vinot c949320aa6 new: Add link to download redirects on tree page 2020-08-07 11:58:20 +02:00
Raphaël Vinot 90843eb8dc new: Initial display of redirect on popup page 2020-07-29 14:00:46 +02:00
Raphaël Vinot 1ca8bc168c chg: pretty print json when possible. 2020-07-23 16:09:49 +02:00
Raphaël Vinot 09d04e0835 chg: More UI fixes 2020-07-17 18:39:50 +02:00
Raphaël Vinot b4e5d1be08 chg: Fix a bunch of views, make icons clickable. 2020-07-16 01:08:39 +02:00
Raphaël Vinot 89725b8ed0 new: Download embedded resource 2020-07-11 02:10:56 +02:00
Raphaël Vinot 23419a31b9 fix: cleanup 2020-07-08 15:52:26 +02:00
Raphaël Vinot 34a5dff055 chg: Refactoring, use capture UUID insted of path as reference for public methods 2020-07-08 15:51:45 +02:00
Raphaël Vinot a4bc2b2818 new: Improve hostnode popup, center tree on node 2020-07-08 15:51:45 +02:00
Raphaël Vinot 29c78d3485 chg: Cleanup and improve index rendering 2020-07-08 15:51:45 +02:00
Raphaël Vinot 7772706262 new: Display body hashes matches on hostnode page 2020-07-08 15:51:01 +02:00
Raphaël Vinot 6bb26c4358 new: Initial support for body hashes index 2020-07-08 15:51:01 +02:00
Raphaël Vinot e6c9f6dada new: Add capture meta on the related cookies page 2020-07-08 15:42:13 +02:00
Raphaël Vinot 5ae7f0f7e4 new: Initial version of cookies indexing 2020-07-08 15:42:13 +02:00
Raphaël Vinot 33fb74ae83 new: Add referer to initial URL 2020-07-08 00:37:29 +02:00
Raphaël Vinot 760b479059 fix: Skip buggy captures on index 2020-07-06 15:45:29 +02:00
Raphaël Vinot 1d77a2001e chg: Bump deps, improve error handling 2020-07-03 18:25:16 +02:00
Raphaël Vinot 05de56022f chg: Use capture UUID as a reference everywhere 2020-06-29 12:01:31 +02:00
Raphaël Vinot fa935a6773 new: Add query for redirects in client 2020-06-26 18:11:22 +02:00
Raphaël Vinot ee29a638dd new: API Endpoint - redirects 2020-06-26 12:07:25 +02:00
Raphaël Vinot c81a0c7438 fix: Log real IP if the header is given by the reverse proxy 2020-06-26 10:54:35 +02:00
Raphaël Vinot 98495c40a9 chg: Make mypy happy 2020-06-25 17:08:11 +02:00
Raphaël Vinot cde3d29892 new: Add option to use User agents of the Lookyloo users for scraping 2020-06-25 16:43:58 +02:00
Raphaël Vinot 285a0cf727 new: Phishing Initiative module 2020-06-09 15:06:35 +02:00
Raphaël Vinot 0751321e9b new: Cookies investigation 2020-06-04 18:23:36 +02:00
Raphaël Vinot 5ebb35c161 new: Add redirects in notifications, optional reply-to 2020-05-27 15:15:45 +02:00
Raphaël Vinot ccad142dd0 chg: Improve hostname popup 2020-05-27 12:38:25 +02:00
Raphaël Vinot 3a3be0cb46 new: Add handles for cookies 2020-05-26 17:45:04 +02:00
Raphaël Vinot e29f2d93af chg: Fix typing 2020-05-25 15:39:12 +02:00
Raphaël Vinot 806c738fcd fix: Do not fail if sanejs isn't enabled 2020-05-25 15:13:09 +02:00
Raphaël Vinot 0876117e90 chg: UI improvement, support sanejs not configured 2020-05-25 14:42:13 +02:00
Raphaël Vinot 876352c2f7 chg: Improve pop-up, cleanup old code. 2020-05-23 03:37:24 +02:00
Raphaël Vinot d04db67d2d Improve hostname popup 2020-05-22 17:36:22 +02:00
Raphaël Vinot 83aef5d680 chg: Fix typing 2020-05-21 23:46:35 +02:00
Raphaël Vinot 3b631f2c92 chg: Improve popup, remove session. 2020-05-20 19:11:15 +02:00
Raphaël Vinot c3bf87beca chg: Improve popup, make sanejs a module, cache 2020-05-19 17:47:55 +02:00
Raphaël Vinot 72afeb5f81 new: WiP - hostname details in popup 2020-05-18 18:35:20 +02:00
Raphaël Vinot 466cb5fcd5 chg: Improve typing 2020-05-18 18:32:59 +02:00
Raphaël Vinot d3971cc47c new: Add stats 2020-05-13 17:31:27 +02:00
Raphaël Vinot cd972076b5 new: Add url to do a full export, and get the page 2020-05-12 16:53:10 +02:00
Raphaël Vinot 6781d5f02e fix: Comment in send mail form 2020-05-11 19:58:46 +02:00
Raphaël Vinot 754ae9354d new: Add email notification feature 2020-05-11 19:01:06 +02:00
Raphaël Vinot 1593e1234b new: Alternative index to see the hidden captures. 2020-04-23 00:12:10 +02:00
Raphaël Vinot 95532530f7 chg: Make mypy happy 2020-04-22 15:54:02 +02:00
Raphaël Vinot ccd73c302a chg: Properly handle proxied setups 2020-04-22 14:58:01 +02:00
Raphaël Vinot 5d07723809 new: Make it possible to strip older captures from the index 2020-04-22 12:03:10 +02:00
Raphaël Vinot ae49fd2c11 new: Add support to pass more parameters via the API 2020-04-21 18:41:57 +02:00
Raphaël Vinot a0c906d3dc new: Initial view for 3rd party modules 2020-04-20 16:41:42 +02:00
Raphaël Vinot 178f14a44a chg: Display time using browser locale
Fix #70
2020-04-08 12:04:37 +02:00
Raphaël Vinot de7f50c3b0 chg: Improve logging 2020-04-03 17:51:58 +02:00
Raphaël Vinot 1c2cdad38b new: Allow admin to rebuild cache 2020-04-01 17:44:06 +02:00
Raphaël Vinot 17c3473d95 new: Add config files, initial support for 3rd party modules 2020-03-31 14:12:57 +02:00
Raphaël Vinot 949ad58667 chg: Refactoring of the redirects, rename report -> capture 2020-03-26 01:56:24 +01:00
Raphaël Vinot f26a02ef86 new: Add link redirects on index 2020-03-23 12:45:57 +01:00
Raphaël Vinot 9aa995092e chg: Improve error notification 2020-03-17 15:27:04 +01:00