mirror of https://github.com/MISP/PyMISP
new: Add bindings to PyMISPWarninglists
Raphaël Vinot
parent
837372cf3e
commit
250190e8a8
|
|
@ -0,0 +1,22 @@
|
||||||
|
#!/usr/bin/env python
|
||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
|
||||||
|
from pymisp import PyMISP
|
||||||
|
from pymisp.tools import load_warninglists
|
||||||
|
import argparse
|
||||||
|
from keys import misp_url, misp_key
|
||||||
|
|
||||||
|
|
||||||
|
if __name__ == '__main__':
|
||||||
|
|
||||||
|
parser = argparse.ArgumentParser(description='Load the warninglists.')
|
||||||
|
parser.add_argument("-p", "--package", action='store_true', help="from the PyMISPWarninglists package.")
|
||||||
|
parser.add_argument("-r", "--remote", action='store_true', help="from the MISP instance.")
|
||||||
|
|
||||||
|
args = parser.parse_args()
|
||||||
|
|
||||||
|
if args.package:
|
||||||
|
print(load_warninglists.from_package())
|
||||||
|
elif args.remote:
|
||||||
|
pm = PyMISP(misp_url, misp_key)
|
||||||
|
print(load_warninglists.from_instance(pm))
|
||||||
|
|
@ -39,6 +39,7 @@ try:
|
||||||
from .tools import Neo4j # noqa
|
from .tools import Neo4j # noqa
|
||||||
from .tools import stix # noqa
|
from .tools import stix # noqa
|
||||||
from .tools import openioc # noqa
|
from .tools import openioc # noqa
|
||||||
|
from .tools import load_warninglists # noqa
|
||||||
logger.debug('pymisp loaded properly')
|
logger.debug('pymisp loaded properly')
|
||||||
except ImportError as e:
|
except ImportError as e:
|
||||||
logger.warning('Unable to load pymisp properly: {}'.format(e))
|
logger.warning('Unable to load pymisp properly: {}'.format(e))
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,26 @@
|
||||||
|
#!/usr/bin/env python
|
||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
|
||||||
|
try:
|
||||||
|
from pymispwarninglists import WarningLists
|
||||||
|
has_pymispwarninglists = True
|
||||||
|
except ImportError:
|
||||||
|
has_pymispwarninglists = False
|
||||||
|
|
||||||
|
|
||||||
|
def from_instance(pymisp_instance, slow_search=False):
|
||||||
|
"""Load the warnindlist from an existing MISP instance
|
||||||
|
:pymisp_instance: Already instantialized PyMISP instance."""
|
||||||
|
|
||||||
|
warninglists_index = pymisp_instance.get_warninglists()['Warninglists']
|
||||||
|
all_warningslists = []
|
||||||
|
for warninglist in warninglists_index:
|
||||||
|
wl = pymisp_instance.get_warninglist(warninglist['Warninglist']['id'])['Warninglist']
|
||||||
|
wl['list'] = wl.pop('WarninglistEntry')
|
||||||
|
all_warningslists.append(wl)
|
||||||
|
|
||||||
|
return WarningLists(slow_search, all_warningslists)
|
||||||
|
|
||||||
|
|
||||||
|
def from_package(slow_search=False):
|
||||||
|
return WarningLists(slow_search)
|
||||||
Loading…
Reference in New Issue