mirror of https://github.com/MISP/misp-modules
Sebdraven
parent
1def6e3f06
commit
1209cd3a75
|
|
@ -13,4 +13,7 @@ docs/export_mod*
|
|||
site*
|
||||
|
||||
#pycharm env
|
||||
.idea/*
|
||||
.idea/*
|
||||
|
||||
#venv
|
||||
venv*
|
||||
|
|
@ -17,23 +17,54 @@ moduleinfo = {'version': '1', 'author': 'Sebastien Larinier @sebdraven',
|
|||
moduleconfig = ['apikey', 'url']
|
||||
|
||||
|
||||
class Yeti:
|
||||
class Yeti(pyeti.YetiApi):
|
||||
|
||||
def __init__(self, url, key):
|
||||
self.api = pyeti.YetiApi(url, api_key=key)
|
||||
super(Yeti, self).__init__(url, key)
|
||||
self.dict = {'Ip': 'ip-src', 'Domain': 'domain', 'Hostname': 'hostname'}
|
||||
|
||||
def search(self, value):
|
||||
obs = self.api.observable_search(value=value)
|
||||
obs = self.observable_search(value=value)
|
||||
if obs:
|
||||
return obs
|
||||
return obs[0]
|
||||
|
||||
def get_neighboors(self, obs_id):
|
||||
neighboors = self.neighbors_observables(obs_id)
|
||||
if neighboors and 'objs' in neighboors:
|
||||
for n in neighboors:
|
||||
yield n
|
||||
|
||||
def get_tags(self, value):
|
||||
obs = self.search(value)
|
||||
if obs:
|
||||
for t in obs['tags']:
|
||||
yield t
|
||||
|
||||
def get_entity(self, obs_id):
|
||||
companies = self.observable_to_company(obs_id)
|
||||
actors = self.observable_to_actor(obs_id)
|
||||
campaigns = self.observable_to_campaign(obs_id)
|
||||
exploit_kit = self.observable_to_exploitkit(obs_id)
|
||||
exploit = self.observable_to_exploit(obs_id)
|
||||
ind = self.observable_to_indicator(obs_id)
|
||||
|
||||
res = []
|
||||
res.extend(companies)
|
||||
res.extend(actors)
|
||||
res.extend(campaigns)
|
||||
res.extend(exploit)
|
||||
res.extend(exploit_kit)
|
||||
res.extend(ind)
|
||||
|
||||
for r in res:
|
||||
yield r['name']
|
||||
|
||||
def handler(q=False):
|
||||
if q is False:
|
||||
return False
|
||||
request = json.loads(q)
|
||||
attribute = request['attribute']
|
||||
print(attribute)
|
||||
|
||||
|
||||
def version():
|
||||
|
|
|
|||
Loading…
Reference in New Issue