MISP
/
misp-modules
mirror of https://github.com/MISP/misp-modules
2
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

fix: Quick fix on siblings & url parsing

pull/322/head
chrisr3d 3 years ago
parent
9aa721bc37
commit
729c86c336
No known key found for this signature in database GPG Key ID: 6BBED1B63A6D639F
1 changed files with 6 additions and 5 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 11
      misp_modules/modules/expansion/virustotal_public.py

11
misp_modules/modules/expansion/virustotal_public.py
View File

@ -29,9 +29,10 @@ class VirusTotalParser():
def parse_urls(self, query_result):
for feature in ('detected_urls', 'undetected_urls'):
for url in query_result[feature]:
value = url['url'] if isinstance(url, dict) else url
self.misp_event.add_attribute('url', value)
if feature in query_result:
for url in query_result[feature]:
value = url['url'] if isinstance(url, dict) else url
self.misp_event.add_attribute('url', value)
def parse_resolutions(self, resolutions, subdomains=None, uuids=None):
domain_ip_object = MISPObject('domain-ip')
@ -87,9 +88,9 @@ class DomainQuery(VirusTotalParser):
self.parse_resolutions(query_result['resolutions'], query_result['subdomains'], siblings)
self.parse_urls(query_result)
def parse_siblings(domain):
def parse_siblings(self, domain):
attribute = MISPAttribute()
attribute.from_dict(dict(type='domain', value=domain))
attribute.from_dict(**dict(type='domain', value=domain))
self.misp_event.add_attribute(**attribute)
return attribute.uuid

Write Preview
Loading…
Cancel
Save