MISP
/
misp-modules
mirror of https://github.com/MISP/misp-modules
2
0
Fork 0
Code Issues Releases Wiki Activity

chg: Getting domain siblings attributes uuid for further references

pull/322/head
chrisr3d 2019-07-16 22:39:35 +02:00
parent a61d09db8b
commit 8de350744b
No known key found for this signature in database
GPG Key ID: 6BBED1B63A6D639F
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
misp_modules/modules/expansion/virustotal_public.py
View File

@ -79,10 +79,15 @@ class DomainQuery(VirusTotalParser):
whois_object = MISPObject(whois)
whois_object.add_attribute('text', type='text', value=query_result[whois])
self.misp_event.add_object(**whois_object)
siblings = (self.parse_siblings(domain) for domain in query_result['domain_siblings'])
self.parse_resolutions(query_result['resolutions'], query_result['subdomains'])
self.parse_urls(query_result)
for domain in query_result['domain_siblings']:
self.misp_event.add_attribute('domain', domain)
def parse_siblings(domain):
attribute = MISPAttribute()
attribute.from_dict(dict(type='domain', value=domain))
self.misp_event.add_attribute(**attribute)
return attribute.uuid
class HashQuery(VirusTotalParser):