MISP
/
misp-modules
mirror of https://github.com/MISP/misp-modules
2
0
Fork 0
Code Issues Releases Wiki Activity

chg: Getting domain siblings attributes uuid for further references

Browse Source
pull/322/head
chrisr3d 4 years ago
parent a61d09db8b
commit 8de350744b
No known key found for this signature in database
GPG Key ID: 6BBED1B63A6D639F
1 changed files with 7 additions and 2 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 9
      misp_modules/modules/expansion/virustotal_public.py

9
misp_modules/modules/expansion/virustotal_public.py
Unescape View File

@ -79,10 +79,15 @@ class DomainQuery(VirusTotalParser):
whois_object = MISPObject(whois)
whois_object.add_attribute('text', type='text', value=query_result[whois])
self.misp_event.add_object(**whois_object)
siblings = (self.parse_siblings(domain) for domain in query_result['domain_siblings'])
self.parse_resolutions(query_result['resolutions'], query_result['subdomains'])
self.parse_urls(query_result)
for domain in query_result['domain_siblings']:
self.misp_event.add_attribute('domain', domain)
def parse_siblings(domain):
attribute = MISPAttribute()
attribute.from_dict(dict(type='domain', value=domain))
self.misp_event.add_attribute(**attribute)
return attribute.uuid
class HashQuery(VirusTotalParser):

Write Preview
Loading…
Cancel
Save