diff --git a/.travis.yml b/.travis.yml index 3c32c65..d9d892f 100644 --- a/.travis.yml +++ b/.travis.yml @@ -2,12 +2,14 @@ language: python cache: pip +services: + - redis-server + addons: apt: packages: - libpq5 - python: - "3.3" - "3.4" diff --git a/REQUIREMENTS b/REQUIREMENTS index 0ae676b..724c659 100644 --- a/REQUIREMENTS +++ b/REQUIREMENTS @@ -6,3 +6,4 @@ passivetotal PyPDNS pypssl redis +pyeupi diff --git a/modules/expansion/eupi.py b/modules/expansion/eupi.py new file mode 100755 index 0000000..957881f --- /dev/null +++ b/modules/expansion/eupi.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- + +import json +from pyeupi import PyEUPI + +misperrors = {'error': 'Error'} +mispattributes = {'input': ['hostname', 'domain', 'url'], 'output': ['freetext']} +moduleinfo = {'version': '0.1', 'author': 'Raphaƫl Vinot', + 'description': 'Query the Phishing Initiative service (https://phishing-initiative.lu)', + 'module-type': ['expansion', 'hover']} + +moduleconfig = ['apikey', 'url'] + + +def handler(q=False): + if q is False: + return False + request = json.loads(q) + if request.get('hostname'): + toquery = request['hostname'] + elif request.get('domain'): + toquery = request['domain'] + elif request.get('url'): + toquery = request['url'] + else: + misperrors['error'] = "Unsupported attributes type" + return misperrors + + if not request.get('config') and not (request['config'].get('apikey') and request['config'].et('url')): + misperrors['error'] = 'Phishing Initiative authentication is missing' + return misperrors + + p = PyEUPI(request['config']['apikey'], request['config']['url']) + results = p.search_url(url=toquery) + + if results.get('results'): + to_return = '' + for r in results['results']: + if r['tag_label'] != 'phishing': + continue + to_return += ' {} {} {} '.format(r['url'], r['domain'], r['ip']) + + r = {'results': [{'types': mispattributes['output'], 'values': to_return}]} + return r + + +def introspection(): + return mispattributes + + +def version(): + moduleinfo['config'] = moduleconfig + return moduleinfo