Beispiel #1
0
def LaunchModules(SearchString):
    LOG.info("Proceeding to OSINT modules launch")
    try:
        # If more than one search word
        if ',' in SearchString:
            SearchString_list = [
                SearchString.strip(' ')
                for SearchString in SearchString.split(',')
            ]
        else:
            SearchString_list = [SearchString]
    except:
        err = sys.exc_info()
        LOG.error("SearchString error " + str(err))

    ###################
    # URLScan module #
    ###################
    ModuleUrlscan = CONF.URLSCAN_active
    if ModuleUrlscan is True:
        from modules.urlscan import UrlscanOSINT, UrlscanExtractor
        ConfURLSCAN_url = CONF.URLSCAN_url

        for SearchString in SearchString_list:
            UrlscanOSINT(ConfURLSCAN_url, PROXY, SearchString, LOG)
            UrlscanExtractor(LOG, SQL, TABLEname, PROXY, UAFILE)
    else:
        pass

    ###################
    # URLQUERY module #
    ###################
    ModuleUrlquery = CONF.URLQUERY_active
    if ModuleUrlquery is True:
        from modules.urlquery import UrlqueryOSINT, UrlqueryExtractor
        ConfURLQUERY_url = CONF.URLQUERY_url

        for SearchString in SearchString_list:
            UrlqueryOSINT(ConfURLQUERY_url, PROXY, SearchString, LOG)
            UrlqueryExtractor(SearchString, LOG, SQL, TABLEname, PROXY, UAFILE)
    else:
        pass

    ####################
    # PHISHTANK module #
    ####################
    ModulePhishtank = CONF.PHISHTANK_active
    if ModulePhishtank is True:
        from modules.phishtank import PhishtankOSINT, PhishtankExtractor, DeletePhishtankFile
        ConfPHISHTANK_url = CONF.PHISHTANK_url
        ConfPHISHTANK_keep = CONF.PHISHTANK_keep
        ConfPHISHTANK_apikey = CONF.PHISHTANK_apikey

        try:
            if ConfPHISHTANK_apikey is not None:
                ConfPHISHTANK_url = "https://data.phishtank.com/data/{}/online-valid.json".format(
                    ConfPHISHTANK_apikey)
                pass
        except:
            LOG.error("There's a problem with API key. Trying without...")
            pass

        try:
            # Get PHISHTANK free feed (if older than 1 hour)
            phishtank_file = ""
            filelist = glob.glob(SrcDir + "phishtank-feed-*.json")
            if filelist:
                last_phishtank_file = max(filelist, key=os.path.getctime)
                if os.stat(last_phishtank_file).st_mtime < time.time() - 7200:
                    # file older than 2 hours, download a new one
                    phishtank_file = SrcDir + "phishtank-feed-" + time.strftime(
                        "%Y%m%d-%H%M") + ".json"
                    PhishtankOSINT(phishtank_file, ConfPHISHTANK_url,
                                   ConfPHISHTANK_keep, SrcDir, PROXY, LOG)
                else:
                    LOG.info(
                        "Phishtank\'s file still exist (<2h). Proceeding to extraction..."
                    )
                    phishtank_file = last_phishtank_file
            else:
                phishtank_file = SrcDir + "phishtank-feed-" + time.strftime(
                    "%Y%m%d-%H%M") + ".json"
                PhishtankOSINT(phishtank_file, ConfPHISHTANK_url,
                               ConfPHISHTANK_keep, SrcDir, PROXY, LOG)

            for SearchString in SearchString_list:
                # Search into file
                LOG.info("Searching for \'" + SearchString + "\'...")
                PhishtankExtractor(phishtank_file, SearchString, LOG, SQL,
                                   TABLEname, PROXY, UAFILE)

            # Proceed to file delete if don't want to keep it
            if ConfPHISHTANK_keep is not True:
                DeletePhishtankFile(phishtank_file, LOG)
            else:
                pass
        # if sys.exit() from Phishtank module
        except SystemExit:
            pass
        except:
            err = sys.exc_info()
            LOG.error("Phishtank module error: " + str(err))

    else:
        pass

    ####################
    # OPENPHISH module #
    ####################
    ModuleOpenPhish = CONF.OPENPHISH_active
    if ModuleOpenPhish is True:
        from modules.openphish import OpenphishOSINT, OpenphishExtractor, DeleteOpenphishFile
        ConfOPENPHISH_url = CONF.OPENPHISH_url
        ConfOPENPHISH_keep = CONF.OPENPHISH_keep

        try:
            # Get OPENPHISH free feed (if older than 1 hour)
            openphish_file = ""
            filelist = glob.glob(SrcDir + "openphish-feed-*.txt")
            if filelist:
                last_openphish_file = max(filelist, key=os.path.getctime)
                if os.stat(last_openphish_file).st_mtime < time.time() - 7200:
                    # file older than 2 hours, download a new one
                    openphish_file = SrcDir + "openphish-feed-" + time.strftime(
                        "%Y%m%d-%H%M") + ".txt"
                    OpenphishOSINT(openphish_file, ConfOPENPHISH_url,
                                   ConfOPENPHISH_keep, SrcDir, PROXY, LOG)
                else:
                    LOG.info(
                        "Openphish\'s file still exist (<2h). Proceeding to extraction..."
                    )
                    openphish_file = last_openphish_file
            else:
                openphish_file = SrcDir + "openphish-feed-" + time.strftime(
                    "%Y%m%d-%H%M") + ".txt"
                OpenphishOSINT(openphish_file, ConfOPENPHISH_url,
                               ConfOPENPHISH_keep, SrcDir, PROXY, LOG)

            for SearchString in SearchString_list:
                # Search into file
                LOG.info("Searching for \'" + SearchString + "\'...")
                OpenphishExtractor(openphish_file, SearchString, LOG, SQL,
                                   TABLEname, PROXY, UAFILE)

            # Proceed to file delete if don't want to keep it
            if ConfOPENPHISH_keep is not True:
                DeleteOpenphishFile(openphish_file, LOG)
            else:
                pass

        except:
            err = sys.exc_info()
            LOG.error("Openphish module error: " + str(err))
    else:
        pass

    ####################
    # Phihstats module #
    ####################
    ModulePhishstats = CONF.PHISHSTATS_active
    if ModulePhishstats is True:
        from modules.phishstats import PhishstatsOSINT, PhishstatsExtractor, DeletePhishstatsFile
        ConfPHISHSTATS_url = CONF.PHISHSTATS_url
        ConfPHISHSTATS_keep = CONF.PHISHSTATS_keep

        try:
            # Get PHISHSTATS free feed (if older than 2 hour)
            phishstats_file = ""
            filelist = glob.glob(SrcDir + "phishstats-feed-*.json")
            if filelist:
                last_phishstats_file = max(filelist, key=os.path.getctime)
                if os.stat(last_phishstats_file).st_mtime < time.time() - 7200:
                    # file older than 2 hours, download a new one
                    phishstats_file = SrcDir + "phishstats-feed-" + time.strftime(
                        "%Y%m%d-%H%M") + ".json"
                    PhishstatsOSINT(phishstats_file, ConfPHISHSTATS_url,
                                    ConfPHISHSTATS_keep, PROXY, SearchString,
                                    LOG)
                else:
                    LOG.info(
                        "Phishstats\'s file still exist (<2h). Proceeding to extraction..."
                    )
                    phishstats_file = last_phishstats_file
            else:
                phishstats_file = SrcDir + "phishstats-feed-" + time.strftime(
                    "%Y%m%d-%H%M") + ".json"
                PhishstatsOSINT(phishstats_file, ConfPHISHSTATS_url,
                                ConfPHISHSTATS_keep, PROXY, SearchString, LOG)

            for SearchString in SearchString_list:
                # Search into file
                LOG.info("Searching for \'" + SearchString + "\'...")
                PhishstatsExtractor(phishstats_file, SearchString, LOG, SQL,
                                    TABLEname, PROXY, UAFILE)

            # Proceed to file delete if don't want to keep it
            if ConfPHISHSTATS_keep is not True:
                DeletePhishstatsFile(phishstats_file, LOG)
            else:
                pass
        # if sys.exit() from Phishtank module
        except SystemExit:
            pass
        except:
            err = sys.exc_info()
            LOG.error("Phishstats module error: " + str(err))
    else:
        pass

    ############################
    # Phishing.Database module #
    ############################
    ModulePhishingDB = CONF.PHISHINGDB_active
    if ModulePhishingDB is True:
        from modules.phishingdb import PhishingDBOSINT, PhishingDBExtractor, DeletePhishingDBFile
        ConfPHISHINGDB_url = CONF.PHISHINGDB_url
        ConfPHISHINGDB_keep = CONF.PHISHINGDB_keep

        try:
            # Get Phishing.Database free feed (if older than 1 hour)
            phishingdb_file = ""
            filelist = glob.glob(SrcDir + "phishingdb-feed-*.txt")
            if filelist:
                last_phishingdb_file = max(filelist, key=os.path.getctime)
                if os.stat(last_phishingdb_file).st_mtime < time.time() - 7200:
                    # file older than 2 hours, download a new one
                    phishingdb_file = SrcDir + "phishingdb-feed-" + time.strftime(
                        "%Y%m%d-%H%M") + ".txt"
                    PhishingDBOSINT(phishingdb_file, ConfPHISHINGDB_url,
                                    ConfPHISHINGDB_keep, SrcDir, PROXY, LOG)
                else:
                    LOG.info(
                        "Phishing.Database\'s file still exist (<2h). Proceeding to extraction..."
                    )
                    phishingdb_file = last_phishingdb_file
            else:
                phishingdb_file = SrcDir + "phishingdb-feed-" + time.strftime(
                    "%Y%m%d-%H%M") + ".txt"
                PhishingDBOSINT(phishingdb_file, ConfPHISHINGDB_url,
                                ConfPHISHINGDB_keep, SrcDir, PROXY, LOG)

            for SearchString in SearchString_list:
                # Search into file
                LOG.info("Searching for \'" + SearchString + "\'...")
                PhishingDBExtractor(phishingdb_file, SearchString, LOG, SQL,
                                    TABLEname, PROXY, UAFILE)

            # Proceed to file delete if don't want to keep it
            if ConfPHISHINGDB_keep is not True:
                DeletePhishingDBFile(phishingdb_file, LOG)
            else:
                pass

        except:
            err = sys.exc_info()
            LOG.error("Openphish module error: " + str(err))
    else:
        pass
Beispiel #2
0
def LaunchModules():
    LOG.info("Proceeding to OSINT modules launch")
    ###################
    # URLScan module #
    ###################
    ModuleUrlscan = CONF.URLSCAN_active
    if ModuleUrlscan is True:
        from modules.urlscan import UrlscanOSINT, UrlscanExtractor
        ConfURLSCAN_url = CONF.URLSCAN_url
        SearchString = CONF.SearchString

        try:
            # If more than one search word
            if ',' in SearchString:
                SearchString_list = [
                    SearchString.strip(' ')
                    for SearchString in SearchString.split(',')
                ]
            else:
                SearchString_list = [SearchString]
        except:
            err = sys.exc_info()
            LOG.error("SearchString error " + str(err))

        for SearchString in SearchString_list:
            UrlscanOSINT(ConfURLSCAN_url, PROXY, SearchString, LOG)
            UrlscanExtractor(LOG, SQL, TABLEname, PROXY, UAFILE)
    else:
        pass

    ###################
    # URLQUERY module #
    ###################
    ModuleUrlquery = CONF.URLQUERY_active
    if ModuleUrlquery is True:
        from modules.urlquery import UrlqueryOSINT, UrlqueryExtractor
        ConfURLQUERY_url = CONF.URLQUERY_url
        SearchString = CONF.SearchString

        try:
            # If more than one search word
            if ',' in SearchString:
                SearchString_list = [
                    SearchString.strip(' ')
                    for SearchString in SearchString.split(',')
                ]
            else:
                SearchString_list = [SearchString]
        except:
            err = sys.exc_info()
            LOG.error("SearchString error " + str(err))

        for SearchString in SearchString_list:
            UrlqueryOSINT(ConfURLQUERY_url, PROXY, SearchString, LOG)
            UrlqueryExtractor(LOG, SQL, TABLEname, PROXY, UAFILE)
    else:
        pass

    ####################
    # PHISHTANK module #
    ####################
    ModulePhishtank = CONF.PHISHTANK_active
    if ModulePhishtank is True:
        from modules.phishtank import PhishtankOSINT, PhishtankExtractor, DeletePhishtankFile
        ConfPHISHTANK_url = CONF.PHISHTANK_url
        ConfPHISHTANK_keep = CONF.PHISHTANK_keep
        SearchString = CONF.SearchString

        try:
            # Get PHISHTANK free feed (if older than 1 hour)
            phishtank_file = ""
            filelist = glob.glob(SrcDir + "phishtank-feed-*.json")
            if filelist:
                last_phishtank_file = max(filelist, key=os.path.getctime)
                if os.stat(last_phishtank_file).st_mtime < time.time() - 7200:
                    # file older than 2 hours, download a new one
                    phishtank_file = SrcDir + "phishtank-feed-" + time.strftime(
                        "%Y%m%d-%H%M") + ".json"
                    PhishtankOSINT(phishtank_file, ConfPHISHTANK_url,
                                   ConfPHISHTANK_keep, SrcDir, PROXY, LOG)
                else:
                    LOG.info(
                        "Phishtank\'s file still exist (<2h). Proceeding to extraction..."
                    )
                    phishtank_file = last_phishtank_file
            else:
                phishtank_file = SrcDir + "phishtank-feed-" + time.strftime(
                    "%Y%m%d-%H%M") + ".json"
                PhishtankOSINT(phishtank_file, ConfPHISHTANK_url,
                               ConfPHISHTANK_keep, SrcDir, PROXY, LOG)

            # If more than one search word
            if ',' in SearchString:
                SearchString_list = [
                    SearchString.strip(' ')
                    for SearchString in SearchString.split(',')
                ]
            else:
                SearchString_list = [SearchString]

            for SearchString in SearchString_list:
                # Search into file
                LOG.info("Searching for \'" + SearchString + "\'...")
                PhishtankExtractor(phishtank_file, SearchString, LOG, SQL,
                                   TABLEname, PROXY, UAFILE)

            # Proceed to file delete if don't want to keep it
            if ConfPHISHTANK_keep is not True:
                DeletePhishtankFile(phishtank_file, LOG)
            else:
                pass

        except:
            err = sys.exc_info()
            LOG.error("Phishtank module error: " + str(err))

    else:
        pass

    ####################
    # OPENPHISH module #
    ####################
    ModuleOpenPhish = CONF.OPENPHISH_active
    if ModuleOpenPhish is True:
        from modules.openphish import OpenphishOSINT, OpenphishExtractor, DeleteOpenphishFile
        ConfOPENPHISH_url = CONF.OPENPHISH_url
        ConfOPENPHISH_keep = CONF.OPENPHISH_keep
        SearchString = CONF.SearchString

        try:
            # Get OPENPHISH free feed (if older than 1 hour)
            openphish_file = ""
            filelist = glob.glob(SrcDir + "openphish-feed-*.txt")
            if filelist:
                last_openphish_file = max(filelist, key=os.path.getctime)
                if os.stat(last_openphish_file).st_mtime < time.time() - 7200:
                    # file older than 2 hours, download a new one
                    openphish_file = SrcDir + "openphish-feed-" + time.strftime(
                        "%Y%m%d-%H%M") + ".txt"
                    OpenphishOSINT(openphish_file, ConfOPENPHISH_url,
                                   ConfOPENPHISH_keep, SrcDir, PROXY, LOG)
                else:
                    LOG.info(
                        "Openphish\'s file still exist (<2h). Proceeding to extraction..."
                    )
                    openphish_file = last_openphish_file
            else:
                openphish_file = SrcDir + "openphish-feed-" + time.strftime(
                    "%Y%m%d-%H%M") + ".txt"
                OpenphishOSINT(openphish_file, ConfOPENPHISH_url,
                               ConfOPENPHISH_keep, SrcDir, PROXY, LOG)

            # Search into file
            # If more than one search word
            if ',' in SearchString:
                SearchString_list = [
                    SearchString.strip(' ')
                    for SearchString in SearchString.split(',')
                ]
            else:
                SearchString_list = [SearchString]

            for SearchString in SearchString_list:
                # Search into file
                LOG.info("Searching for \'" + SearchString + "\'...")
                OpenphishExtractor(openphish_file, SearchString, LOG, SQL,
                                   TABLEname, PROXY, UAFILE)

            # Proceed to file delete if don't want to keep it
            if ConfOPENPHISH_keep is not True:
                DeleteOpenphishFile(openphish_file, LOG)
            else:
                pass

        except:
            err = sys.exc_info()
            LOG.error("Openphish module error: " + str(err))

    else:
        pass