def listemalware(request):
pud = pulsedive.Pulsedive(
'1b0d0dcb40d124d4d91a40cb00f281527a84139d23d685e32fd18b28bb3e7013')
ind = pud.search.threat(risk=[
'unknown', 'none', 'low', 'medium', 'high', 'critical', 'retired'
],
category=['malware'],
properties=None,
attribute=None,
splitrisk=False)
return render(request, 'services/listmalware.html',
{'ind': ind['results']})
def listeip(request):
pud = pulsedive.Pulsedive(
'1b0d0dcb40d124d4d91a40cb00f281527a84139d23d685e32fd18b28bb3e7013')
ind = pud.search.indicator(risk=[
'unknown', 'none', 'low', 'medium', 'high', 'critical', 'retired'
],
indicator_type=['ip', 'ipv6'],
lastseen=None,
latest=None,
limit='hundred',
export=False,
properties=None,
attribute=None,
feed=None,
threat=None)
return render(request, 'services/listip.html', {'ind': ind['results']})
def pud():
return pulsedive.Pulsedive()
ioc = args.ioc.strip()
print('Searching the IOC %s...' % ioc)
keys = {}
headers = {}
#read apis from config file
with open("keys.cfg", "r") as keys_c:
next(keys_c)
for line in keys_c:
(key, val) = line.split(":")
keys[key.strip()] = val.strip()
#set pulsedive key and start object
if keys['pulsedive']:
pud = pulsedive.Pulsedive(keys['pulsedive'])
else:
pud = pulsedive.Pulsedive()
#check_ip
def check_ip(ioc):
#vt check ip
headers['x-apikey'] = keys['vt']
vt_ip_api = "https://www.virustotal.com/api/v3/ip_addresses/%s" % ioc
vt_ip = requests.get(url=vt_ip_api,headers=headers)
vt_data = vt_ip.json()
vtowner = vt_data['data']['attributes']['as_owner']
vtcountry = vt_data['data']['attributes']['country']
vtrep = vt_data['data']['attributes']['reputation']
print('--VirusTotal--')
print('Owner: %s' % vtowner)