def tacyt(plugin_name, project_id, resource_id, resource_type, apk_hash):
application = None
result_status = PluginResultStatus.STARTED
try:
APP_ID = KeyRing().get("tacyt-appid")
SECRET_KEY = KeyRing().get("tacyt-secret")
API_KEY_IN_DDBB = bool(APP_ID) & bool(SECRET_KEY)
if not API_KEY_IN_DDBB:
print("No App ID key...!")
result_status = PluginResultStatus.NO_API_KEY
else:
api = tacytsdk.TacytApp(APP_ID, SECRET_KEY)
search = api.search_apps(query=apk_hash, outfields=__OUT_FIELDS)
if (search.data and search.data.get("data")
and search.data.get("data").get("result")
and search.data.get("data").get("result").get("numResults")
== 1):
application = (search.data.get("data").get("result").get(
"applications")[0])
result_status = PluginResultStatus.COMPLETED
else:
result_status = PluginResultStatus.RETURN_NONE
PluginManager.set_plugin_results(resource_id, plugin_name, project_id,
application, result_status)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
application = None
def binaryedge(plugin_name, project_id, resource_id, resource_type, ip):
try:
API_KEY = KeyRing().get("binaryedge")
if not API_KEY:
print("No API key...!")
return {}
response = {}
headers = {"X-Key": API_KEY}
response = requests.get(URL.format(**{"ip": ip}), headers=headers)
if response.status_code == 404:
print("associated records not found!")
elif not response.status_code == 200:
print("API key error!")
else:
response = json.loads(response.content)
print(response)
PluginManager.set_plugin_results(
resource_id, plugin_name, project_id, response, result_status
)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
return None
def pulsedive_get_ioc_byvalue(param):
try:
API_KEY = KeyRing().get("pulsedive")
if not API_KEY:
print("No API key...!")
return None
response = {}
headers = {
"User-Agent":
"Mozilla/5.0 (X11; Linux i686; rv:64.0) Gecko/20100101 Firefox/64.0"
}
params = f"?pretty=1&key={API_KEY}&indicator={param}"
response = requests.get(URL_INFO, params=params, headers=headers)
if not response.status_code == 200:
print("API key error!")
return None
else:
response = json.loads(response.content)
return response
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
return None
def pastebin(plugin_name, project_id, resource_id, resource_type, target,
search_engine):
try:
query_result = None
API_KEY = KeyRing().get("pastebin")
if not API_KEY:
print("No API key...!")
result_status = PluginResultStatus.NO_API_KEY
else:
# We use "googlesearch" subtask to gather results as pastebin.com does not
# have a in-search engine
query_result = restricted_googlesearch(search_engine, target)
# Now, process google results and get the pastes and metadata
if query_result:
query_result = pastebin_get_results(query_result)
result_status = PluginResultStatus.COMPLETED
else:
result_status = PluginResultStatus.RETURN_NONE
PluginManager.set_plugin_results(resource_id, plugin_name, project_id,
query_result, result_status)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
def otx_iocs_file(file_hash, section):
try:
API_KEY = KeyRing().get("otx")
if not API_KEY:
print("No API key...!")
return None
response = {}
headers = {
"User-Agent":
"Mozilla/5.0 (X11; Linux i686; rv:64.0) Gecko/20100101 Firefox/64.0",
"X-OTX-API-KEY": API_KEY,
}
print("testessss ")
response = requests.get(
URL_HASH.format(**{
"file_hash": file_hash,
"section": section
}),
headers=headers,
)
if not response.status_code == 200:
print("API key error!")
return None
else:
response = json.loads(response.content)
return response
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
return None
def main(plugin_name, project_id, resource_id, resource_type, target):
result_status = PluginResultStatus.STARTED
try:
if PLUGIN_NEEDS_API_KEY:
API_KEY = KeyRing().get(PLUGIN_NAME)
if not API_KEY:
print("No API key...!")
result_status = PluginResultStatus.NO_API_KEY
query_result = None
resource_type = ResourceType(resource_type)
if resource_type == ResourceType.DOMAIN:
query_result = auxiliary_function_1(target)
elif resource_type == ResourceType.EMAIL:
query_result = auxiliary_function_2(target)
else:
print(f"[{PLUGIN_NAME}]: Resource type does not found")
PluginManager.set_plugin_results(resource_id, plugin_name, project_id,
query_result, result_status)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
def dinoflux(plugin_name, project_id, resource_id, resource_type, target):
try:
query_result = None
API_KEY = KeyRing().get(PLUGIN_NAME)
if not API_KEY:
print("No API key...!")
result_status = PluginResultStatus.NO_API_KEY
else:
result_status = PluginResultStatus.STARTED
resource_type = ResourceType(resource_type)
if resource_type:
query_result = get_report(resource_type, target)
else:
print("No resource type")
if query_result:
result_status = PluginResultStatus.COMPLETED
else:
result_status = PluginResultStatus.RETURN_NONE
PluginManager.set_plugin_results(resource_id, plugin_name, project_id,
query_result, result_status)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
def phishtank(plugin_name, project_id, resource_id, resource_type, url):
result_status = PluginResultStatus.STARTED
query_result = None
try:
API_KEY = KeyRing().get("phishtank")
if not API_KEY:
print("No API key...!")
result_status = PluginResultStatus.NO_API_KEY
else:
resource_type = ResourceType(resource_type)
if resource_type == ResourceType.URL:
query_result = phishtank_check(url)
result_status = PluginResultStatus.COMPLETED
else:
print("phishtank resource type does not found")
result_status = PluginResultStatus.RETURN_NONE
PluginManager.set_plugin_results(resource_id, plugin_name, project_id,
query_result, result_status)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
def phishtank_tech_details(phish_id):
try:
URL_main = f"https://www.phishtank.com/phish_detail.php?phish_id={phish_id}"
API_KEY = KeyRing().get("phishtank")
if not API_KEY:
print("No API key...!")
result_status = PluginResultStatus.NO_API_KEY
response = {}
headers = {"User-Agent": USER_AGENT}
response = requests.get(URL_main, headers=headers)
if not response.status_code == 200:
print("API key error!")
return None
else:
response = response.content
return response
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
return None # parsing html to extract Verify and more
def geoip(plugin_name, project_id, resource_id, resource_type, ip):
result_status = PluginResultStatus.STARTED
result = None
try:
API_KEY = KeyRing().get("ipstack")
if not API_KEY:
print("No API key...!")
return None
URL = f"http://api.ipstack.com/{ip}?access_key={API_KEY}&format=1"
response = urllib.request.urlopen(URL).read()
result = json.loads(response)
if "success" in result:
if not result["success"]:
if result["error"]["code"] in [101, 102, 103, 104, 105]:
result_status = PluginResultStatus.NO_API_KEY
elif result["error"]["code"] == 404:
result_status = PluginResultStatus.RETURN_NONE
else:
result_status = PluginResultStatus.COMPLETED
PluginManager.set_plugin_results(resource_id, plugin_name,
project_id, result, result_status)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
return None
def maltiverse(plugin_name, project_id, resource_id, resource_type, target):
try:
MALTIVERSE_EMAIL = KeyRing().get("maltiverse_email")
MALTIVERSE_PASS = KeyRing().get("maltiverse_pass")
API_KEY = bool(MALTIVERSE_EMAIL) & bool(MALTIVERSE_PASS)
query_result = None
if not API_KEY:
print(["[maltiverse]: No API Keys..."])
result_status = PluginResultStatus.NO_API_KEY
else:
result_status = PluginResultStatus.STARTED
resource_type = ResourceType(resource_type)
if resource_type == ResourceType.IPv4:
query_result = maltiverse_ip(target)
elif resource_type == ResourceType.DOMAIN:
query_result = maltiverse_domain(target)
elif resource_type == ResourceType.URL:
query_result = maltiverse_url(target)
elif resource_type == ResourceType.HASH:
query_result = maltiverse_hash(target)
else:
print("Maltiverse resource type does not found")
result_status = PluginResultStatus.RETURN_NONE
if not query_result:
result_status = PluginResultStatus.FAILED
if query_result.get("message"):
result_status = PluginResultStatus.RETURN_NONE
else:
result_status = PluginResultStatus.COMPLETED
print(query_result)
PluginManager.set_plugin_results(resource_id, plugin_name,
project_id, query_result,
result_status)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
def shodan(plugin_name, project_id, resource_id, resource_type, ip):
result_status = PluginResultStatus.STARTED
response = {}
try:
API_KEY = KeyRing().get("shodan")
if not API_KEY:
print("No API key...!")
result_status = PluginResultStatus.NO_API_KEY
else:
ipinfo = requests.get(URL.format(**{"ip": ip, "API_KEY": API_KEY}))
if not ipinfo.status_code == 200:
result_status = PluginResultStatus.RETURN_NONE
else:
ipinfo = json.loads(ipinfo.content)
response["hostnames"] = (ipinfo["hostnames"]
if "hostnames" in ipinfo else [])
response["os"] = ipinfo["os"] if "os" in ipinfo else None
response["org"] = ipinfo["org"] if "org" in ipinfo else None
response["isp"] = ipinfo["isp"] if "isp" in ipinfo else None
response["services"] = []
for data in ipinfo["data"]:
service = {}
service["port"] = data["port"] if "port" in data else None
service["transport"] = (data["transport"]
if "transport" in data else None)
service["service"] = data[
"service"] if "service" in data else None
service["data"] = data["data"] if "data" in data else None
service["product"] = data[
"product"] if "product" in data else None
service["banner"] = data[
"banner"] if "banner" in data else None
service["devicetype"] = (data["devicetype"]
if "devicetype" in data else None)
service["timestamp"] = (data["timestamp"]
if "timestamp" in data else None)
service["hostnames"] = (data["hostnames"]
if "hostnames" in data else [])
response["services"].append(service)
result_status = PluginResultStatus.COMPLETED
PluginManager.set_plugin_results(resource_id, plugin_name, project_id,
response, result_status)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
return None
def vt_domain(plugin_name, project_id, resource_id, resource_type, target):
result_status = PluginResultStatus.STARTED
response = None
try:
API_KEY = KeyRing().get("virustotal")
if not API_KEY:
print("No API key...!")
result_status = PluginResultStatus.NO_API_KEY
else:
response = None
url = None
params = {"apikey": API_KEY}
resource_type_for_vt = ResourceType(resource_type)
if resource_type_for_vt == ResourceType.DOMAIN:
url = url_for_domains
params["domain"] = target
elif resource_type_for_vt == ResourceType.URL:
url = url_for_urls
params["resource"] = target
elif resource_type_for_vt == ResourceType.IPv4:
url = url_for_ips
params["ip"] = target
elif resource_type_for_vt == ResourceType.HASH:
url = url_for_hashes
params["resource"] = target
else:
print("[VT]: Unknown resource type before querying service")
result_status = PluginResultStatus.FAILED
response = requests.get(url, params=params)
if not response.status_code == 200:
print(response)
result_status = PluginResultStatus.RETURN_NONE
else:
response = json.loads(response.content)
result_status = PluginResultStatus.COMPLETED
print(response)
PluginManager.set_plugin_results(resource_id, plugin_name, project_id,
response, result_status)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
return None
def urlscan(plugin_name, project_id, resource_id, resource_type, url):
result_status = PluginResultStatus.STARTED
response = {}
try:
API_KEY = KeyRing().get("urlscan")
if not API_KEY:
print("No API key...!")
result_status = PluginResultStatus.NO_API_KEY
else:
headers = {
"User-Agent": "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:64.0) Gecko/20100101 Firefox/64.0",
"Content-Type": "application/json",
"API-Key": API_KEY,
}
data = {"url": url, "public": "on", "tags": ["phishing", "malicious"]}
url_submission_response = requests.post(
SUBMISSION_URL, headers=headers, json=data
)
if not url_submission_response.status_code == 200:
print("API key error!")
result_status = PluginResultStatus.RETURN_NONE
else:
uuid = json.loads(url_submission_response.content)["uuid"]
SLEEP_LIMIT = 300
SLEEP_DELTA_INCREMENT = 2.5
SLEEP_FRAME = 2
# Número de reintentos cada 2 segundos
while SLEEP_FRAME < SLEEP_LIMIT:
response = result(uuid)
if response is not None:
break
SLEEP_FRAME = round(SLEEP_FRAME * SLEEP_DELTA_INCREMENT)
time.sleep(SLEEP_FRAME)
if response:
result_status = PluginResultStatus.COMPLETED
else:
result_status = PluginResultStatus.RETURN_NONE
PluginManager.set_plugin_results(
resource_id, plugin_name, project_id, response, result_status
)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
return None
def botscout_ip(ip):
try:
API_KEY = KeyRing().get("botscout")
if not API_KEY:
print("No API key...!")
return None
URL = f"http://botscout.com/test/?ip={ip}&key={API_KEY}&format=xml"
response = urllib.request.urlopen(URL).read()
return response
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
return None
def haveibeenpwned(plugin_name, project_id, resource_id, resource_type, email):
try:
API_KEY = KeyRing().get("haveibeenpwned")
if not API_KEY:
print("No API key...!")
result_status = PluginResultStatus.NO_API_KEY
else:
response = []
headers = {
"user-agent":
"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:64.0) Gecko/20100101 Firefox/64.0",
"hibp-api-key": API_KEY,
}
hibp = requests.get(
URL.format(**{
"service": "breachedaccount",
"account": email
}),
headers=headers,
)
if not hibp.status_code == 200:
print("HIBP Request error!")
result_status = PluginResultStatus.RETURN_NONE
else:
hibp = json.loads(hibp.content)
response = hibp
result_status = PluginResultStatus.COMPLETED
details = breach_detail_filler(response)
if not len(details) == len(response):
print(
"[HIBP] An update should be needed in breaches.json file")
result_status = PluginResultStatus.FAILED
PluginManager.set_plugin_results(resource_id, plugin_name,
project_id, response,
result_status)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
return None
def onyphe(plugin_name, project_id, resource_id, resource_type, resource):
result_status = PluginResultStatus.STARTED
query_result = None
try:
API_KEY = KeyRing().get("onyphe")
if not API_KEY:
print("No API key...!")
result_status = PluginResultStatus.NO_API_KEY
else:
url = ""
headers = {
"Authorization": f"apikey {API_KEY}",
"Content-Type": "application/json",
}
if resource_type == "domain":
url = f"https://www.onyphe.io/api/v2/summary/domain/{resource}"
elif resource_type == "ip":
url = f"https://www.onyphe.io/api/v2/summary/ip/{resource}"
query_result = requests.get(url, headers=headers)
if query_result.status_code == 200:
json_results = query_result.json()
if json_results["results"] == []:
result_status = PluginResultStatus.RETURN_NONE
else:
query_result = json_results["results"]
result_status = PluginResultStatus.COMPLETED
else:
result_status = PluginResultStatus.FAILED
PluginManager.set_plugin_results(
resource_id, plugin_name, project_id, query_result, result_status
)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
def phishtank_check(url):
try:
API_KEY = KeyRing().get("phishtank")
if not API_KEY:
print("No API key...!")
result_status = PluginResultStatus.NO_API_KEY
response = {}
headers = {
"User-Agent": USER_AGENT,
"Content-Type": "application/x-www-form-urlencoded",
}
post_data = {"url": url, "format": "json", "app_key": API_KEY}
response = requests.post(URL, post_data, headers=headers)
if not response.status_code == 200:
print("API key error!")
return None
else:
response = json.loads(response.content)
if "phish_id" in response["results"]:
phish_id = response["results"]["phish_id"]
try:
screenshot_path = phishtank_screenshot(phish_id)
if screenshot_path:
response["results"][
"screenshot_path"] = screenshot_path
except:
print("[PHISHTANK] Could not have a screenshot")
return response
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
return None
def phishtank_screenshot(phish_id):
try:
URL_main = f"https://www.phishtank.com/phish_screenshot.php?phish_id={phish_id}"
regex_url = "http[s]?://(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*\\(\\), ]|(?:%[0-9a-fA-F][0-9a-fA-F]))+"
API_KEY = KeyRing().get("phishtank")
if not API_KEY:
print("No API key...!")
result_status = PluginResultStatus.NO_API_KEY
response = {}
headers = {"User-Agent": USER_AGENT}
response = requests.get(URL_main, headers=headers)
if not response.status_code == 200:
print("API key error!")
return None
else:
if response.content:
content = response.content.decode("utf-8")
matches = re.findall(regex_url, content)
if matches:
screenshot_url = matches[0]
screenshot_name = urlparse(screenshot_url).path
r = requests.get(screenshot_url, allow_redirects=True)
with open(f"{SCREENSHOTS_STORAGE_PATH}{screenshot_name}",
"wb") as f:
f.write(r.content)
return f"{SCREENSHOTS_SERVER_PATH}{screenshot_name}"
return None
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
return None
def pulsedive_analyze(domain):
try:
API_KEY = KeyRing().get("pulsedive")
if not API_KEY:
print("No API key...!")
return None
pyb64_domain = base64.b64encode(bytes(domain, "utf-8"))
response = {}
headers = {
"User-Agent":
"Mozilla/5.0 (X11; Linux i686; rv:64.0) Gecko/20100101 Firefox/64.0",
"Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
}
post_data = {
"ioc": pyb64_domain.decode("utf-8"),
"probe": "1",
"pretty": "1",
"app_key": API_KEY,
}
response = requests.post(URL, post_data, headers=headers)
if not response.status_code == 200:
print("API key error!")
return None
else:
response = json.loads(response.content)
return response
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
return None
def verifymail(plugin_name, project_id, resource_id, resource_type, email):
response = {}
result_status = PluginResultStatus.STARTED
try:
API_KEY = KeyRing().get("verify-email")
if not API_KEY:
print("No API key...!")
result_status = PluginResultStatus.NO_API_KEY
else:
headers = {
"Accept": "application/json",
"Content-Type": "application/json"
}
vmail = requests.get(URL.format(**{
"key": API_KEY,
"email": email
}),
headers=headers)
if not vmail.status_code == 200:
print("[verifymail]: error!")
result_status = PluginResultStatus.FAILED
else:
response = json.loads(vmail.content)
if response:
result_status = PluginResultStatus.COMPLETED
else:
result_status = PluginResultStatus.RETURN_NONE
PluginManager.set_plugin_results(resource_id, plugin_name, project_id,
response, result_status)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
return None
import traceback
import json
import requests
from tasks.api_keys import KeyRing
API_KEY = KeyRing().get("abuseipdb")
URL = "https://api.abuseipdb.com/api/v2/check"
def abuseipdb(ip):
try:
if not API_KEY:
print("No API key...!")
return None
response = {}
headers = {"Accept": "application/json", "Key": API_KEY}
data = {"ipAddress": ip}
abuse_response = requests.get(URL, headers=headers, json=data)
if not abuse_response.status_code == 200:
print("API key error!")
return None
else:
response = json.loads(abuse_response.content)
print(response)
return response
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
"https://api.hunter.io/v2/email-verifier?email={email}&api_key={key}")
# URL_EMAIL_FINDER = "https://api.hunter.io/v2/email-finder?domain={domain}&first_name={name}&last_name={lastname}&api_key={key}"
# Which resources are this plugin able to work with
RESOURCE_TARGET = [ResourceType.DOMAIN, ResourceType.EMAIL]
# Plugin Metadata {a description, if target is actively reached and name}
PLUGIN_AUTOSTART = False
PLUGIN_DESCRIPTION = "Lists all the people working in a company with their name and email address found on the web"
PLUGIN_DISABLE = False
PLUGIN_IS_ACTIVE = False
PLUGIN_NAME = "hunterio"
PLUGIN_NEEDS_API_KEY = True
API_KEY = KeyRing().get("hunterio")
API_KEY_IN_DDBB = bool(API_KEY)
API_KEY_DOC = "https://hunter.io/api"
API_KEY_NAMES = ["hunterio"]
class Plugin:
def __init__(self, resource, project_id):
self.project_id = project_id
self.resource = resource
def do(self):
resource_type = self.resource.get_type()
try:
to_task = {
import traceback
import json
import urllib.request
from tasks.api_keys import KeyRing
API_KEY = KeyRing().get("ipstack")
def geoip(ip):
try:
URL = f"http://api.ipstack.com/{ip}?access_key={API_KEY}&format=1"
response = urllib.request.urlopen(URL).read()
return json.loads(response)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
return None
import traceback
from tasks.deps.tacyt import TacytApp as tacytsdk
from tasks.api_keys import KeyRing
APP_ID = KeyRing().get("tacyt-appid")
SECRET_KEY = KeyRing().get("tacyt-secret")
__OUT_FIELDS = [
"title",
"platform",
"origin",
"categoryName",
"size",
"marketSize",
"numDownloads",
"versionCode",
"packageName",
"price",
"versionString",
"minSdkVersion",
"targetSdkVersion",
"nFiles",
"nImages",
"nPermissions",
"nMetadataApiKeys",
"nActivities",
"nActivityAlias",
"nServices",
"nReceivers",
"nProviders",
import traceback
import json
import hashlib
import requests
from tasks.deps.maltiverse import Maltiverse
from tasks.api_keys import KeyRing
MALTIVERSE_EMAIL = KeyRing().get("maltiverse_email")
MALTIVERSE_PASS = KeyRing().get("maltiverse_pass")
api = Maltiverse()
api.login(MALTIVERSE_EMAIL, password=MALTIVERSE_PASS)
URL_IP = "https://api.maltiverse.com/ip/{ip}"
URL_DOMAIN = "https://api.maltiverse.com/hostname/{hostname}"
URL_URL = "https://api.maltiverse.com/url/{url}"
URL_HASH = "https://api.maltiverse.com/sample/{hash}"
def send_request(url):
try:
response = {}
maltiverse_response = requests.get(url)
if not maltiverse_response.status_code == 200:
print("Response error!")
print(maltiverse_response.content)
response = None
else:
response = json.dumps(json.loads(maltiverse_response.content))
import json
import traceback
from tasks.tasks import celery_app
from server.entities.resource_types import ResourceType
from server.entities.plugin_result_types import PluginResultStatus
from server.entities.plugin_manager import PluginManager
from tasks.api_keys import KeyRing
URL_API = "https://www.dinoflux.com/api/analyses/search"
# This URL is used to query a complete dinoflux analysis report
URL_REPORT = "https://www.dinoflux.com/private/intelligence/report/"
API_KEY = KeyRing().get("dinoflux")
API_KEY_IN_DDBB = bool(API_KEY)
API_KEY_DOC = "https://www.dinoflux.com/private/intelligence/search/"
API_KEY_NAMES = ["dinoflux"]
PLUGIN_NAME = "dinoflux"
PLUGIN_DESCRIPTION = "Search dinoflux reports from a binary hash, IPv4, URL or Filename"
PLUGIN_IS_ACTIVE = False
PLUGIN_AUTOSTART = False
PLUGIN_DISABLE = False
PLUGIN_NEEDS_API_KEY = True
RESOURCE_TARGET = [
ResourceType.HASH,
ResourceType.IPv4,
from server.entities.plugin_manager import PluginManager
from server.entities.plugin_result_types import PluginResultStatus
# Which resources are this plugin able to work with
RESOURCE_TARGET = [ResourceType.URL]
# Plugin Metadata {a description, if target is actively reached and name}
PLUGIN_AUTOSTART = False
PLUGIN_DESCRIPTION = "Scan and analyse URLs"
PLUGIN_IS_ACTIVE = False
PLUGIN_DISABLE = False
PLUGIN_NAME = "urlscan"
PLUGIN_NEEDS_API_KEY = True
API_KEY = KeyRing().get("urlscan")
API_KEY_IN_DDBB = bool(API_KEY)
API_KEY_DOC = "https://urlscan.io/about-api/"
API_KEY_NAMES = ["urlscan"]
SUBMISSION_URL = "https://urlscan.io/api/v1/scan/"
RESULT_URL = "https://urlscan.io/api/v1/result/{uuid}/"
class Plugin:
def __init__(self, resource, project_id):
self.project_id = project_id
self.resource = resource
def do(self):
resource_type = self.resource.get_type()
# Which resources are this plugin able to work with
RESOURCE_TARGET = [
ResourceType.URL,
ResourceType.HASH,
]
# Plugin Metadata {a description, if target is actively reached and name}
PLUGIN_AUTOSTART = False
PLUGIN_DESCRIPTION = "Search a hash or a URL in VirusTotal"
PLUGIN_DISABLE = False
PLUGIN_IS_ACTIVE = False
PLUGIN_NAME = "virustotal"
PLUGIN_NEEDS_API_KEY = True
API_KEY = KeyRing().get("virustotal")
API_KEY_IN_DDBB = bool(API_KEY)
API_KEY_DOC = "https://developers.virustotal.com/reference"
API_KEY_NAMES = ["virustotal"]
class Plugin:
def __init__(self, resource, project_id):
self.project_id = project_id
self.resource = resource
def do(self):
resource_type = self.resource.get_type()
target = self.resource.get_data()["canonical_name"]
# user: user11 o [email protected] # pass: Developer_11 import traceback import json import requests, base64 from tasks.api_keys import KeyRing API_KEY = KeyRing().get("pulsedive") URL = "https://pulsedive.com/api/analyze.php" URL_INFO = "https://pulsedive.com/api/info.php" ## Indicator(https://pulsedive.com/api/?q=indicators) ## param = domain, md5, sha1, sha256 ## Function OK def pulsedive_get_ioc_byvalue(param): try: if not API_KEY: print("No API key...!") return None response = {} headers = { "User-Agent": "Mozilla/5.0 (X11; Linux i686; rv:64.0) Gecko/20100101 Firefox/64.0" } params = f"?pretty=1&key={API_KEY}&indicator={param}"
