# Author: David Bressler (@bostonlink)
import sys
import urllib2, urllib, json
from datetime import datetime, timedelta
from lib import nwmodule
# Maltego XML Header
trans_header = """<MaltegoMessage>
<MaltegoTransformResponseMessage>
<Entities>"""
# Authenticate to the NW Concentrator via HTTP basic auth
nwmodule.nw_http_auth()
# NW REST API Query amd results
ip_entity = sys.argv[1]
date_t = datetime.today()
tdelta = timedelta(days=1)
diff = date_t - tdelta
diff = "'" + diff.strftime('%Y-%b-%d %H:%M:%S') + "'-'" + date_t.strftime(
'%Y-%b-%d %H:%M:%S') + "'"
field_name = 'filetype'
where_clause = '(time=%s) && ip.dst=%s || ip.src=%s' % (diff, ip_entity,
ip_entity)
json_data = json.loads(
# Author: David Bressler (@bostonlink)
import sys
import urllib2, urllib, json
from datetime import datetime, timedelta
from lib import nwmodule
# Maltego XML Header
trans_header = """<MaltegoMessage>
<MaltegoTransformResponseMessage>
<Entities>"""
# Authenticate to the NW Concentrator via HTTP basic auth
nwmodule.nw_http_auth()
# NW REST API Query amd results
risk_name = sys.argv[1]
fields = sys.argv[2].split("#")
date_t = datetime.today()
tdelta = timedelta(days=1)
diff = date_t - tdelta
diff = "'" + diff.strftime("%Y-%b-%d %H:%M:%S") + "'-'" + date_t.strftime("%Y-%b-%d %H:%M:%S") + "'"
for i in fields:
if "ip" in i:
parse = i.split("=")
ip = parse[1]