# Author: David Bressler (@bostonlink) import sys import urllib2, urllib, json from datetime import datetime, timedelta from lib import nwmodule # Maltego XML Header trans_header = """<MaltegoMessage> <MaltegoTransformResponseMessage> <Entities>""" # Authenticate to the NW Concentrator via HTTP basic auth nwmodule.nw_http_auth() # NW REST API Query amd results ip_entity = sys.argv[1] date_t = datetime.today() tdelta = timedelta(days=1) diff = date_t - tdelta diff = "'" + diff.strftime('%Y-%b-%d %H:%M:%S') + "'-'" + date_t.strftime( '%Y-%b-%d %H:%M:%S') + "'" field_name = 'filetype' where_clause = '(time=%s) && ip.dst=%s || ip.src=%s' % (diff, ip_entity, ip_entity) json_data = json.loads(
# Author: David Bressler (@bostonlink) import sys import urllib2, urllib, json from datetime import datetime, timedelta from lib import nwmodule # Maltego XML Header trans_header = """<MaltegoMessage> <MaltegoTransformResponseMessage> <Entities>""" # Authenticate to the NW Concentrator via HTTP basic auth nwmodule.nw_http_auth() # NW REST API Query amd results risk_name = sys.argv[1] fields = sys.argv[2].split("#") date_t = datetime.today() tdelta = timedelta(days=1) diff = date_t - tdelta diff = "'" + diff.strftime("%Y-%b-%d %H:%M:%S") + "'-'" + date_t.strftime("%Y-%b-%d %H:%M:%S") + "'" for i in fields: if "ip" in i: parse = i.split("=") ip = parse[1]