Exemple #1
0
def malcodebinaries_tasks():
    mb = MalcodeBinaries("MalcodeBinaries")
    mb.analytics = Analytics()
    run =  mb.update()
    if run is None:
        raise malcodebinaries_tasks.retry(countdown=60)
    return run
Exemple #2
0
def mdltracker_tasks():
    mdl = MDLTracker("MDLTracker")
    mdl.analytics = Analytics()
    run = mdl.update()
    if run is None:
        raise mdliplist_tasks.retry(countdown=60)
    return run
Exemple #3
0
def mdlhosts_tasks():
    mdl = MDLHosts("MDLHosts")
    mdl.analytics = Analytics()
    run = mdl.update()
    if run is None:
        raise mdlhosts_tasks.retry(countdown=60)
    return run
Exemple #4
0
def spyeyedropzones_tasks():
    se = SpyEyeDropzones("SpyEyeDropzones")
    se.analytics = Analytics()
    run = se.update()
    if run is None:
        raise spyeyedropzones_tasks.retry(countdown=60)
    return run
Exemple #5
0
def suspiciousdomains_tasks():
    sd = SuspiciousDomains("SuspiciousDomains")
    sd.analytics = Analytics()
    run =  sd.update()
    if run is None:
        raise suspiciousdomains_tasks.retry(countdown=60)
    return run
Exemple #6
0
def torexitnodes_tasks():
    ten = TorExitNodes("TorExitNodes")
    ten.analytics = Analytics()
    run =  ten.update()
    if run is None:
        raise torexitnodes_tasks.retry(countdown=60)
    return run
Exemple #7
0
def palevotracker_tasks():
    pt = PalevoTracker("PalevoTracker")
    pt.analytics = Analytics()
    run =  pt.update()
    if run is None:
        raise palevotracker_tasks.retry(countdown=60)
    return run
Exemple #8
0
def siriurzvx_tasks():
    su = SiriUrzVX("SiriUrzVX")
    su.analytics = Analytics()
    run =  su.update()
    if run is None:
        raise siriurzvx_tasks.retry(countdown=60)
    return run
Exemple #9
0
def malwarepatrolvx_tasks():
    mp = MalwarePatrolVX("MalwarePatrolVX")
    mp.analytics = Analytics()
    run =  mp.update()
    if run is None:
        raise malwarepatrolvx_tasks.retry(countdown=60)
    return run
Exemple #10
0
def openblip_tasks():
    oblip = OpenblIP("OpenblIP")
    oblip.analytics = Analytics()
    run =  oblip.update()
    if run is None:
        raise openblip_tasks.retry(countdown=60)
    return run
Exemple #11
0
def dshield_as3215_tasks():
    ds_as = DShield3215("DShield3215")
    ds_as.analytics = Analytics()
    run =  ds_as.update()
    if run is None:
        raise dshield_as3215_tasks.retry(countdown=60)
    return run
Exemple #12
0
def spyeyecnc_tasks():
    se = SpyEyeCnc("SpyEyeCnc")
    se.analytics = Analytics()
    run = se.update()
    if run is None:
        raise spyeyecnc_tasks.retry(countdown=60)
    return run
Exemple #13
0
def alienvault_tasks():
    aip = AlienvaultIP("AlienvaultIP")
    aip.analytics = Analytics()
    run =  aip.update()
    if run is None:
        raise alienvault_tasks.retry(countdown=60)
    return run
Exemple #14
0
def zeustrackerconfigs_tasks():
    ztb = ZeusTrackerConfigs("ZeusTrackerConfigs")
    ztb.analytics = Analytics()
    run = ztb.update()
    if run is None:
        raise zeustrackerconfigs_tasks.retry(countdown=60)
    return run
Exemple #15
0
def zeustrackergameoverdomains_tasks():
    ztb = ZeusGameOverDomains("ZeusGameOverDomains")
    ztb.analytics = Analytics()
    run = ztb.update()
    if run is None:
        raise zeustrackergameoverdomains_tasks.retry(countdown=60)
    return run
Exemple #16
0
	#parser.add_argument("--no-feeds", help="Disable automatic feeding", action="store_true", default=app.config['NO_FEED'])
	args = parser.parse_args()

	os.system('clear')
	Malcom.config['LISTEN_INTERFACE'] = args.interface
	Malcom.config['LISTEN_PORT'] = args.port
	Malcom.config['MAX_THREADS'] = args.max_threads
	Malcom.config['PUBLIC'] = args.public

	sys.stderr.write("===== Malcom %s - Malware Communications Analyzer =====\n\n" % Malcom.config['VERSION'])
	
	sys.stderr.write("Detected interfaces:\n")
	for iface in Malcom.config['IFACES']:
		sys.stderr.write("%s:\t%s\n" % (iface, Malcom.config['IFACES'][iface]))
	
	Malcom.analytics_engine = Analytics()

	if args.tls_proxy_port:
		Malcom.config['TLS_PROXY_PORT'] = args.tls_proxy_port
		sys.stderr.write("Starting TLS proxy on port %s\n" % args.tls_proxy_port)
		Malcom.tls_proxy = MalcomTLSProxy(args.tls_proxy_port)
		Malcom.tls_proxy.start()
	else:
		Malcom.tls_proxy = None

	sys.stderr.write("Importing feeds...\n")
	Malcom.feed_engine = FeedEngine(Malcom.analytics_engine)
	Malcom.feed_engine.load_feeds()

	sys.stderr.write("Importing packet captures...\n")
	
Exemple #17
0
		# launch process		
		if setup['FEEDS_SCHEDULER']:
			setup.feed_engine.scheduler = True
			("Starting feed scheduler...\n")
		else:
			setup.feed_engine.scheduler = False
			sys.stderr.write("[!] Feed scheduler must be started manually.\n")

		setup.feed_engine.period = 1
		setup.feed_engine.start()

	# run analytics
	if setup['ANALYTICS']:
		sys.stderr.write("[+] Starting analytics engine...\n")
		from Malcom.analytics.analytics import Analytics
		setup.analytics_engine = Analytics(setup['MAX_WORKERS'], setup)
		setup.analytics_engine.start()
		
	if setup['WEB']:
		from Malcom.web.webserver import MalcomWeb
		setup.web = MalcomWeb(setup['AUTH'], setup['LISTEN_PORT'], setup['LISTEN_INTERFACE'], setup)

	if setup['WEB']:
		setup.web.start_server()
	else:
		try:
			while True:
				raw_input()
		except KeyboardInterrupt, e:
			pass