def test_mb_get(self, mock_get=None, mock_post=None):
report = mb_get.MB_GET(
"MalwareBazaar_Get_Observable",
self.job_id,
self.observable_name,
self.observable_classification,
{},
).start()
self.assertEqual(report.get("success", False), True)
def mbget_run(
analyzer_name,
job_id,
observable_name,
observable_classification,
additional_config_params,
):
mb_get.MB_GET(
analyzer_name,
job_id,
observable_name,
observable_classification,
additional_config_params,
).start()
def run(self):
if self.observable_classification not in ["ip", "domain", "url"]:
raise AnalyzerRunException(
f"not supported observable type {self.observable_classification}."
f" Supported: ip, domain, url")
query = "{} site:bazaar.abuse.ch".format(self.observable_name)
ret = []
for url in googlesearch.search(query, stop=20):
mb_hash = url.split("/")[-2]
_mb_get = mb_get.MB_GET("MalwareBazaar_Google_Observable",
self.job_id, mb_hash, "hash", {})
res = _mb_get.start()
ret.append(res)
del _mb_get
return ret