def get_domain_data(self, domain_name, **kwargs):
start_time = time.time()
print("starting cymon for doamin " + domain_name)
domain_url = '/api/nexus/v1/domain/' + domain_name
token = "Token " + self.api_key
header = {'Authorization': token}
r = requests.get(url=self.base_url + domain_url, headers=header)
if r.status_code == 200:
try:
data = r.json()
except Exception as e:
print("domain cymon exception occured - - - - -" + domain_url,
e)
else:
print("domain cymon exception occured - - - - -" + domain_url,
r.status_code)
if data:
data["updated"] = int(time.time())
data = longint_to_str(data)
print("ending cymon for ip " + ip + " " +
str(time.time() - start_time))
return data
def get_domain_data(self, domain_name, **kwargs):
start_time = time.time()
print("starting alienvault OTX for doamin " + domain_name)
domain_url = 'api/v1/indicators/domain/' + domain_name + '/general'
data = {}
r = requests.get(url=self.base_url + domain_url)
if r.status_code == 200:
try:
data = r.json()
except Exception as e:
print(
"alienvault otx exception occured - - - - -" +
"----domain---" + domain_name, e)
else:
print("alienvault otx Error occured - - - - -" + domain_name,
r.status_code)
if data:
data["updated"] = int(time.time())
data = longint_to_str(data)
print("ending alienvault otx for domain " + domain_name + " " +
str(time.time() - start_time))
return data
def get_ip_data(self, ip, **kwargs):
data = {}
start_time = time.time()
print("starting cymon for ip " + ip)
try:
ipaddr.IPAddress(ip)
except ValueError:
print("ending cymon for ip " + str(time.time() - start_time))
print("NOT A VALID IP - ", ip)
return data
site_url = '/api/nexus/v1/ip/' + ip
token = "Token " + self.api_key
header = {'Authorization': token}
r = requests.get(url=self.base_url + site_url, headers=header)
if r.status_code == 200:
try:
data = r.json()
except Exception as e:
print("IP cymon exception occured - - - - -" + site_url, e)
else:
print("IP cymon exception occured - - - - -" + site_url,
r.status_code)
if data:
data["updated"] = int(time.time())
data = longint_to_str(data)
print("ending cymon for ip " + ip + " " +
str(time.time() - start_time))
return data
def get_hash_data(self, hash_value, **kwargs):
start_time = time.time()
print("starting virus total for file hash " + hash_value)
site_url = 'file/report'
data = {}
params = {'resource': hash_value, 'apikey': self.api_key}
r = requests.get(url=self.base_url + site_url, params=params)
if r.status_code == 200:
try:
data = r.json()
except Exception as e:
print(
"Hash Virus Total exception occured - - - - -" +
str(hash_value), e)
if data:
data["updated"] = int(time.time())
data = longint_to_str(data)
print("ending virus total for file hash " + hash_value + " " +
str(time.time() - start_time))
return data
def get_ip_data(self, ip, **kwargs):
data = {}
start_time = time.time()
print("starting alienvault OTX for ip " + ip)
try:
ipaddr.IPAddress(ip)
except ValueError:
print("ending shodan for ip " + str(time.time() - start_time))
print("NOT A VALID IP - ", ip)
return data
site_url = 'api/v1/indicators/IPv4/' + ip + '/general'
r = requests.get(url=self.base_url + site_url)
if r.status_code == 200:
try:
data = r.json()
except Exception as e:
print(
"IP alienvault otx exception occured - - - - -" +
site_url, e)
else:
print("IP alienvault otx exception occured - - - - -" + site_url,
r.status_code)
if data:
data["updated"] = int(time.time())
data = longint_to_str(data)
print("ending alienvailt otx for ip " + ip + " " +
str(time.time() - start_time))
return data
def get_domain_data(self, domain_name, **kwargs):
start_time = time.time()
print("starting shodan for doamin " + domain_name)
domain_url = "/shodan/host/search" + "?key=" + self.api_key + "&query=" + 'hostname:' + domain_name
data = {}
r = requests.get(url=self.base_url + domain_url)
if r.status_code == 200:
try:
data = r.json()
except Exception as e:
print(
"Shodan exception occured - - - - -" + "----domain---" +
domain_name, e)
else:
print("Shodan Error occured - - - - -" + domain_name,
r.status_code)
if data:
data["updated"] = int(time.time())
data = longint_to_str(data)
print("ending shodan for domain " + domain_name + " " +
str(time.time() - start_time))
return data
def get_ip_data(self, ip, **kwargs):
data = {}
start_time = time.time()
print("starting shodan for ip " + ip)
try:
ipaddr.IPAddress(ip)
except ValueError:
print("ending shodan for ip " + str(time.time() - start_time))
print("NOT A VALID IP - ", ip)
return data
site_url = '/shodan/host/' + ip + "?key=" + self.api_key
r = requests.get(url=self.base_url + site_url)
if r.status_code == 200:
try:
data = r.json()
except Exception as e:
print("IP Shodan exception occured - - - - -" + site_url, e)
else:
print("IP Shodan exception occured - - - - -" + site_url,
r.status_code)
if data:
data["updated"] = int(time.time())
data = longint_to_str(data)
print("ending shodan for ip " + ip + " " +
str(time.time() - start_time))
return data
def get_ip_data(self, ip, **kwargs):
start_time = time.time()
print("starting virus total for ip " + ip)
site_url = 'ip-address/report'
data = {}
try:
ip_details = ipaddr.IPAddress(ip)
except ValueError:
print("NOT A VALID IP - ", ip)
return data
if ip_details.version == 4:
params = {'ip': ip, 'apikey': self.api_key}
r = requests.get(url=self.base_url + site_url, params=params)
if r.status_code == 200:
try:
data = r.json()
except Exception as e:
print(
"IP Virus Total exception occured - - - - -" +
str(ip), e)
# elif r.status_code == 204:
# time.sleep(15.1)
# r = requests.get(url=virus_total_base_url + site_url, params=params)
#
# if r.status_code == 200:
# try:
# data = r.json()
# except Exception as e:
# print("IP Virus Total exception occured - - - - -" +
# virus_total_base_url, e)
if data:
data["updated"] = int(time.time())
data = longint_to_str(data)
print("ending virus total for ip " + ip + " " +
str(time.time() - start_time))
return data
else:
print("ending virus total for ip " + ip + " " +
str(time.time() - start_time))
print("NOT A VALID IPV4 ", ip)
return data
def get_domain_data(self, domain_name, **kwargs):
print("starting whois for domain " + domain_name)
data = {}
start_time = time.time()
whois_domain = DirectDomainLookup()
try:
data = whois_domain.get_details(domain=domain_name)
except Exception as e:
print("WhoIS exception occured ----domain---" + domain_name, e)
if data and data.get("Domain Name"):
data["updated"] = int(time.time())
data = longint_to_str(data)
print("ending whois for domain " + domain_name + " " +
str(time.time() - start_time))
return data
def get_domain_data(self, domain_name, **kwargs):
start_time = time.time()
print("starting virus total for domain " + domain_name)
site_url = 'domain/report'
params = {'domain': domain_name, 'apikey': self.api_key}
data = {}
r = requests.get(url=self.base_url + site_url, params=params)
if r.status_code == 200:
try:
data = r.json()
resolutions = data.get("resolutions")
if resolutions and len(resolutions) > 0:
ip = resolutions[0]["ip_address"]
except Exception as e:
print(
"Domain Virus Total exception occured - - - - -" +
str(domain_name), e)
# elif r.status_code == 204:
# time.sleep(15.1)
#
# r = requests.get(url=virus_total_base_url + site_url, params=params)
# if r.status_code == 200:
# try:
# data = r.json()
#
# except Exception as e:
# print("Domain Virus Total exception occured - - - - -" +
# virus_total_base_url, e)
if data:
data["updated"] = int(time.time())
data = longint_to_str(data)
print("ending virus total for domain " + domain_name + " " +
str(time.time() - start_time))
return data
def get_url_data(self, url, **kwargs):
start_time = time.time()
print("starting virus total for url " + url)
site_url = 'url/report'
params = {'resource': url, 'apikey': self.api_key}
data = {}
r = requests.post(url=self.base_url + site_url, params=params)
if r.status_code == 200:
try:
data = r.json()
except Exception as e:
print(
"Url Virus Total exception occured - - - - -" + str(url),
e)
elif r.status_code == 204:
time.sleep(15.1)
r = requests.post(url=self.base_url + site_url, params=params)
if r.status_code == 200:
try:
data = r.json()
except Exception as e:
print(
"Url Virus Total exception occured - - - - -" +
str(url), e)
print(data)
if data:
data["updated"] = int(time.time())
data = longint_to_str(data)
print("ending virus total for url " + url + " " +
str(time.time() - start_time))
return data
def get_ip_data(self, ip, **kwargs):
print("starting whois for ip " + ip)
data = {}
ip_data = {}
asn_data = {}
start_time = time.time()
whois_domain = DirectDomainLookup()
try:
ip_data = whois_domain.get_details(domain=ip,
whois_server="whois.iana.org")
except Exception as e:
print("WhoIS exception occured ----ip---" + ip, e)
if ip_data:
# find asn data
asn = None
if ip_data.get("origin"):
asn = ip_data.get("origin")
elif ip_data.get("originAS"):
asn = ip_data.get("originAS")
elif ip_data.get("OriginAS"):
asn = ip_data.get("OriginAS")
if asn:
asn_data = self.get_whois_asn_data(asn)
data["ip_data"] = ip_data
data["asn_data"] = asn_data
data["updated"] = int(time.time())
data = longint_to_str(data)
print("ending whois for ip " + ip + " " +
str(time.time() - start_time))
return data