def main():
import argparse
parser = argparse.ArgumentParser()
subs = parser.add_subparsers(dest='cmd')
name_p = subs.add_parser('name')
name_p.add_argument('addrs', nargs='+', help='Hostname or IP addresses')
name_p.add_argument('--rrtype', '-t', default=None)
name_p.add_argument('--json', '-j', action="store_true",
help="Output as JSON")
name_p.add_argument('--short', '-s', action="store_true",
help="Output newline-separated data only")
name_p.add_argument('--text', '-T', action="store_true",
help="Output full human readable text")
name_p.add_argument('--verbose', '-v', action="store_true",
help="Output verbose records with first/lastseen times and observed count")
data_p = subs.add_parser('data')
data_p.add_argument('addrs', nargs='+', help='Hostname or IP addresses')
data_p.add_argument('--rrtype', '-t', default=None)
data_p.add_argument('--json', '-j', action="store_true",
help="Output as JSON")
data_p.add_argument('--short', '-s', action="store_true",
help="Output newline-separated name only")
data_p.add_argument('--text', '-T', action="store_true",
help="Output full human readable text")
data_p.add_argument('--verbose', '-v', action="store_true",
help="Output verbose records with first/lastseen times and observed count")
args = parser.parse_args()
addrs = util.stdin(args.addrs)
for addr in addrs:
ip, hostname = ip_hostname(addr)
client = Client.from_config()
try:
data = get_data(client, args.cmd, rrtype=args.rrtype,
hostname=hostname, ip=ip)
except ValueError as e:
parser.print_usage()
sys.stderr.write('{}\n'.format(str(e)))
sys.exit(1)
if args.json:
print(json.dumps(data, indent=4))
elif args.short and args.cmd == 'data':
print(renderer(data, 'dns/dns_data'))
elif args.short and args.cmd == 'name':
print(renderer(data, 'dns/dns_name'))
elif args.text:
print(renderer(data, 'dns/dns'))
elif data:
print(renderer(data, 'dns/dns_oneline', verbose=args.verbose))
def main():
import argparse
parser = argparse.ArgumentParser()
parser.add_argument('-j', '--json', action="store_true", dest='as_json',
help="Output as JSON")
parser.add_argument('--days', '-d', default=1, type=int,
help='days to query')
parser.add_argument('--start', '-s', default=None,
help='start datetime in "yyyy-mm-dd HH:MM:SS" format '
'(or "today HH:MM:SS")')
parser.add_argument('--end', '-e', default=None,
help='end datetime in "yyyy-mm-dd HH:MM:SS" format '
'(or "today HH:MM:SS")')
args = parser.parse_args()
client = Client.from_config()
kwargs = {'as_json': args.as_json}
kwargs['days'] = args.days
kwargs['start'] = args.start
kwargs['end'] = args.end
data = client.get_zlist_urls(days=args.days, start=args.start,
end=args.end)
if args.as_json:
print(json.dumps(data, indent=4))
elif data:
print(renderer(data, 'zlist/urls'))
def lp_submit_bulk(client, urls, as_json=False, **kwargs):
entries = []
for url in urls:
entries += [{'url': url}]
for entry in entries:
entry.update(kwargs)
data = client.submit_landing_page_bulk(entries)
if as_json:
print(json.dumps(data, indent=4))
elif data:
print(renderer(data, 'landingpage/bulk'))
def lp_submit_bulk(client, urls, as_json=False, **kwargs):
entries = []
for url in urls:
entries += [{'url': url}]
for entry in entries:
entry.update(kwargs)
data = client.submit_landing_page_bulk(entries)
if as_json:
print(json.dumps(data, indent=4))
elif data:
print(renderer(data, 'landingpage/bulk'))
def dump_data(data, temp, kwargs):
# Dump to --stix path
if kwargs.get('stix'):
dump_stix(data, kwargs['stix'])
elif kwargs.get('as_json'):
print(json.dumps(data, indent=4))
elif data:
print(
renderer(data, temp,
oneline=kwargs.get('oneline', False),
verbose=kwargs.get('verbose', False),
custom_template=kwargs.get('template'),
)
)
def main():
import argparse
parser = argparse.ArgumentParser()
parser.add_argument('--domain', '-d')
parser.add_argument('--email', '-e')
parser.add_argument('--name-server', '-n')
parser.add_argument('--max-results', '-m', type=int, default=100)
parser.add_argument('-j', '--json', action="store_true", dest='as_json',
help="Output as JSON")
args = parser.parse_args()
client = Client.from_config()
results = client.post_whois(domain=args.domain, email=args.email,
name_server=args.name_server, max_results=args.max_results)
if args.as_json:
print(json.dumps(results, indent=4))
else:
print(renderer(results, 'whois/whois'))
def main():
import argparse
parser = argparse.ArgumentParser()
parser.add_argument('--domain', '-d')
parser.add_argument('--email', '-e')
parser.add_argument('--name-server', '-n')
parser.add_argument('--max-results', '-m', type=int, default=100)
parser.add_argument('-j',
'--json',
action="store_true",
dest='as_json',
help="Output as JSON")
args = parser.parse_args()
client = Client.from_config()
results = client.post_whois(domain=args.domain,
email=args.email,
name_server=args.name_server,
max_results=args.max_results)
if args.as_json:
print(json.dumps(results, indent=4))
else:
print(renderer(results, 'whois/whois'))
def lp_projects(client, as_json=False):
data = client.get_landing_page_projects()
if as_json:
print(json.dumps(data, indent=4))
elif data:
print(renderer(data, 'landingpage/projects'))
def lp_binary(client, as_json=False, **kwargs):
data = client.get_landing_page_malicious_binary(**kwargs)
if as_json:
print(json.dumps(data, indent=4))
elif data:
print(renderer(data, 'landingpage/crawled'))
def lp_flagged(client, as_json=None, **kwargs):
data = client.get_landing_page_flagged(**kwargs)
if as_json:
print(json.dumps(data, indent=4))
elif data:
print(renderer(data, 'landingpage/crawled'))
def lp_submit(client, url, as_json=False, **kwargs):
data = client.submit_landing_page(url, **kwargs)
if as_json:
print(json.dumps(data, indent=4))
elif data:
print(renderer({'landingPage': [data]}, 'landingpage/crawled'))
def lp_get(client, md5_hash, whois=None, as_json=False):
data = client.get_landing_page(md5_hash, whois=whois)
if as_json:
print(json.dumps(data, indent=4))
elif data:
print(renderer({'landingPage': [data]}, 'landingpage/crawled'))
def lp_projects(client, as_json=False):
data = client.get_landing_page_projects()
if as_json:
print(json.dumps(data, indent=4))
elif data:
print(renderer(data, 'landingpage/projects'))
def lp_binary(client, as_json=False, **kwargs):
data = client.get_landing_page_malicious_binary(**kwargs)
if as_json:
print(json.dumps(data, indent=4))
elif data:
print(renderer(data, 'landingpage/crawled'))
def lp_flagged(client, as_json=None, **kwargs):
data = client.get_landing_page_flagged(**kwargs)
if as_json:
print(json.dumps(data, indent=4))
elif data:
print(renderer(data, 'landingpage/crawled'))
def lp_submit(client, url, as_json=False, **kwargs):
data = client.submit_landing_page(url, **kwargs)
if as_json:
print(json.dumps(data, indent=4))
elif data:
print(renderer({'landingPage': [data]}, 'landingpage/crawled'))
def lp_get(client, md5_hash, whois=None, as_json=False):
data = client.get_landing_page(md5_hash, whois=whois)
if as_json:
print(json.dumps(data, indent=4))
elif data:
print(renderer({'landingPage': [data]}, 'landingpage/crawled'))
