# add .. to path in case we're being run from the examples directory # and pivoteer isn't in our path import sys, os myPath = os.path.dirname(os.path.abspath(__file__)) sys.path.insert(0, myPath + '/../') from pivoteer import Hopper from pivoteer import pivotHash from pivoteer import pivotIP from pivoteer import pivotDomain from pivoteer import pivotEmail bigResult = pivotDomain("www.opendns.com") print "initial\n", bigResult # double pivot emailPivot = Hopper() for email in bigResult.email_container.keys(): emailPivot = pivotEmail(email) bigResult += emailPivot print "initial + email pivot\n", bigResult print "add another domain route\n", bigResult
sys.path.insert(0, myPath + '/../') from pivoteer import Hopper from pivoteer import pivotHash from pivoteer import pivotIP from pivoteer import pivotDomain from pivoteer import pivotEmail from pivoteer import pivotFile sample = sys.argv[1] bigResult = pivotFile(sample) print "initial\n", bigResult # double pivot emailPivot = Hopper() for email in bigResult.email_container.keys(): emailPivot = pivotEmail(email) bigResult += emailPivot print "initial + email pivot\n", bigResult #triple pivot domainPivot = Hopper() for domain in bigResult.domain_container.keys(): domainPivot = pivotDomain(domain) bigResult += domainPivot print "add another domain route\n", bigResult
import sys, os myPath = os.path.dirname(os.path.abspath(__file__)) sys.path.insert(0, myPath + '/../') from pivoteer import Hopper from pivoteer import pivotHash from pivoteer import pivotIP from pivoteer import pivotDomain from pivoteer import pivotEmail # taken from # https://github.com/BechtelCIRT/fe2stix/blob/master/examples/json/malware_notification.json tdomain = pivotDomain("r1.fasties.org") thash = pivotHash("d95b4d730efd54bae7544eb2ba809239") pivotedInfo = tdomain + thash print "intermediate data gathered", pivotedInfo # lets grab other domains by our buddy that wer registered with their email for email in pivotedInfo.email_container.keys(): emailPivot = pivotEmail(email) pivotedInfo += emailPivot print "Data gathered\n", pivotedInfo