def analytics(self):
debug_output( "(host analytics for %s)" % self.value)
new = []
# only resolve A and CNAME records for subdomains
if toolbox.is_subdomain(self.value):
dns_info = toolbox.dns_get_records(self.value, ['A', 'CNAME'])
else:
dns_info = toolbox.dns_get_records(self.value)
for rtype in dns_info:
for entry in dns_info[rtype]:
art = toolbox.find_artifacts(entry)
for t in art:
for findings in art[t]:
if t == 'hostnames':
new.append((rtype, Hostname(findings)))
if t == 'urls':
new.append((rtype, Url(findings)))
if t == 'ips':
new.append((rtype, Ip(findings)))
# is _hostname a subdomain ?
if len(self.value.split(".")) > 2:
domain = toolbox.is_subdomain(self.value)
if domain:
new.append(('domain', Hostname(domain)))
self['last_analysis'] = datetime.datetime.utcnow()
self['next_analysis'] = self['last_analysis'] + datetime.timedelta(seconds=self['refresh_period'])
return new
def analytics(self):
debug_output("(host analytics for %s)" % self.value)
# this should get us a couple of IP addresses, or other hostnames
self['dns_info'] = toolbox.dns_dig_records(self.value)
new = []
#get Whois
self['whois'] = toolbox.whois(self['value'])
# get DNS info
for record in self.dns_info:
if record in ['MX', 'A', 'NS', 'CNAME']:
for entry in self['dns_info'][record]:
art = toolbox.find_artifacts(entry) #do this
for t in art:
for findings in art[t]:
if t == 'hostnames':
new.append((record, Hostname(findings)))
if t == 'urls':
new.append((record, Url(findings)))
if t == 'ips':
new.append((record, Ip(findings)))
# is _hostname a subdomain ?
if len(self.value.split(".")) > 2:
domain = toolbox.is_subdomain(self.value)
if domain:
new.append(('domain', Hostname(domain)))
self['last_analysis'] = datetime.datetime.utcnow()
self['next_analysis'] = self['last_analysis'] + datetime.timedelta(
seconds=self['refresh_period'])
return new
def analytics(self):
debug_output( "(host analytics for %s)" % self.value)
# this should get us a couple of IP addresses, or other hostnames
self['dns_info'] = toolbox.dns_dig_records(self.value)
new = []
#get Whois
self['whois'] = toolbox.whois(self['value'])
# get DNS info
for record in self.dns_info:
if record in ['MX', 'A', 'NS', 'CNAME']:
for entry in self['dns_info'][record]:
art = toolbox.find_artifacts(entry) #do this
for t in art:
for findings in art[t]:
if t == 'hostnames':
new.append((record, Hostname(findings)))
if t == 'urls':
new.append((record, Url(findings)))
if t == 'ips':
new.append((record, Ip(findings)))
# is _hostname a subdomain ?
if len(self.value.split(".")) > 2:
domain = toolbox.is_subdomain(self.value)
if domain:
new.append(('domain', Hostname(domain)))
self['last_analysis'] = datetime.datetime.utcnow()
self['next_analysis'] = self['last_analysis'] + datetime.timedelta(seconds=self['refresh_period'])
return new