def run(self): Analyzer.run(self) data = self.getData() try: # enrichment service if self.service == 'enrichment': enrichment_request = EnrichmentRequest(username=self.username, api_key=self.api_key) result = enrichment_request.get_enrichment(query=data) self.report(result) # malware service elif self.service == 'malware': enrichment_request = EnrichmentRequest(username=self.username, api_key=self.api_key) result = enrichment_request.get_malware(query=data) self.report(result) # osint service elif self.service == 'osint': enrichment_request = EnrichmentRequest(username=self.username, api_key=self.api_key) result = enrichment_request.get_osint(query=data) self.report(result) # passive dns service elif self.service == 'passive_dns': dns_request = DnsRequest(username=self.username, api_key=self.api_key) result = dns_request.get_passive_dns(query=data) self.report(result) # ssl certificate details service elif self.service == 'ssl_certificate_details': ssl_request = SslRequest(username=self.username, api_key=self.api_key) result = ssl_request.get_ssl_certificate_details(query=data) self.report(result) # ssl certificate history service elif self.service == 'ssl_certificate_history': ssl_request = SslRequest(username=self.username, api_key=self.api_key) result = ssl_request.get_ssl_certificate_history(query=data) self.report(result) # unique resolutions service elif self.service == 'unique_resolutions': dns_request = DnsRequest(username=self.username, api_key=self.api_key) result = dns_request.get_unique_resolutions(query=data) self.report(result) # whois details service elif self.service == 'whois_details': whois_request = WhoisRequest(username=self.username, api_key=self.api_key) result = whois_request.get_whois_details(query=data) self.report(result) else: self.error('Unknown PassiveTotal service') except Exception as e: self.unexpectedError(e)
def get_dns(self, **kwargs): client = DnsRequest(self.username, self.apikey) keys = ['query', 'end', 'start', 'timeout', 'sources'] params = self._cleanup_params(keys, **kwargs) if kwargs.get('unique'): return client.get_unique_resolutions(**params) else: return client.get_passive_dns(**params)
class DnsTestCase(unittest.TestCase): """Test case for DNS methods.""" formats = ['json'] def setup_class(self): self.patcher = patch('passivetotal.api.Client._get', fake_request) self.patcher.start() self.client = DnsRequest('--No-User--', '--No-Key--') def teardown_class(self): self.patcher.stop() def test_dns_passive(self): """Test getting passive DNS records.""" payload = {'query': 'passivetotal.org'} response = self.client.get_passive_dns(**payload) assert (response.get('queryValue')) == 'passivetotal.org' def test_process_dns_passive(self): """Test processing passive DNS records.""" payload = {'query': 'passivetotal.org'} response = self.client.get_passive_dns(**payload) wrapped = Response(response) assert (wrapped.queryValue) == 'passivetotal.org' assert ( Response(wrapped.results.pop(0)).recordHash ) == '6d24bc7754af023afeaaa05ac689ac36e96656aa6519ba435b301b14916b27d3' def test_dns_passive_unique(self): """Test getting unique passive DNS records.""" payload = {'query': 'passivetotal.org'} response = self.client.get_unique_resolutions(**payload) wrapped = Response(response) assert (wrapped.queryValue) == 'passivetotal.org' record = wrapped.frequency.pop(0) assert (record[0]) == '107.170.89.121' assert (record[1]) == 2
class DnsTestCase(unittest.TestCase): """Test case for DNS methods.""" formats = ['json'] def setup_class(self): self.patcher = patch('passivetotal.api.Client._get', fake_request) self.patcher.start() self.client = DnsRequest('--No-User--', '--No-Key--') def teardown_class(self): self.patcher.stop() def test_dns_passive(self): """Test getting passive DNS records.""" payload = {'query': 'passivetotal.org'} response = self.client.get_passive_dns(**payload) assert (response.get('queryValue')) == 'passivetotal.org' def test_process_dns_passive(self): """Test processing passive DNS records.""" payload = {'query': 'passivetotal.org'} response = self.client.get_passive_dns(**payload) wrapped = Response(response) assert (wrapped.queryValue) == 'passivetotal.org' assert (Response(wrapped.results.pop(0)).recordHash) == '6d24bc7754af023afeaaa05ac689ac36e96656aa6519ba435b301b14916b27d3' def test_dns_passive_unique(self): """Test getting unique passive DNS records.""" payload = {'query': 'passivetotal.org'} response = self.client.get_unique_resolutions(**payload) wrapped = Response(response) assert (wrapped.queryValue) == 'passivetotal.org' record = wrapped.frequency.pop(0) assert (record[0]) == '107.170.89.121' assert (record[1]) == 2
def run(self): data = self.get_data() try: # enrichment service if self.service == 'enrichment': enrichment_request = EnrichmentRequest(username=self.username, api_key=self.api_key) result = enrichment_request.get_enrichment(query=data) self.report(result) # malware service elif self.service == 'malware': enrichment_request = EnrichmentRequest(username=self.username, api_key=self.api_key) result = enrichment_request.get_malware(query=data) self.report(result) # osint service elif self.service == 'osint': enrichment_request = EnrichmentRequest(username=self.username, api_key=self.api_key) result = enrichment_request.get_osint(query=data) self.report(result) # passive dns service elif self.service == 'passive_dns': dns_request = DnsRequest(username=self.username, api_key=self.api_key) result = dns_request.get_passive_dns(query=data) self.report(result) # ssl certificate details service elif self.service == 'ssl_certificate_details': ssl_request = SslRequest(username=self.username, api_key=self.api_key) result = ssl_request.get_ssl_certificate_details(query=data) self.report(result) # ssl certificate history service elif self.service == 'ssl_certificate_history': ssl_request = SslRequest(username=self.username, api_key=self.api_key) result = ssl_request.get_ssl_certificate_history(query=data) print(len(result['results'])) if len(result['results'] ) == 1 and result['results'][0]['ipAddresses'] == 'N/A': print("ok") self.report({'results': []}) else: self.report(result) # unique resolutions service elif self.service == 'unique_resolutions': dns_request = DnsRequest(username=self.username, api_key=self.api_key) result = dns_request.get_unique_resolutions(query=data) self.report(result) # whois details service elif self.service == 'whois_details': whois_request = WhoisRequest(username=self.username, api_key=self.api_key) result = whois_request.get_whois_details(query=data) self.report(result) # components service elif self.service == 'components': host_attr_request = HostAttributeRequest( username=self.username, api_key=self.api_key) result = host_attr_request.get_components(query=data) self.report(result) # trackers service elif self.service == 'trackers': host_attr_request = HostAttributeRequest( username=self.username, api_key=self.api_key) result = host_attr_request.get_trackers(query=data) self.report(result) # host pairs service elif self.service == 'host_pairs': host_attr_request = HostAttributeRequest( username=self.username, api_key=self.api_key) result = host_attr_request.get_host_pairs(query=data, direction='parents') children = host_attr_request.get_host_pairs( query=data, direction='children') result['totalRecords'] += children['totalRecords'] result['results'] = result['results'] + children['results'] self.report(result) else: self.error('Unknown PassiveTotal service') except Exception as e: self.unexpectedError(e)