def basic_ip_task(plugin_name, project_id, resource_id, resource_type, ip):
query_result = {}
# PTR
try:
PTR_record = ptr(ip)
if PTR_record:
query_result["ptr"] = PTR_record
ASN_NET_record = asn(ip)
if "asn" in ASN_NET_record:
query_result["asn"] = ASN_NET_record["asn"]
if "network" in ASN_NET_record:
query_result["network"] = ASN_NET_record["network"]
# TODO: Probably, we can save some parameters here when object is instantiated
resource_type = ResourceType(resource_type)
resource = Resources.get(resource_id, resource_type)
resource.set_plugin_results(
plugin_name, project_id, resource_id, resource_type, query_result
)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
def maltiverse_task(plugin_name, project_id, resource_id, resource_type, target):
try:
query_result = None
resource_type = ResourceType(resource_type)
if resource_type == ResourceType.IPv4:
query_result = maltiverse_ip(target)
elif resource_type == ResourceType.DOMAIN:
query_result = maltiverse_domain(target)
elif resource_type == ResourceType.URL:
query_result = maltiverse_url(target)
elif resource_type == ResourceType.HASH:
query_result = maltiverse_hash(target)
else:
print("Maltiverse resource type does not found")
if not query_result:
return
print(query_result)
# TODO: See if ResourceType.__str__ can be use for serialization
resource = Resources.get(resource_id, resource_type)
resource.set_plugin_results(
plugin_name, project_id, resource_id, resource_type, query_result
)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
def threatcrowd_task(plugin_name, project_id, resource_id, resource_type, target):
try:
resource_type = ResourceType(resource_type)
if resource_type == ResourceType.IPv4:
query_result = threatcrowd_ip(target)
elif resource_type == ResourceType.DOMAIN:
query_result = threatcrowd_domain(target)
elif resource_type == ResourceType.EMAIL:
query_result = threatcrowd_email(target)
elif resource_type == ResourceType.HASH:
query_result = threatcrowd_hash(target)
else:
print("ThreatCrowd resource type does not found")
if not query_result:
return
# TODO: See if ResourceType.__str__ can be use for serialization
resource = Resources.get(resource_id, resource_type)
resource.set_plugin_results(
plugin_name, project_id, resource_id, resource_type, query_result
)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
def geoip_task(plugin_name, project_id, resource_id, resource_type, ip):
try:
query_result = geoip(ip)
if not query_result:
return
# TODO: See if ResourceType.__str__ can be use for serialization
resource_type = ResourceType(resource_type)
resource = Resources.get(resource_id, resource_type)
resource.set_plugin_results(
plugin_name, project_id, resource_id, resource_type, query_result
)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
def virustotal_task(plugin_name, project_id, resource_id, resource_type, target):
try:
query_result = None
resource_type = ResourceType(resource_type)
query_result = virustotal(target, resource_type)
# TODO: See if ResourceType.__str__ can be use for serialization
resource = Resources.get(resource_id, resource_type)
resource.set_plugin_results(
plugin_name, project_id, resource_id, resource_type, query_result
)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
def botscout_task(plugin_name, project_id, resource_id, resource_type, ip):
try:
resource_type = ResourceType(resource_type)
if resource_type == ResourceType.DOMAIN:
query_result = botscout_ip(ip)
else:
print("BotScout resource type does not found")
resource = Resources.get(resource_id, resource_type)
resource.set_plugin_results(
plugin_name, project_id, resource_id, resource_type, query_result
)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
def threatminer_task(plugin_name, project_id, resource_id, resource_type, domain):
try:
resource_type = ResourceType(resource_type)
if resource_type == ResourceType.DOMAIN:
query_result = threatminer_domain(domain, "1")
else:
print("threatminer resource type does not found")
resource = Resources.get(resource_id, resource_type)
resource.set_plugin_results(
plugin_name, project_id, resource_id, resource_type, query_result
)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
def phishtank_task(plugin_name, project_id, resource_id, resource_type, url):
try:
resource_type = ResourceType(resource_type)
if resource_type == ResourceType.URL:
query_result = phishtank_check(url)
else:
print("phishtank resource type does not found")
resource = Resources.get(resource_id, resource_type)
resource.set_plugin_results(
plugin_name, project_id, resource_id, resource_type, query_result
)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
def whois_task(plugin_name, project_id, resource_id, resource_type, domain):
try:
query_result = json.loads(str(whois.whois(domain)))
resource_type = ResourceType(resource_type)
# TODO: See if ResourceType.__str__ can be use for serialization
resource = Resources.get(resource_id, resource_type)
resource.set_plugin_results(
plugin_name, project_id, resource_id, resource_type, query_result
)
except whois.parser.PywhoisError:
print(f"Domain {domain} does not exists")
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
def puslsedive_task(
plugin_name, project_id, resource_id, resource_type, domain_or_hash
):
try:
resource_type = ResourceType(resource_type)
if resource_type == ResourceType.DOMAIN or resource_type == ResourceType.HASH:
query_result = pulsedive_get_ioc_byvalue(domain_or_hash)
else:
print("PulseDive resource type does not found")
resource = Resources.get(resource_id, resource_type)
resource.set_plugin_results(
plugin_name, project_id, resource_id, resource_type, query_result
)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
def dns_task(plugin_name, project_id, resource_id, resource_type, domain):
query_result = {}
# PTR
try:
dns_results = dns(domain)
query_result = dns_results
# TODO: Probably, we can save some parameters here when object is instantiated
resource_type = ResourceType(resource_type)
resource = Resources.get(resource_id, resource_type)
resource.set_plugin_results(
plugin_name, project_id, resource_id, resource_type, query_result
)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
def pastebin_task(
plugin_name, project_id, resource_id, resource_type, target, search_engine
):
try:
# We use "googlesearch" subtask to gather results as pastebin.com does not
# have a in-search engine
query_result = restricted_googlesearch(search_engine, target)
# Now, process google results and get the pastes and metadata
if query_result:
query_result = pastebin(query_result)
resource_type = ResourceType(resource_type)
resource = Resources.get(resource_id, resource_type)
resource.set_plugin_results(
plugin_name, project_id, resource_id, resource_type, query_result
)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
def hunterio_task(plugin_name, project_id, resource_id, resource_type, target):
try:
query_result = None
resource_type = ResourceType(resource_type)
if resource_type == ResourceType.DOMAIN:
query_result = hunterio_domain(target)
elif resource_type == ResourceType.EMAIL:
query_result = hunterio_email(target)
else:
print("Hunter.io resource type does not found")
# TODO: See if ResourceType.__str__ can be use for serialization
resource = Resources.get(resource_id, resource_type)
resource.set_plugin_results(
plugin_name, project_id, resource_id, resource_type, query_result
)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
def otx_task(plugin_name, project_id, resource_id, resource_type, target):
try:
resource_type = ResourceType(resource_type)
# Check 2nd parameter if it's sent through view (frontend)
if resource_type == ResourceType.IPv4:
query_result = otx_iocs_ipv4(target, "general")
elif resource_type == ResourceType.DOMAIN:
query_result = otx_iocs_hostname(target, "general")
elif resource_type == ResourceType.URL:
query_result = otx_iocs_url(target, "general")
elif resource_type == ResourceType.HASH:
query_result = otx_iocs_file(target, "analysis")
else:
print("OTX resource type does not found")
resource = Resources.get(resource_id, resource_type)
resource.set_plugin_results(
plugin_name, project_id, resource_id, resource_type, query_result
)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
