def Run(computername):
launch = Launch()
args = launch.get_args()
cbserverurl, cbapitoken = launch.load_cb_config(args.configfile)
headers = {"X-Auth-Token": cbapitoken}
resp = requests.get(
cbserverurl + str("/api/v1/sensor?hostname=" + str(computername)),
headers=headers,
verify=False)
return resp.json()
def Run(hashvalue):
launch=Launch()
args=launch.get_args()
b9serverurl,b9apitoken=launch.load_b9_config(args.configfile)
authJson={
'X-Auth-Token': b9apitoken,
'content-type': 'application/json'
}
serverurl=b9serverurl+str("/api/bit9platform/v1/")
md5url = serverurl+"fileCatalog?q=md5:"
sha256url = serverurl+"fileCatalog?q=sha256:"
b9StrongCert=False
r = requests.get(md5url+hashvalue, headers=authJson, verify=b9StrongCert)
r.raise_for_status()
result = r.json()
return result
import semanticnet as sn
from Launch.Launch import Launch
from Carbonblack.GetProcessReport import GetProcessReport
from Helpers.CreateTimeTable import CreateTimeTable
from Helpers.CreateTimeNodes import CreateTimeNodes
from Helpers.AddFileMods import AddFileMods
from Helpers.AddRegistryMods import AddRegistryMods
from Helpers.AddNetConns import AddNetConns
from Helpers.AddFileModThreatIntel import AddFileModThreatIntel
from Helpers.AddModulesLoaded import AddModulesLoaded
from Helpers.AddModulesLoadedThreatIntel import AddModulesLoadedThreatIntel
if __name__ == '__main__':
graph = sn.Graph()
graph.cache_nodes_by("label")
launch = Launch()
if len(sys.argv) == 1:
launch.show_options()
sys.exit()
launch.show_logo()
args = launch.get_args()
#load CB API
cb = launch.load_config_file(args.configfile)
#Get process report for CB link
report = GetProcessReport.Run(cb, args.link)
#Create a timetable
timetable, timelist = CreateTimeTable.Run(report)
#Create time nodes to plot process activity on
CreateTimeNodes.Run(graph, timelist)
#Add modules loaded to time nodes
