Exemplos de parseargs em Python

Exemplo n.º 1

def parseargs() -> argparse.ArgumentParser:
    """Parse arguments"""
    parser = worker.parseargs("ARGUS Case enrichment")
    parser.add_argument(
        "--argus-baseurl",
        dest="argus_baseurl",
        default="https://api.mnemonic.no/",
        help="Argus API host",
    )
    parser.add_argument(
        "--argus-timeout", dest="timeout", type=int, default=300, help="Timeout"
    )
    parser.add_argument(
        "--content-props",
        default="file.sha256,process.sha256",
        help="Comma separated list of properties that represents a content object",
    )
    parser.add_argument(
        "--hash-props",
        default="file.md5,process.md5,file.sha1,process.sha1,file.sha512,process.sha512",
        help="Comma separated list of properties that represents a hash",
    )
    parser.add_argument(
        "--last-update",
        type=int,
        help="Last updated timestamp (epoc, seconds). Default - use now-1w first time, and start on last retrieved event at next run.",
    )
    parser.add_argument("--argus-apikey", dest="argus_apikey", help="Argus API key")
    parser.add_argument(
        "--organization-from-argus",
        action="store_true",
        help="Apply organization from argus event",
    )

    return parser

Exemplo n.º 2

Arquivo: fact_chain_helper.py Projeto: hegga/act-workers

def parseargs() -> argparse.ArgumentParser:
    """Extract command lines argument"""

    parser = worker.parseargs('ACT Fact Chain Helper')
    parser.add_argument('--start',
                        type=fact_type_value,
                        help='Start type/value (i.e. threatActor/apt21)')
    parser.add_argument('--end',
                        type=fact_type_value,
                        help='End type/value (i.e. tool/zeus)')
    parser.add_argument('--avoid',
                        type=worker_config.string_list,
                        default=[],
                        help='List of fact- or object- types to avoid')
    parser.add_argument('--include',
                        type=worker_config.string_list,
                        default=[],
                        help='List of fact- or object- types to include')
    parser.add_argument('--fact-type-definition',
                        type=str,
                        default=types.etc_file('fact-types.json'),
                        help='fact definition file. default="fact-types.json"')
    parser.add_argument(
        '--avoid-cost',
        type=int,
        default=3,
        help=
        'multiplier used to increase cost of avoided objects or facts. Default=3'
    )

    return parser

Exemplo n.º 3

def parseargs() -> argparse.ArgumentParser:
    """ Parse arguments """
    parser = worker.parseargs('ARGUS Case enrichment')
    parser.add_argument('--argus-baseurl',
                        dest='argus_baseurl',
                        default="https://api.mnemonic.no/",
                        help="Argus API host")
    parser.add_argument('--argus-timeout',
                        dest='timeout',
                        type=int,
                        default=300,
                        help="Timeout")
    parser.add_argument(
        '--content-props',
        default="file.sha256,process.sha256",
        help=
        "Comma separated list of properties that represents a content object")
    parser.add_argument(
        '--hash-props',
        default=
        "file.md5,process.md5,file.sha1,process.sha1,file.sha512,process.sha512",
        help="Comma separated list of properties that represents a hash")
    parser.add_argument(
        '--last-update',
        type=int,
        help=
        "Last updated timestamp (epoc, seconds). Default - use now-1w first time, and start on last retrieved event at next run."
    )
    parser.add_argument('--argus-apikey',
                        dest='argus_apikey',
                        help="Argus API key")

    return parser

Exemplo n.º 4

def parseargs() -> argparse.ArgumentParser:
    """ Parse arguments """
    parser = worker.parseargs('Mitre ATT&CK worker')
    parser.add_argument(
        '--smtphost',
        dest='smtphost',
        help="SMTP host used to send revoked/deprecated objects")
    parser.add_argument(
        '--sender',
        dest='sender',
        help="Sender address used to send revoked/deprecated objects")
    parser.add_argument(
        '--recipient',
        dest='recipient',
        help="Recipient address used to send revoked/deprecated objects")
    parser.add_argument(
        '--type',
        choices=list(MITRE_URLS.keys()),
        help=
        'Specify a single type to download (enterprise, mobile or pre). Default is to fetch all'
    )
    parser.add_argument('--notifycache',
                        dest='notifycache',
                        help="Cache for revoked/deprecated objects",
                        default=DEFAULT_NOTIFY_CACHE)

    return parser

Exemplo n.º 5

def parseargs() -> argparse.ArgumentParser:
    """Extract command lines argument"""

    parser = worker.parseargs("ACT VT Client")
    parser.add_argument("--apikey", metavar="KEY", help="VirusTotal API key")
    group = parser.add_mutually_exclusive_group()
    group.add_argument(
        "--hexdigest",
        action="store_true",
        default=False,
        help="Skip autodetection of type and force lookup as hexdigest",
    )
    group.add_argument(
        "--ip",
        action="store_true",
        default=False,
        help="Skip autodetection of type and force lookup as IP address",
    )
    group.add_argument(
        "--domain",
        action="store_true",
        default=False,
        help="Skip autodetection of type and force lookup as domain",
    )

    return parser

Exemplo n.º 6

def parseargs() -> argparse.ArgumentParser:
    """Parse arguments"""
    parser = worker.parseargs(
        "Updates list of threat actor aliases from an ACT platform"
    )
    parser.add_argument(
        "--aliasfile",
        required=True,
        help=".cfg-file with \
        existing threat actor aliases",
    )
    parser.add_argument(
        "--newaliasfile",
        required=True,
        help="name of \
        .cfg-file with updated list of threat actor aliases",
    )
    parser.add_argument(
        "--output-json",
        action="store_true",
        help="Enable \
        this flag if json testfiles should be created.",
    )

    return parser

Exemplo n.º 7

def parseargs() -> argparse.ArgumentParser:
    """Parse arguments"""
    parser = worker.parseargs("Get act feeds from act sharing directories")

    parser.add_argument(
        "--feed-uri",
        help="URI to retrieve feed from",
    )

    parser.add_argument(
        "--dump-dir",
        type=Path,
        help=
        "Dump manifest/bundles to directory instead of sendings facts to uploader",
    )

    parser.add_argument(
        "--feed-cache",
        type=Path,
        default=caep.get_cache_dir("act_feed_cache"),
        help="The directory to store information about last run",
    )

    parser.add_argument(
        "--no-exit-on-error",
        action="store_true",
        help="Log errors and continue on platform upload errors",
    )

    return parser

Exemplo n.º 8

Arquivo: veris.py Projeto: FredrikMS/act-workers

def parseargs() -> argparse.ArgumentParser:
    """Parse arguments"""
    parser = worker.parseargs("Shadowserver ASN enrichment")
    parser.add_argument(
        "--country-codes",
        help="Should point to file downloaded from {}".format(ISO_3166_FILE),
    )
    parser.add_argument(
        "--veris-campaign", help="Read mapping of veris campaign from (CSV) file"
    )
    parser.add_argument(
        "--threat-actor-variety",
        help="Varieties to use as Threat Actors",
        default="Activist, Organized crime, Nation-state",
    )
    parser.add_argument(
        "--hash-url-matching",
        help="Download and hash references matching regular expression",
        default=r"^(.*pdf)$",
    )
    parser.add_argument(
        "--veris-prefix",
        help='Prefix for incidents and campaign IDs. E.g use "VCDB" for Veris Community Database"',
    )
    parser.add_argument("--veris-url", help="Read veris incidents from URL.")
    parser.add_argument("--veris-file", help="Read veris incidents from File.")
    parser.add_argument(
        "--stdin", action="store_true", help="Read veris incidents on stdin."
    )
    return parser

Exemplo n.º 9

Arquivo: mnemonic_pdns.py Projeto: hegga/act-workers

def parseargs() -> argparse.ArgumentParser:
    """ Parse arguments """
    parser = worker.parseargs('PDNS enrichment')
    parser.add_argument('--pdns-baseurl',
                        dest='pdns_baseurl',
                        default="https://api.mnemonic.no/",
                        help="PassiveDNS API host")
    parser.add_argument('--pdns-timeout',
                        dest='timeout',
                        type=int,
                        default=299,
                        help="Timeout")
    parser.add_argument('--pdns-batch-size',
                        dest='pdns_batch_size',
                        type=int,
                        default=100,
                        help="Batch size of pdns queries")
    parser.add_argument('--pdns-apikey',
                        dest='apikey',
                        help="PassiveDNS API key")
    parser.add_argument('--limit',
                        dest='limit',
                        type=int,
                        default=100,
                        help="Maximum number of records to return from pdns")

    return parser

Exemplo n.º 10

Arquivo: thaicert.py Projeto: FredrikMS/act-workers

def parseargs() -> argparse.ArgumentParser:
    """Parse arguments"""
    parser = worker.parseargs("ThaiCERT worker")
    parser.add_argument(
        "--url", dest="thaicert_url", default=THAICERT_URL, help="ThaiCERT data URL"
    )
    return parser

Exemplo n.º 11

def parseargs() -> argparse.ArgumentParser:
    """Parse arguments"""
    parser = worker.parseargs("Generic uploader")
    parser.add_argument("--allow-default-origin",
                        action="store_true",
                        help="Allow facts without origin")
    parser.add_argument("--timing",
                        action="store_true",
                        help="Add timing operations at warn level")

    parser.add_argument("--no-exit-on-error",
                        action="store_true",
                        help="Log errors and continue")

    parser.add_argument(
        "--no-format",
        action="store_true",
        help="Do not format facts with default formatter",
    )

    parser.add_argument(
        "--no-validate",
        action="store_true",
        help="Do not validate facts with default types",
    )

    return parser

Exemplo n.º 12

def parseargs() -> argparse.ArgumentParser:
    """Parse arguments"""
    parser = worker.parseargs("Mitre ATT&CK worker")
    parser.add_argument(
        "--smtphost",
        dest="smtphost",
        help="SMTP host used to send revoked/deprecated objects",
    )
    parser.add_argument(
        "--sender",
        dest="sender",
        help="Sender address used to send revoked/deprecated objects",
    )
    parser.add_argument(
        "--recipient",
        dest="recipient",
        help="Recipient address used to send revoked/deprecated objects",
    )
    parser.add_argument(
        "--type",
        choices=list(MITRE_TYPES),
        help=
        "Specify a single type to download (enterprise, mobile or pre). Default is to fetch all",
    )
    parser.add_argument(
        "--notifycache",
        dest="notifycache",
        help="Cache for revoked/deprecated objects",
        default=DEFAULT_NOTIFY_CACHE,
    )

    return parser

Exemplo n.º 13

def parseargs() -> argparse.ArgumentParser:
    """ Parse arguments """
    parser = worker.parseargs('Country/region enrichment')
    parser.add_argument('--country-region-url', dest='country_region_url',
                        default="https://raw.githubusercontent.com/lukes/ISO-3166-Countries-with-Regional-Codes/master/all/all.json",
                        help="Country region URL in json format")

    return parser

Exemplo n.º 14

def parseargs() -> argparse.ArgumentParser:
    """ Parse arguments """
    parser = worker.parseargs('Generic uploader')
    parser.add_argument('--timing',
                        action="store_true",
                        help="Add timing operations at warn level")

    return parser

Exemplo n.º 15

Arquivo: misp_feeds.py Projeto: firebitsbr/act-workers

def parseargs() -> argparse.ArgumentParser:
    """ Parse arguments """
    parser = worker.parseargs('Get MISP feeds from MISP sharing directories')

    parser.add_argument('--manifest-dir', default=worker.get_cache_dir('misp_manifest'),
                        help='The directory to store latest manifests')

    return parser

Exemplo n.º 16

def main() -> None:
    """Main function"""
    # Look for default ini file in "/etc/actworkers.ini" and
    # ~/config/actworkers/actworkers.ini (or replace .config with
    # $XDG_CONFIG_DIR if set)
    args = worker.handle_args(worker.parseargs(WORKER_NAME))
    actapi = worker.init_act(args)

    process(actapi, args.output_format)

Exemplo n.º 17

def parseargs() -> argparse.ArgumentParser:
    """ Parse arguments """
    parser = worker.parseargs('PDNS enrichment')
    parser.add_argument('--pdns-baseurl', dest='pdns_baseurl',
                        default="https://api.mnemonic.no/", help="Argus API host")
    parser.add_argument('--pdns-timeout', dest='timeout', type=int,
                        default=299, help="Timeout")
    parser.add_argument('--pdns-apikey', dest='apikey',
                        help="Argus API key")

    return parser

Exemplo n.º 18

Arquivo: misp_feeds.py Projeto: FredrikMS/act-workers

def parseargs() -> argparse.ArgumentParser:
    """Parse arguments"""
    parser = worker.parseargs("Get MISP feeds from MISP sharing directories")

    parser.add_argument(
        "--manifest-dir",
        default=caep.get_cache_dir("misp_manifest"),
        help="The directory to store latest manifests",
    )

    return parser

Exemplo n.º 19

Arquivo: generic_uploader.py Projeto: tomd/act-workers

def main_log_error() -> None:
    "Call main() and log all exceptions as errors"
    try:
        # Look for default ini file in "/etc/actworkers.ini" and ~/config/actworkers/actworkers.ini
        # (or replace .config with $XDG_CONFIG_DIR if set)
        args = worker.handle_args(worker.parseargs("Generic uploader"))
        actapi = worker.init_act(args)

        main(actapi)
    except Exception:
        error("Unhandled exception: {}".format(traceback.format_exc()))
        raise

Exemplo n.º 20

Arquivo: origin_client.py Projeto: hegga/act-workers

def parseargs() -> argparse.ArgumentParser:
    """ Parse arguments """
    parser = worker.parseargs('Manage origins')
    parser.add_argument("--list", action="store_true", help="List origins")
    parser.add_argument("--add", action="store_true", help="List origins")
    parser.add_argument("--delete", action="store_true", help="List origins")

    # Trust is converted to float before sending a request to the platform
    # and since this value can come from an ini file (where it will be a string)
    # We keep the value as a string here
    parser.add_argument("--default-trust", default="0.8", help="Default trust")

    return parser

Exemplo n.º 21

def parseargs() -> argparse.ArgumentParser:
    """ Parse arguments """
    parser = worker.parseargs('Search Graph')
    parser.add_argument('--search-jobs', help="Search jobs (ini-file)")
    parser.add_argument('--output-path',
                        help="Output-path for result files (default=.)",
                        default=".")
    parser.add_argument('--workers',
                        type=int,
                        default=4,
                        help="Number of parallel workers for graph search")

    return parser

Exemplo n.º 22

def parseargs() -> argparse.ArgumentParser:
    """Parse arguments"""
    parser = worker.parseargs("Shadowserver ASN enrichment")
    parser.add_argument(
        "--country-codes",
        help="Should point to file downloaded from {}".format(ISO_3166_FILE),
    )

    group = parser.add_mutually_exclusive_group(required=True)
    group.add_argument(
        "--bulk", help="bulk query from file. File must contain one IP per line."
    )
    group.add_argument("--stdin", action="store_true", help="query ip on stdin")
    return parser

Exemplo n.º 23

def parseargs() -> argparse.ArgumentParser:
    """Extract command lines argument"""

    parser = worker.parseargs("ACT iSight Client")
    parser.add_argument("--privatekey", metavar="PRIVATEKEY", help="iSight API key")
    parser.add_argument("--publickey", metavar="PUBLICKEY", help="iSight API key")
    parser.add_argument("--debugdir", metavar="DIR", help="Dump directory for output")
    parser.add_argument(
        "--days", default="1", help="How many days back to look for data"
    )
    parser.add_argument(
        "--root", default="https://api.isightpartners.com", help="api endpoint"
    )

    return parser

Exemplo n.º 24

def parseargs() -> argparse.ArgumentParser:
    """Parse arguments"""
    parser = worker.parseargs("Map tool aliases")
    parser.add_argument(
        "--threshold", type=float, default=0.5, help="Threshold for Jaccard index"
    )
    parser.add_argument(
        "--submit", default=False, action="store_true", help="Submit alias to platform"
    )
    parser.add_argument(
        "--exclude_tools",
        default="^\[placeholder\[[a-f0-9]{64}\]\]$",
        help="Tool patterns to exclude",
    )
    return parser

Exemplo n.º 25

def parseargs() -> argparse.ArgumentParser:
    """Extract command lines argument"""

    parser = worker.parseargs('ACT VT Client v{}'.format(VERSION))
    parser.add_argument('--apikey', metavar='KEY',
                        help='VirusTotal API key')
    group = parser.add_mutually_exclusive_group()
    group.add_argument('--hexdigest', action='store_true',
                       default=False, help='query hexdigestsum on stdin')
    group.add_argument('--ip', action='store_true',
                       default=False, help='query ip on stdin')
    group.add_argument('--domain', action='store_true',
                       default=False, help='query domain on stdin')

    return parser

Exemplo n.º 26

def parseargs() -> argparse.ArgumentParser:
    """Parse arguments"""
    parser = worker.parseargs("Threat Actor helper")
    parser.add_argument("--ta", "--threat-actor", help="Threat Actor")
    parser.add_argument("--ta-located-in", help="Threat Actor located in")
    parser.add_argument("--campaign", help="Campaign")
    parser.add_argument(
        "--techniques",
        type=worker_config.string_list,
        default=[],
        help="Techniques (Commaseparated list)",
    )
    parser.add_argument(
        "--tools",
        type=worker_config.string_list,
        default=[],
        help="Tools (Commaseparated list)",
    )
    parser.add_argument(
        "--sectors",
        type=worker_config.string_list,
        default=[],
        help="Sectors (Commaseparated list)",
    )
    parser.add_argument(
        "--target-countries",
        type=worker_config.string_list,
        default=[],
        help="Target Countries (Commaseparated list)",
    )
    parser.add_argument(
        "--country-region",
        default=
        "https://raw.githubusercontent.com/lukes/ISO-3166-Countries-with-Regional-Codes/master/all/all.json",
        help="Country region in json format (HTTP URL or file)",
    )

    # Stix Vocabulary
    parser.add_argument(
        "--sector-vocabulary",
        default=
        "https://raw.githubusercontent.com/mnemonic-no/act-scio2/master/act/scio/etc/plugins/sectors.cfg",
        help=
        "Sector vocabulary (STIX2, in scio format). Fetched from URL or file",
    )

    return parser

Exemplo n.º 27

def test_args_origin_id(monkeypatch: _pytest.monkeypatch.MonkeyPatch) -> None:
    """test argument origin-id"""

    origin_id = "00000000-0000-0000-0000-000000000001"

    monkeypatch.setattr(sys, "argv",
                        ["./test-worker.py", "--origin-id", origin_id])

    args = cli.handle_args(worker.parseargs("Test worker"))
    actapi = worker.init_act(args)

    assert actapi.config.origin_id == origin_id

    fact = (actapi.fact("mentions").source("report", "xyz").destination(
        "fqdn", "test.com"))

    assert fact.origin.id == origin_id

Exemplo n.º 28

Arquivo: url_shorter_unpack.py Projeto: tomd/act-workers

def parseargs() -> argparse.Namespace:
    parser = worker.parseargs("URL unshortener worker")

    parser.add_argument(
        "--url-shorteners",
        dest="url_shorteners",
        default=
        "adf.ly, bit.ly, bitly.com, cc.uz, evassmat.com, goo.gl, is.gd, lnkd.in, smarturl.it, www.t2m.io, tiny.cc, tinyurl.com, x.co",
        help="Comma separated list of shortener-domains")
    parser.add_argument(
        "--user-agent",
        dest="user_agent",
        default=
        "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36",
        help="User-agent to present to the redirect services")

    return worker.handle_args(parser)

Exemplo n.º 29

Arquivo: alienvault_otx.py Projeto: hegga/act-workers

def parseargs() -> argparse.ArgumentParser:
    """Extract command lines argument"""

    parser = worker.parseargs(
        'ACT Alienvault OTX Import Client v{}'.format(VERSION))
    parser.add_argument('--config_path',
                        metavar='PATH',
                        help='Path to reputation configuration files')
    parser.add_argument('--otx-baseurl',
                        default="https://otx.alienvault.com/api/",
                        help="Alienvault OTX API host")
    parser.add_argument('--otx-apikey',
                        metavar='KEY',
                        help='Alienvault OTX API key')
    parser.add_argument('--otx-path-lastretrived',
                        metavar='FILEPATH',
                        help='Path to store last retrival timestamp')
    return parser

Exemplo n.º 30

def parseargs() -> argparse.ArgumentParser:
    """Parse arguments"""
    parser = worker.parseargs("PDNS enrichment")

    parser.add_argument(
        "--no-tlp-access-mode",
        action="store_true",
        help=
        "Do not set access mode from TLP on document. If not set, facts will "
        +
        "have access-mode=Public for tlp=white/green otherwise access-mode=RoleBased",
    )

    parser.add_argument(
        "--pdns-baseurl",
        dest="pdns_baseurl",
        default="https://api.mnemonic.no/",
        help="PassiveDNS API host",
    )
    parser.add_argument("--pdns-timeout",
                        dest="timeout",
                        type=int,
                        default=299,
                        help="Timeout")
    parser.add_argument(
        "--pdns-batch-size",
        dest="pdns_batch_size",
        type=int,
        default=100,
        help="Batch size of pdns queries",
    )
    parser.add_argument("--pdns-apikey",
                        dest="apikey",
                        help="PassiveDNS API key")
    parser.add_argument(
        "--limit",
        dest="limit",
        type=int,
        default=100,
        help="Maximum number of records to return from pdns",
    )

    return parser