def vt_run(self, scan_type, QRY):
url = f"{self.base_url}/{scan_type}/{QRY}"
data = json.dumps(self.vt_connect(url))
json_resp = json.loads(data)
if json_resp:
good = 0
bad = 0
try:
results = json_resp["data"]["attributes"]
except AttributeError:
pass
else:
if results["meaningful_name"]:
logger.info("Filename: ", results["meaningful_name"])
for engine, result in results["last_analysis_results"].items():
if result["category"] == "malicious":
bad += 1
logger.error(
f"\u2718 {engine}: {result['category'].upper()}")
else:
good += 1
if bad == 0:
logger.success(
f"\u2714 {good} engines deemed '{QRY}' as harmless\n"
) # nopep8
else:
logger.info(f"{bad} engines deemed '{QRY}' as malicious\n")
def multi_map(input_file):
os.chdir(geomap_root)
# Check if Geolite file exists
geolite_check()
file_path = os.path.abspath(os.pardir)
input_file = f"{file_path}/{input_file}"
with open(input_file) as f:
line = [line.strip() for line in f.readlines()]
ip_map = Map([40, -5], tiles="OpenStreetMap", zoom_start=3)
try:
geo_reader = geoip2.database.Reader("GeoLite2-City.mmdb")
for addr in line:
response = geo_reader.city(addr)
if response.location:
logger.success(f"[+] Mapping {addr}")
lat = response.location.latitude
lon = response.location.longitude
Marker([lat, lon], popup=addr).add_to(ip_map)
ip_map.save("multi_map.html")
except ValueError as err:
print(f"[error] {err}")
except geoip2.errors.AddressNotFoundError:
logger.warning("[-] Address is not in the geoip database.")
except FileNotFoundError:
geolite_check()
def vt_run(self, scan_type, QRY):
url = f"{self.base_url}/{scan_type}/{QRY}"
data = json.dumps(self.vt_connect(url))
json_resp = json.loads(data)
if json_resp:
good = 0
bad = 0
results = json_resp['data']['attributes']
try:
if results['meaningful_name']:
logger.info("Filename: ", results['meaningful_name'])
except:
pass
for engine, result in results['last_analysis_results'].items():
if result['category'] == 'malicious':
bad += 1
logger.error(f"\u2718 {engine}: {result['category'].upper()}")
else:
good += 1
if bad == 0:
logger.success(f"\u2714 {good} engines deemed '{QRY}' as harmless\n")
else:
logger.info(f"{bad} engines deemed '{QRY}' as malicious\n")