Python SnapshotConnector示例

编程语言: Python

命名空间/包名称: connector

类/类型: SnapshotConnector

hotexamples.com的示例: 3

Python SnapshotConnector - 已找到3个示例。这些是从开源项目中提取的最受好评的connector.SnapshotConnector现实Python示例。您可以评价示例，以帮助我们提高示例质量。

常用方法

显示隐藏

SnapshotConnector(3)

update_group(2)

示例#1

显示文件

def tools(galaxy):
    connector = SnapshotConnector()
    content = galaxy['elements']['threat-actor-tools']
    for tool in content['values']:
        eids = search('"{}"'.format(tool['value']), ['info', 'comment'])
        eids += search(tool['value'], ['value', 'tags'])
        if tool.get('synonyms'):
            for syn in tool.get('synonyms'):
                eids += search('"{}"'.format(syn), ['info', 'comment'])
                eids += search(syn, ['value', 'tags'])
        if eids:
            top = [e for e, f in eids.most_common(20)]
            connector.update_group('tools:{}'.format(tool['value']), *top)

示例#2

显示文件

def adversary_groups(galaxy):
    connector = SnapshotConnector()
    content = galaxy['elements']['adversary-groups']
    for group in content['values']:
        eids = search('"{}"'.format(group['value']), ['info', 'comment'])
        eids += search(group['value'], ['value', 'tags'])
        if group.get('synonyms'):
            for syn in group.get('synonyms'):
                eids += search('"{}"'.format(syn), ['info', 'comment'])
                eids += search(syn, ['value', 'tags'])
        if eids:
            top = [e for e, f in eids.most_common(20)]
            connector.update_group('adversaries:{}'.format(group['group']), *top)

示例#3

显示文件

@app.route('/pe_secnumber/<snb>', methods=['GET'])
def pe_secnumber(snb=None):
    if not snb:
        snbs = pe.get_secnumbers()
        snbs = [(s, int(freq), len(search_hashes_fast(pe.get_samples_secnumber(s)))) for s, freq in snbs]
        return render_template('secnumber.html', snbs=snbs, snb=None)
    else:
        samples = pe.get_samples_secnumber(snb)
        events = connector.get_events(search_hashes_fast(samples))
        return render_template('secnumber.html', snb=snb, samples=samples, events=events)


@app.route('/ssdeep/', defaults={'group': None})
@app.route('/ssdeep/<group>', methods=['GET'])
def ssdeep(group=None):
    if not group:
        groups = ssdc.get_all_groups()
        ssdc_groups = sorted([(g, len(hashes), len(search_hashes_fast(hashes))) for g, hashes in groups], key=itemgetter(1, 2), reverse=True)
        return render_template('ssdeep.html', ssdc_groups=ssdc_groups, group=None)
    else:
        samples = ssdc.get_group_samples(group)
        events = connector.get_events(search_hashes_fast(samples))
        return render_template('ssdeep.html', group=group, samples=samples, events=events)


if __name__ == '__main__':
    connector = SnapshotConnector()
    pe = PECorrelator()
    ssdc = SSDC()
    app.run()