def post(self):
try:
src = request.form['src']
dst = request.form['dst']
# Add Direct Relationship
src_row = Indicator.query.filter_by(object=src).first()
if src_row.relationships:
src_row.relationships = str(
src_row.relationships) + ",{}".format(dst)
else:
src_row.relationships = str(dst)
db.session.commit()
# Add Reverse Relationship
dst_row = Indicator.query.filter_by(object=dst).first()
if dst_row.relationships:
dst_row.relationships = str(
dst_row.relationships) + ",{}".format(src)
else:
dst_row.relationships = str(src)
db.session.commit()
return {
'result': 'true',
'source': helpers.row_to_dict(src_row),
'destination': helpers.row_to_dict(dst_row)
}, 201
except:
return {'result': 'false'}, 500
def get(self):
indicators = Indicator.query.filter(Indicator.type == 'Victim').all()
if indicators:
return {'victims': helpers.row_to_dict(ind) for ind in indicators}
else:
return {}, 204
def get(self):
indicators = Indicator.query.filter(Indicator.type == 'Threat Actor').all()
if indicators:
return {'threatactors': helpers.row_to_dict(ind) for ind in indicators}
else:
return {}, 204
def get(self):
indicators = Indicator.query.filter(Indicator.type == 'Victim').all()
if indicators:
return {'victims': helpers.row_to_dict(ind) for ind in indicators}
else:
return {}, 204
def get_campaigns(campaign):
campaign = urllib.unquote(campaign).decode('utf8')
indicators = Indicator.query.filter(Indicator.campaign == campaign).all()
indicatorlist = []
for ind in indicators:
indicatorlist.append(helpers.row_to_dict(ind))
return jsonify({'campaigns': indicatorlist})
def get(self, ind):
ind = urllib.unquote(ind).decode('utf8')
indicator = Indicator.query.filter(Indicator.object == ind).first()
if indicator:
return {ind: helpers.row_to_dict(indicator)}
else:
return {ind: 'indicator not found'}, 404
def post(self):
data = request.get_json()
if Indicator.query.filter(Indicator.object == data['object']).first():
return {
'error': 'indicator {} already exists'.format(data['object'])
}, 409
elif not helpers.valid_type(data['type']):
return {
'error':
'indicator {} is not of valid type'.format(data['object'])
}, 400
elif not helpers.valid_diamond_model(data['diamondmodel']):
return {
'error':
'indicator {} has invalid dimond model {}'.format(
data['object'], data['diamondmodel'])
}, 400
else:
indicator = Indicator(data['object'], data['type'],
data['firstseen'], data['lastseen'],
data['diamondmodel'], data['campaign'],
data['confidence'], data['comments'],
data['tags'], None)
db_session.add(indicator)
db_session.commit()
indicators = Indicator.query.filter(
Indicator.object == data['object']).first()
return {'indicator': helpers.row_to_dict(indicators)}, 201
def get(self, ind):
ind = urllib.unquote(ind).decode('utf8')
indicator = Indicator.query.filter(Indicator.object == ind).first()
if indicator:
return {ind: helpers.row_to_dict(indicator)}
else:
return {ind: 'indicator not found'}, 404
def post(self):
try:
src = request.form['src']
dst = request.form['dst']
# Add Direct Relationship
src_row = Indicator.query.filter_by(object=src).first()
if src_row.relationships:
src_row.relationships = str(src_row.relationships) + ",{}".format(dst)
else:
src_row.relationships = str(dst)
db_session.commit()
# Add Reverse Relationship
dst_row = Indicator.query.filter_by(object=dst).first()
if dst_row.relationships:
dst_row.relationships = str(dst_row.relationships) + ",{}".format(src)
else:
dst_row.relationships = str(src)
db_session.commit()
return {'result': 'true', 'source': helpers.row_to_dict(src_row), 'destination': helpers.row_to_dict(dst_row)}, 201
except:
return {'result': 'false'}, 500
def get(self):
indicators = Indicator.query.filter(Indicator.type.in_(('IPv4', 'IPv6', 'Domain', 'Network'))).all()
if indicators:
return {'network_indicators': helpers.row_to_dict(ind) for ind in indicators}
else:
return {}, 204
def post(self):
data = request.get_json()
if Indicator.query.filter(Indicator.object == data['object']).first():
return {'error': 'indicator {} already exists'.format(data['object'])}, 409
elif not helpers.valid_type(data['type']):
return {'error': 'indicator {} is not of valid type'.format(data['object'])}, 400
elif not helpers.valid_diamond_model(data['diamondmodel']):
return {'error': 'indicator {} has invalid dimond model {}'.format(data['object'], data['diamondmodel'])}, 400
else:
indicator = Indicator(
data['object'],
data['type'],
data['firstseen'],
data['lastseen'],
data['diamondmodel'],
data['campaign'],
data['confidence'],
data['comments'],
data['tags'],
None)
db_session.add(indicator)
db_session.commit()
indicators = Indicator.query.filter(Indicator.object == data['object']).first()
return {'indicator': helpers.row_to_dict(indicators)}, 201
def get(self):
indicators = Indicator.query.all()
if indicators:
return {
'indicators': [helpers.row_to_dict(ind) for ind in indicators]
}
else:
return {}, 204
def get(self, campaign):
campaign = urllib.unquote(campaign).decode('utf8')
indicators = Indicator.query.filter(Indicator.campaign == campaign).all()
if indicators:
return {'campaigns': helpers.row_to_dict(ind) for ind in indicators}
else:
return {}, 204
def get(self, tag):
indicators = Indicator.query.all()
indicatorlist = []
for ind in indicators:
print ind
for tag in ind.tags.split(', '):
if tag is tag:
indicatorlist.append(helpers.row_to_dict(ind))
return {'tag': tag, 'indicators': indicatorlist}
def get(self, tag):
indicators = Indicator.query.all()
indicatorlist = []
for ind in indicators:
print ind
for tag in ind.tags.split(', '):
if tag is tag:
indicatorlist.append(helpers.row_to_dict(ind))
return {'tag': tag, 'indicators': indicatorlist}
def get(self):
indicators = Indicator.query.filter(
Indicator.type == 'Threat Actor').all()
if indicators:
return {
'threatactors': helpers.row_to_dict(ind)
for ind in indicators
}
else:
return {}, 204
def get(self):
indicators = Indicator.query.filter(
Indicator.type.in_(('IPv4', 'IPv6', 'Domain', 'Network'))).all()
if indicators:
return {
'network_indicators': helpers.row_to_dict(ind)
for ind in indicators
}
else:
return {}, 204
def get(self, campaign):
campaign = urllib.unquote(campaign).decode('utf8')
indicators = Indicator.query.filter(
Indicator.campaign == campaign).all()
if indicators:
return {
'campaigns': helpers.row_to_dict(ind)
for ind in indicators
}
else:
return {}, 204
def genres():
if request.method == 'GET':
genres = db.execute('''SELECT * from genres;''').fetchall()
return jsonify({'genres': row_to_dict(genres)})
# Creating a new genre
if request.method == 'POST':
genre_name = request.form['name']
err, genre_id = create_genre(genre_name)
if err:
return jsonify({"error": err}), 400
_, genre = get_genre(genre_id)
return jsonify(genre)
def get(self, target):
indicator = Indicator.query.filter(Indicator.object == target)[0]
if indicator:
try:
indicatorlist = []
for indicator in indicator.relationships.split(","):
inc = helpers.row_to_dict(Indicator.query.filter(Indicator.object == indicator)[0])
if inc not in indicatorlist:
indicatorlist.append(inc)
return {target: indicatorlist}
except AttributeError:
return {target: []}, 404
else:
return {target: 'Indicator not found.'}, 404
def actors():
if request.method == 'GET':
actors = db.execute('''SELECT * from actors;''').fetchall()
return jsonify({'actors': row_to_dict(actors)})
# Creating a new actor
if request.method == 'POST':
actor_name = request.form['name']
err, actor_id = create_actor(actor_name)
if err:
return jsonify({"errors": err}), 400
_, actor = get_actor(actor_id)
return jsonify(actor)
def get(self, target):
indicator = Indicator.query.filter(Indicator.object == target)[0]
if indicator:
try:
indicatorlist = []
for indicator in indicator.relationships.split(","):
inc = helpers.row_to_dict(
Indicator.query.filter(
Indicator.object == indicator)[0])
if inc not in indicatorlist:
indicatorlist.append(inc)
return {target: indicatorlist}
except AttributeError:
return {target: []}, 404
else:
return {target: 'Indicator not found.'}, 404
def movies():
# Filtering movies by params
if request.method == 'GET':
title = request.args.get('title')
genre = request.args.get('genre')
actor = request.args.get('actor')
limit = request.args.get('limit', 0)
err, results = get_movies({
'title': title,
'genre': genre,
'actor': actor,
'limit': limit
})
if err:
return jsonify({"error": err})
return jsonify({'movies': row_to_dict(results)})
# Creating a new movie
if request.method == 'POST':
title = request.form['title']
genres = request.form.get('genres')
actors = request.form.get('actors')
rating = request.form.get('rating')
seen = request.form.get('seen', False)
err, movie_id = create_movie(title, genres, actors, rating, seen)
if err:
return jsonify({"error": err}), 400
_, movie = get_movie(movie_id)
return jsonify(movie)
def get(self):
indicators = Indicator.query.filter(Indicator.type == 'Hash')
indicatorlist = []
for ind in indicators:
indicatorlist.append(helpers.row_to_dict(ind))
return {'files': indicatorlist}
def get_ip_indicator(ip):
indicators = Indicator.query.filter(Indicator.object == ip).first()
indicatorlist = []
indicatorlist.append(helpers.row_to_dict(indicators))
return jsonify({'indicator': indicatorlist})
def get_network():
indicators = Indicator.query.filter(Indicator.type.in_(('IPv4', 'IPv6', 'Domain', 'Network'))).all()
indicatorlist = []
for ind in indicators:
indicatorlist.append(helpers.row_to_dict(ind))
return jsonify({'network_indicators': indicatorlist})
def get_threatactors():
indicators = Indicator.query.filter(Indicator.type == 'Threat Actor').first()
indicatorlist = []
indicatorlist.append(helpers.row_to_dict(indicators))
return jsonify({'threatactors': indicatorlist})
def get_files():
indicators = Indicator.query.filter(Indicator.type == 'Hash').first()
indicatorlist = []
indicatorlist.append(helpers.row_to_dict(indicators))
return jsonify({'files': indicatorlist})
def get(self):
indicators = Indicator.query.filter(Indicator.type == 'Hash')
indicatorlist = []
for ind in indicators:
indicatorlist.append(helpers.row_to_dict(ind))
return {'files': indicatorlist}
def get_indicators():
indicators = Indicator.query.all()
indicatorlist = []
for ind in indicators:
indicatorlist.append(helpers.row_to_dict(ind))
return jsonify({'indicators': indicatorlist})
def get(self):
indicators = Indicator.query.all()
if indicators:
return {'indicators': [helpers.row_to_dict(ind) for ind in indicators]}
else:
return {}, 204