def index_by_file_without_wait(file_path, index_as, family_name=None): # type: (str, IndexType, str) -> None api.set_global_api('<api_key>') index = Index(file_path=file_path, index_as=consts.IndexType.from_str(index_as), family_name=family_name) index.send() index.wait_for_completion() pprint('Index operation:{}, Index ID:{}'.format(index.status.value, index.index_id))
def set_params(self, params): # soft time limit soft_time_limit = params.get("soft_time_limit", 100) self.timeout = soft_time_limit - 5 # interval self.poll_interval = 3 # read secret and set API key intezer_api.set_global_api(api_key=self._secrets["api_key_name"])
def send_file_without_wait( file_path, dynamic_unpacking, static_unpacking): # type: (str, bool, bool) -> None api.set_global_api('<api_key>') analysis = Analysis(file_path=file_path, dynamic_unpacking=dynamic_unpacking, static_unpacking=static_unpacking) analysis.send() analysis.wait_for_completion() pprint(analysis.result())
def send_file_with_wait( file_path, dynamic_unpacking=None, static_unpacking=None): # type: (str, bool, bool) -> None api.set_global_api('<api_key>') analysis = Analysis(file_path=file_path, dynamic_unpacking=dynamic_unpacking, static_unpacking=static_unpacking) analysis.send(wait=True) pprint(analysis.result())
def setUp(self): super(AnalysisSpec, self).setUp() with responses.RequestsMock() as mock: mock.add('POST', url=self.full_url + '/get-access-token', status=200, json={'result': 'access-token'}) set_global_api() get_global_api().set_session()
def setUp(self): self.full_url = consts.BASE_URL + consts.API_VERSION consts.CHECK_STATUS_INTERVAL = 0 self.patch_prop = 'builtins.open' with responses.RequestsMock() as mock: mock.add('POST', url=self.full_url + '/get-access-token', status=200, json={'result': 'access-token'}) set_global_api() get_global_api().set_session()
def login(api_key: str, api_url: str): try: if api_url: key_store.store_default_url(api_url) else: api_url = default_config.api_url key_store.delete_default_url() api.set_global_api(api_key, default_config.api_version, api_url) api.get_global_api().set_session() key_store.store_api_key(api_key) click.echo('You have successfully logged in') except sdk_errors.InvalidApiKey: click.echo('Invalid API key error, please contact us at [email protected] ' 'and attach the log file in {}'.format(utilities.log_file_path)) raise click.Abort()
def intezer_upload(): if not len(config.INTEZER_APIKEY): return jsonify({"error": "NO API KEY"}), 200 path = request.args.get('path', '') if not os.path.isfile(path): return jsonify({"error": "%s is not a valid file or the system could not access it" % path}), 200 try: api.set_global_api(config.INTEZER_APIKEY) analysis = Analysis(file_path=path, dynamic_unpacking=None, static_unpacking=None) analysis.send(True) except errors.IntezerError as e: return jsonify({"error": "Error occurred: " + e.args[0]}), 200 return jsonify(analysis.result()), 200
def create_global_api(): try: api_key = key_store.get_stored_api_key() api_url = key_store.get_stored_default_url() if not api_key: logger.exception('Cant find API key') click.echo('Cant find API key, please login') raise click.Abort() if api_url: default_config.api_url = api_url default_config.is_cloud = False api.set_global_api(api_key, default_config.api_version, default_config.api_url) sdk_consts.USER_AGENT += '/CLI-{}'.format(__version__) except sdk_errors.InvalidApiKey: logger.exception('Invalid api key error') click.echo('Invalid API key error, please contact us at [email protected] ' 'and attach the log file in {}'.format(utilities.log_file_path)) raise click.Abort()
def analysis_by_hash_with_wait(file_hash): # type: (str) -> None api.set_global_api('<api_key>') analysis = Analysis(file_hash=file_hash) analysis.send(wait=True) pprint(analysis.result())
def send_url_with_wait(url): api.set_global_api('<api_key>') analysis = UrlAnalysis(url=url) analysis.send(wait=True) pprint(analysis.result())
def analysis_by_hash_without_wait(file_hash: str): api.set_global_api('<api_key>') analysis = FileAnalysis(file_hash=file_hash) analysis.send() analysis.wait_for_completion() pprint(analysis.result())
def analysis_by_hash_without_wait(file_hash): # type: (str) -> None api.set_global_api('<api_key>') analysis = Analysis(file_hash=file_hash) analysis.send() analysis.wait_for_completion() pprint(analysis.result())
def analysis_by_hash_with_wait(file_hash: str): api.set_global_api('<api_key>') analysis = FileAnalysis(file_hash=file_hash) analysis.send(wait=True) pprint(analysis.result())
def get_latest_analysis_by_hash(file_hash: str): api.set_global_api('<api_key>') analysis = FileAnalysis.from_latest_hash_analysis(file_hash=file_hash) pprint(analysis.result())
def send_file_with_wait(file_path): api.set_global_api('<api_key>') analysis = FileAnalysis(file_path=file_path) analysis.send(wait=True) pprint(analysis.result())
def query_threats(next_time_query: Optional[datetime.datetime]): next_time_query = next_time_query or datetime.datetime.utcnow() while True: _logger.info('checking for new threats...') response = _s1_session.get('/web/api/v2.1/threats', params={'createdAt__gte': next_time_query.isoformat()}) next_time_query = datetime.datetime.utcnow() assert_s1_response(response) threats = response.json()['data'] for threat in threats: analyze_threat(threat['id'], threat) if not threats: _logger.info('no new threats found') time.sleep(10) if __name__ == '__main__': _args = parse_argparse_args() api.set_global_api(_args.intezer_api_key) init_s1_requests_session(_args.s1_api_key, _args.s1_base_address, _args.skip_ssl_verification) _init_logger() if _args.subcommand == 'threat': analyze_threat(_args.threat_id) elif _args.subcommand == 'query': query_threats(_args.since) else: print('error: the following arguments are required: subcommand') sys.exit(1)
def send_file_without_wait(file_path): api.set_global_api('<api_key>') analysis = FileAnalysis(file_path=file_path) analysis.send() analysis.wait_for_completion() pprint(analysis.result())
def analysis_by_hash_with_wait_timeout(file_hash: str): api.set_global_api('<api_key>') analysis = FileAnalysis(file_hash=file_hash) analysis.send(wait=True, wait_timeout=datetime.timedelta(minutes=1)) pprint(analysis.result())
def index_by_sha256_with_wait(sha256, index_as, family_name=None): # type: (str, str, str) -> None api.set_global_api('<api_key>') index = Index(sha256=sha256, index_as=consts.IndexType.from_str(index_as), family_name=family_name) index.send(wait=True) pprint('Index operation:{}, Index ID:{}'.format(index.status.value, index.index_id))
def get_url_by_id(analysis_id): api.set_global_api('<api_key>') analysis = UrlAnalysis.from_analysis_id(analysis_id) pprint(analysis.result())
def send_url_without_wait(url): api.set_global_api('<api_key>') analysis = UrlAnalysis(url=url) analysis.send() analysis.wait_for_completion() pprint(analysis.result())
def search_family(family_name: str): api.set_global_api('<api_key>') family = intezer_family.get_family_by_name(family_name) print(family.name) print(family.type)
malicious_and_suspicious_analyses_results.append(analysis_result) return malicious_and_suspicious_analyses_results def print_analysis_result(analysis_result: dict): print("\nanalysis_id:\t{0}\n" "\tanalysis_url:\t{1}\n" "\tverdict:\t{2}\n" "\tsha256:\t{3}".format(analysis_result['analysis_id'], analysis_result['analysis_url'], analysis_result['verdict'], analysis_result['sha256'])) if 'family_name' in analysis_result: print("\tfamily_name:\t{}".format(analysis_result['family_name'])) if __name__ == '__main__': if not DIRECTORY_PATH: print("Please change the DIRECTORY_PATH variable") sys.exit() if not API_KEY: print("Set your Intezer API key in the environment variable") sys.exit() api.set_global_api(API_KEY) analyses_list = collect_suspicious_and_malicious_analyses() for analysis in analyses_list: print_analysis_result(analysis)