示例#1
0
from patrowl4py.api import PatrowlManagerApi
import random
import string

api = PatrowlManagerApi(url='http://my.patrowl.io:8000',
                        auth_token='5a13cd99aaa7a4aeafe26ad6296519758b8e32a0')

# Assets groups
print(api.get_assetgroups())

rand = ''.join(
    random.choice(string.ascii_uppercase + string.ascii_lowercase +
                  string.digits) for _ in range(8))
new_assetgroup = api.add_assetgroup(
    name="Test AssetGroup via Patrowl4py ({})".format(rand),
    description="n/a",
    criticity="low",
    assets=[1, 1314],
    tags=["patrowl", "demo"])
print(new_assetgroup)
print(api.delete_assetgroup(new_assetgroup['id']))
示例#2
0
import base64
import json
import time

# Third party library imports
# from libs.Patrowl4py.patrowl4py.api import PatrowlManagerApi
from requests import Session
from patrowl4py.api import PatrowlManagerApi

# Own libraries
import settings

# Debug
# from pdb import set_trace as st

patrowl_api = PatrowlManagerApi(url=settings.PATROWL_ENDPOINT,
                                auth_token=settings.PATROWL_APITOKEN)

VIRUSTOTAL_WHOIS_FIELDS = [
    'Creation Date',
    'Registrant Country',
    'Registrar Abuse Contact Email',
    'Registrar URL',
    'Registrar',
]

SESSION = Session()


def get_recent_assets():
    ''' Returns the last created assets '''
    assets_list = []
示例#3
0
from config import variables

# Debug
# from pdb import set_trace as st

VERSION = '2.6.1'

PATROWL = dict()
PATROWL['api_token'] = os.environ['PATROWL_APITOKEN']
PATROWL['assetgroup'] = int(os.environ['PATROWL_ASSETGROUP'])
PATROWL['private_endpoint'] = os.environ['PATROWL_PRIVATE_ENDPOINT']
PATROWL['public_endpoint'] = os.environ['PATROWL_PUBLIC_ENDPOINT']

LOGGER = logging.getLogger('aws-tower')

PATROWL_API = PatrowlManagerApi(url=PATROWL['private_endpoint'],
                                auth_token=PATROWL['api_token'])

SESSION = Session()


def main():
    """
    Main function
    """
    config = ConfigParser()
    config.read('config/lambda.config')
    try:
        patterns = Patterns(variables.FINDING_RULES_PATH,
                            variables.SEVERITY_LEVELS,
                            list(variables.SEVERITY_LEVELS.keys())[0],
                            list(variables.SEVERITY_LEVELS.keys())[-1])
示例#4
0
    'ua-platform',
    'violated-directive',
]
UA_MAPPING = {
    'chrome': 'UAChrome',
    'edge': 'UAEdge',
    'firefox': 'UAFirefox',
    'safari': 'UASafari',
    'other': 'UAOther'
}
logging.basicConfig(format='%(message)s')
LOGGER = logging.getLogger('csp-reporter')
SQL_TABLE = 'csp_reporter'

if settings.enable_patrowl:
    PATROWL_API = PatrowlManagerApi(url=settings.patrowl_endpoint,
                                    auth_token=settings.patrowl_api_token)


def generate_report(data):
    """
    Generate a valid csp report from request, and an HTTP status
    """
    csp_report = dict()
    for prop in REPORT_PROPERTIES:
        csp_report[prop] = ''

    try:
        csp_report_data = json.loads(data)['csp-report']
    except Exception:
        return None, 400
示例#5
0
WARNINGS_TYPE_BLACKLIST = [
    'certstream_report',
    'patrowl_threat_tagger',
]

COLOR_MAPPING = {
    'info': '#b4c2bf',
    'low': '#4287f5',
    'medium': '#f5a742',
    'high': '#b32b2b',
    'critical': '#b32b2b',
}

PATROWL_API = PatrowlManagerApi(
    url=settings.PATROWL_PRIVATE_ENDPOINT,
    auth_token=settings.PATROWL_APITOKEN
)

logging.basicConfig()
LOGGER = logging.getLogger('patrowl-slack-alert')

SESSION = Session()

def safe_url(text):
    """
    Returns a safe unclickable link
    """
    return text.replace('http:', 'hxxp:').replace('https:', 'hxxps:').replace('.', '[.]')

def get_assets_from_groups():
    """
示例#6
0
from patrowl4py.api import PatrowlManagerApi
import random
import string

api = PatrowlManagerApi(url='http://my.patrowl.io:8000',
                        auth_token='5a13cd99aaa7a4aeafe26ad6296519758b8e32a0')

# Assets
print(api.get_assets())
print(api.get_assets_stats())
print(api.get_asset_by_id(1))
print(api.get_asset_findings_by_id(1))

rand_fqdn = ''.join(
    random.choice(string.ascii_uppercase + string.ascii_lowercase +
                  string.digits) for _ in range(16))
new_asset = api.add_asset(value=rand_fqdn,
                          name="Test FQDN",
                          datatype="fqdn",
                          description="n/a",
                          criticity="low",
                          tags=["patrowl", "demo"])
print(new_asset)
print(api.delete_asset(new_asset['id']))
示例#7
0
from patrowl4py.api import PatrowlManagerApi

api = PatrowlManagerApi(url='http://my.patrowl.io:8000',
                        auth_token='5a13cd99aaa7a4aeafe26ad6296519758b8e32a0')

# Alerting rules
print(api.get_alerting_rules())
print(api.get_alerting_rule(3))
# print(api.delete_alerting_rule(1))
print(api.duplicate_alerting_rule(3))
示例#8
0
from patrowl4py.api import PatrowlManagerApi
import pytest
import random
import string

api = PatrowlManagerApi(url='http://*****:*****@pytest.mark.run('first')
def test_asset_add():
    pytest.new_asset = api.add_asset(value=pytest.rand_fqdn,
                                     name="Test FQDN",
                                     datatype="fqdn",
                                     description="n/a",
                                     criticity="low",
                                     tags=["patrowl", "demo"],
                                     exposure="external",
                                     teams=[])
from requests import Session
import urllib3

# Own libraries
import settings

# Debug
# from pdb import set_trace as st

urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)

VERSION = '1.7.3'

logging.basicConfig()
LOGGER = logging.getLogger('patrowl-asset-tagger')
PATROWL_API = PatrowlManagerApi(url=settings.PATROWL_PRIVATE_ENDPOINT,
                                auth_token=settings.PATROWL_APITOKEN)
SESSION = Session()

ASSETGROUP_BASE_NAME = PATROWL_API.get_assetgroup_by_id(
    settings.PAT_GROUP_ID)['name']
COLOR_MAPPING = {
    'info': '#b4c2bf',
    'low': '#4287f5',
    'medium': '#f5a742',
    'high': '#b32b2b',
}


def safe_url(text):
    """
    Returns a safe unclickable link
示例#10
0
from patrowl4py.api import PatrowlManagerApi
import random
import string

api = PatrowlManagerApi(
    url='http://my.patrowl.io:8000',
    auth_token='5a13cd99aaa7a4aeafe26ad6296519758b8e32a0'
)

# Assets
print(api.get_teams())
print(api.get_team_by_id(1))

rand_name = ''.join(random.choice(string.ascii_uppercase + string.ascii_lowercase + string.digits) for _ in range(16))
new_team = api.add_team(name=rand_name, is_active=False)
print(new_team)
print(api.delete_team(new_team['id']))
示例#11
0
from patrowl4py.api import PatrowlManagerApi
import time

api = PatrowlManagerApi(url='http://my.patrowl.io:8000',
                        auth_token='5a13cd99aaa7a4aeafe26ad6296519758b8e32a0')

# Scan definitions
print(
    api.add_scan_definition(engine_policy=1,
                            engine_id=1,
                            title="Patrowl4py single test scan ({})".format(
                                time.time()),
                            description="Patrowl4py test scan",
                            scan_type="single",
                            every=None,
                            period=None,
                            scheduled_at=None,
                            start_scan="now",
                            assets=[1, 1284],
                            assetgroups=None
                            # assetgroups=[7]
                            ))
print(api.get_scan_definitions())
print(api.get_scan_definition_by_id(1))

# Scans
print(api.get_scan_by_id(1))
print(api.get_scans(limit=10))
print(api.get_scans(limit=10, status="finished"))
示例#12
0
from patrowl4py.api import PatrowlManagerApi

api = PatrowlManagerApi(url='http://my.patrowl.io:8000',
                        auth_token='5a13cd99aaa7a4aeafe26ad6296519758b8e32a0')

# Findings
print(api.get_findings())
print(api.get_findings(status="new"))
print(api.get_findings(title="Nmap", severity="info"))
print(api.get_findings(severity="high", limit=1))
print(api.get_finding(1))
print(api.ack_finding(1))
示例#13
0
from patrowl4py.api import PatrowlManagerApi

api = PatrowlManagerApi(url='http://my.patrowl.io:8000',
                        auth_token='5a13cd99aaa7a4aeafe26ad6296519758b8e32a0')

# Engine instances
print(api.get_engines())
print(api.get_engine_by_id(1))
print(api.get_engine_instances())
print(api.get_engine_instance_by_id(1))

# Engine policies
print(api.get_engine_policies())
print(api.get_engine_policy(1))