-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathintel.py
63 lines (52 loc) · 2.05 KB
/
intel.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
import requests
import re
class intel():
def __init__(self, data, apikey):
self.data = data
self.apikey = apikey
self.datatype = ""
self.regex = "gimmie error!"
self.score = 0
self.matchregex = False
self.hasdata = False
domainregex = re.compile('(^[\d\w-]+\.[\d\w]+$)')
hashregex = re.compile('(^[A-Fa-f0-9]{64}$)')
if re.match(domainregex, self.data):
self.datatype = 'dns'
if re.match(hashregex, self.data):
self.datatype = 'hash'
if self.datatype == 'dns':
self.url = 'https://www.virustotal.com/vtapi/v2/url/report'
self.regex = domainregex
self.cleanregex = re.compile('(^(?!(clean|unrated)))')
if self.datatype == 'hash':
self.url = 'https://www.virustotal.com/vtapi/v2/file/report'
self.regex = hashregex
self.cleanregex = re.compile('(^(?!None))')
if re.match(self.regex, self.data):
self.matchregex = True
def check(self):
params = {'apikey': self.apikey, 'resource': self.data}
response = requests.get(self.url, params=params)
if response.status_code==200:
self.response = response.json()
if self.response['verbose_msg'] == 'Scan finished, scan information embedded in this object':
self.hasdata=True
if self.response['verbose_msg'] == 'Scan finished, information embedded':
self.hasdata=True
def parse(self):
self.message = {}
if self.response['verbose_msg'] == 'Resource does not exist in the dataset':
print("Resource does not exist in the dataset")
return "Resource does not exist in the dataset"
else:
self.message[self.datatype] = self.data
for sources in self.response["scans"]:
self.message[sources] = self.response["scans"][sources]["result"]
self.totalsources = len(self.message)
#Adjust for the domain entry
if self.totalsources > 0:
self.totalsources = self.totalsources - 1
for key, value in self.message.items():
if re.match(self.cleanregex, str(value)) or value == self.data:
self.score = self.score +1