Refactoring to use python executable tools

CybercentreCanada · Jun 1, 2021 · 24ac14c · 24ac14c
1 parent d406db2
commit 24ac14c
Show file tree

Hide file tree

Showing 4 changed files with 15 additions and 15 deletions.
diff --git a/README.md b/README.md
@@ -1,10 +1,10 @@
 # General Description
 This repository contains two Python scripts used for triaging compromised systems with Assemblyline.
-1. The "Pusher" (`al_incident_submitter.py`): pushes files from the compromised system to an Assemblyline
+1. The "Pusher" (`al-incident-submitter`): pushes files from the compromised system to an Assemblyline
 instance for analysis.
-2. The "Puller" (`al_incident_analyzer.py`): pulls the submissions from the
+2. The "Puller" (`al-incident-analyzer`): pulls the submissions from the
 Assemblyline instance and reports on if the submissions are safe/unsafe.
-3. The "Downloader" (`al_incident_downloader.py`): downloads files submitted to Assemblyline that are under a certain 
+3. The "Downloader" (`al-incident-downloader`): downloads files submitted to Assemblyline that are under a certain 
 score threshold, matching the folder structure of the files as they were submitted.
 
 
@@ -75,10 +75,10 @@ On the compromised machine...
 
 To get a sense of the options available to you:
 ```
-python3 al_incident_submitter.py --help
-Usage: al_incident_submitter.py [OPTIONS] COMMAND [ARGS]...
+al-incident-submitter --help
+Usage: al-incident-submitter [OPTIONS] COMMAND [ARGS]...
 
-  Example: python al_incident_submitter.py --url="https://<domain-of-Assemblyline-
+  Example: al-incident-submitter --url="https://<domain-of-Assemblyline-
   instance>" --username="<user-name>"
   --apikey="/path/to/file/containing/apikey"
   --classification="<classification>" --service_selection="<service-
@@ -145,10 +145,10 @@ On the non-compromised machine...
 
 To get a sense of the options available to you:
 ```
-python al_incident_analyzer.py --help
-Usage: al_incident_analyzer.py [OPTIONS] COMMAND [ARGS]...
+python al-incident-analyzer --help
+Usage: al-incident-analyzer [OPTIONS] COMMAND [ARGS]...
 
-  Example: python al_incident_analyzer.py --url="https://<domain-of-
+  Example: al-incident-analyzer --url="https://<domain-of-
   Assemblyline-instance>" --username="<user-name>"
   --apikey="/path/to/file/containing/apikey" --incident_num=123
 
@@ -182,10 +182,10 @@ On the machine where you want the "safe" files downloaded to...
 To get a sense of the options available to you:
 
 ```
-python al_incident_downloader.py --help
-Usage: al_incident_downloader.py [OPTIONS] COMMAND [ARGS]...
+python al-incident-downloader --help
+Usage: al-incident-downloader [OPTIONS] COMMAND [ARGS]...
 
-  Example: python al_incident_downloader.py --url="https://<domain-of-
+  Example: al-incident-downloader --url="https://<domain-of-
   Assemblyline-instance>" --username="<user-name>"
   --apikey="/path/to/file/containing/apikey" --incident_num=123
   --min_score=100 --download_path=/path/to/where/you/want/downloads

diff --git a/assemblyline_incident_manager/al_incident_analyzer.py b/assemblyline_incident_manager/al_incident_analyzer.py
@@ -35,7 +35,7 @@
 def main(url: str, username: str, apikey: str, min_score: int, incident_num: str, is_test: bool):
     """
     Example:
-    python al_incident_analyzer.py --url="https://<domain-of-Assemblyline-instance>" --username="<user-name>" --apikey="/path/to/file/containing/apikey" --incident_num=123
+    al-incident-analyzer --url="https://<domain-of-Assemblyline-instance>" --username="<user-name>" --apikey="/path/to/file/containing/apikey" --incident_num=123
     """
     # Here is the query that we will be using to retrieve all submission details
     incident_num = prepare_query_value(incident_num)

diff --git a/assemblyline_incident_manager/al_incident_downloader.py b/assemblyline_incident_manager/al_incident_downloader.py
@@ -46,7 +46,7 @@
 def main(url: str, username: str, apikey: str, min_score: int, incident_num: str, download_path: str, upload_path, is_test: bool, num_of_downloaders: int, do_not_verify_ssl: bool):
     """
     Example:
-    python directory_downloader.py --url="https://<domain-of-Assemblyline-instance>" --username="<user-name>" --apikey="/path/to/file/containing/apikey" --incident_num=123 --min_score=100 --download_path=/path/to/where/you/want/downloads --upload_path=/path/from/where/files/were/uploaded/from
+    al-incident-downloader --url="https://<domain-of-Assemblyline-instance>" --username="<user-name>" --apikey="/path/to/file/containing/apikey" --incident_num=123 --min_score=100 --download_path=/path/to/where/you/want/downloads --upload_path=/path/from/where/files/were/uploaded/from
     """
     # Here is the query that we will be using to retrieve all submission details
     incident_num = prepare_query_value(incident_num)

diff --git a/assemblyline_incident_manager/al_incident_submitter.py b/assemblyline_incident_manager/al_incident_submitter.py
@@ -93,7 +93,7 @@ def get_id_from_data(file_path: str) -> str:
 def main(url: str, username: str, apikey: str, ttl: int, classification: str, service_selection: str, is_test: bool, path: str, fresh: bool, incident_num: str, resubmit_dynamic: bool, alert: bool, threads: int, dedup_hashes: bool, priority: int, do_not_verify_ssl: bool):
     """
     Example:
-    python al_incident_submitter.py --url="https://<domain-of-Assemblyline-instance>" --username="<user-name>" --apikey="/path/to/file/containing/apikey" --classification="<classification>" --service_selection="<service-name>,<service-name>" --path="/path/to/compromised/directory" --incident_num=123
+    al-incident_submitter --url="https://<domain-of-Assemblyline-instance>" --username="<user-name>" --apikey="/path/to/file/containing/apikey" --classification="<classification>" --service_selection="<service-name>,<service-name>" --path="/path/to/compromised/directory" --incident_num=123
     """
     global hash_table
     global total_file_count