#41 #13 make it work also with python 2.7

TheHive-Project · Jun 8, 2017 · 071bb5a · 071bb5a
1 parent dacdbec
commit 071bb5a
Showing 1 changed file with 25 additions and 0 deletions.
diff --git a/analyzers/CERTatPassiveDNS/certat_passivedns.py b/analyzers/CERTatPassiveDNS/certat_passivedns.py
@@ -0,0 +1,25 @@
+#!/usr/bin/env python3
+from cortexutils.analyzer import Analyzer
+from whois_wrapper import query
+
+
+class CERTatPassiveDNSAnalyzer(Analyzer):
+    """Very simple passive dns wrapper for pdns.cert.at. Needs no credentials because access is controlled through
+    firewall rules. If you want to get access, you have to contact CERT.AT, but:
+    
+    CERT.AT pDNS is not a public service. It is only available for national / governmental CERTs in good standing with
+    CERT.AT. For access, you have to get in contact with CERT.AT.
+    """
+    def __init__(self):
+        Analyzer.__init__(self)
+        self.limit = self.get_param('config.limit', '100')
+
+    def run(self):
+        self.report({'results': query(self.getData(), int(self.limit))})
+
+    def summary(self, raw):
+        results = raw.get('results')
+        return {'hits': len(results)}
+
+if __name__ == '__main__':
+    CERTatPassiveDNSAnalyzer().run()