Add report templates and modify request to get all results

TheHive-Project · Jul 4, 2018 · 161ecd4 · 161ecd4
1 parent 851da3f
commit 161ecd4
Show file tree

Hide file tree

Showing 3 changed files with 85 additions and 2 deletions.
diff --git a/analyzers/Hunterio/hunterio_analyzer.py b/analyzers/Hunterio/hunterio_analyzer.py
@@ -32,8 +32,22 @@ def run(self):
 
         if self.service == 'domainsearch' and (self.data_type == 'domain' or self.data_type == 'fqdn'):
             try:
-                response = requests.get("{}domain-search?domain={}&api_key={}".format(self.URI, self.get_data(), self.key))
-                self.report(response.json())
+                offset = 0
+                firstResponse = requests.get("{}domain-search?domain={}&api_key={}&limit=100&offset={}".format(self.URI, self.get_data(), self.key, offset))
+                firstResponse = firstResponse.json()
+
+                if firstResponse.get('meta'):
+                    meta = firstResponse.get('meta')
+
+                    while meta.get('results') > offset:
+                        offset = meta.get('limit') + meta.get('offset')
+                        additionalResponse = requests.get("{}domain-search?domain={}&api_key={}&limit=100&offset={}".format(
+                            self.URI, self.get_data(), self.key, offset))
+                        additionalResponse = additionalResponse.json()
+                        meta = additionalResponse.get('meta')
+                        firstResponse['data']['emails'] += additionalResponse['data']['emails']
+
+                self.report(firstResponse)
             except Exception as e:
                 self.unexpectedError(e)
         else:

diff --git a/thehive-templates/Hunterio_DomainSearch_1_0/long.html b/thehive-templates/Hunterio_DomainSearch_1_0/long.html
@@ -0,0 +1,66 @@
+<div class="panel panel-info" ng-if="success">
+    <div class="panel-heading">
+        <a href="https://hunter.io" target="_blank">hunter.io</a> domain search to find email addresses
+        <br/> Report for
+        <strong>{{artifact.data}}</strong>
+    </div>
+    <div class="panel-body" ng-if="content.meta">
+
+        <h4 class="dl-horizontal">{{content.meta.results}} addresses found.</h4>
+
+
+        <div ng-if="content.data">
+
+            <h5>
+                Pattern : {{content.data.pattern}}
+            </h5>
+
+            <h5>
+                Organization: {{content.data.organization}}
+            </h5>
+
+            <table class="table table-bordered">
+                <tr>
+                    <th>Email</th>
+                    <th>Name</th>
+                    <th>Position</th>
+                    <th>Type</th>
+                    <th>Twitter</th>
+                    <th>LinkedIn</th>
+                    <th>Phone</th>
+                    <th>Confidence</th>
+                    <th>Sources</th>
+                </tr>
+                <tr ng-repeat="email in ::content.data.emails">
+                    <td class="text-info">{{email.value}}</td>
+                    <td>{{email.fisrtname}} {{email.lastname}}</td>
+                    <td>{{email.position}}</td>
+                    <td>{{email.type}}</td>
+                    <td><a ng-if="email.twitter" href="https://twitter.com/{{email.twitter}}" target="_blank">{{email.twitter}}</a></td>
+                    <td><a ng-if="email.linkedin" href="{{email.linkedin}}" target="_blank">{{email.linkedin}}</a></td>
+                    <td>{{email.phone_number}}</td>
+                    <td>
+                        <span class="label label-default">{{email.confidence}}</span>
+                    </td>
+                    <td>
+                        <ul>
+                            <li ng-repeat="src in ::email.sources">{{src.domain}}</li>
+                        </ul>
+                    </td>
+                </tr>
+            </table>
+        </div>
+
+        <div class="panel-body" ng-if="!content.meta">
+            No results found
+        </div>
+    </div>
+
+    <div class="panel panel-danger" ng-if="!success">
+        <div class="panel-heading">
+            <strong>{{(artifact.data || artifact.attachment.name) | fang}}</strong>
+        </div>
+        <div class="panel-body">
+            {{content.errorMessage}}
+        </div>
+    </div>
diff --git a/thehive-templates/Hunterio_DomainSearch_1_0/short.html b/thehive-templates/Hunterio_DomainSearch_1_0/short.html
@@ -0,0 +1,3 @@
+<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
+    {{t.namespace}}:{{t.predicate}}={{t.value}}
+</span>