Skip to content

Commit

Permalink
#56 PassiveTotal summary() and short reports - WIP
Browse files Browse the repository at this point in the history
  • Loading branch information
@jeromeleonard
jeromeleonard committed Jun 16, 2017
1 parent 3aa4c13 commit 17384b3
Showing 1 changed file with 20 additions and 2 deletions.
22 changes: 20 additions & 2 deletions analyzers/PassiveTotal/passivetotal_analyzer.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,26 +21,41 @@ def summary(self, raw):
'service': self.service,
'dataType': self.data_type
}
taxonomy = {"level": "info", "namespace": "PT", "predicate": "Service", "value": "\"False\""}
taxonomies = []

# malware service
if self.service == 'malware':
taxonomy["predicate"] = "Malware"
if 'results' in raw and raw['results']:
result['malware'] = True

taxonomy["level"] = "malicious"
else:
result['malware'] = False
taxonomy["level"] = "safe"
taxonomy["value"] = "\"{}\"".format(result['malware'])
taxonomies.append(taxonomy)
# osint service
elif self.service == 'osint':
taxonomy["predicate"] = "OSINT"
if 'results' in raw and raw['results']:
result['osint'] = True

else:
result['osint'] = False
taxonomy["value"] = "\"{}\"".format(result['osint'])
taxonomies.append(taxonomy)
# passive dns service
elif self.service == 'passive_dns':
taxonomy["predicate"] = "PassiveDNS"
if 'firstSeen' in raw and raw['firstSeen']:
result['firstSeen'] = raw['firstSeen']
if 'lastSeen' in raw and raw['lastSeen']:
result['lastSeen'] = raw['lastSeen']
if 'totalRecords' in raw and raw['totalRecords']:
result['total'] = raw['totalRecords']

if result['total'] < 2:

# ssl certificate details service
elif self.service == 'ssl_certificate_details':
if 'sha1' in raw:
Expand Down Expand Up @@ -68,6 +83,9 @@ def summary(self, raw):
if 'registrar' in raw and raw['registrar']:
result['registrar'] = raw['registrar']



result.update({"taxonomies":taxonomies})
return result

def run(self):
Expand Down

0 comments on commit 17384b3

Please sign in to comment.