#214 fix reputation reports

analyzers/DomainTools/domaintools_analyzer.py

@@ -49,7 +49,7 @@ def domaintools(self, data):
             response = api.risk_evidence(data).response()
 
         elif self.service == 'reputation' and self.data_type in ['domain', 'fqdn']:
-            response = api.reputation(data).response()
+            response = api.reputation(data, include_reasons=True).response()
 
         elif self.service == 'reverse-whois':
             response = api.reverse_whois(data, mode='purchase').response()
@@ -99,6 +99,8 @@ def summary(self, raw):
 
         if "risk_score" in raw:
             r["risk_score"] = raw["risk_score"]
+            if "reasons" in raw:
+                r["reputation"] = True
 
         taxonomies = []
 
@@ -129,9 +131,10 @@ def summary(self, raw):
                 taxonomies.append(
                     self.build_taxonomy("info", "DT", "Whois", "REGISTRANT:{}".format(r["registrant"])))
 
+
         if "risk_score" in r:
             risk_service = "Risk"
-            if "reasons" in r:
+            if "reputation" in r:
                 risk_service = "Reputation"
             if r["risk_score"] == 0:
                 level = "safe"

thehive-templates/DomainTools_Reputation_2_0/long.html

@@ -14,7 +14,7 @@
     </div>
     <div class="panel-body">
 		<dl class="dl-horizontal">
-			<dt>Domaintools Risk Score</dt>
+			<dt>Domaintools Reputation</dt>
 			<dd>
                 <span class="label" ng-class="{'label-success' : content.risk_score == 0,  'label-warning' :  content.risk_score > 0 && content.risk_score <= 50,
                             'label-danger': content.risk_score > 50}">
@@ -27,7 +27,7 @@
 			<dt>Reasons</dt>
 			<dd>
                 <span ng-repeat="r in content.reasons " class="label label-primary mr-xxxs">
-                    {{content.risk_score}}
+                    {{r}}
                 </span>
 
             </dd>