Skip to content

Commit

Permalink
#56 fix multiple bugs
Browse files Browse the repository at this point in the history
  • Loading branch information
@jeromeleonard
jeromeleonard committed Jun 23, 2017
1 parent ab2411c commit 7f76941
Show file tree
Hide file tree
Showing 44 changed files with 71 additions and 52 deletions.
6 changes: 5 additions & 1 deletion analyzers/Fortiguard/urlcategory.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,11 @@ def summary(self, raw):

if 'category' in raw:
r = raw.get('category')
taxonomy["value"] = r
taxonomy["value"] = "\"{}\"".format(r)
if r == "Malicious Websites":
taxonomy['level'] = "malicious"
if r == "Suspicious Websites":
taxonomy['level'] = 'suspicious'
taxonomies.append(taxonomy)

result = {"taxonomies": taxonomies}
Expand Down
3 changes: 2 additions & 1 deletion analyzers/MISP/misp.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,14 +21,15 @@ def summary(self, raw):
for r in raw['results']:
for res in r['result']:
if 'uuid' in res:
data.append(res['uuis'])
data.append(res['uuid'])

# return number of unique events
if data == []:
taxonomy["value"] = 0
taxonomies.append(taxonomy)
else:
taxonomy["value"] = "\"{} event(s)\"".format(len(list(set(data))))
taxonomies.append(taxonomy)

result = {"taxonomies": taxonomies}
return result
Expand Down
2 changes: 1 addition & 1 deletion analyzers/OTXQuery/otxquery.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -156,7 +156,7 @@ def OTX_Query_URL(self, data):
def summary(self, raw):
taxonomy = {"level": "info", "namespace": "OTX", "predicate": "Pulses", "value": 0}
taxonomies = []
taxonomy["value"] = raw["pulse_count"]
taxonomy["value"] = "\"{}\"".format(raw["pulse_count"])
taxonomies.append(taxonomy)

result = {"taxonomies": taxonomies}
Expand Down
32 changes: 23 additions & 9 deletions analyzers/VirusTotal/virustotal.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,7 @@ def read_scan_response(self, response, func):

def summary(self, raw):

taxonomy = {"level": "clean", "namespace": "VT", "predicate": "Score", "value": 0}
taxonomy = {"level": "info", "namespace": "VT", "predicate": "Score", "value": 0}
taxonomies = []

result = {
Expand All @@ -84,24 +84,38 @@ def summary(self, raw):
if self.service == "get":
if("scans" in raw):
result["scans"] = len(raw["scans"])
taxonomy['value'] = "{}/{}".format(result["positives"], result["total"])
if result["positives"] == 0:
taxonomy["level"] = "safe"
elif result["positives"] < 5:
taxonomy["level"] = "suspicious"
else:
taxonomy["level"] = "malicious"

if("resolutions" in raw):
result["resolutions"] = len(raw["resolutions"])

taxonomy['value'] = "{} resolution(s)".format(result["resolutions"])
if result["resolutions"] == 0:
taxonomy["level"] = "safe"
elif result["resolutions"] < 5:
taxonomy["level"] = "suspicious"
else:
taxonomy["level"] = "malicious"
if("detected_urls" in raw):
result["detected_urls"] = len(raw["detected_urls"])
taxonomy['value'] = "{} detected_url(s)".format(result["detected_urls"])
if result["detected_urls"] == 0:
taxonomy["level"] = "safe"
elif result["detected_urls"] < 5:
taxonomy["level"] = "suspicious"
else:
taxonomy["level"] = "malicious"

if("detected_downloaded_samples" in raw):
result["detected_downloaded_samples"] = len(
raw["detected_downloaded_samples"])

taxonomy['value'] = "{}/{}".format(result["positives"], result["total"])
if result["positives"] == 0:
taxonomy["level"] = "safe"
elif result["positives"] < 5 :
taxonomy["level"] = "suspicious"
else:
taxonomy["level"] = "malicious"


taxonomies.append(taxonomy)
result = {"taxonomies": taxonomies}
Expand Down
2 changes: 1 addition & 1 deletion thehive-templates/CERTatPassiveDNS_2_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
</span>
2 changes: 1 addition & 1 deletion thehive-templates/CIRCLPassiveDNS_2_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
</span>
2 changes: 1 addition & 1 deletion thehive-templates/CIRCLPassiveSSL_2_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
</span>
2 changes: 1 addition & 1 deletion thehive-templates/DNSDB_DomainName_2_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-init="t = content.taxonomy" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[content.level]">
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
2 changes: 1 addition & 1 deletion thehive-templates/DNSDB_IPHistory_2_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
</span>
2 changes: 1 addition & 1 deletion thehive-templates/DNSDB_NameHistory_2_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
</span>
2 changes: 1 addition & 1 deletion thehive-templates/DomainTools_ReverseIP_2_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
</span>
2 changes: 1 addition & 1 deletion thehive-templates/DomainTools_ReverseNameServer_2_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
</span>
2 changes: 1 addition & 1 deletion thehive-templates/DomainTools_ReverseWhois_2_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
</span>
2 changes: 1 addition & 1 deletion thehive-templates/DomainTools_WhoisHistory_2_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
</span>
2 changes: 1 addition & 1 deletion thehive-templates/DomainTools_WhoisLookup_2_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
</span>
2 changes: 1 addition & 1 deletion thehive-templates/DomainTools_WhoisLookup_IP_2_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
</span>
2 changes: 1 addition & 1 deletion thehive-templates/File_Info_2_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
</span>
2 changes: 1 addition & 1 deletion thehive-templates/FireHOLBlocklists_2_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
</span>
2 changes: 1 addition & 1 deletion thehive-templates/Fortiguard_URLCategory_2_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
</span>
2 changes: 1 addition & 1 deletion thehive-templates/GoogleSafebrowsing_2_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
</span>
2 changes: 1 addition & 1 deletion thehive-templates/HippoMore_2_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
</span>
2 changes: 1 addition & 1 deletion thehive-templates/Hipposcore_2_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
</span>
2 changes: 1 addition & 1 deletion thehive-templates/JoeSandbox_File_Analysis_Inet_2_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
</span>
2 changes: 1 addition & 1 deletion thehive-templates/JoeSandbox_File_Analysis_Noinet_2_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
</span>
2 changes: 1 addition & 1 deletion thehive-templates/JoeSandbox_Url_Analysis_2_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
</span>
2 changes: 1 addition & 1 deletion thehive-templates/MISP_2_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
</span>
2 changes: 1 addition & 1 deletion thehive-templates/MaxMind_GeoIP_3_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
</span>
2 changes: 1 addition & 1 deletion thehive-templates/Msg_Parser_2_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
</span>
2 changes: 1 addition & 1 deletion thehive-templates/Nessus_1_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
</span>
2 changes: 1 addition & 1 deletion thehive-templates/OTXQuery_2_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
</span>
2 changes: 1 addition & 1 deletion thehive-templates/PassiveTotal_Malware_2_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
</span>
2 changes: 1 addition & 1 deletion thehive-templates/PassiveTotal_Osint_2_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
</span>
2 changes: 1 addition & 1 deletion thehive-templates/PassiveTotal_Passive_Dns_2_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
</span>
2 changes: 1 addition & 1 deletion thehive-templates/PassiveTotal_Ssl_Certificate_Details_2_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
</span>
2 changes: 1 addition & 1 deletion thehive-templates/PassiveTotal_Ssl_Certificate_History_2_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
</span>
2 changes: 1 addition & 1 deletion thehive-templates/PassiveTotal_Unique_Resolutions_2_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
</span>
2 changes: 1 addition & 1 deletion thehive-templates/PassiveTotal_Whois_Details_2_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
</span>
2 changes: 1 addition & 1 deletion thehive-templates/PhishTank_CheckURL_2_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
</span>
2 changes: 1 addition & 1 deletion thehive-templates/PhishingInitiative_Lookup_2_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
</span>
2 changes: 1 addition & 1 deletion thehive-templates/VMRay_2_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
</span>
2 changes: 1 addition & 1 deletion thehive-templates/VirusTotal_GetReport_3_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
</span>
2 changes: 1 addition & 1 deletion thehive-templates/VirusTotal_Scan_3_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
</span>
2 changes: 1 addition & 1 deletion thehive-templates/Virusshare_2_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
</span>
2 changes: 1 addition & 1 deletion thehive-templates/Yara_2_0/short.html
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
{{t.namespace}}:{{t.predicate}}={{t.value}}
</span>&nbsp;
</span>

0 comments on commit 7f76941

Please sign in to comment.