#56 Phishtank() and short reports + bump version

analyzers/PhishTank/PhishTank_CheckURL.json

@@ -1,6 +1,6 @@
 {
     "name": "PhishTank_CheckURL",
-    "version": "1.0",
+    "version": "2.0",
     "author": "Eric Capuano",
     "url": "https://github.com/CERT-BDF/Cortex-Analyzers",
     "license": "AGPL-V3",

analyzers/PhishTank/phishtank_checkurl.py

@@ -26,10 +26,19 @@ def phishtank_checkurl(self, data):
     	return json.loads(r.content)
 
     def summary(self,raw):
+
+		taxonomy = {"level": "safe", "namespace": "PhishTank", "predicate": "In_Database", "value": "False"}
+		taxonomies = []
+
         if ('in_database' in raw) :
-            return {'in_database':raw['in_database'],
-            'verified':raw['verified'],
-            'verified_at':raw['verified_at']}
+			taxonomy['value'] = "\"{}\"".format(raw['in_database'])
+			if raw['verified']:
+				taxonomy['level'] = "malicious"
+			else:
+				taxonomy['level'] = "suspicious"
+			taxonomies.append(taxonomy)
+			return {"taxonomies":taxonomies}
+
 
     def run(self):
         if self.service == 'query':

thehive-templates/PhishTank_CheckURL_2_0/short.html

@@ -0,0 +1,3 @@
+<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
+    {{t.namespace}}:{{t.predicate}}={{t.value}}
+</span>&nbsp;