~alienagain/sec_scripts

f9e9dd8ce065238af7ab70b0a199162e2db8de55 — terceranexus6 1 year, 3 months ago 66c36f0
adding hash
2 files changed, 55 insertions(+), 1 deletions(-)

M README.md
A alienvault/search_HASH.py
M README.md => README.md +32 -1
@@ 1,1 1,32 @@
# to do
# JUST SOME SCRIPTS!

These are just some simple useful scripts to look for indicators.


## Search pulse

This script allows searching for pulses related to an input:

```
python3 search_pulses.py <my input>
```

For example:

```
python3 search_pulses.py XHIDE
```

# Search HASH
This scripts allows searching details about a hash:

```
python3 search_HASH.py <HASH type> <HASH value>
```

For example:

```
python3 search_HASH.py SHA256 46b501600a4ee30d014c5356bad83ad2107ba9b9c58ffc717f60f986322721d4
```
```

A alienvault/search_HASH.py => alienvault/search_HASH.py +23 -0
@@ 0,0 1,23 @@
#!/usr/bin/env python

# Very Simple CLI example to get indicator details from Alienvault OTX

from OTXv2 import OTXv2
import IndicatorTypes
import argparse
import os
import sys

otx = OTXv2("<YOUR API>")

selected_hash = sys.argv[1]
HASH_value = sys.argv[2]

if selected_hash == "SHA256":
	print (str(otx.get_indicator_details_full(IndicatorTypes.FILE_HASH_SHA256, HASH_value)))
elif selected_hash == "SHA1":
	print (str(otx.get_indicator_details_full(IndicatorTypes.FILE_HASH_SHA1, HASH_value)))
elif selected_hash == "MD5":
	print (str(otx.get_indicator_details_full(IndicatorTypes.FILE_HASH_MD5, HASH_value)))
else:
	print("Hash type not recognised, try again")