M README.md => README.md +32 -1
@@ 1,1 1,32 @@
-# to do
+# JUST SOME SCRIPTS!
+
+These are just some simple useful scripts to look for indicators.
+
+
+## Search pulse
+
+This script allows searching for pulses related to an input:
+
+```
+python3 search_pulses.py <my input>
+```
+
+For example:
+
+```
+python3 search_pulses.py XHIDE
+```
+
+# Search HASH
+This scripts allows searching details about a hash:
+
+```
+python3 search_HASH.py <HASH type> <HASH value>
+```
+
+For example:
+
+```
+python3 search_HASH.py SHA256 46b501600a4ee30d014c5356bad83ad2107ba9b9c58ffc717f60f986322721d4
+```
+```
A alienvault/search_HASH.py => alienvault/search_HASH.py +23 -0
@@ 0,0 1,23 @@
+#!/usr/bin/env python
+
+# Very Simple CLI example to get indicator details from Alienvault OTX
+
+from OTXv2 import OTXv2
+import IndicatorTypes
+import argparse
+import os
+import sys
+
+otx = OTXv2("<YOUR API>")
+
+selected_hash = sys.argv[1]
+HASH_value = sys.argv[2]
+
+if selected_hash == "SHA256":
+ print (str(otx.get_indicator_details_full(IndicatorTypes.FILE_HASH_SHA256, HASH_value)))
+elif selected_hash == "SHA1":
+ print (str(otx.get_indicator_details_full(IndicatorTypes.FILE_HASH_SHA1, HASH_value)))
+elif selected_hash == "MD5":
+ print (str(otx.get_indicator_details_full(IndicatorTypes.FILE_HASH_MD5, HASH_value)))
+else:
+ print("Hash type not recognised, try again")