From f9e9dd8ce065238af7ab70b0a199162e2db8de55 Mon Sep 17 00:00:00 2001 From: terceranexus6 Date: Thu, 18 May 2023 15:12:34 +0200 Subject: [PATCH] adding hash --- README.md | 33 ++++++++++++++++++++++++++++++++- alienvault/search_HASH.py | 23 +++++++++++++++++++++++ 2 files changed, 55 insertions(+), 1 deletion(-) create mode 100755 alienvault/search_HASH.py diff --git a/README.md b/README.md index 6ae229c..9243343 100644 --- a/README.md +++ b/README.md @@ -1 +1,32 @@ -# to do +# JUST SOME SCRIPTS! + +These are just some simple useful scripts to look for indicators. + + +## Search pulse + +This script allows searching for pulses related to an input: + +``` +python3 search_pulses.py +``` + +For example: + +``` +python3 search_pulses.py XHIDE +``` + +# Search HASH +This scripts allows searching details about a hash: + +``` +python3 search_HASH.py +``` + +For example: + +``` +python3 search_HASH.py SHA256 46b501600a4ee30d014c5356bad83ad2107ba9b9c58ffc717f60f986322721d4 +``` +``` diff --git a/alienvault/search_HASH.py b/alienvault/search_HASH.py new file mode 100755 index 0000000..1657850 --- /dev/null +++ b/alienvault/search_HASH.py @@ -0,0 +1,23 @@ +#!/usr/bin/env python + +# Very Simple CLI example to get indicator details from Alienvault OTX + +from OTXv2 import OTXv2 +import IndicatorTypes +import argparse +import os +import sys + +otx = OTXv2("") + +selected_hash = sys.argv[1] +HASH_value = sys.argv[2] + +if selected_hash == "SHA256": + print (str(otx.get_indicator_details_full(IndicatorTypes.FILE_HASH_SHA256, HASH_value))) +elif selected_hash == "SHA1": + print (str(otx.get_indicator_details_full(IndicatorTypes.FILE_HASH_SHA1, HASH_value))) +elif selected_hash == "MD5": + print (str(otx.get_indicator_details_full(IndicatorTypes.FILE_HASH_MD5, HASH_value))) +else: + print("Hash type not recognised, try again") -- 2.45.2