passivetotal 1.0.1 → 1.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +58 -19
  3. data/lib/passivetotal/version.rb +1 -1
  4. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 3a5c4295b8d9ad1670b868891fe25e1bdefd0b49
4
- data.tar.gz: 1900ed9a136ea09cf7756f7119a4a59338ddc729
3
+ metadata.gz: 85bce6ee916bb8a5e96cc67480e16d83c66f0cca
4
+ data.tar.gz: ebd30157e8c383b021470901978b00409555c181
5
5
  SHA512:
6
- metadata.gz: 7aa3c8d247c8388b3f7b0c46b88cacc10110af9418b59937e850c6442db1990ee16f6a02fdcee9d561e37af989164a01aacb9205c12d7c4a3df0bd371c3ad74a
7
- data.tar.gz: 06de2d45b2f0ad06af9ec828ec5029fe75900635084124ab0d5d069b16e5edb9b07435b073ac4b1753a8e2045943df9fedd3359fb1c677dd40ba94866ee10602
6
+ metadata.gz: d471517e4c76f369bae5db3a817ff6fd186da54bc579dbda3d6e0b468d66bea6316e827d794e7782ecda1138c4fa733e655e8e6f9ca4d6d774f3155053e1fcb3
7
+ data.tar.gz: c2dfa0a1e729101bc703ad7bbe7ae9586041a2fcbf2945bf54e8d2e9125adfd6e089ee8b4ff735d61542e03acb815f265fae15de32416f8cbcac78643dd45c4a
data/README.md CHANGED
@@ -54,32 +54,60 @@ Included in the gem is a command-line tool, passivetotal, with the following usa
54
54
  pt = PassiveTotal::API.new(user, apikey)
55
55
  # Create an array to shove results into
56
56
  res = Array.new
57
- # query enrichment for the domain, www.passivetotal.org
58
- res << @pt.enrichment('www.passivetotal.org')
59
- # query enrichment for the ipv4 address, 107.170.89.121
60
- res << @pt.enrichment('107.170.89.121')
57
+
58
+ # ACCOUNT API
59
+ # Get account details your account.
60
+ res << @pt.account
61
+ # Get history associated with your account.
62
+ res << @pt.history
63
+ # Get notifications that have been posted to your account.
64
+ res << @pt.notifications
65
+ # Get details about the organization your account is associated with.
66
+ res << @pt.organization
67
+ # Get the teamstream for the organization your account is associated with.
68
+ res << @pt.teamstream
69
+ # Get source details for a specific source.
70
+ res << @pt.sources('riskiq')
71
+
72
+ # DNS API
61
73
  # query passive DNS results for the domain, www.passivetotal.org
62
74
  res << @pt.passive('www.passivetotal.org')
63
75
  # query passive DNS results for the ipv4 address, 107.170.89.121
64
76
  res << @pt.passive('107.170.89.121')
65
- # query for subdomains of passivetotal.org
66
- res << @pt.subdomains('*.passivetotal.org')
67
77
  # query for unique IPv4 resolutions of passivetotal.org
68
78
  res << @pt.unique('passivetotal.org')
69
- # query for the classification of www.passivetotal.org
70
- res << @pt.classification('www.passivetotal.org')
71
- # set the classification of www.passivetotal.org as benign
72
- res << @pt.classification('www.passivetotal.org', 'non-malicious')
79
+
80
+ # ENRICHMENT API
81
+ # query enrichment for the domain, www.passivetotal.org
82
+ res << @pt.enrichment('www.passivetotal.org')
83
+ # query enrichment for the ipv4 address, 107.170.89.121
84
+ res << @pt.enrichment('107.170.89.121')
85
+ # Get malware data
86
+ res << @pt.malware('noorno.com')
87
+ # query for malware sample records by the ip addres 98.124.243.47
88
+ res << @pt.malware("98.124.243.47")
89
+ # Get opensource intelligence data
90
+ res << @pt.osint("xxxmobiletubez.com")
91
+ # query for subdomains of passivetotal.org
92
+ res << @pt.subdomains('*.passivetotal.org')
93
+
94
+ # WHOIS API
95
+ # Get WHOIS data for a domain or IP address
96
+ res << @pt.whois("passivetotal.org")
97
+ # Get WHOIS records based on field matching queries.
98
+ res << @pt.whois("proxy4655031@1and1-private-registration.com", "email")
99
+
100
+ # ACTIONS API
73
101
  # query for the tags associated with www.chrisleephd.us
74
102
  res << @pt.tags('www.chrisleephd.us')
75
103
  # add the "cool" tag to www.chrisleephd.us
76
104
  res << @pt.add_tag('www.chrisleephd.us', 'cool')
77
105
  # remove the "cool" tag from www.chrisleephd.us (aww, I was cool for a few milliseconds :( )
78
- res << @pt.remove_tag('www.chrisleephd.us', 'cool')
79
- # query if 107.170.89.121 is a sinkhole
80
- res << @pt.sinkhole('107.170.89.121')
81
- # set 107.170.89.121 as not a sinkhole
82
- res << @pt.sinkhole('107.170.89.121', false)
106
+ res << @pt.remove_tag('www.chrisleephd.us', 'cool')
107
+ # query for the classification of www.passivetotal.org
108
+ res << @pt.classification('www.passivetotal.org')
109
+ # set the classification of www.passivetotal.org as benign
110
+ res << @pt.classification('www.passivetotal.org', 'non-malicious')
83
111
  # query if www.passivetotal.org has ever been listed as compromised
84
112
  res << @pt.ever_compromised('www.passivetotal.org')
85
113
  # set the ever_compromised flag for www.passivetotal.org to false to indicate that it was never compromised or that it is in sole control of a malicious actor.
@@ -92,6 +120,20 @@ Included in the gem is a command-line tool, passivetotal, with the following usa
92
120
  res << @pt.monitor('www.passivetotal.org')
93
121
  # unwatch www.passivetotal.org
94
122
  res << @pt.monitor('www.passivetotal.org', false)
123
+ # query if 107.170.89.121 is a sinkhole
124
+ res << @pt.sinkhole('107.170.89.121')
125
+ # set 107.170.89.121 as not a sinkhole
126
+ res << @pt.sinkhole('107.170.89.121', false)
127
+
128
+ # HOST API
129
+ # Get detailed information about a host
130
+ res << @pt.components('passivetotal.org')
131
+ # Get all tracking codes for a domain or IP address.
132
+ res << @pt.trackers('passivetotal.org')
133
+ # Get hosts matching a specific tracker ID
134
+ res << @pt.trackers('UA-49901229', 'GoogleAnalyticsAccountNumber')
135
+
136
+ # SSL API
95
137
  # list sites associated with SSL certificates with SHA-1 hash of e9a6647d6aba52dc47b3838c920c9ee59bad7034
96
138
  res << @pt.ssl_certificate('e9a6647d6aba52dc47b3838c920c9ee59bad7034')
97
139
  # list sites associated with SSL certificates with SHA-1 hash of e9a6647d6aba52dc47b3838c920c9ee59bad7034
@@ -100,10 +142,7 @@ Included in the gem is a command-line tool, passivetotal, with the following usa
100
142
  res << @pt.ssl_certificate_history('e9a6647d6aba52dc47b3838c920c9ee59bad7034')
101
143
  # retrieve certificate history from IPv4 address of 52.8.228.23
102
144
  res << @pt.ssl_certificate_history('52.8.228.23')
103
- # query for malware sample records by the domain "noorno.com"
104
- res << @pt.malware("noorno.com")
105
- # query for malware sample records by the ip addres 98.124.243.47
106
- res << @pt.malware("98.124.243.47")
145
+
107
146
  # dump all this glorious information to feast your eyes upon
108
147
  pp res
109
148
 
data/lib/passivetotal/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module PassiveTotal
2
- VERSION = "1.0.1"
2
+ VERSION = "1.0.2"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: passivetotal
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.1
4
+ version: 1.0.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - chrislee35
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-02-18 00:00:00.000000000 Z
11
+ date: 2016-02-20 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: json