passivetotal 1.0.1 → 1.0.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +58 -19
  3. data/lib/passivetotal/version.rb +1 -1
  4. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 3a5c4295b8d9ad1670b868891fe25e1bdefd0b49
4
- data.tar.gz: 1900ed9a136ea09cf7756f7119a4a59338ddc729
3
+ metadata.gz: 85bce6ee916bb8a5e96cc67480e16d83c66f0cca
4
+ data.tar.gz: ebd30157e8c383b021470901978b00409555c181
5
5
  SHA512:
6
- metadata.gz: 7aa3c8d247c8388b3f7b0c46b88cacc10110af9418b59937e850c6442db1990ee16f6a02fdcee9d561e37af989164a01aacb9205c12d7c4a3df0bd371c3ad74a
7
- data.tar.gz: 06de2d45b2f0ad06af9ec828ec5029fe75900635084124ab0d5d069b16e5edb9b07435b073ac4b1753a8e2045943df9fedd3359fb1c677dd40ba94866ee10602
6
+ metadata.gz: d471517e4c76f369bae5db3a817ff6fd186da54bc579dbda3d6e0b468d66bea6316e827d794e7782ecda1138c4fa733e655e8e6f9ca4d6d774f3155053e1fcb3
7
+ data.tar.gz: c2dfa0a1e729101bc703ad7bbe7ae9586041a2fcbf2945bf54e8d2e9125adfd6e089ee8b4ff735d61542e03acb815f265fae15de32416f8cbcac78643dd45c4a
data/README.md CHANGED
@@ -54,32 +54,60 @@ Included in the gem is a command-line tool, passivetotal, with the following usa
54
54
  pt = PassiveTotal::API.new(user, apikey)
55
55
  # Create an array to shove results into
56
56
  res = Array.new
57
- # query enrichment for the domain, www.passivetotal.org
58
- res << @pt.enrichment('www.passivetotal.org')
59
- # query enrichment for the ipv4 address, 107.170.89.121
60
- res << @pt.enrichment('107.170.89.121')
57
+
58
+ # ACCOUNT API
59
+ # Get account details your account.
60
+ res << @pt.account
61
+ # Get history associated with your account.
62
+ res << @pt.history
63
+ # Get notifications that have been posted to your account.
64
+ res << @pt.notifications
65
+ # Get details about the organization your account is associated with.
66
+ res << @pt.organization
67
+ # Get the teamstream for the organization your account is associated with.
68
+ res << @pt.teamstream
69
+ # Get source details for a specific source.
70
+ res << @pt.sources('riskiq')
71
+
72
+ # DNS API
61
73
  # query passive DNS results for the domain, www.passivetotal.org
62
74
  res << @pt.passive('www.passivetotal.org')
63
75
  # query passive DNS results for the ipv4 address, 107.170.89.121
64
76
  res << @pt.passive('107.170.89.121')
65
- # query for subdomains of passivetotal.org
66
- res << @pt.subdomains('*.passivetotal.org')
67
77
  # query for unique IPv4 resolutions of passivetotal.org
68
78
  res << @pt.unique('passivetotal.org')
69
- # query for the classification of www.passivetotal.org
70
- res << @pt.classification('www.passivetotal.org')
71
- # set the classification of www.passivetotal.org as benign
72
- res << @pt.classification('www.passivetotal.org', 'non-malicious')
79
+
80
+ # ENRICHMENT API
81
+ # query enrichment for the domain, www.passivetotal.org
82
+ res << @pt.enrichment('www.passivetotal.org')
83
+ # query enrichment for the ipv4 address, 107.170.89.121
84
+ res << @pt.enrichment('107.170.89.121')
85
+ # Get malware data
86
+ res << @pt.malware('noorno.com')
87
+ # query for malware sample records by the ip addres 98.124.243.47
88
+ res << @pt.malware("98.124.243.47")
89
+ # Get opensource intelligence data
90
+ res << @pt.osint("xxxmobiletubez.com")
91
+ # query for subdomains of passivetotal.org
92
+ res << @pt.subdomains('*.passivetotal.org')
93
+
94
+ # WHOIS API
95
+ # Get WHOIS data for a domain or IP address
96
+ res << @pt.whois("passivetotal.org")
97
+ # Get WHOIS records based on field matching queries.
98
+ res << @pt.whois("proxy4655031@1and1-private-registration.com", "email")
99
+
100
+ # ACTIONS API
73
101
  # query for the tags associated with www.chrisleephd.us
74
102
  res << @pt.tags('www.chrisleephd.us')
75
103
  # add the "cool" tag to www.chrisleephd.us
76
104
  res << @pt.add_tag('www.chrisleephd.us', 'cool')
77
105
  # remove the "cool" tag from www.chrisleephd.us (aww, I was cool for a few milliseconds :( )
78
- res << @pt.remove_tag('www.chrisleephd.us', 'cool')
79
- # query if 107.170.89.121 is a sinkhole
80
- res << @pt.sinkhole('107.170.89.121')
81
- # set 107.170.89.121 as not a sinkhole
82
- res << @pt.sinkhole('107.170.89.121', false)
106
+ res << @pt.remove_tag('www.chrisleephd.us', 'cool')
107
+ # query for the classification of www.passivetotal.org
108
+ res << @pt.classification('www.passivetotal.org')
109
+ # set the classification of www.passivetotal.org as benign
110
+ res << @pt.classification('www.passivetotal.org', 'non-malicious')
83
111
  # query if www.passivetotal.org has ever been listed as compromised
84
112
  res << @pt.ever_compromised('www.passivetotal.org')
85
113
  # set the ever_compromised flag for www.passivetotal.org to false to indicate that it was never compromised or that it is in sole control of a malicious actor.
@@ -92,6 +120,20 @@ Included in the gem is a command-line tool, passivetotal, with the following usa
92
120
  res << @pt.monitor('www.passivetotal.org')
93
121
  # unwatch www.passivetotal.org
94
122
  res << @pt.monitor('www.passivetotal.org', false)
123
+ # query if 107.170.89.121 is a sinkhole
124
+ res << @pt.sinkhole('107.170.89.121')
125
+ # set 107.170.89.121 as not a sinkhole
126
+ res << @pt.sinkhole('107.170.89.121', false)
127
+
128
+ # HOST API
129
+ # Get detailed information about a host
130
+ res << @pt.components('passivetotal.org')
131
+ # Get all tracking codes for a domain or IP address.
132
+ res << @pt.trackers('passivetotal.org')
133
+ # Get hosts matching a specific tracker ID
134
+ res << @pt.trackers('UA-49901229', 'GoogleAnalyticsAccountNumber')
135
+
136
+ # SSL API
95
137
  # list sites associated with SSL certificates with SHA-1 hash of e9a6647d6aba52dc47b3838c920c9ee59bad7034
96
138
  res << @pt.ssl_certificate('e9a6647d6aba52dc47b3838c920c9ee59bad7034')
97
139
  # list sites associated with SSL certificates with SHA-1 hash of e9a6647d6aba52dc47b3838c920c9ee59bad7034
@@ -100,10 +142,7 @@ Included in the gem is a command-line tool, passivetotal, with the following usa
100
142
  res << @pt.ssl_certificate_history('e9a6647d6aba52dc47b3838c920c9ee59bad7034')
101
143
  # retrieve certificate history from IPv4 address of 52.8.228.23
102
144
  res << @pt.ssl_certificate_history('52.8.228.23')
103
- # query for malware sample records by the domain "noorno.com"
104
- res << @pt.malware("noorno.com")
105
- # query for malware sample records by the ip addres 98.124.243.47
106
- res << @pt.malware("98.124.243.47")
145
+
107
146
  # dump all this glorious information to feast your eyes upon
108
147
  pp res
109
148
 
@@ -1,3 +1,3 @@
1
1
  module PassiveTotal
2
- VERSION = "1.0.1"
2
+ VERSION = "1.0.2"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: passivetotal
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.1
4
+ version: 1.0.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - chrislee35
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-02-18 00:00:00.000000000 Z
11
+ date: 2016-02-20 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: json