atomicshop 2.11.47__py3-none-any.whl → 3.10.5__py3-none-any.whl

atomicshop/monitor/checks/network.py

@@ -1,87 +1,91 @@
+from pathlib import Path
+from typing import Union
+
 from ...wrappers.psutilw import psutilw
 from ...basics import list_of_dicts
 from ...print_api import print_api
+from ... import diff_check
 
 
-def _execute_cycle(change_monitor_instance, print_kwargs: dict = None):
-    """
-    This function executes the cycle of the change monitor: network.
-
-    :param change_monitor_instance: Instance of the ChangeMonitor class.
-
-    :return: List of dictionaries with the results of the cycle.
-    """
-
-    if print_kwargs is None:
-        print_kwargs = dict()
-
-    return_list = list()
-
-    _get_list(change_monitor_instance)
-
-    change_monitor_instance._set_input_file_path()
-
-    # Check if 'known_domains' list was updated from previous cycle.
-    result, message = change_monitor_instance.diff_check_list[0].check_list_of_dicts(print_kwargs=print_kwargs)
-
-    if result:
-        # Get list of new connections only.
-        new_connections_only: list = list_of_dicts.get_difference(result['old'], result['updated'])
-
-        for connection in new_connections_only:
-            message = \
-                f"New connection: {connection['name']} | " \
-                f"{connection['dst_ip']}:{connection['dst_port']} | " \
-                f"{connection['family']} | {connection['type']} | {connection['cmdline']}"
-            # f"{connection['src_ip']}:{connection['src_port']} -> " \
-            print_api(message, color='yellow', **print_kwargs)
+INPUT_FILE_DEFAULT_NAME: str = 'known_connections.txt'
 
-            return_list.append(message)
 
-    return return_list
-
-
-def _get_list(change_monitor_instance):
+class NetworkCheck:
     """
-    The function will get the list of opened network sockets and return only the new ones.
-
-    :param change_monitor_instance: Instance of the ChangeMonitor class.
-
-    :return: list of dicts, of new network sockets.
+    Class for network monitoring.
     """
 
-    if change_monitor_instance.first_cycle:
-        original_name: str = str()
-
-        # Initialize objects for network monitoring.
-        change_monitor_instance.fetch_engine = psutilw.PsutilConnections()
-
-        # Change settings for the DiffChecker object.
-        change_monitor_instance.diff_check_list[0].return_first_cycle = True
-
-        if change_monitor_instance.generate_input_file_name:
-            original_name = 'known_connections'
-            # Make path for 'input_file_name'.
-            change_monitor_instance.input_file_name = f'{original_name}.txt'
-
-        change_monitor_instance.diff_check_list[0].check_object_display_name = \
-            f'{original_name}|{change_monitor_instance.object_type}'
-
-        # Set the 'check_object' to empty list, since we will append the list of DNS events.
-        change_monitor_instance.diff_check_list[0].check_object = list()
-
-    # Get all connections (list of dicts), including process name and cmdline.
-    connections_list_of_dicts: list = \
-        change_monitor_instance.fetch_engine.get_connections_with_process_as_list_of_dicts(
-            attrs=['name', 'cmdline', 'family', 'type', 'dst_ip', 'dst_port'], skip_empty_dst=True,
-            cmdline_to_string=True, remove_duplicates=True)
-
-    # Get list of connections that are not in 'known_connections' list.
-    missing_connections_from_cycle: list = list_of_dicts.get_difference(
-        change_monitor_instance.diff_check_list[0].check_object, connections_list_of_dicts)
-    # Add missing new connections to 'known_connections' list.
-    change_monitor_instance.diff_check_list[0].check_object.extend(missing_connections_from_cycle)
-
-    # Sort list of dicts by process name and then by process cmdline.
-    change_monitor_instance.diff_check_list[0].check_object = list_of_dicts.sort_by_keys(
-        change_monitor_instance.diff_check_list[0].check_object, key_list=['cmdline', 'name'], case_insensitive=True)
+    def __init__(self, change_monitor_instance):
+        self.change_monitor_instance = change_monitor_instance
+        self.diff_checker: Union[diff_check.DiffChecker, None] = None
+        self.fetch_engine = psutilw.PsutilConnections()
+
+        if not change_monitor_instance.input_file_name:
+            change_monitor_instance.input_file_name = INPUT_FILE_DEFAULT_NAME
+        input_file_path = (
+            str(Path(change_monitor_instance.input_directory, change_monitor_instance.input_file_name)))
+
+        diff_checker_display_name = \
+            f'{change_monitor_instance.input_file_name}|{change_monitor_instance.object_type}'
+        self.diff_checker = diff_check.DiffChecker(
+            check_object=list(),  # we will append the list of connection events.
+            return_first_cycle=True,
+            operation_type='single_object',
+            check_object_display_name=diff_checker_display_name,
+            input_file_path=input_file_path
+        )
+        self.diff_checker.initiate_before_action()
+
+    def execute_cycle(self, print_kwargs: dict = None):
+        """
+        This function executes the cycle of the change monitor: network.
+
+        :param print_kwargs: print_api kwargs.
+        :return: List of dictionaries with the results of the cycle.
+        """
+
+        return_list = list()
+
+        self._get_list()
+
+        # Check if 'known_domains' list was updated from previous cycle.
+        result, message = self.diff_checker.check_list_of_dicts(print_kwargs=print_kwargs)
+
+        if result:
+            # Get list of new connections only.
+            new_connections_only: list = list_of_dicts.get_difference(result['old'], result['updated'])
+
+            for connection in new_connections_only:
+                message = \
+                    f"New connection: {connection['name']} | " \
+                    f"{connection['dst_ip']}:{connection['dst_port']} | " \
+                    f"{connection['family']} | {connection['type']} | {connection['cmdline']}"
+                # f"{connection['src_ip']}:{connection['src_port']} -> " \
+                print_api(message, color='yellow', **(print_kwargs or {}))
+
+                return_list.append(message)
+
+        return return_list
+
+    def _get_list(self):
+        """
+        The function will get the list of opened network sockets and return only the new ones.
+
+        :return: list of dicts, of new network sockets.
+        """
+
+        # Get all connections (list of dicts), including process name and cmdline.
+        connections_list_of_dicts: list = \
+            self.fetch_engine.get_connections_with_process_as_list_of_dicts(
+                attrs=['name', 'cmdline', 'family', 'type', 'dst_ip', 'dst_port'], skip_empty_dst=True,
+                cmdline_to_string=True, remove_duplicates=True)
+
+        # Get list of connections that are not in 'known_connections' list.
+        missing_connections_from_cycle: list = list_of_dicts.get_difference(
+            self.diff_checker.check_object, connections_list_of_dicts)
+        # Add missing new connections to 'known_connections' list.
+        self.diff_checker.check_object.extend(missing_connections_from_cycle)
+
+        # Sort list of dicts by process name and then by process cmdline.
+        self.diff_checker.check_object = list_of_dicts.sort_by_keys(
+            self.diff_checker.check_object, key_list=['cmdline', 'name'], case_insensitive=True)

atomicshop/monitor/checks/process_running.py

@@ -3,51 +3,50 @@ from ...basics import list_of_dicts
 from ...print_api import print_api
 
 
-def _execute_cycle(change_monitor_instance, print_kwargs: dict = None):
+class ProcessRunningCheck:
     """
-    This function executes the cycle of the change monitor: process_running.
-
-    :param change_monitor_instance: Instance of the ChangeMonitor class.
-
-    :return: List of dictionaries with the results of the cycle.
+    Class for process running monitoring.
     """
 
-    if print_kwargs is None:
-        print_kwargs = dict()
+    def __init__(self, change_monitor_instance):
+        self.change_monitor_instance = change_monitor_instance
+        self.fetch_engine = psutilw.PsutilProcesses()
 
-    return_list = list()
+    def execute_cycle(self, print_kwargs: dict = None):
+        """
+        This function executes the cycle of the change monitor: process_running.
 
-    processes = _get_list(change_monitor_instance)
+        :param print_kwargs: Dictionary with the print arguments.
+        :return: List of dictionaries with the results of the cycle.
+        """
 
-    for process_name in change_monitor_instance.check_object_list:
-        result = list_of_dicts.is_value_exist_in_key(processes, 'cmdline', process_name)
+        return_list = list()
 
-        # If the process name was found in the list of currently running processes.
-        if result:
-            message = f"Process [{process_name}] is Running."
-            print_api(message, color='green', **print_kwargs)
-        # If the process name was not found in the list of currently running processes.
-        else:
-            message = f"Process [{process_name}] not Running!"
-            print_api(message, color='red', **print_kwargs)
+        processes = self._get_list()
 
-            return_list.append(message)
+        for process_name in self.change_monitor_instance.check_object:
+            result = list_of_dicts.is_value_exist_in_key(
+                processes, 'cmdline', process_name, value_case_insensitive=True)
 
-    return return_list
+            # If the process name was found in the list of currently running processes.
+            if result:
+                message = f"Process [{process_name}] is Running."
+                print_api(message, color='green', **(print_kwargs or {}))
+            # If the process name was not found in the list of currently running processes.
+            else:
+                message = f"Process [{process_name}] not Running!"
+                print_api(message, color='red', **(print_kwargs or {}))
 
+                return_list.append(message)
 
-def _get_list(change_monitor_instance):
-    """
-    The function will get the list of opened network sockets and return only the new ones.
+        return return_list
 
-    :param change_monitor_instance: Instance of the ChangeMonitor class.
-
-    :return: list of dicts, of new network sockets.
-    """
+    def _get_list(self):
+        """
+        The function will get the list of opened network sockets and return only the new ones.
 
-    if change_monitor_instance.first_cycle:
-        # Initialize objects for network monitoring.
-        change_monitor_instance.fetch_engine = psutilw.PsutilProcesses()
+        :return: list of dicts, of new network sockets.
+        """
 
-    return change_monitor_instance.fetch_engine.get_processes_as_list_of_dicts(
-        default_keys=True, cmdline_to_string=True)
+        return self.fetch_engine.get_processes_as_list_of_dicts(
+            default_keys=True, cmdline_to_string=True)

atomicshop/monitor/checks/url.py

@@ -0,0 +1,94 @@
+from pathlib import Path
+
+from ... import hashing, urls
+from ... import diff_check
+from ...print_api import print_api
+
+
+class UrlCheck:
+    """
+    Class for file monitoring.
+    """
+    def __init__(self, change_monitor_instance):
+        self.diff_checker = None
+        self.change_monitor_instance = None
+        self.store_original_file_path = None
+        self.get_method = None
+
+        # Extract the method name from the object type.
+        self.get_method = change_monitor_instance.object_type.split('_', 1)[1]
+
+        if not change_monitor_instance.input_file_name:
+            change_monitor_instance.input_file_name = (
+                urls.url_parser(change_monitor_instance.check_object))['directories'][-1]
+            change_monitor_instance.input_file_name = change_monitor_instance.input_file_name.lower()
+            change_monitor_instance.input_file_name = f'{change_monitor_instance.input_file_name}.txt'
+
+        input_file_path = (
+            str(Path(change_monitor_instance.input_directory, change_monitor_instance.input_file_name)))
+
+        # If 'store_original_object' is True, create filename for the store original object.
+        if change_monitor_instance.object_type_settings['store_original_object']:
+            # Add extension to the file name.
+            extension: str = str()
+            if 'playwright' in self.get_method:
+                extension = self.get_method.split('_')[1]
+            elif self.get_method == 'urllib':
+                extension = 'html'
+
+            store_original_file_name: str = Path(change_monitor_instance.input_file_name).stem
+            store_original_file_name = f'{store_original_file_name}.{extension}'
+            self.store_original_file_path = str(Path(change_monitor_instance.input_directory, store_original_file_name))
+
+        self.diff_checker = diff_check.DiffChecker(
+            return_first_cycle=False,
+            operation_type='single_object',
+            input_file_path=input_file_path,
+            check_object_display_name=f'{change_monitor_instance.input_file_name}|{change_monitor_instance.object_type}'
+        )
+        self.diff_checker.initiate_before_action()
+        self.change_monitor_instance = change_monitor_instance
+
+    def execute_cycle(self, print_kwargs: dict = None):
+        """
+        This function executes the cycle of the change monitor: hash.
+
+        :param print_kwargs: print_api kwargs.
+        :return: List of dictionaries with the results of the cycle.
+        """
+
+        return_list = list()
+
+        self._get_hash(print_kwargs=print_kwargs)
+
+        # Check if the object was updated.
+        result, message = self.diff_checker.check_string(
+            print_kwargs=print_kwargs)
+
+        # If the object was updated, print the message in yellow color, otherwise print in green color.
+        if result:
+            print_api(message, color='yellow', **print_kwargs)
+            # create_message_file(message, self.__class__.__name__, logger=self.logger)
+
+            return_list.append(message)
+        else:
+            print_api(message, color='green', **print_kwargs)
+
+        return return_list
+
+    def _get_hash(self, print_kwargs: dict = None):
+        """
+        The function will get the hash of the URL content.
+
+        :param print_kwargs: print_api kwargs.
+        """
+        # Get hash of the url. The hash will be different between direct hash of the URL content and the
+        # hash of the file that was downloaded from the URL. Since the file has headers and other information
+        # that is not part of the URL content. The Original downloaded file is for reference only to see
+        # what was the content of the URL at the time of the download.
+        hash_string = hashing.hash_url(
+            self.change_monitor_instance.check_object, get_method=self.get_method,
+            path=self.store_original_file_path, print_kwargs=print_kwargs)
+
+        # Set the hash string to the 'check_object' variable.
+        self.diff_checker.check_object = hash_string