atomicshop 2.12.17__py3-none-any.whl → 2.12.19__py3-none-any.whl

atomicshop/__init__.py

@@ -1,4 +1,4 @@
 """Atomic Basic functions and classes to make developer life easier"""
 
 __author__ = "Den Kras"
-__version__ = '2.12.17'
+__version__ = '2.12.19'

atomicshop/diff_check.py

@@ -207,7 +207,7 @@ class DiffChecker:
         self.new_objects_seconds_then_difference: Union[float, None] = None
         self.timer = None
 
-    def _static_pre_process(self):
+    def initiate_before_action(self):
         """
         This function will be called before the actual checking of the object.
         If you change any attribute of the class, you will need to call this function again.
@@ -254,7 +254,8 @@ class DiffChecker:
             self.previous_day = None
 
         if self.new_objects_hours_then_difference and self.operation_type != 'new_objects':
-            raise ValueError("The 'new_objects_hours_then_difference' variable must be set for 'new_objects' operation type.")
+            raise ValueError(
+                "The 'new_objects_hours_then_difference' variable must be set for 'new_objects' operation type.")
 
         if self.new_objects_hours_then_difference:
             self.new_objects_seconds_then_difference = self.new_objects_hours_then_difference * 60 * 60
@@ -266,8 +267,6 @@ class DiffChecker:
         The function will check file content for change by hashing it and comparing the hash.
         """
 
-        self._static_pre_process()
-
         if not isinstance(self.check_object, str):
             raise TypeError(f"[check_object] must be string, not {type(self.check_object)}.")
 
@@ -287,8 +286,6 @@ class DiffChecker:
         :param print_kwargs: dict, of kwargs to pass to 'print_api' function.
         """
 
-        self._static_pre_process()
-
         if not isinstance(self.check_object, list):
             raise TypeError(f'[check_object] must be list, not {type(self.check_object)}.')
 

atomicshop/file_io/file_io.py

@@ -102,8 +102,10 @@ def write_file(
             content = '\n'.join(content)
         else:
             file_object.writelines(content)
-
-    if isinstance(content, str):
+    elif isinstance(content, str):
+        file_object.write(content)
+    # THis will happen if the content is bytes and the file mode is 'wb'.
+    elif isinstance(content, bytes) and 'b' in file_mode:
         file_object.write(content)
     else:
         raise TypeError(f"Content type is not supported: {type(content)}")

atomicshop/monitor/change_monitor.py

@@ -1,8 +1,6 @@
 from typing import Literal, Union
-from pathlib import Path
 
-from .checks import dns, network, hash, process_running
-from .. import filesystem, scheduling
+from .checks import dns, network, file, url, process_running
 
 
 DNS__DEFAULT_SETTINGS = {
@@ -122,36 +120,31 @@ class ChangeMonitor:
 
         # === Additional variables ========================================
 
-        # self.original_object_directory = None
-        # self.original_object_file_path = None
-
-        # # If 'store_original_object' is True, create directory for original object.
-        # if self.store_original_object:
-        #     # Make path for original object.
-        #     self.original_object_directory = filesystem.add_object_to_path(
-        #         self.input_directory, 'Original')
-        #     # Create directory if it doesn't exist.
-        #     filesystem.create_directory(self.original_object_directory)
-        #
-        # Initialize objects for DNS and Network monitoring.
-
         self.checks_instance = None
         self._setup_object()
 
     def _setup_object(self):
-        if self.object_type == 'file' or 'url_' in self.object_type:
-            self.checks_instance = hash
-        if self.object_type == 'dns':
-            self.checks_instance = dns
+        if self.object_type == 'file':
+            if not self.object_type_settings:
+                self.object_type_settings = FILE__URL__DEFAULT_SETTINGS
 
+            self.checks_instance = file.FileCheck(self)
+        elif self.object_type.startswith('url_'):
+            if not self.object_type_settings:
+                self.object_type_settings = FILE__URL__DEFAULT_SETTINGS
+
+            self.checks_instance = url.UrlCheck(self)
+        elif self.object_type == 'dns':
             if not self.object_type_settings:
                 self.object_type_settings = DNS__DEFAULT_SETTINGS
+
+            self.checks_instance = dns.DnsCheck(self)
         elif self.object_type == 'network':
-            self.checks_instance = network
+            self.checks_instance = network.NetworkCheck(self)
         elif self.object_type == 'process_running':
-            self.checks_instance = process_running
-
-        self.checks_instance.setup_check(self)
+            self.checks_instance = process_running.ProcessRunningCheck(self)
+        else:
+            raise ValueError(f"ERROR: Unknown object type: {self.object_type}")
 
     def check_cycle(self, print_kwargs: dict = None):
         """

atomicshop/monitor/checks/dns.py

@@ -1,126 +1,137 @@
 from pathlib import Path
+from typing import Union
 
 from ...etw.dns_trace import DnsTrace
 from ...print_api import print_api
-from ...diff_check import DiffChecker
+from ...import diff_check
 
 
 INPUT_FILE_DEFAULT_NAME: str = 'known_domains.json'
 INPUT_STATISTICS_FILE_DEFAULT_NAME: str = 'dns_statistics.json'
-FETCH_ENGINE: DnsTrace = DnsTrace(enable_process_poller=True, attrs=['name', 'cmdline', 'domain', 'query_type'])
-SETTINGS = {}
-DIFF_CHECKER_AGGREGATION = DiffChecker(
-    check_object=list(),                            # DNS events will be appended to this list.
-    return_first_cycle=True,
-    operation_type='new_objects'
-)
-DIFF_CHECKER_STATISTICS = DiffChecker(
-    check_object=list(),                            # DNS events will be appended to this list.
-    return_first_cycle=True,
-    operation_type='hit_statistics',
-    hit_statistics_enable_queue=True
-)
 
 
-def setup_check(change_monitor_instance):
-    global SETTINGS
-    SETTINGS = change_monitor_instance.object_type_settings
-
-    if SETTINGS['alert_always'] and SETTINGS['alert_about_missing_entries_after_learning']:
-        raise ValueError(
-            "ERROR: [alert_always] and [alert_about_missing_entries_after_learning] cannot be True at the same time.")
-
-    if not change_monitor_instance.input_file_name:
-        change_monitor_instance.input_file_name = INPUT_FILE_DEFAULT_NAME
-    input_file_path = (
-        str(Path(change_monitor_instance.input_directory, change_monitor_instance.input_file_name)))
-
-    if not change_monitor_instance.input_statistics_file_name:
-        change_monitor_instance.input_statistics_file_name = INPUT_STATISTICS_FILE_DEFAULT_NAME
-    input_statistic_file_path = (
-        str(Path(change_monitor_instance.input_directory, change_monitor_instance.input_statistics_file_name)))
-
-    if SETTINGS['learning_mode_create_unique_entries_list']:
-        DIFF_CHECKER_AGGREGATION.input_file_write_only = change_monitor_instance.input_file_write_only
-        DIFF_CHECKER_AGGREGATION.check_object_display_name = \
-            f'{change_monitor_instance.input_file_name}|{change_monitor_instance.object_type}'
-        DIFF_CHECKER_AGGREGATION.input_file_path = input_file_path
-        DIFF_CHECKER_AGGREGATION.new_objects_hours_then_difference = SETTINGS['learning_hours']
-
-    if SETTINGS['create_alert_statistics']:
-        DIFF_CHECKER_STATISTICS.input_file_write_only = change_monitor_instance.input_file_write_only
-        DIFF_CHECKER_STATISTICS.check_object_display_name = \
-            f'{change_monitor_instance.input_statistics_file_name}|{change_monitor_instance.object_type}'
-        DIFF_CHECKER_STATISTICS.input_file_path = input_statistic_file_path
-        DIFF_CHECKER_STATISTICS.hit_statistics_input_file_rotation_cycle_hours = SETTINGS['statistics_rotation_hours']
-
-    # Start DNS monitoring.
-    FETCH_ENGINE.start()
-
-
-def execute_cycle(print_kwargs: dict = None) -> list:
+class DnsCheck:
     """
-    This function executes the cycle of the change monitor: dns.
-    The function is blocking so while using it, the script will wait for the next DNS event.
-    No need to use 'time.sleep()'.
-
-    :param print_kwargs: print_api kwargs.
-    :return: List of dictionaries with the results of the cycle.
+    Class for DNS monitoring.
     """
-
-    # 'emit()' method is blocking (it uses 'get' of queue instance)
-    # will return a dict with current DNS trace event.
-    event_dict = FETCH_ENGINE.emit()
-
-    return_list = list()
-    if SETTINGS['learning_mode_create_unique_entries_list']:
-        _aggregation_process(event_dict, return_list, print_kwargs)
-
-    if SETTINGS['create_alert_statistics'] and SETTINGS['alert_always']:
-        _statistics_process(event_dict, return_list, print_kwargs)
-
-    return return_list
-
-
-def _aggregation_process(event_dict: dict, return_list: list, print_kwargs: dict = None):
-    DIFF_CHECKER_AGGREGATION.check_object = [event_dict]
-
-    # Check if 'known_domains' list was updated from previous cycle.
-    result, message = DIFF_CHECKER_AGGREGATION.check_list_of_dicts(
-        sort_by_keys=['cmdline', 'name'], print_kwargs=print_kwargs)
-
-    if result:
-        # Check if 'updated' key is in the result. This means that this is a regular cycle.
-        if 'updated' in result:
-            if not result['time_passed']:
-                # Get list of new connections only.
-                # new_connections_only: list = list_of_dicts.get_difference(result['old'], result['updated'])
-
-                for connection in result['updated']:
-                    message = \
-                        f"[Learning] New Domain Added: {connection['name']} | " \
-                        f"{connection['domain']} | {connection['query_type']} | " \
-                        f"{connection['cmdline']}"
-                    print_api(message, color='yellow', **(print_kwargs or {}))
-
-                    return_list.append(message)
-
-        # Check if learning time passed, so we can alert the new entries.
-        if 'time_passed' in result:
-            if result['time_passed']:
-                _statistics_process(result['updated'], return_list, print_kwargs)
-
-
-def _statistics_process(event_dict: dict, return_list: list, print_kwargs: dict = None):
-    DIFF_CHECKER_STATISTICS.check_object = [event_dict]
-
-    # Check if 'known_domains' list was updated from previous cycle.
-    result, message = DIFF_CHECKER_STATISTICS.check_list_of_dicts(
-        sort_by_keys=['cmdline', 'name'], print_kwargs=print_kwargs)
-
-    if result:
-        if 'count' in result:
-            message = f"[Alert] DNS Request: {result['entry']} | Times hit: {result['count']}"
-            print_api(message, color='yellow', **(print_kwargs or {}))
-
-            return_list.append(message)
+    
+    def __init__(self, change_monitor_instance):
+        self.change_monitor_instance = change_monitor_instance
+        self.diff_checker_aggregation: Union[diff_check.DiffChecker, None] = None
+        self.diff_checker_statistics: Union[diff_check.DiffChecker, None] = None
+        self.settings: dict = change_monitor_instance.object_type_settings
+        self.fetch_engine: DnsTrace = (
+            DnsTrace(enable_process_poller=True, attrs=['name', 'cmdline', 'domain', 'query_type']))
+
+        if self.settings['alert_always'] and self.settings['alert_about_missing_entries_after_learning']:
+            raise ValueError(
+                "ERROR: [alert_always] and [alert_about_missing_entries_after_learning] "
+                "cannot be True at the same time.")
+    
+        if not change_monitor_instance.input_file_name:
+            change_monitor_instance.input_file_name = INPUT_FILE_DEFAULT_NAME
+        input_file_path = (
+            str(Path(change_monitor_instance.input_directory, change_monitor_instance.input_file_name)))
+    
+        if not change_monitor_instance.input_statistics_file_name:
+            change_monitor_instance.input_statistics_file_name = INPUT_STATISTICS_FILE_DEFAULT_NAME
+        input_statistic_file_path = (
+            str(Path(change_monitor_instance.input_directory, change_monitor_instance.input_statistics_file_name)))
+    
+        if self.settings['learning_mode_create_unique_entries_list']:
+            aggregation_display_name = \
+                f'{change_monitor_instance.input_file_name}|{change_monitor_instance.object_type}'
+            self.diff_checker_aggregation = diff_check.DiffChecker(
+                check_object=list(),                            # DNS events will be appended to this list.
+                return_first_cycle=True,
+                operation_type='new_objects',
+                input_file_write_only=change_monitor_instance.input_file_write_only,
+                check_object_display_name=aggregation_display_name,
+                input_file_path=input_file_path,
+                new_objects_hours_then_difference=self.settings['learning_hours']
+            )
+            self.diff_checker_aggregation.initiate_before_action()
+
+        if self.settings['create_alert_statistics']:
+            statistics_display_name = \
+                f'{change_monitor_instance.input_statistics_file_name}|{change_monitor_instance.object_type}'
+
+            self.diff_checker_statistics = diff_check.DiffChecker(
+                check_object=list(),  # DNS events will be appended to this list.
+                return_first_cycle=True,
+                operation_type='hit_statistics',
+                hit_statistics_enable_queue=True,
+                input_file_write_only=change_monitor_instance.input_file_write_only,
+                check_object_display_name=statistics_display_name,
+                input_file_path=input_statistic_file_path,
+                hit_statistics_input_file_rotation_cycle_hours=self.settings['statistics_rotation_hours']
+            )
+            self.diff_checker_statistics.initiate_before_action()
+    
+        # Start DNS monitoring.
+        self.fetch_engine.start()
+
+    def execute_cycle(self, print_kwargs: dict = None) -> list:
+        """
+        This function executes the cycle of the change monitor: dns.
+        The function is blocking so while using it, the script will wait for the next DNS event.
+        No need to use 'time.sleep()'.
+    
+        :param print_kwargs: print_api kwargs.
+        :return: List of dictionaries with the results of the cycle.
+        """
+    
+        # 'emit()' method is blocking (it uses 'get' of queue instance)
+        # will return a dict with current DNS trace event.
+        event_dict = self.fetch_engine.emit()
+    
+        return_list = list()
+        if self.settings['learning_mode_create_unique_entries_list']:
+            self._aggregation_process(event_dict, return_list, print_kwargs)
+    
+        if self.settings['create_alert_statistics'] and self.settings['alert_always']:
+            self._statistics_process(event_dict, return_list, print_kwargs)
+    
+        return return_list
+
+    def _aggregation_process(self, event_dict: dict, return_list: list, print_kwargs: dict = None):
+        self.diff_checker_aggregation.check_object = [event_dict]
+    
+        # Check if 'known_domains' list was updated from previous cycle.
+        result, message = self.diff_checker_aggregation.check_list_of_dicts(
+            sort_by_keys=['cmdline', 'name'], print_kwargs=print_kwargs)
+    
+        if result:
+            # Check if 'updated' key is in the result. This means that this is a regular cycle.
+            if 'updated' in result:
+                if not result['time_passed']:
+                    # Get list of new connections only.
+                    # new_connections_only: list = list_of_dicts.get_difference(result['old'], result['updated'])
+    
+                    for connection in result['updated']:
+                        message = \
+                            f"[Learning] New Domain Added: {connection['name']} | " \
+                            f"{connection['domain']} | {connection['query_type']} | " \
+                            f"{connection['cmdline']}"
+                        print_api(message, color='yellow', **(print_kwargs or {}))
+    
+                        return_list.append(message)
+    
+            # Check if learning time passed, so we can alert the new entries.
+            if 'time_passed' in result:
+                if result['time_passed']:
+                    self._statistics_process(result['updated'], return_list, print_kwargs)
+    
+    def _statistics_process(self, event_dict: dict, return_list: list, print_kwargs: dict = None):
+        self.diff_checker_statistics.check_object = [event_dict]
+    
+        # Check if 'known_domains' list was updated from previous cycle.
+        result, message = self.diff_checker_statistics.check_list_of_dicts(
+            sort_by_keys=['cmdline', 'name'], print_kwargs=print_kwargs)
+    
+        if result:
+            if 'count' in result:
+                message = f"[Alert] DNS Request: {result['entry']} | Times hit: {result['count']}"
+                print_api(message, color='yellow', **(print_kwargs or {}))
+    
+                return_list.append(message)

atomicshop/monitor/checks/file.py

@@ -0,0 +1,77 @@
+from pathlib import Path
+
+from ... import filesystem, hashing
+from ... import diff_check
+from ...print_api import print_api
+
+
+class FileCheck:
+    """
+    Class for file monitoring.
+    """
+    def __init__(self, change_monitor_instance):
+        self.diff_checker = None
+        self.change_monitor_instance = None
+        self.store_original_file_path = None
+
+        if not change_monitor_instance.input_file_name:
+            change_monitor_instance.input_file_name = Path(change_monitor_instance.check_object).name
+            change_monitor_instance.input_file_name = change_monitor_instance.input_file_name.lower()
+            change_monitor_instance.input_file_name = (
+                change_monitor_instance.input_file_name.replace(' ', '_').replace('.', '_'))
+            change_monitor_instance.input_file_name = f'{change_monitor_instance.input_file_name}.txt'
+
+        input_file_path = (
+            str(Path(change_monitor_instance.input_directory, change_monitor_instance.input_file_name)))
+
+        # If 'store_original_object' is True, create filename for the store original object.
+        if change_monitor_instance.object_type_settings['store_original_object']:
+            store_original_file_name: str = f'ORIGINAL_{Path(change_monitor_instance.check_object).name}'
+            self.store_original_file_path = str(Path(change_monitor_instance.input_directory, store_original_file_name))
+
+        self.diff_checker = diff_check.DiffChecker(
+            return_first_cycle=False,
+            operation_type='single_object',
+            input_file_path=input_file_path,
+            check_object_display_name=f'{change_monitor_instance.input_file_name}|{change_monitor_instance.object_type}'
+        )
+        self.diff_checker.initiate_before_action()
+        self.change_monitor_instance = change_monitor_instance
+
+    def execute_cycle(self, print_kwargs: dict = None):
+        """
+        This function executes the cycle of the change monitor: hash.
+
+        :param print_kwargs: print_api kwargs.
+        :return: List of dictionaries with the results of the cycle.
+        """
+
+        return_list = list()
+
+        self._get_hash()
+
+        # Check if the object was updated.
+        result, message = self.diff_checker.check_string(
+            print_kwargs=print_kwargs)
+
+        # If the object was updated, print the message in yellow color, otherwise print in green color.
+        if result:
+            print_api(message, color='yellow', **print_kwargs)
+            # create_message_file(message, self.__class__.__name__, logger=self.logger)
+
+            return_list.append(message)
+        else:
+            print_api(message, color='green', **print_kwargs)
+
+        return return_list
+
+    def _get_hash(self):
+        # Copy the file to the original object directory.
+        if self.store_original_file_path:
+            filesystem.copy_file(self.change_monitor_instance.check_object, self.store_original_file_path)
+
+        # Get hash of the file.
+        hash_string = hashing.hash_file(self.change_monitor_instance.check_object)
+
+        # Set the hash string to the 'check_object' variable.
+        self.diff_checker.check_object = hash_string

atomicshop/monitor/checks/hash.py

@@ -1,18 +1,17 @@
+from ... import diff_check
 from ...print_api import print_api
 from .hash_checks import file, url
 
 
-def setup_check(change_monitor_instance):
-    # if store_original_object and not (input_directory or input_file_path):
-    #     raise ValueError(
-    #         'ERROR: if [store_original_object] is True, either '
-    #         '[input_directory] or [input_file_path] must be specified .')
+DIFF_CHECKER = diff_check.DiffChecker(
+    return_first_cycle=False,
+    operation_type='single_object'
+)
 
 
+def setup_check(change_monitor_instance):
     change_monitor_instance.set_input_file_path()
 
-    change_monitor_instance.diff_checker.operation_type = 'single_object'
-
     if change_monitor_instance.object_type == 'file':
         file.setup_check(change_monitor_instance, change_monitor_instance.check_object)
     elif 'url_' in change_monitor_instance.object_type:

atomicshop/monitor/checks/network.py

@@ -1,91 +1,91 @@
+from pathlib import Path
+from typing import Union
+
 from ...wrappers.psutilw import psutilw
 from ...basics import list_of_dicts
 from ...print_api import print_api
+from ... import diff_check
 
 
-def setup_check(change_monitor_instance):
-    original_name: str = str()
-
-    # Initialize objects for network monitoring.
-    change_monitor_instance.fetch_engine = psutilw.PsutilConnections()
-
-    # Change settings for the DiffChecker object.
-    change_monitor_instance.diff_checker.return_first_cycle = True
-
-    if change_monitor_instance.generate_input_file_name:
-        original_name = 'known_connections'
-        # Make path for 'input_file_name'.
-        change_monitor_instance.input_file_name = f'{original_name}.txt'
-
-    change_monitor_instance.diff_checker.check_object_display_name = \
-        f'{original_name}|{change_monitor_instance.object_type}'
-
-    # Set the 'check_object' to empty list, since we will append the list of DNS events.
-    change_monitor_instance.diff_checker.check_object = list()
-
-    change_monitor_instance.diff_checker.operation_type = 'single_object'
-
-
-def execute_cycle(change_monitor_instance, print_kwargs: dict = None):
-    """
-    This function executes the cycle of the change monitor: network.
-
-    :param change_monitor_instance: Instance of the ChangeMonitor class.
-    :param print_kwargs: print_api kwargs.
-
-    :return: List of dictionaries with the results of the cycle.
-    """
-
-    if print_kwargs is None:
-        print_kwargs = dict()
-
-    return_list = list()
-
-    _get_list(change_monitor_instance)
-
-    change_monitor_instance._set_input_file_path()
-
-    # Check if 'known_domains' list was updated from previous cycle.
-    result, message = change_monitor_instance.diff_checker.check_list_of_dicts(print_kwargs=print_kwargs)
+INPUT_FILE_DEFAULT_NAME: str = 'known_connections.txt'
 
-    if result:
-        # Get list of new connections only.
-        new_connections_only: list = list_of_dicts.get_difference(result['old'], result['updated'])
 
-        for connection in new_connections_only:
-            message = \
-                f"New connection: {connection['name']} | " \
-                f"{connection['dst_ip']}:{connection['dst_port']} | " \
-                f"{connection['family']} | {connection['type']} | {connection['cmdline']}"
-            # f"{connection['src_ip']}:{connection['src_port']} -> " \
-            print_api(message, color='yellow', **print_kwargs)
-
-            return_list.append(message)
-
-    return return_list
-
-
-def _get_list(change_monitor_instance):
+class NetworkCheck:
     """
-    The function will get the list of opened network sockets and return only the new ones.
-
-    :param change_monitor_instance: Instance of the ChangeMonitor class.
-
-    :return: list of dicts, of new network sockets.
+    Class for network monitoring.
     """
 
-    # Get all connections (list of dicts), including process name and cmdline.
-    connections_list_of_dicts: list = \
-        change_monitor_instance.fetch_engine.get_connections_with_process_as_list_of_dicts(
-            attrs=['name', 'cmdline', 'family', 'type', 'dst_ip', 'dst_port'], skip_empty_dst=True,
-            cmdline_to_string=True, remove_duplicates=True)
-
-    # Get list of connections that are not in 'known_connections' list.
-    missing_connections_from_cycle: list = list_of_dicts.get_difference(
-        change_monitor_instance.diff_checker.check_object, connections_list_of_dicts)
-    # Add missing new connections to 'known_connections' list.
-    change_monitor_instance.diff_checker.check_object.extend(missing_connections_from_cycle)
-
-    # Sort list of dicts by process name and then by process cmdline.
-    change_monitor_instance.diff_checker.check_object = list_of_dicts.sort_by_keys(
-        change_monitor_instance.diff_checker.check_object, key_list=['cmdline', 'name'], case_insensitive=True)
+    def __init__(self, change_monitor_instance):
+        self.change_monitor_instance = change_monitor_instance
+        self.diff_checker: Union[diff_check.DiffChecker, None] = None
+        self.fetch_engine = psutilw.PsutilConnections()
+
+        if not change_monitor_instance.input_file_name:
+            change_monitor_instance.input_file_name = INPUT_FILE_DEFAULT_NAME
+        input_file_path = (
+            str(Path(change_monitor_instance.input_directory, change_monitor_instance.input_file_name)))
+
+        diff_checker_display_name = \
+            f'{change_monitor_instance.input_file_name}|{change_monitor_instance.object_type}'
+        self.diff_checker = diff_check.DiffChecker(
+            check_object=list(),  # we will append the list of connection events.
+            return_first_cycle=True,
+            operation_type='single_object',
+            check_object_display_name=diff_checker_display_name,
+            input_file_path=input_file_path
+        )
+        self.diff_checker.initiate_before_action()
+
+    def execute_cycle(self, print_kwargs: dict = None):
+        """
+        This function executes the cycle of the change monitor: network.
+
+        :param print_kwargs: print_api kwargs.
+        :return: List of dictionaries with the results of the cycle.
+        """
+
+        return_list = list()
+
+        self._get_list()
+
+        # Check if 'known_domains' list was updated from previous cycle.
+        result, message = self.diff_checker.check_list_of_dicts(print_kwargs=print_kwargs)
+
+        if result:
+            # Get list of new connections only.
+            new_connections_only: list = list_of_dicts.get_difference(result['old'], result['updated'])
+
+            for connection in new_connections_only:
+                message = \
+                    f"New connection: {connection['name']} | " \
+                    f"{connection['dst_ip']}:{connection['dst_port']} | " \
+                    f"{connection['family']} | {connection['type']} | {connection['cmdline']}"
+                # f"{connection['src_ip']}:{connection['src_port']} -> " \
+                print_api(message, color='yellow', **(print_kwargs or {}))
+
+                return_list.append(message)
+
+        return return_list
+
+    def _get_list(self):
+        """
+        The function will get the list of opened network sockets and return only the new ones.
+
+        :return: list of dicts, of new network sockets.
+        """
+
+        # Get all connections (list of dicts), including process name and cmdline.
+        connections_list_of_dicts: list = \
+            self.fetch_engine.get_connections_with_process_as_list_of_dicts(
+                attrs=['name', 'cmdline', 'family', 'type', 'dst_ip', 'dst_port'], skip_empty_dst=True,
+                cmdline_to_string=True, remove_duplicates=True)
+
+        # Get list of connections that are not in 'known_connections' list.
+        missing_connections_from_cycle: list = list_of_dicts.get_difference(
+            self.diff_checker.check_object, connections_list_of_dicts)
+        # Add missing new connections to 'known_connections' list.
+        self.diff_checker.check_object.extend(missing_connections_from_cycle)
+
+        # Sort list of dicts by process name and then by process cmdline.
+        self.diff_checker.check_object = list_of_dicts.sort_by_keys(
+            self.diff_checker.check_object, key_list=['cmdline', 'name'], case_insensitive=True)

atomicshop/monitor/checks/process_running.py

@@ -3,51 +3,50 @@ from ...basics import list_of_dicts
 from ...print_api import print_api
 
 
-def setup_check(change_monitor_instance):
-    change_monitor_instance.fetch_engine = psutilw.PsutilProcesses()
-
-
-def execute_cycle(change_monitor_instance, print_kwargs: dict = None):
+class ProcessRunningCheck:
     """
-    This function executes the cycle of the change monitor: process_running.
-
-    :param change_monitor_instance: Instance of the ChangeMonitor class.
-    :param print_kwargs: Dictionary with the print arguments.
-    :return: List of dictionaries with the results of the cycle.
+    Class for process running monitoring.
     """
 
-    if print_kwargs is None:
-        print_kwargs = dict()
+    def __init__(self, change_monitor_instance):
+        self.change_monitor_instance = change_monitor_instance
+        self.fetch_engine = psutilw.PsutilProcesses()
 
-    return_list = list()
+    def execute_cycle(self, print_kwargs: dict = None):
+        """
+        This function executes the cycle of the change monitor: process_running.
 
-    processes = _get_list(change_monitor_instance)
+        :param print_kwargs: Dictionary with the print arguments.
+        :return: List of dictionaries with the results of the cycle.
+        """
 
-    for process_name in change_monitor_instance.check_object:
-        result = list_of_dicts.is_value_exist_in_key(processes, 'cmdline', process_name, value_case_insensitive=True)
+        return_list = list()
 
-        # If the process name was found in the list of currently running processes.
-        if result:
-            message = f"Process [{process_name}] is Running."
-            print_api(message, color='green', **print_kwargs)
-        # If the process name was not found in the list of currently running processes.
-        else:
-            message = f"Process [{process_name}] not Running!"
-            print_api(message, color='red', **print_kwargs)
+        processes = self._get_list()
 
-            return_list.append(message)
+        for process_name in self.change_monitor_instance.check_object:
+            result = list_of_dicts.is_value_exist_in_key(
+                processes, 'cmdline', process_name, value_case_insensitive=True)
 
-    return return_list
+            # If the process name was found in the list of currently running processes.
+            if result:
+                message = f"Process [{process_name}] is Running."
+                print_api(message, color='green', **(print_kwargs or {}))
+            # If the process name was not found in the list of currently running processes.
+            else:
+                message = f"Process [{process_name}] not Running!"
+                print_api(message, color='red', **(print_kwargs or {}))
 
+                return_list.append(message)
 
-def _get_list(change_monitor_instance):
-    """
-    The function will get the list of opened network sockets and return only the new ones.
+        return return_list
 
-    :param change_monitor_instance: Instance of the ChangeMonitor class.
+    def _get_list(self):
+        """
+        The function will get the list of opened network sockets and return only the new ones.
 
-    :return: list of dicts, of new network sockets.
-    """
+        :return: list of dicts, of new network sockets.
+        """
 
-    return change_monitor_instance.fetch_engine.get_processes_as_list_of_dicts(
-        default_keys=True, cmdline_to_string=True)
+        return self.fetch_engine.get_processes_as_list_of_dicts(
+            default_keys=True, cmdline_to_string=True)

atomicshop/monitor/checks/url.py

@@ -0,0 +1,94 @@
+from pathlib import Path
+
+from ... import hashing, urls
+from ... import diff_check
+from ...print_api import print_api
+
+
+class UrlCheck:
+    """
+    Class for file monitoring.
+    """
+    def __init__(self, change_monitor_instance):
+        self.diff_checker = None
+        self.change_monitor_instance = None
+        self.store_original_file_path = None
+        self.get_method = None
+
+        # Extract the method name from the object type.
+        self.get_method = change_monitor_instance.object_type.split('_', 1)[1]
+
+        if not change_monitor_instance.input_file_name:
+            change_monitor_instance.input_file_name = (
+                urls.url_parser(change_monitor_instance.check_object))['directories'][-1]
+            change_monitor_instance.input_file_name = change_monitor_instance.input_file_name.lower()
+            change_monitor_instance.input_file_name = f'{change_monitor_instance.input_file_name}.txt'
+
+        input_file_path = (
+            str(Path(change_monitor_instance.input_directory, change_monitor_instance.input_file_name)))
+
+        # If 'store_original_object' is True, create filename for the store original object.
+        if change_monitor_instance.object_type_settings['store_original_object']:
+            # Add extension to the file name.
+            extension: str = str()
+            if 'playwright' in self.get_method:
+                extension = self.get_method.split('_')[1]
+            elif self.get_method == 'urllib':
+                extension = 'html'
+
+            store_original_file_name: str = Path(change_monitor_instance.input_file_name).stem
+            store_original_file_name = f'{store_original_file_name}.{extension}'
+            self.store_original_file_path = str(Path(change_monitor_instance.input_directory, store_original_file_name))
+
+        self.diff_checker = diff_check.DiffChecker(
+            return_first_cycle=False,
+            operation_type='single_object',
+            input_file_path=input_file_path,
+            check_object_display_name=f'{change_monitor_instance.input_file_name}|{change_monitor_instance.object_type}'
+        )
+        self.diff_checker.initiate_before_action()
+        self.change_monitor_instance = change_monitor_instance
+
+    def execute_cycle(self, print_kwargs: dict = None):
+        """
+        This function executes the cycle of the change monitor: hash.
+
+        :param print_kwargs: print_api kwargs.
+        :return: List of dictionaries with the results of the cycle.
+        """
+
+        return_list = list()
+
+        self._get_hash(print_kwargs=print_kwargs)
+
+        # Check if the object was updated.
+        result, message = self.diff_checker.check_string(
+            print_kwargs=print_kwargs)
+
+        # If the object was updated, print the message in yellow color, otherwise print in green color.
+        if result:
+            print_api(message, color='yellow', **print_kwargs)
+            # create_message_file(message, self.__class__.__name__, logger=self.logger)
+
+            return_list.append(message)
+        else:
+            print_api(message, color='green', **print_kwargs)
+
+        return return_list
+
+    def _get_hash(self, print_kwargs: dict = None):
+        """
+        The function will get the hash of the URL content.
+
+        :param print_kwargs: print_api kwargs.
+        """
+        # Get hash of the url. The hash will be different between direct hash of the URL content and the
+        # hash of the file that was downloaded from the URL. Since the file has headers and other information
+        # that is not part of the URL content. The Original downloaded file is for reference only to see
+        # what was the content of the URL at the time of the download.
+        hash_string = hashing.hash_url(
+            self.change_monitor_instance.check_object, get_method=self.get_method,
+            path=self.store_original_file_path, print_kwargs=print_kwargs)
+
+        # Set the hash string to the 'check_object' variable.
+        self.diff_checker.check_object = hash_string

{atomicshop-2.12.17.dist-info → atomicshop-2.12.19.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: atomicshop
-Version: 2.12.17
+Version: 2.12.19
 Summary: Atomic functions and classes to make developer life easier
 Author: Denis Kras
 License: MIT License

{atomicshop-2.12.17.dist-info → atomicshop-2.12.19.dist-info}/RECORD

@@ -1,4 +1,4 @@
-atomicshop/__init__.py,sha256=Y0i9YbX4w6RHv1MhMq0Dp3xhWzkgeDIA2V8gJkAoNbw,124
+atomicshop/__init__.py,sha256=CBepG0XgfpgafeV__swI0Jz0kUF1uJvK3WLlJWWcQwk,124
 atomicshop/_basics_temp.py,sha256=6cu2dd6r2dLrd1BRNcVDKTHlsHs_26Gpw8QS6v32lQ0,3699
 atomicshop/_create_pdf_demo.py,sha256=Yi-PGZuMg0RKvQmLqVeLIZYadqEZwUm-4A9JxBl_vYA,3713
 atomicshop/_patch_import.py,sha256=ENp55sKVJ0e6-4lBvZnpz9PQCt3Otbur7F6aXDlyje4,6334
@@ -9,7 +9,7 @@ atomicshop/config_init.py,sha256=z2RXD_mw9nQlAOpuGry1h9QT-2LhNscXgGAktN3dCVQ,249
 atomicshop/console_output.py,sha256=AOSJjrRryE97PAGtgDL03IBtWSi02aNol8noDnW3k6M,4667
 atomicshop/console_user_response.py,sha256=31HIy9QGXa7f-GVR8MzJauQ79E_ZqAeagF3Ks4GGdDU,3234
 atomicshop/datetimes.py,sha256=olsL01S5tkXk4WPzucxujqgLOh198BLgJntDnGYukRU,15533
-atomicshop/diff_check.py,sha256=BJIhnAgTyJ-nyw3UBKwobvF0lJuhXQ2rPu12NiYETkI,27088
+atomicshop/diff_check.py,sha256=0H4OeRxJodFIubpAoy2dFY9hixzLbkJ8NNlH6K3Xdus,27033
 atomicshop/dns.py,sha256=bNZOo5jVPzq7OT2qCPukXoK3zb1oOsyaelUwQEyK1SA,2500
 atomicshop/domains.py,sha256=Rxu6JhhMqFZRcoFs69IoEd1PtYca0lMCG6F1AomP7z4,3197
 atomicshop/emails.py,sha256=I0KyODQpIMEsNRi9YWSOL8EUPBiWyon3HRdIuSj3AEU,1410
@@ -106,7 +106,7 @@ atomicshop/etw/etw.py,sha256=xVJNbfCq4KgRfsDnul6CrIdAMl9xRBixZ-hUyqiB2g4,2403
 atomicshop/file_io/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 atomicshop/file_io/csvs.py,sha256=WOtDyVFhhA1RD3yrU9P33kDY1EKFEz8UmVCUkqYKuog,5503
 atomicshop/file_io/docxs.py,sha256=6tcYFGp0vRsHR47VwcRqwhdt2DQOwrAUYhrwN996n9U,5117
-atomicshop/file_io/file_io.py,sha256=FR84ihjGlr7Eqejo-_js4nBICVst31axD0bwX19S2eM,6385
+atomicshop/file_io/file_io.py,sha256=FOZ6_PjOASxSDHESe4fwDv5miXYR10OHTxkxtEHoZYQ,6555
 atomicshop/file_io/jsons.py,sha256=q9ZU8slBKnHLrtn3TnbK1qxrRpj5ZvCm6AlsFzoANjo,5303
 atomicshop/file_io/tomls.py,sha256=oa0Wm8yMkPRXKN9jgBuTnKbioSOee4mABW5IMUFCYyU,3041
 atomicshop/file_io/xlsxs.py,sha256=v_dyg9GD4LqgWi6wA1QuWRZ8zG4ZwB6Dz52ytdcmmmI,2184
@@ -132,15 +132,14 @@ atomicshop/mitm/engines/__reference_general/parser___reference_general.py,sha256
 atomicshop/mitm/engines/__reference_general/recorder___reference_general.py,sha256=KENDVf9OwXD9gwSh4B1XxACCe7iHYjrvnW1t6F64wdE,695
 atomicshop/mitm/engines/__reference_general/responder___reference_general.py,sha256=1AM49UaFTKA0AHw-k3SV3uH3QbG-o6ux0c-GoWkKNU0,6993
 atomicshop/monitor/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-atomicshop/monitor/change_monitor.py,sha256=ySfFCtsCFG3irV6gKr43DbbyQgmTwzG5m3FkCWDa8UI,9246
+atomicshop/monitor/change_monitor.py,sha256=mrLedkgXWxKzQLqjYd3bmD8-or6HlX9sejdXbSvhNMI,9016
 atomicshop/monitor/checks/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-atomicshop/monitor/checks/dns.py,sha256=XOMVhf2A2A8zEvQxBszL5z_DItJC0pomg_mkiMKMrug,5741
-atomicshop/monitor/checks/hash.py,sha256=f719jU1A_rJi1ixGEHzWIZEoqpHJq4znabZnq4in9IM,2202
-atomicshop/monitor/checks/network.py,sha256=i2jc5LRKeQJRNtOrSbkZQQCMy33No_X-SjMcXDmIh1E,3753
-atomicshop/monitor/checks/process_running.py,sha256=pvSTa3nHDy1YH-35QkFxBUsqnCnfU5PBA_NNjp9iUNg,1889
-atomicshop/monitor/checks/hash_checks/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-atomicshop/monitor/checks/hash_checks/file.py,sha256=o80UpjPNx9-AF5fYkZaP-ASHcBCE2zwGKUVRtDYKQyI,2402
-atomicshop/monitor/checks/hash_checks/url.py,sha256=XxBNjhQZO_JlicgadqBblvt6sIRizerwM-LVCOgMCQU,3020
+atomicshop/monitor/checks/dns.py,sha256=bPqQACt8IgQ08U-x9G7pAN-iSfxbdOAubJTHZd-lJ84,6792
+atomicshop/monitor/checks/file.py,sha256=2tIDSlX2KZNc_9i9ji1tcOqupbFTIOj7cKXLyBEDWMk,3263
+atomicshop/monitor/checks/hash.py,sha256=r4mDOdjItN3eyaJk8TVz03f4bQ_uKZ4MDTXagjseazs,2011
+atomicshop/monitor/checks/network.py,sha256=CGZWl4WlQrxayZeVF9JspJXwYA-zWx8ECWTVGSlXc98,3825
+atomicshop/monitor/checks/process_running.py,sha256=x66wd6-l466r8sbRQaIli0yswyGt1dH2DVXkGDL6O0Q,1891
+atomicshop/monitor/checks/url.py,sha256=1PvKt_d7wFg7rDMFpUejAQhj0mqWsmlmrNfjNAV2G4g,4123
 atomicshop/ssh_scripts/process_from_ipv4.py,sha256=uDBKZ2Ds20614JW1xMLr4IPB-z1LzIwy6QH5-SJ4j0s,1681
 atomicshop/ssh_scripts/process_from_port.py,sha256=uDTkVh4zc3HOTTGv1Et3IxM3PonDJCPuFRL6rnZDQZ4,1389
 atomicshop/wrappers/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -251,8 +250,8 @@ atomicshop/wrappers/socketw/socket_server_tester.py,sha256=AhpurHJmP2kgzHaUbq5ey
 atomicshop/wrappers/socketw/socket_wrapper.py,sha256=aXBwlEIJhFT0-c4i8iNlFx2It9VpCEpsv--5Oqcpxao,11624
 atomicshop/wrappers/socketw/ssl_base.py,sha256=k4V3gwkbq10MvOH4btU4onLX2GNOsSfUAdcHmL1rpVE,2274
 atomicshop/wrappers/socketw/statistics_csv.py,sha256=t3dtDEfN47CfYVi0CW6Kc2QHTEeZVyYhc57IYYh5nmA,826
-atomicshop-2.12.17.dist-info/LICENSE.txt,sha256=lLU7EYycfYcK2NR_1gfnhnRC8b8ccOTElACYplgZN88,1094
-atomicshop-2.12.17.dist-info/METADATA,sha256=eRzyeiQbRlaJQ62ckcewFJ7JdMmcSNBZKaVuhM4-GS8,10479
-atomicshop-2.12.17.dist-info/WHEEL,sha256=GJ7t_kWBFywbagK5eo9IoUwLW6oyOeTKmQ-9iHFVNxQ,92
-atomicshop-2.12.17.dist-info/top_level.txt,sha256=EgKJB-7xcrAPeqTRF2laD_Np2gNGYkJkd4OyXqpJphA,11
-atomicshop-2.12.17.dist-info/RECORD,,
+atomicshop-2.12.19.dist-info/LICENSE.txt,sha256=lLU7EYycfYcK2NR_1gfnhnRC8b8ccOTElACYplgZN88,1094
+atomicshop-2.12.19.dist-info/METADATA,sha256=XjMOMxBIk9wbHMRy4KgeBeYKoy8sD8FJjt-CGllbCsw,10479
+atomicshop-2.12.19.dist-info/WHEEL,sha256=GJ7t_kWBFywbagK5eo9IoUwLW6oyOeTKmQ-9iHFVNxQ,92
+atomicshop-2.12.19.dist-info/top_level.txt,sha256=EgKJB-7xcrAPeqTRF2laD_Np2gNGYkJkd4OyXqpJphA,11
+atomicshop-2.12.19.dist-info/RECORD,,

atomicshop/monitor/checks/hash_checks/file.py

@@ -1,54 +0,0 @@
-from .... import filesystem, hashing
-
-
-def setup_check(change_monitor_instance, check_object: str):
-    original_name: str = str()
-
-    # If 'generate_input_file_name' is True, or 'store_original_object' is True, we need to create a
-    # filename without extension.
-    if change_monitor_instance.store_original_object or change_monitor_instance.generate_input_file_name:
-        # Get the last directory from the url.
-        original_name = filesystem.get_file_name(check_object)
-        # Make characters lower case.
-        original_name = original_name.lower()
-
-    # If 'store_original_object' is True, then we need to create a filepath to store.
-    if change_monitor_instance.original_object_directory:
-        # Add extension to the file name.
-        original_file_name = original_name
-
-        # Make path for original object.
-        change_monitor_instance.original_object_file_path = filesystem.add_object_to_path(
-            change_monitor_instance.original_object_directory, original_file_name)
-
-    if change_monitor_instance.generate_input_file_name:
-        # Remove dots from the file name.
-        original_name_no_dots = original_name.replace('.', '-')
-        # Make path for 'input_file_name'.
-        change_monitor_instance.input_file_name = f'{original_name_no_dots}.txt'
-
-    # Change settings for the DiffChecker object.
-    change_monitor_instance.diff_checker.return_first_cycle = False
-
-    change_monitor_instance.diff_checker.check_object_display_name = \
-        f'{original_name}|{change_monitor_instance.object_type}'
-
-
-def get_hash(change_monitor_instance, check_object: str, print_kwargs: dict = None):
-    """
-    The function will get the hash of the URL content.
-
-    :param change_monitor_instance: Instance of the ChangeMonitor class.
-    :param check_object: string, full URL to a web page.
-    :param print_kwargs: dict, that contains all the arguments for 'print_api' function.
-    """
-
-    # Copy the file to the original object directory.
-    if change_monitor_instance.original_object_file_path:
-        filesystem.copy_file(check_object, change_monitor_instance.original_object_file_path)
-
-    # Get hash of the file.
-    hash_string = hashing.hash_file(check_object)
-
-    # Set the hash string to the 'check_object' variable.
-    change_monitor_instance.diff_checker.check_object = hash_string

atomicshop/monitor/checks/hash_checks/url.py

@@ -1,64 +0,0 @@
-from .... import filesystem, hashing, urls
-
-
-def setup_check(change_monitor_instance, check_object: str):
-    # Extract the method name from the object type.
-    get_method = change_monitor_instance.object_type.split('_', 1)[1]
-
-    original_name: str = str()
-
-    # If 'generate_input_file_name' is True, or 'store_original_object' is True, we need to create a
-    # filename without extension.
-    if change_monitor_instance.store_original_object or change_monitor_instance.generate_input_file_name:
-        # Get the last directory from the url.
-        original_name = urls.url_parser(check_object)['directories'][-1]
-        # Make characters lower case.
-        original_name = original_name.lower()
-
-    # If 'store_original_object' is True, then we need to create a filepath to store.
-    extension = None
-    if change_monitor_instance.original_object_directory:
-        # Add extension to the file name.
-        if 'playwright' in get_method:
-            extension = get_method.split('_')[1]
-        elif get_method == 'urllib':
-            extension = 'html'
-        original_file_name = f'{original_name}.{extension}'
-
-        # Make path for original object.
-        change_monitor_instance.original_object_file_path = filesystem.add_object_to_path(
-            change_monitor_instance.original_object_directory, original_file_name)
-
-    if change_monitor_instance.generate_input_file_name:
-        # Make path for 'input_file_name'.
-        change_monitor_instance.input_file_name = f'{original_name}.txt'
-
-    # Change settings for the DiffChecker object.
-    change_monitor_instance.diff_checker.return_first_cycle = False
-
-    change_monitor_instance.diff_checker.check_object_display_name = \
-        f'{original_name}|{change_monitor_instance.object_type}'
-
-
-def get_hash(change_monitor_instance, check_object: str, print_kwargs: dict = None):
-    """
-    The function will get the hash of the URL content.
-
-    :param change_monitor_instance: Instance of the ChangeMonitor class.
-    :param check_object: string, full URL to a web page.
-    :param print_kwargs: dict, that contains all the arguments for 'print_api' function.
-    """
-    # Extract the method name from the object type.
-    get_method = change_monitor_instance.object_type.split('_', 1)[1]
-
-    # Get hash of the url. The hash will be different between direct hash of the URL content and the
-    # hash of the file that was downloaded from the URL. Since the file has headers and other information
-    # that is not part of the URL content. The Original downloaded file is for reference only to see
-    # what was the content of the URL at the time of the download.
-    hash_string = hashing.hash_url(
-        check_object, get_method=get_method, path=change_monitor_instance.original_object_file_path,
-        print_kwargs=print_kwargs
-    )
-
-    # Set the hash string to the 'check_object' variable.
-    change_monitor_instance.diff_checker.check_object = hash_string