atomicshop 2.19.16__py3-none-any.whl → 2.19.17__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of atomicshop might be problematic. Click here for more details.
- atomicshop/__init__.py +1 -1
- atomicshop/etws/trace.py +6 -3
- atomicshop/etws/traces/trace_dns.py +1 -0
- atomicshop/etws/traces/trace_tcp.py +1 -0
- {atomicshop-2.19.16.dist-info → atomicshop-2.19.17.dist-info}/METADATA +1 -1
- {atomicshop-2.19.16.dist-info → atomicshop-2.19.17.dist-info}/RECORD +9 -9
- {atomicshop-2.19.16.dist-info → atomicshop-2.19.17.dist-info}/LICENSE.txt +0 -0
- {atomicshop-2.19.16.dist-info → atomicshop-2.19.17.dist-info}/WHEEL +0 -0
- {atomicshop-2.19.16.dist-info → atomicshop-2.19.17.dist-info}/top_level.txt +0 -0
atomicshop/__init__.py
CHANGED
atomicshop/etws/trace.py
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import queue
|
|
2
2
|
import sys
|
|
3
|
-
import time
|
|
4
3
|
import multiprocessing.managers
|
|
4
|
+
from datetime import datetime
|
|
5
5
|
|
|
6
6
|
# Import FireEye Event Tracing library.
|
|
7
7
|
import etw
|
|
@@ -9,7 +9,6 @@ import etw
|
|
|
9
9
|
from ..print_api import print_api
|
|
10
10
|
from . import sessions
|
|
11
11
|
from ..process_poller import simple_process_pool
|
|
12
|
-
from ..wrappers.psutilw import psutilw
|
|
13
12
|
|
|
14
13
|
|
|
15
14
|
class EventTrace(etw.ETW):
|
|
@@ -147,9 +146,13 @@ class EventTrace(etw.ETW):
|
|
|
147
146
|
|
|
148
147
|
event: tuple = self.event_queue.get()
|
|
149
148
|
|
|
149
|
+
current_datetime = datetime.now()
|
|
150
|
+
readable_time = current_datetime.strftime('%Y-%m-%d %H:%M:%S.%f')
|
|
151
|
+
|
|
150
152
|
event_dict: dict = {
|
|
151
153
|
'EventId': event[0],
|
|
152
|
-
'EventHeader': event[1]
|
|
154
|
+
'EventHeader': event[1],
|
|
155
|
+
'timestamp': readable_time
|
|
153
156
|
}
|
|
154
157
|
|
|
155
158
|
if 'ProcessId' not in event[1]:
|
|
@@ -136,6 +136,7 @@ class DnsRequestResponseTrace:
|
|
|
136
136
|
status = 'Error'
|
|
137
137
|
|
|
138
138
|
event_dict: dict = {
|
|
139
|
+
'timestamp': event['timestamp'],
|
|
139
140
|
'event_id': event['EventId'],
|
|
140
141
|
'query': event['EventHeader']['QueryName'],
|
|
141
142
|
'query_type_id': str(event['EventHeader']['QueryType']),
|
|
@@ -112,6 +112,7 @@ class TcpIpNewConnectionsTrace:
|
|
|
112
112
|
remote_address = remote_address.replace('[', '').replace(']', '')
|
|
113
113
|
|
|
114
114
|
event_dict: dict = {
|
|
115
|
+
'timestamp': event['timestamp'],
|
|
115
116
|
'event_id': event['EventId'],
|
|
116
117
|
'local_ip': local_address,
|
|
117
118
|
'local_port': local_port,
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
atomicshop/__init__.py,sha256=
|
|
1
|
+
atomicshop/__init__.py,sha256=sirfPpzTYXnvvIq87Zu3Mv0_mmzJTsmrk6btWEBTaN4,124
|
|
2
2
|
atomicshop/_basics_temp.py,sha256=6cu2dd6r2dLrd1BRNcVDKTHlsHs_26Gpw8QS6v32lQ0,3699
|
|
3
3
|
atomicshop/_create_pdf_demo.py,sha256=Yi-PGZuMg0RKvQmLqVeLIZYadqEZwUm-4A9JxBl_vYA,3713
|
|
4
4
|
atomicshop/_patch_import.py,sha256=ENp55sKVJ0e6-4lBvZnpz9PQCt3Otbur7F6aXDlyje4,6334
|
|
@@ -119,11 +119,11 @@ atomicshop/etws/_pywintrace_fix.py,sha256=nHrtnAb796eOZ6FlCqcsuRh_TSqSPp6JXLN6TB
|
|
|
119
119
|
atomicshop/etws/const.py,sha256=v3x_IdCYeSKbCGywiZFOZln80ldpwKW5nuMDuUe51Jg,1257
|
|
120
120
|
atomicshop/etws/providers.py,sha256=CXNx8pYdjtpLIpA66IwrnE64XhY4U5ExnFBMLEb8Uzk,547
|
|
121
121
|
atomicshop/etws/sessions.py,sha256=b_KeiOvgOBJezJokN81TRlrvJiQNJlIWN4Z6UVjuxP0,1335
|
|
122
|
-
atomicshop/etws/trace.py,sha256=
|
|
122
|
+
atomicshop/etws/trace.py,sha256=u38pgUa9_eG1WBSDUOJ2PmCRQWifZJCEmovCy8OFk18,7786
|
|
123
123
|
atomicshop/etws/traces/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
124
|
-
atomicshop/etws/traces/trace_dns.py,sha256=
|
|
124
|
+
atomicshop/etws/traces/trace_dns.py,sha256=mCZgkSrfYrq9rBfqWGmY7rRSqFQeMoQWCOC8ggjKUak,6925
|
|
125
125
|
atomicshop/etws/traces/trace_sysmon_process_creation.py,sha256=OM-bkK38uYMwWLZKNOTDa0Xdk3sO6sqsxoMUIiPvm5g,4656
|
|
126
|
-
atomicshop/etws/traces/trace_tcp.py,sha256=
|
|
126
|
+
atomicshop/etws/traces/trace_tcp.py,sha256=bHxngCxuKFOlSJw7z7fWAG613nzqLYZMktgxAlGC5rQ,5282
|
|
127
127
|
atomicshop/file_io/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
128
128
|
atomicshop/file_io/csvs.py,sha256=zv0kKjRT-ZWRi0WpMIUQ_FKyP9Dt0f5Bc98Qsj6ClPU,9495
|
|
129
129
|
atomicshop/file_io/docxs.py,sha256=Nyt3hSpzwqUKZEP5p5efqNpjFs9XqkK40Kp7BbbPo7E,6245
|
|
@@ -330,8 +330,8 @@ atomicshop/wrappers/socketw/statistics_csv.py,sha256=fgMzDXI0cybwUEqAxprRmY3lqbh
|
|
|
330
330
|
atomicshop/wrappers/winregw/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
331
331
|
atomicshop/wrappers/winregw/winreg_installed_software.py,sha256=Qzmyktvob1qp6Tjk2DjLfAqr_yXV0sgWzdMW_9kwNjY,2345
|
|
332
332
|
atomicshop/wrappers/winregw/winreg_network.py,sha256=AENV88H1qDidrcpyM9OwEZxX5svfi-Jb4N6FkS1xtqA,8851
|
|
333
|
-
atomicshop-2.19.
|
|
334
|
-
atomicshop-2.19.
|
|
335
|
-
atomicshop-2.19.
|
|
336
|
-
atomicshop-2.19.
|
|
337
|
-
atomicshop-2.19.
|
|
333
|
+
atomicshop-2.19.17.dist-info/LICENSE.txt,sha256=lLU7EYycfYcK2NR_1gfnhnRC8b8ccOTElACYplgZN88,1094
|
|
334
|
+
atomicshop-2.19.17.dist-info/METADATA,sha256=Mh7XFo4nIxw7Rzs_QAjEABvfXj4gQvkAg6dlj0qxO8w,10631
|
|
335
|
+
atomicshop-2.19.17.dist-info/WHEEL,sha256=GJ7t_kWBFywbagK5eo9IoUwLW6oyOeTKmQ-9iHFVNxQ,92
|
|
336
|
+
atomicshop-2.19.17.dist-info/top_level.txt,sha256=EgKJB-7xcrAPeqTRF2laD_Np2gNGYkJkd4OyXqpJphA,11
|
|
337
|
+
atomicshop-2.19.17.dist-info/RECORD,,
|
|
File without changes
|
|
File without changes
|
|
File without changes
|