socx 2.1__tar.gz → 2.3__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (13) hide show
  1. {socx-2.1 → socx-2.3}/PKG-INFO +16 -8
  2. {socx-2.1 → socx-2.3}/README.md +15 -7
  3. {socx-2.1 → socx-2.3}/pyproject.toml +1 -1
  4. {socx-2.1 → socx-2.3}/src/socx/socx.py +64 -2
  5. {socx-2.1 → socx-2.3}/src/socx.egg-info/PKG-INFO +16 -8
  6. {socx-2.1 → socx-2.3}/tests/tests.py +23 -11
  7. {socx-2.1 → socx-2.3}/setup.cfg +0 -0
  8. {socx-2.1 → socx-2.3}/src/socx/__init__.py +0 -0
  9. {socx-2.1 → socx-2.3}/src/socx/util.py +0 -0
  10. {socx-2.1 → socx-2.3}/src/socx.egg-info/SOURCES.txt +0 -0
  11. {socx-2.1 → socx-2.3}/src/socx.egg-info/dependency_links.txt +0 -0
  12. {socx-2.1 → socx-2.3}/src/socx.egg-info/entry_points.txt +0 -0
  13. {socx-2.1 → socx-2.3}/src/socx.egg-info/top_level.txt +0 -0
{socx-2.1 → socx-2.3}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: socx
3
- Version: 2.1
3
+ Version: 2.3
4
4
  Summary: A set of useful tools for a security operations center
5
5
  Author-email: Enlace <enlace.aman@gmail.com>
6
6
  Classifier: Programming Language :: Python :: 3
@@ -8,12 +8,15 @@ Classifier: Operating System :: OS Independent
8
8
  Requires-Python: >=3.8
9
9
  Description-Content-Type: text/markdown
10
10
 
11
- # socx
11
+ # SOCX
12
12
  A collection of helpful tools for a SOC analyst. Easily search for IPs, domains, and find files on the system.
13
13
 
14
14
  ## Installing
15
15
  python -m pip install socx
16
16
 
17
+ ### Installing from QA
18
+ python -m pip install --index-url https://test.pypi.org/simple/ socx
19
+
17
20
  ## Usage
18
21
  A tool to assist with day to day activites in a security operations center (pronounced "socks")
19
22
 
@@ -27,21 +30,26 @@ or
27
30
  python socx.py [universal options] [function] [arguments]
28
31
 
29
32
  Examples:
33
+
30
34
  socx --help
31
35
 
32
36
  socx info -h
33
-
37
+
34
38
  socx info -ip 1.2.3.4
35
-
39
+
36
40
  socx -v 3 info -d google.com
37
-
41
+
38
42
  socx find -f filename.txt -i
39
-
43
+
40
44
  socx find -f fold.*name -r
41
-
45
+
42
46
  socx unwrap --url "https://urldefense.com/v3/__https:/..."
43
-
47
+
44
48
  socx combine --csvs 5
49
+
50
+ socx awake --minutes 90
51
+
52
+ socx awake --restart
45
53
 
46
54
  ## Other Information
47
55
 
{socx-2.1 → socx-2.3}/README.md RENAMED
@@ -1,9 +1,12 @@
1
- # socx
1
+ # SOCX
2
2
  A collection of helpful tools for a SOC analyst. Easily search for IPs, domains, and find files on the system.
3
3
 
4
4
  ## Installing
5
5
  python -m pip install socx
6
6
 
7
+ ### Installing from QA
8
+ python -m pip install --index-url https://test.pypi.org/simple/ socx
9
+
7
10
  ## Usage
8
11
  A tool to assist with day to day activites in a security operations center (pronounced "socks")
9
12
 
@@ -17,21 +20,26 @@ or
17
20
  python socx.py [universal options] [function] [arguments]
18
21
 
19
22
  Examples:
23
+
20
24
  socx --help
21
25
 
22
26
  socx info -h
23
-
27
+
24
28
  socx info -ip 1.2.3.4
25
-
29
+
26
30
  socx -v 3 info -d google.com
27
-
31
+
28
32
  socx find -f filename.txt -i
29
-
33
+
30
34
  socx find -f fold.*name -r
31
-
35
+
32
36
  socx unwrap --url "https://urldefense.com/v3/__https:/..."
33
-
37
+
34
38
  socx combine --csvs 5
39
+
40
+ socx awake --minutes 90
41
+
42
+ socx awake --restart
35
43
 
36
44
  ## Other Information
37
45
 
{socx-2.1 → socx-2.3}/pyproject.toml RENAMED
@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
4
4
 
5
5
  [project]
6
6
  name = "socx"
7
- version = "2.1"
7
+ version = "2.3"
8
8
  authors = [
9
9
  { name="Enlace", email="enlace.aman@gmail.com" },
10
10
  ]
{socx-2.1 → socx-2.3}/src/socx/socx.py RENAMED
@@ -1,7 +1,9 @@
1
1
  #!/usr/bin/env python3
2
2
 
3
3
  from contextlib import suppress
4
+ import subprocess
4
5
  from unittest import skipUnless
6
+ from urllib.parse import unquote
5
7
 
6
8
  try:
7
9
  import argparse
@@ -48,6 +50,8 @@ ABOUT = f"""
48
50
 
49
51
  Version: {VERSION}
50
52
  A tool to assist with day to day activites in a security operations center (pronounced "socks")
53
+
54
+ Visit https://enlace.one/ for more information.
51
55
  """
52
56
  USAGE = f"""Usage:
53
57
  {PROGRAM_NAME} [universal options] [function] [arguments]
@@ -62,6 +66,8 @@ Examples:
62
66
  {PROGRAM_NAME} find -f fold.*name -r
63
67
  {PROGRAM_NAME} unwrap --url "https://urldefense.com/v3/__https:/..."
64
68
  {PROGRAM_NAME} combine --csvs 5
69
+ {PROGRAM_NAME} awake --minutes 90
70
+ {PROGRAM_NAME} awake --restart
65
71
  """
66
72
  verbosity = 1
67
73
  environmental_variables = {
@@ -82,9 +88,8 @@ def p(*args_, v=1, end="\n", sep=" ", file=None):
82
88
 
83
89
  def unwrap_url(url):
84
90
  pp_decoder = util.URLDefenseDecoder()
85
- url = pp_decoder.decode(url)
86
91
  if "safelinks" in url:
87
- url = url.split("url=")[1]
92
+ url = unquote(url.split("url=")[1])
88
93
  url = pp_decoder.decode(url)
89
94
  return url
90
95
 
@@ -487,6 +492,33 @@ def do_command_history(user="~"):
487
492
  p("Command history gathered", v=3)
488
493
 
489
494
 
495
+ def awake(minutes=60, restart=False):
496
+ interval = 10 # seconds
497
+ iterations = (minutes * 60) / interval
498
+
499
+ p(f"Keeping the device awake for {minutes} minutes...")
500
+ cmd = [
501
+ "powershell",
502
+ "-Command",
503
+ "$WShell = New-Object -ComObject 'WScript.Shell'; "
504
+ f"for ($i = 0; $i -lt {iterations}; $i++) {{ "
505
+ f"$WShell.SendKeys('%'); Start-Sleep -Seconds {interval}; $temp = [Math]::Round(($i*{interval})/60, 1); Write-Output \"$temp of {minutes}. CTRL+C to End\"}}",
506
+ ]
507
+
508
+ with subprocess.Popen(
509
+ cmd, stdout=subprocess.PIPE, stderr=subprocess.STDOUT, text=True
510
+ ) as proc:
511
+ for line in proc.stdout:
512
+ print(line, end="")
513
+
514
+ if restart:
515
+ p("Restarting device...")
516
+ cmd = ["shutdown", "/r", "/t", "0"]
517
+ proc = subprocess.Popen(
518
+ cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE, close_fds=True
519
+ )
520
+
521
+
490
522
  #############
491
523
  # Arguments #
492
524
  #############.
@@ -506,6 +538,34 @@ FUNCTIONS = [
506
538
  "function": lambda: interactive_mode(),
507
539
  "arguments": [],
508
540
  },
541
+ {
542
+ "name": "Stay Awake",
543
+ "command": "awake",
544
+ "help": "",
545
+ "function": awake,
546
+ "arguments": [
547
+ {
548
+ "name": "minutes",
549
+ "flag": "--minutes",
550
+ "short_flag": "-m",
551
+ "prompt": "Enter number of minutes to run for: ",
552
+ "type": int,
553
+ "default": 60,
554
+ "required": False,
555
+ "help": "Keeps device awake for this many minutes",
556
+ },
557
+ {
558
+ "name": "restart",
559
+ "flag": "--restart",
560
+ "short_flag": "-r",
561
+ "type": bool,
562
+ "action": "store_true",
563
+ "default": False,
564
+ "required": False,
565
+ "help": "Restart computer once done keeping device awake",
566
+ },
567
+ ],
568
+ },
509
569
  {
510
570
  "name": "Combine CSVs",
511
571
  "command": "combine",
@@ -535,6 +595,7 @@ FUNCTIONS = [
535
595
  "name": "skip_og_filename_column",
536
596
  "flag": "--skip_og_filename_column",
537
597
  "short_flag": "-sname",
598
+ "action": "store_true",
538
599
  "type": bool,
539
600
  "default": False,
540
601
  "required": False,
@@ -660,6 +721,7 @@ FUNCTIONS = [
660
721
  "short_flag": "-ss",
661
722
  "type": bool,
662
723
  "default": False,
724
+ "action": "store_true",
663
725
  "required": False,
664
726
  "help": "Do smart search (try directory then user folder then C: then D:)",
665
727
  },
{socx-2.1 → socx-2.3}/src/socx.egg-info/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: socx
3
- Version: 2.1
3
+ Version: 2.3
4
4
  Summary: A set of useful tools for a security operations center
5
5
  Author-email: Enlace <enlace.aman@gmail.com>
6
6
  Classifier: Programming Language :: Python :: 3
@@ -8,12 +8,15 @@ Classifier: Operating System :: OS Independent
8
8
  Requires-Python: >=3.8
9
9
  Description-Content-Type: text/markdown
10
10
 
11
- # socx
11
+ # SOCX
12
12
  A collection of helpful tools for a SOC analyst. Easily search for IPs, domains, and find files on the system.
13
13
 
14
14
  ## Installing
15
15
  python -m pip install socx
16
16
 
17
+ ### Installing from QA
18
+ python -m pip install --index-url https://test.pypi.org/simple/ socx
19
+
17
20
  ## Usage
18
21
  A tool to assist with day to day activites in a security operations center (pronounced "socks")
19
22
 
@@ -27,21 +30,26 @@ or
27
30
  python socx.py [universal options] [function] [arguments]
28
31
 
29
32
  Examples:
33
+
30
34
  socx --help
31
35
 
32
36
  socx info -h
33
-
37
+
34
38
  socx info -ip 1.2.3.4
35
-
39
+
36
40
  socx -v 3 info -d google.com
37
-
41
+
38
42
  socx find -f filename.txt -i
39
-
43
+
40
44
  socx find -f fold.*name -r
41
-
45
+
42
46
  socx unwrap --url "https://urldefense.com/v3/__https:/..."
43
-
47
+
44
48
  socx combine --csvs 5
49
+
50
+ socx awake --minutes 90
51
+
52
+ socx awake --restart
45
53
 
46
54
  ## Other Information
47
55
 
{socx-2.1 → socx-2.3}/tests/tests.py RENAMED
@@ -37,22 +37,34 @@ def test_find_file():
37
37
  ## Getting hung up
38
38
  # def test_find_file_with_regex():
39
39
  # output = run(
40
- # "-v 5 find --regex -f 'Phineas.*Ferb.txt' -d 'C:\\Users\\colli\\OneDrive\\Documents\\Python\\socX\\tests\\test_files'"
40
+ # "-v 5 find --regex -f 'Phineas.*Ferb.txt' -d ''"
41
41
  # )
42
42
  # assert output.stderr == ""
43
43
  # assert "\\PhineasAndFerb.txt" in str(output.stdout)
44
44
 
45
45
 
46
- def test_unwrap_url():
47
- test_url = "https://urldefense.com/v3/__https:/conferences.stjude.org/g87vv8?i=2NejfAgCkki403xbcRpHuw&locale=en-US__;!!NfcMrC8AwgI!cq3afLDXviFyix2KeJ62VsQBrrZOgfyZu1fks7uQorRGX6VOgcDaUgTpxFdJRmXMdtU5zsmZB9PUw-TmquYgbIGIYUDPsQ$"
48
- output = run(
49
- f"unwrap --url '{test_url}' ",
50
- )
51
- assert output.stderr == ""
52
- assert (
53
- "https://conferences.stjude.org/g87vv8?i=2NejfAgCkki403xbcRpHuw&locale=en-US"
54
- in str(output.stdout)
55
- )
46
+ # def test_unwrap_url():
47
+ # test_url = "https://urldefense.com/v3/__https:/conferences.stjude.org/g87vv8?i=2NejfAgCkki403xbcRpHuw&locale=en-US__;!!NfcMrC8AwgI!cq3afLDXviFyix2KeJ62VsQBrrZOgfyZu1fks7uQorRGX6VOgcDaUgTpxFdJRmXMdtU5zsmZB9PUw-TmquYgbIGIYUDPsQ$"
48
+ # output = run(
49
+ # f"unwrap --url '{test_url}' ",
50
+ # )
51
+ # assert output.stderr == ""
52
+ # assert (
53
+ # "https://conferences.stjude.org/g87vv8?i=2NejfAgCkki403xbcRpHuw&locale=en-US"
54
+ # in str(output.stdout)
55
+ # )
56
+
57
+
58
+ # def test_unwrap_safelink_url():
59
+ # test_url = "https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Foutlook.office365.com%2Fowa%2F%3FItemID%3DAAkALgAAAAAAHYQDEapmEc2byACqAC%252FEWg0AEtOij2Wdn0uk%252Bvzsc82xogACnMa3jwAA%26exvsurl%3D1%26viewmodel%3DReadMessageItem%26nativeOutlookCommand%3DopenMessage&data=05%7C02%7CCollin.Peel%40alsac.stjude.org%7C870e10f064af483039e608ddc580ff4a%7C62a96f9aa5614bfba97870a73a08dc02%7C0%7C0%7C638883880016710627%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=JiZTfR8E3%2FPCVauhcSsanHVYDR0ETfRKP1Gzjrd2ppc%3D&reserved=0"
60
+ # output = run(
61
+ # f"unwrap --url '{test_url}' ",
62
+ # )
63
+ # assert output.stderr == ""
64
+ # assert (
65
+ # "https://outlook.office365.com/owa/?ItemID=AAkALgAAAAAAHYQDEapmEc2byACqAC%2FEWg0AEtOij2Wdn0uk%2Bvzsc82xogACnMa3jwAA&exvsurl=1&viewmodel=ReadMessageItem&nativeOutlookCommand=openMessage"
66
+ # in str(output.stdout)
67
+ # )
56
68
 
57
69
 
58
70
  ## This one has issues with testing but does seem to work
{socx-2.1 → socx-2.3}/setup.cfg RENAMED
File without changes
{socx-2.1 → socx-2.3}/src/socx/__init__.py RENAMED
File without changes
{socx-2.1 → socx-2.3}/src/socx/util.py RENAMED
File without changes
{socx-2.1 → socx-2.3}/src/socx.egg-info/SOURCES.txt RENAMED
File without changes
{socx-2.1 → socx-2.3}/src/socx.egg-info/top_level.txt RENAMED
File without changes