add hunter.io analyzer

2024-11-06 17:15:21 +00:00 · 2018-07-04 12:26:11 +02:00 · 2018-07-04 12:26:11 +02:00 · 851da3ff53
commit 851da3ff53
parent 40e601402d
3 changed files with 68 additions and 0 deletions
--- a/analyzers/Hunterio/Hunterio_domainsearch.json
+++ b/analyzers/Hunterio/Hunterio_domainsearch.json
@ -0,0 +1,22 @@
+{
+    "name": "Hunterio_DomainSearch",
+    "author": "Rémi Allain, Cyberprotect",
+    "license": "AGPL-V3",
+    "url": "https://github.com/Cyberprotect/Cortex-Analyzers",
+    "version": "1.0",
+    "description": "hunter.io is a service to find email addresses from a domain.",
+    "dataTypeList": ["domain", "fqdn"],
+    "command": "Hunterio/hunterio_analyzer.py",
+    "baseConfig": "Hunterio",
+    "config": {
+        "service": "domainsearch",
+        "check_tlp": false
+    },
+    "configurationItems": [{
+        "name": "key",
+        "description": "api key of hunter.io",
+        "type": "string",
+        "multi": false,
+        "required": true
+    }]
+}
--- a/analyzers/Hunterio/hunterio_analyzer.py
+++ b/analyzers/Hunterio/hunterio_analyzer.py
@ -0,0 +1,44 @@
+#!/usr/bin/env python
+# encoding: utf-8
+
+import requests
+from cortexutils.analyzer import Analyzer
+
+
+class Hunterio(Analyzer):
+    URI = "https://api.hunter.io/v2/"
+
+
+    def __init__(self):
+        Analyzer.__init__(self)
+        self.service = self.get_param('config.service', None, 'Service parameter is missing')
+        self.key = self.get_param('config.key', None, 'Missing hunter.io API key')
+
+    def summary(self, raw):
+
+        taxonomies = []
+        namespace = "Hunter.io"
+        if self.service == 'domainsearch':
+            found = 0
+            if(raw.get('meta') and raw['meta'].get('results')):
+                found = raw['meta'].get('results')
+            taxonomies.append(self.build_taxonomy('info', namespace, "Emails found", found))
+
+        return {"taxonomies": taxonomies}
+
+
+    def run(self):
+        Analyzer.run(self)
+
+        if self.service == 'domainsearch' and (self.data_type == 'domain' or self.data_type == 'fqdn'):
+            try:
+                response = requests.get("{}domain-search?domain={}&api_key={}".format(self.URI, self.get_data(), self.key))
+                self.report(response.json())
+            except Exception as e:
+                self.unexpectedError(e)
+        else:
+            self.notSupported()
+
+
+if __name__ == '__main__':
+    Hunterio().run()
--- a/analyzers/Hunterio/requirements.txt
+++ b/analyzers/Hunterio/requirements.txt
@ -0,0 +1,2 @@
+cortexutils
+requests