#873 pdns

analyzers/CIRCLPassiveDNS/CIRCLPassiveDNS.json

@@ -1,27 +1,49 @@
 {
-  "name": "CIRCLPassiveDNS",
+    "name": "CIRCLPassiveDNS",
-  "author": "Nils Kuhnert, CERT-Bund",
+    "author": "Nils Kuhnert, CERT-Bund",
-  "license": "AGPL-V3",
+    "license": "AGPL-V3",
-  "url": "https://github.com/BSI-CERT-Bund/cortex-analyzers",
+    "url": "https://github.com/BSI-CERT-Bund/cortex-analyzers",
-  "version": "2.0",
+    "version": "2.0",
-  "description": "Check CIRCL's Passive DNS for a given domain or URL.",
+    "description": "Check CIRCL's Passive DNS for a given domain or URL.",
-  "dataTypeList": ["domain", "url", "ip"],
+    "dataTypeList": [
-  "baseConfig": "CIRCL",
+        "domain",
-  "command": "CIRCLPassiveDNS/circl_passivedns.py",
+        "url",
-  "configurationItems": [
+        "ip"
-    {
+    ],
-      "name": "user",
+    "baseConfig": "CIRCL",
-      "description": "Username",
+    "command": "CIRCLPassiveDNS/circl_passivedns.py",
-      "type": "string",
+    "configurationItems": [
-      "multi": false,
+        {
-      "required": true
+            "name": "user",
+            "description": "Username",
+            "type": "string",
+            "multi": false,
+            "required": true
+        },
+        {
+            "name": "password",
+            "description": "Password",
+            "type": "string",
+            "multi": false,
+            "required": true
+        }
+    ],
+    "registration_required": true,
+    "subscription_required": true,
+    "free_subscription": true,
+    "service_homepage": "https://www.circl.lu/services/passive-dns/",
+    "service_logo": {
+        "path": "assets/passivedns.png",
+        "caption": "logo"
     },
-    {
+    "screenshots": [
-      "name": "password",
+        {
-      "description": "Password",
+            "path": "sc-short-circlpassivedns.png",
-      "type": "string",
+            "caption": "CIRCLPassiveDNS: short report"
-      "multi": false,
+        },
-      "required": true
+        {
-    }
+            "path": "sc-long-circlpassivedns.png",
-  ]
+            "caption": "CIRCLPassiveDNS: long report"
-}
+        }
+    ]
+}

analyzers/CIRCLPassiveDNS/README.md

@@ -0,0 +1,19 @@
+### CIRCLPassiveDNS
+
+Check [CIRCL's Passive DNS](https://www.circl.lu/services/passive-dns/) for a
+ given domain.
+
+This analyzer comes in only one flavor.
+
+#### Requirements
+
+Access to CIRCL Passive DNS is only allowed to trusted partners in Luxembourg
+and abroad. [Contact CIRCL](https://www.circl.lu/contact/) if you would like
+access. Include your affiliation and the foreseen use of the Passive DNS
+data.
+
+If the CIRCL positively answers your access request, you'll obtain a username
+ and password which are needed to make the analyzer work.
+
+supply your username as the value for the `user` parameter and your password
+as the value for the `password` parameter.