Philippe Langlois planglois925
planglois925
/ core.py
Created
September 8, 2018 13:28
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from py2neo import Graph, Node, Relationship | |
| class NodeCreator: | |
| def __init__(self): | |
| ''' | |
| Start off my creating the graph connection |
planglois925
/ threat_crowd_modules.py
Last active
September 8, 2018 13:58
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from core.modules import NodeCreator, RelationshipMaker | |
| from py2neo import Graph | |
| class EmailTC(NodeCreator): | |
| def __init__(self): | |
| NodeCreator.__init__(self) | |
| self.Node_Label = 'Email' | |
| self.Plugin_name = 'ThreatCrowd' |
planglois925
/ threat_crowd_add_domain.py
Last active
September 8, 2018 13:54
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def add_domain_lookup(domain): | |
| # Add the nodes | |
| domain_maker = modules.DomainTC() | |
| hash_maker = modules.Hashes_TC() | |
| email = modules.EmailTC() | |
| sub_domain = modules.Sub_DomainTC() | |
| ip_address = modules.IP_addressTC() |
planglois925
/ intel-grapher.py
Last active
September 8, 2018 13:54
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from threatcrowd import utils as tc_utils | |
| import argparse | |
| def main(): | |
| parser = argparse.ArgumentParser(description='Tool to take data and insert it into graphdatabase') | |
| parser.add_argument('-d', '--domain', help="Domains to look up", default=None) | |
| parser.add_argument('-e', '--email',help='Emails to look up', default=None) | |
| parser.add_argument('-hx', '--hash', help='Hashes to look up', default=None) |
planglois925
/ cwa_parameter_store
Created
December 29, 2018 14:25
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "logs": { | |
| "logs_collected": { | |
| "windows_events": { | |
| "collect_list": [ | |
| { | |
| "event_format": "xml", | |
| "event_levels": [ | |
| "INFORMATION", | |
| "WARNING", |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {'source_id': 'vcdb', 'timeline': {'incident': {'year': 1950}}, 'victim': {'government': ['Unknown'], 'country': ['Unknown'], 'employee_count': 'Unknown', 'industry': '0000'}, 'action': {'hacking': {'variety': ['Unknown'], 'vector': ['Unknown']}}, 'actor': {'unknown': {'notes': 'unknown'}}, 'asset': {'assets': [{'variety': 'Unknown'}], 'cloud': ['Unknown'], 'role': ['Unknown']}, 'attribute': {'confidentiality': {'data_disclosure': 'Unknown'}}, 'discovery_method': {'unknown': True}, 'plus': {'modified': '2021-08-26T23:08:42.848Z', 'created': '2021-08-26T23:08:34.240Z', 'master_id': '2edf026a-efa0-4654-a2e5-7801c42a0f52', 'analysis_status': 'Ineligible', 'dbir_year': 2022}, 'incident_id': 'bb825e60-06a0-11ec-9aa9-1b076e2ceec4', 'security_incident': 'Confirmed', 'targeted': 'Unknown', 'schema_version': '1.3.5'} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {"source_id": "vcdb", "timeline": {"incident": {"year": 1950}}, "victim": {"government": ["Unknown"], "country": ["Unknown"], "employee_count": "Unknown", "industry": "0000"}, "action": {"hacking": {"variety": ["Unknown"], "vector": ["Unknown"]}}, "actor": {"unknown": {"notes": "unknown"}}, "asset": {"assets": [{"variety": "Unknown"}], "cloud": ["Unknown"], "role": ["Unknown"]}, "attribute": {"confidentiality": {"data_disclosure": "Unknown"}}, "discovery_method": {"unknown": true}, "plus": {"modified": "2021-08-26T23:08:42.848Z", "created": "2021-08-26T23:08:34.240Z", "master_id": "2edf026a-efa0-4654-a2e5-7801c42a0f52", "analysis_status": "Ineligible", "dbir_year": 2022}, "incident_id": "bb825e60-06a0-11ec-9aa9-1b076e2ceec4", "security_incident": "Confirmed", "targeted": "Unknown", "schema_version": "1.3.5"} |
planglois925
/ 44683489-7ff7-40b4-9824-6de44d7909c6.json
Created
August 27, 2021 19:00
Incident for https://github.com/planglois925/test_auto_coder/issues/3
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {"source_id": "vcdb", "timeline": {"incident": {"year": 1950}}, "victim": {"government": ["Unknown"], "country": ["Unknown"], "employee_count": "Unknown", "industry": "0000"}, "action": {"hacking": {"variety": ["Unknown"], "vector": ["Unknown"]}}, "actor": {"unknown": {"notes": "unknown"}}, "asset": {"assets": [{"variety": "Unknown"}], "cloud": ["Unknown"], "role": ["Unknown"]}, "attribute": {"confidentiality": {"data_disclosure": "Unknown"}}, "discovery_method": {"unknown": true}, "plus": {"modified": "2021-08-26T23:08:42.848Z", "created": "2021-08-26T23:08:34.240Z", "master_id": "44683489-7ff7-40b4-9824-6de44d7909c6", "analysis_status": "Ineligible", "dbir_year": 2022, "analyst": "autoencoder"}, "incident_id": "d2e57426-5558-49a3-ba2d-d3eb0c0639b5", "security_incident": "Confirmed", "targeted": "Unknown", "schema_version": "1.3.5"} |
planglois925
/ fbe0fd98-65ee-418e-83d2-a2ed2f934fd0.json
Created
August 27, 2021 19:08
Incident for https://github.com/planglois925/test_auto_coder/issues/4
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {"source_id": "vcdb", "timeline": {"incident": {"year": 1950}}, "victim": {"government": ["Unknown"], "country": ["Unknown"], "employee_count": "Unknown", "industry": "0000"}, "action": {"hacking": {"variety": ["Unknown"], "vector": ["Unknown"]}}, "actor": {"unknown": {"notes": "unknown"}}, "asset": {"assets": [{"variety": "Unknown"}], "cloud": ["Unknown"], "role": ["Unknown"]}, "attribute": {"confidentiality": {"data_disclosure": "Unknown"}}, "discovery_method": {"unknown": true}, "plus": {"modified": "2021-08-26T23:08:42.848Z", "created": "2021-08-26T23:08:34.240Z", "master_id": "fbe0fd98-65ee-418e-83d2-a2ed2f934fd0", "analysis_status": "Ineligible", "dbir_year": 2022, "analyst": "autoencoder"}, "incident_id": "cce81d06-0c2f-4aab-b358-307db5f471d5", "security_incident": "Confirmed", "targeted": "Unknown", "schema_version": "1.3.5"} |
planglois925
/ 9e090f7d-7536-4888-98df-2a96262ce26e.json
Created
August 27, 2021 19:11
Incident for https://github.com/planglois925/test_auto_coder/issues/4
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {"source_id": "vcdb", "timeline": {"incident": {"year": 1950}}, "victim": {"government": ["Unknown"], "country": ["Unknown"], "employee_count": "Unknown", "industry": "0000"}, "action": {"hacking": {"variety": ["Unknown"], "vector": ["Unknown"]}}, "actor": {"unknown": {"notes": "unknown"}}, "asset": {"assets": [{"variety": "Unknown"}], "cloud": ["Unknown"], "role": ["Unknown"]}, "attribute": {"confidentiality": {"data_disclosure": "Unknown"}}, "discovery_method": {"unknown": true}, "plus": {"modified": "2021-08-26T23:08:42.848Z", "created": "2021-08-26T23:08:34.240Z", "master_id": "9e090f7d-7536-4888-98df-2a96262ce26e", "analysis_status": "Ineligible", "dbir_year": 2022, "analyst": "autoencoder", "github": 4}, "incident_id": "034c39bb-816f-4a93-a3ef-9c78cb2acfce", "security_incident": "Confirmed", "targeted": "Unknown", "schema_version": "1.3.5", "summary": "Despite an alert from NYS DFS, some insurance companies with \u201cinstant quote\u201d portals were victimized - MetroMile, Root Insurance, Hagerty Insur |