ddi Interface Class

The ddi interface class can be found in the interfaces module: ddpy.interfaces.ddi.DDI This class will be your main interaction with the DDI appliance.

Please see below for auto documentation generated for this class.

class ddpy.interfaces.ddi.DDI(ddi_ip, disable_cert_checking=True)

A client object for interacting with DDI’s SOAP API.

get_blacklists()

Get the entire Blacklist (aka: The ‘Deny List’). Returns the entire blacklist as a list

get_cnc_callback_addresses()

Gets the CNC Callback Addresses discovered by DDI

get_domain_blacklists()

Get the Domain Blacklist (aka: The ‘Deny List’). Returns the domain blacklist as a list

get_domain_whitelists()

Get the domain whitelist (aka: The ‘Deny List’). Returns the domain whitelist as a list

get_ip_blacklists()

Get the IP Blacklist (aka: The ‘Deny List’). Returns the IP blacklist as a list

get_ip_whitelists()

Get the IP Whitelist (aka: The IP ‘Allow List’). Returns the IP Whitelist as a list

get_openioc(sha1)

Gets the OpenIOC string for a given SHA1

get_sandbox_feedback_blacklists()

Gets the Suspicious Objects list from Virtual Analysis (aka: the sandbox). Returns list in JSON format

get_sha1_blacklists()

Get the SHA1 Blacklist (aka: The ‘Deny List’). Returns the SHA1 blacklist as a list

get_sha1_whitelists()

Get the SHA1 whitelist (aka: The ‘Deny List’). Returns the SHA1 whitelist as a list

get_url_blacklists()

Get the URL Blacklist (aka: The ‘Deny List’). Returns the url blacklist as a list

get_url_whitelists()

Get the url whitelist (aka: The ‘Deny List’). Returns the url whitelist as a list

get_whitelists()

Get the entire whitelist (aka: The ‘Allow List’). Returns the entire whitelist as a list

reset_blacklists()

Clears all Blacklists (aka: Deny List)

reset_domain_blacklists()

Clears the Domain Blacklist

reset_domain_whitelists()

Clears the Domain whitelist

reset_ip_blacklists()

Clears the IP Blacklist

reset_ip_whitelists()

Clears the IP whitelist

reset_sha1_blacklists()

Clears the SHA1 Blacklist

reset_sha1_whitelists()

Clears the SHA1 whitelist

reset_url_blacklists()

Clears the URL Blacklist

reset_url_whitelists()

Clears the URL whitelist

reset_whitelists()

Clears all whitelists (aka: Deny List)

set_domain_blacklists(domain_list)

Sets the domain blacklist (aka: domain Deny List). Note: This method OVERWRITES any existing domain Blacklist items.

set_domain_whitelists(domain_list)

Sets the domain whitelist (aka: domain Allow List). Note: This method OVERWRITES any existing domain whitelist items.

set_ip_blacklists(ip_list, comment='Added via WebAPI')

Sets the IP blacklist (aka: IP Deny List). Note: This method OVERWRITES any existing IP Blacklist items.

set_ip_whitelists(ip_list)

Sets the IP whitelist (aka: IP Deny List). Note: This method OVERWRITES any existing IP whitelist items.

set_sha1_blacklists(sha1_list)

Sets the sha1 blacklist (aka: sha1 Deny List). Note: This method OVERWRITES any existing sha1 Blacklist items.

set_sha1_whitelists(sha1_list)

Sets the sha1 whitelist (aka: sha1 Deny List). Note: This method OVERWRITES any existing sha1 whitelist items.

set_url_blacklists(url_list)

Sets the url blacklist (aka: url Deny List). Note: This method OVERWRITES any existing url Blacklist items.

set_url_whitelists(url_list)

Sets the url whitelist (aka: url Deny List). Note: This method OVERWRITES any existing url whitelist items.