ddpy.interfaces package

Module contents

Submodules

ddpy.interfaces.ddan module

class ddpy.interfaces.ddan.DDAN(api_key: str, analyzer_ip, protocol_version: str = '1.5', verify_cert: bool = False, cert_path: str = False)

Bases: object

get_black_lists(last_query_id: str = '0')

Issue a request to retrieve all blacklist information

submit_file(path_to_file: str)

Upload a file to Analyzer for analysis :param path_to_file:

Returns:http response code
test_connection()

Issue a request to make sure that all settings are correct and the connection to Analyzer’s API is good.

Returns:http response code
upload_sample(path_to_file: str, archive_password: str = '1234')

ddpy.interfaces.ddi module

class ddpy.interfaces.ddi.CustomTransport(**kwargs)

Bases: suds.transport.https.HttpAuthenticated

u2handlers()
class ddpy.interfaces.ddi.DDI(ddi_ip, disable_cert_checking=True)

Bases: object

A client object for interacting with DDI’s SOAP API.

get_blacklists()

Get the entire Blacklist (aka: The ‘Deny List’). Returns the entire blacklist as a list

get_cnc_callback_addresses()

Gets the CNC Callback Addresses discovered by DDI

get_domain_blacklists()

Get the Domain Blacklist (aka: The ‘Deny List’). Returns the domain blacklist as a list

get_domain_whitelists()

Get the domain whitelist (aka: The ‘Deny List’). Returns the domain whitelist as a list

get_ip_blacklists()

Get the IP Blacklist (aka: The ‘Deny List’). Returns the IP blacklist as a list

get_ip_whitelists()

Get the IP Whitelist (aka: The IP ‘Allow List’). Returns the IP Whitelist as a list

get_openioc(sha1)

Gets the OpenIOC string for a given SHA1

get_sandbox_feedback_blacklists()

Gets the Suspicious Objects list from Virtual Analysis (aka: the sandbox). Returns list in JSON format

get_sha1_blacklists()

Get the SHA1 Blacklist (aka: The ‘Deny List’). Returns the SHA1 blacklist as a list

get_sha1_whitelists()

Get the SHA1 whitelist (aka: The ‘Deny List’). Returns the SHA1 whitelist as a list

get_url_blacklists()

Get the URL Blacklist (aka: The ‘Deny List’). Returns the url blacklist as a list

get_url_whitelists()

Get the url whitelist (aka: The ‘Deny List’). Returns the url whitelist as a list

get_whitelists()

Get the entire whitelist (aka: The ‘Allow List’). Returns the entire whitelist as a list

is_valid_hostname(hostname)
is_valid_ip(address)
reset_blacklists()

Clears all Blacklists (aka: Deny List)

reset_domain_blacklists()

Clears the Domain Blacklist

reset_domain_whitelists()

Clears the Domain whitelist

reset_ip_blacklists()

Clears the IP Blacklist

reset_ip_whitelists()

Clears the IP whitelist

reset_sha1_blacklists()

Clears the SHA1 Blacklist

reset_sha1_whitelists()

Clears the SHA1 whitelist

reset_url_blacklists()

Clears the URL Blacklist

reset_url_whitelists()

Clears the URL whitelist

reset_whitelists()

Clears all whitelists (aka: Deny List)

set_domain_blacklists(domain_list)

Sets the domain blacklist (aka: domain Deny List). Note: This method OVERWRITES any existing domain Blacklist items.

set_domain_whitelists(domain_list)

Sets the domain whitelist (aka: domain Allow List). Note: This method OVERWRITES any existing domain whitelist items.

set_ip_blacklists(ip_list, comment='Added via WebAPI')

Sets the IP blacklist (aka: IP Deny List). Note: This method OVERWRITES any existing IP Blacklist items.

set_ip_whitelists(ip_list)

Sets the IP whitelist (aka: IP Deny List). Note: This method OVERWRITES any existing IP whitelist items.

set_sha1_blacklists(sha1_list)

Sets the sha1 blacklist (aka: sha1 Deny List). Note: This method OVERWRITES any existing sha1 Blacklist items.

set_sha1_whitelists(sha1_list)

Sets the sha1 whitelist (aka: sha1 Deny List). Note: This method OVERWRITES any existing sha1 whitelist items.

set_url_blacklists(url_list)

Sets the url blacklist (aka: url Deny List). Note: This method OVERWRITES any existing url Blacklist items.

set_url_whitelists(url_list)

Sets the url whitelist (aka: url Deny List). Note: This method OVERWRITES any existing url whitelist items.