├── .github └── workflows │ └── format-lint.yml ├── .gitignore ├── .pylintrc ├── LICENSE ├── Makefile ├── README.md ├── README.rst ├── example.py ├── honeydb ├── __init__.py ├── api │ ├── __init__.py │ └── client.py └── bin │ └── honeydb ├── setup.cfg └── setup.py /.github/workflows/format-lint.yml: -------------------------------------------------------------------------------- 1 | name: Format & Lint 2 | 3 | on: 4 | push: 5 | branches: [ "master" ] 6 | pull_request: 7 | branches: [ "master" ] 8 | 9 | permissions: 10 | contents: read 11 | 12 | jobs: 13 | build: 14 | 15 | runs-on: ubuntu-latest 16 | 17 | steps: 18 | - uses: actions/checkout@v3 19 | - name: Set up Python 3.10 20 | uses: actions/setup-python@v3 21 | with: 22 | python-version: "3.10" 23 | - name: Install dependencies 24 | run: | 25 | python -m pip install --upgrade pip 26 | pip install black ruff 27 | if [ -f requirements.txt ]; then pip install -r requirements.txt; fi 28 | - name: Format check 29 | run: | 30 | make format-check 31 | - name: Lint check 32 | run: | 33 | make lint-check 34 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Byte-compiled / optimized / DLL files 2 | __pycache__/ 3 | *.py[cod] 4 | *$py.class 5 | 6 | # C extensions 7 | *.so 8 | 9 | # Distribution / packaging 10 | .Python 11 | env/ 12 | build/ 13 | develop-eggs/ 14 | dist/ 15 | downloads/ 16 | eggs/ 17 | .eggs/ 18 | lib/ 19 | lib64/ 20 | parts/ 21 | sdist/ 22 | var/ 23 | wheels/ 24 | *.egg-info/ 25 | .installed.cfg 26 | *.egg 27 | 28 | # PyInstaller 29 | # Usually these files are written by a python script from a template 30 | # before PyInstaller builds the exe, so as to inject date/other infos into it. 31 | *.manifest 32 | *.spec 33 | 34 | # Installer logs 35 | pip-log.txt 36 | pip-delete-this-directory.txt 37 | 38 | # Unit test / coverage reports 39 | htmlcov/ 40 | .tox/ 41 | .coverage 42 | .coverage.* 43 | .cache 44 | nosetests.xml 45 | coverage.xml 46 | *.cover 47 | .hypothesis/ 48 | 49 | # Translations 50 | *.mo 51 | *.pot 52 | 53 | # Django stuff: 54 | *.log 55 | local_settings.py 56 | 57 | # Flask stuff: 58 | instance/ 59 | .webassets-cache 60 | 61 | # Scrapy stuff: 62 | .scrapy 63 | 64 | # Sphinx documentation 65 | docs/_build/ 66 | 67 | # PyBuilder 68 | target/ 69 | 70 | # Jupyter Notebook 71 | .ipynb_checkpoints 72 | 73 | # pyenv 74 | .python-version 75 | 76 | # celery beat schedule file 77 | celerybeat-schedule 78 | 79 | # SageMath parsed files 80 | *.sage.py 81 | 82 | # dotenv 83 | .env 84 | 85 | # virtualenv 86 | .venv 87 | venv/ 88 | ENV/ 89 | 90 | # Spyder project settings 91 | .spyderproject 92 | .spyproject 93 | 94 | # Rope project settings 95 | .ropeproject 96 | 97 | # mkdocs documentation 98 | /site 99 | 100 | # mypy 101 | .mypy_cache/ 102 | .vscode/settings.json 103 | 104 | .env3/ 105 | -------------------------------------------------------------------------------- /.pylintrc: -------------------------------------------------------------------------------- 1 | [MASTER] 2 | disable=too-many-branches,too-many-statements -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2018 Px Mx 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | env: 2 | python3 -m venv .env 3 | .env/bin/pip3 install --upgrade pip 4 | .env/bin/pip3 install --upgrade setuptools 5 | .env/bin/pip3 install --upgrade requests black ruff wheel twine 6 | 7 | format-check: 8 | if [ -f .env/bin/black ]; then .env/bin/black --check .; else black --check .; fi 9 | 10 | lint-check: 11 | if [ -f .env/bin/ruff ]; then .env/bin/ruff .; else ruff .; fi 12 | 13 | wheel: 14 | -rm dist/* 15 | .env/bin/python setup.py bdist_wheel --universal 16 | 17 | publish: 18 | .env/bin/twine upload --skip-existing dist/* 19 | 20 | local-install: 21 | -.env/bin/pip3 uninstall honeydb 22 | .env/bin/pip3 install dist/* 23 | 24 | update-from-upstream: 25 | # update master branch from honeydbio 26 | # first add upstream with: git remote add upstream https://github.com/honeydbio/honeydb-python.git 27 | git fetch upstream 28 | git checkout master 29 | git merge upstream/master 30 | git push origin master 31 | 32 | clean: 33 | find . -name "*.pyc" -type f -delete 34 | rm -rf dist 35 | rm -rf build 36 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # honeydb-python 2 | 3 | [![Format & Lint](https://github.com/honeydbio/honeydb-python/actions/workflows/format-lint.yml/badge.svg)](https://github.com/honeydbio/honeydb-python/actions/workflows/format-lint.yml) 4 | 5 | HoneyDB Python Module 6 | 7 | ### Install 8 | 9 | `pip install honeydb` 10 | 11 | ### CLI Usage 12 | 13 | ``` 14 | $ export HONEYDB_API_ID= 15 | $ export HONEYDB_API_KEY= 16 | $ honeydb --bad-hosts 17 | ``` 18 | 19 | Display help message for more CLI options: 20 | 21 | `honeydb --help` 22 | 23 | ### Module Usage 24 | 25 | ``` 26 | from honeydb import api 27 | honeydb = api.Client('api_id', 'api_key') 28 | print(honeydb.bad_hosts()) 29 | ``` 30 | -------------------------------------------------------------------------------- /README.rst: -------------------------------------------------------------------------------- 1 | HoneyDB 2 | ================== 3 | 4 | .. image:: https://img.shields.io/pypi/v/honeydb.svg 5 | :target: https://pypi.python.org/pypi/honeydb/ 6 | :alt: Latest Version 7 | 8 | To learn more about HoneyDB visit `About HoneyDB`_. 9 | 10 | To lean more about the HoneyDB API visit `HoneyDB REST API`_. 11 | 12 | The ``honeydb`` command is a CLI tool for interacting with the HoneyDB API. 13 | 14 | Installation 15 | ------------ 16 | .. code-block:: bash 17 | 18 | $ pip install honeydb 19 | 20 | 21 | CLI usage 22 | --------- 23 | .. code-block:: bash 24 | 25 | $ export HONEYDB_API_ID= 26 | $ export HONEYDB_API_KEY= 27 | $ honeydb --bad-hosts 28 | 29 | 30 | Module usage 31 | ------------ 32 | .. code-block:: python 33 | 34 | from honeydb import api 35 | honeydb = api.Client('api_id', 'api_key') 36 | print(honeydb.bad_hosts()) 37 | 38 | More details and the latest updates can be found on the `GitHub Project Page`_. 39 | 40 | .. _About HoneyDB: https://honeydb.io/#about 41 | .. _HoneyDB REST API: https://honeydb.io/#threats 42 | .. _GitHub Project Page: https://github.com/honeydbio/honeydb-python 43 | -------------------------------------------------------------------------------- /example.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | """ 3 | Example script for using the HoneyDB API client 4 | 5 | In this example, API credentials must be exported to environment variables: 6 | export HONEYDB_API_ID=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx 7 | export HONEYDB_API_KEY=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx 8 | """ 9 | 10 | import os 11 | import json 12 | import datetime 13 | from honeydb import api 14 | 15 | 16 | def out(json_data): 17 | """ 18 | Output json data in pretty format 19 | """ 20 | print(json.dumps(json_data, indent=4)) 21 | 22 | 23 | def main(): 24 | """ 25 | The main fuction for executing example code 26 | """ 27 | 28 | # Get API keys from environment variables and create the 29 | # HoneyDB Client API object. 30 | api_id = os.environ["HONEYDB_API_ID"] 31 | api_key = os.environ["HONEYDB_API_KEY"] 32 | honeydb = api.Client(api_id, api_key) 33 | 34 | try: 35 | # Get bad hosts 36 | bad_hosts = honeydb.bad_hosts() 37 | out(bad_hosts) 38 | 39 | # Get sensor data count 40 | today = datetime.datetime.today().strftime("%Y-%m-%d") 41 | data_count = honeydb.sensor_data_count(sensor_data_date=today) 42 | out(data_count) 43 | 44 | # Get sensor data 45 | data = honeydb.sensor_data(sensor_data_date=today) 46 | out(data) 47 | 48 | """ 49 | # Example with from_id. 50 | # See more information on using from_id here: 51 | # https://honeydb.io/threats#sensor_data_filtered 52 | data = honeydb.sensor_data(sensor_data_date=today, from_id=84869618) 53 | out(data) 54 | """ 55 | 56 | except Exception as error: 57 | print(str(error)) 58 | 59 | 60 | if __name__ == "__main__": 61 | main() 62 | -------------------------------------------------------------------------------- /honeydb/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/honeydbio/honeydb-python/5f2fd17ce8993a8bedf4116d53f26504d6a1d74e/honeydb/__init__.py -------------------------------------------------------------------------------- /honeydb/api/__init__.py: -------------------------------------------------------------------------------- 1 | """ 2 | HoneyDB API Module 3 | """ 4 | 5 | from .client import Client # noqa: F401 6 | -------------------------------------------------------------------------------- /honeydb/api/client.py: -------------------------------------------------------------------------------- 1 | """ 2 | HoneyDB API Client 3 | """ 4 | 5 | import requests 6 | 7 | 8 | class Client(object): 9 | """ 10 | Base class for making requests to the HoneyDB API. 11 | https://honeydb.io/#threats 12 | """ 13 | 14 | base_url = "https://honeydb.io/api" 15 | 16 | api_id = None 17 | api_key = None 18 | ep_bad_hosts = "/bad-hosts" 19 | ep_ip_history = "/ip-history" 20 | ep_payload_history = "/payload-history" 21 | ep_sensor_data_count = "/sensor-data/count" 22 | ep_sensor_data = "/sensor-data" 23 | ep_services = "/services" 24 | ep_stats = "/stats" 25 | ep_stats_asn = "/stats/asn" 26 | ep_twitter_threat_feed = "/twitter-threat-feed" 27 | ep_nodes = "/nodes" 28 | ep_netinfo_lookup = "/netinfo/lookup" 29 | ep_netinfo_network_addresses = "/netinfo/network-addresses" 30 | ep_netinfo_prefixes = "/netinfo/prefixes" 31 | ep_netinfo_as_name = "/netinfo/as-name" 32 | ep_netinfo_geolocation = "/netinfo/geolocation" 33 | ep_datacenter = "/datacenter" 34 | 35 | def __init__(self, api_id, api_key): 36 | """ 37 | Return a HoneyDB object 38 | """ 39 | self.api_id = api_id 40 | self.api_key = api_key 41 | 42 | def _make_request(self, endpoint, method="GET", options=None): 43 | """ 44 | Compose and submit API call. 45 | """ 46 | data = dict() 47 | 48 | headers = {"X-HoneyDb-ApiId": self.api_id, "X-HoneyDb-ApiKey": self.api_key} 49 | 50 | if options is not None: 51 | for key in options: 52 | data[key] = options[key] 53 | 54 | url = self.base_url + endpoint 55 | result = None 56 | 57 | if method == "GET": 58 | result = requests.get(url, params=data, headers=headers) 59 | elif method == "POST": 60 | headers["Content-Type"] = "application/json" 61 | result = requests.post(url, json=data, headers=headers) 62 | else: 63 | raise Exception("InvalidMethod: " + str(method)) 64 | return result.json() 65 | 66 | def bad_hosts(self, service=None, mydata=False): 67 | """ 68 | Get bad-hosts 69 | """ 70 | endpoint = self.ep_bad_hosts 71 | 72 | if service is not None: 73 | endpoint += "/{}".format(service) 74 | 75 | if mydata: 76 | endpoint += "/mydata" 77 | 78 | return self._make_request(endpoint=endpoint) 79 | 80 | def bad_hosts_service(self, service, mydata=False): 81 | """ 82 | Get bad-hosts by service 83 | """ 84 | if mydata: 85 | endpoint = "{}/{}/mydata".format(service, self.ep_bad_hosts) 86 | else: 87 | endpoint = "{}/{}".format(self.ep_bad_hosts, service) 88 | 89 | return self._make_request(endpoint=endpoint) 90 | 91 | def ip_history(self, ip_address: str) -> dict: 92 | """ 93 | Get IP History for given IP 94 | """ 95 | endpoint = f"{self.ep_ip_history}/{ip_address}" 96 | 97 | return self._make_request(endpoint=endpoint) 98 | 99 | def payload_history( 100 | self, year: int = None, month: int = None, hash: str = None 101 | ) -> dict: 102 | """ 103 | Get payload history 104 | """ 105 | if hash: 106 | endpoint = f"{self.ep_payload_history}/{hash}" 107 | 108 | elif year and month: 109 | endpoint = f"{self.ep_payload_history}/{year}/{month}" 110 | 111 | elif year: 112 | endpoint = f"{self.ep_payload_history}/{year}" 113 | 114 | return self._make_request(endpoint=endpoint) 115 | 116 | def payload_history_services(self, service: str = None) -> dict: 117 | """ 118 | Get payload history services 119 | """ 120 | endpoint = f"{self.ep_payload_history}/services" 121 | 122 | if service: 123 | endpoint = f"{self.ep_payload_history}/{service}" 124 | 125 | return self._make_request(endpoint=endpoint) 126 | 127 | def payload_history_remote_hosts( 128 | self, remote_host: str = None, hash: str = None, year: int = None 129 | ) -> dict: 130 | """ 131 | Get payload history remote hosts 132 | """ 133 | endpoint = f"{self.ep_payload_history}/remote-hosts" 134 | 135 | if hash and year: 136 | endpoint = f"{self.ep_payload_history}/{hash}/remote-hosts/{year}" 137 | 138 | if remote_host: 139 | endpoint = f"{self.ep_payload_history}/remote-hosts/{remote_host}" 140 | 141 | return self._make_request(endpoint=endpoint) 142 | 143 | def payload_history_attributes(self, attribute: str = None) -> dict: 144 | """ 145 | Get payload history attributes 146 | """ 147 | endpoint = f"{self.ep_payload_history}/attributes" 148 | 149 | if attribute: 150 | endpoint = f"{endpoint}/{attribute}" 151 | 152 | return self._make_request(endpoint=endpoint) 153 | 154 | def sensor_data_count(self, sensor_data_date=None, mydata=True): 155 | """ 156 | Get sensor data count 157 | """ 158 | if mydata: 159 | endpoint = "{}/mydata".format(self.ep_sensor_data_count) 160 | else: 161 | endpoint = self.ep_sensor_data_count 162 | 163 | if sensor_data_date is not None: 164 | endpoint = "{}?sensor-data-date={}".format(endpoint, sensor_data_date) 165 | else: 166 | raise Exception("MissingParameter: sensor_data_date") 167 | 168 | return self._make_request(endpoint=endpoint) 169 | 170 | def sensor_data(self, sensor_data_date=None, from_id=None, mydata=True): 171 | """ 172 | Get sensor data 173 | """ 174 | if mydata: 175 | endpoint = "{}/mydata".format(self.ep_sensor_data) 176 | else: 177 | endpoint = self.ep_sensor_data 178 | 179 | if sensor_data_date is not None: 180 | endpoint = "{}?sensor-data-date={}".format(endpoint, sensor_data_date) 181 | 182 | if from_id is not None: 183 | endpoint = "{}&from-id={}".format(endpoint, from_id) 184 | 185 | return self._make_request(endpoint=endpoint) 186 | 187 | def services(self): 188 | """ 189 | Get services 190 | """ 191 | endpoint = self.ep_services 192 | 193 | return self._make_request(endpoint=endpoint) 194 | 195 | def stats(self, year: int, month: int) -> dict: 196 | """ 197 | Get stats 198 | """ 199 | endpoint = f"{self.ep_stats}?year={year}&month={month}" 200 | 201 | return self._make_request(endpoint=endpoint) 202 | 203 | def stats_asn(self) -> dict: 204 | """ 205 | Get stats-asn 206 | """ 207 | return self._make_request(endpoint=self.ep_stats_asn) 208 | 209 | def twitter_threat_feed(self, ipaddress=None): 210 | """ 211 | Get twitter threat feed 212 | """ 213 | if ipaddress is not None: 214 | endpoint = "{}/{}".format(self.ep_twitter_threat_feed, ipaddress) 215 | else: 216 | endpoint = self.ep_twitter_threat_feed 217 | 218 | return self._make_request(endpoint=endpoint) 219 | 220 | def nodes(self, mydata=False): 221 | """ 222 | Get nodes 223 | """ 224 | if mydata: 225 | endpoint = "{}/mydata".format(self.ep_nodes) 226 | else: 227 | endpoint = self.ep_nodes 228 | 229 | return self._make_request(endpoint=endpoint) 230 | 231 | def netinfo_lookup(self, ipaddress): 232 | """ 233 | Get netinfo for given ipaddress 234 | """ 235 | endpoint = "{}/{}".format(self.ep_netinfo_lookup, ipaddress) 236 | return self._make_request(endpoint=endpoint) 237 | 238 | def netinfo_network_addresses(self, cidr): 239 | """ 240 | Get network addresses for given cidr 241 | """ 242 | endpoint = "{}/{}".format(self.ep_netinfo_network_addresses, cidr) 243 | return self._make_request(endpoint=endpoint) 244 | 245 | def netinfo_prefixes(self, asn): 246 | """ 247 | Get prefixes for given asn 248 | """ 249 | endpoint = "{}/{}".format(self.ep_netinfo_prefixes, asn) 250 | return self._make_request(endpoint=endpoint) 251 | 252 | def netinfo_as_name(self, asn): 253 | """ 254 | Get AS name for given asn 255 | """ 256 | endpoint = "{}/{}".format(self.ep_netinfo_as_name, asn) 257 | return self._make_request(endpoint=endpoint) 258 | 259 | def netinfo_geolocation(self, ipaddress): 260 | """ 261 | Get GEO location for given ipaddress 262 | """ 263 | endpoint = "{}/{}".format(self.ep_netinfo_geolocation, ipaddress) 264 | return self._make_request(endpoint=endpoint) 265 | 266 | def datacenter(self, datacenter: str) -> dict: 267 | """ 268 | Get datacenter ip ranges 269 | """ 270 | endpoint = f"{self.ep_datacenter}/{datacenter}" 271 | return self._make_request(endpoint=endpoint) 272 | -------------------------------------------------------------------------------- /honeydb/bin/honeydb: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | """ 3 | honeydb CLI tool 4 | 5 | API credentials must be exported to environment variables: 6 | export HONEYDB_API_ID=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx 7 | export HONEYDB_API_KEY=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx 8 | """ 9 | 10 | import os 11 | import sys 12 | import json 13 | import argparse 14 | from honeydb import api 15 | 16 | 17 | def print_json_data(json_data, pretty=False): 18 | """ 19 | Print JSON data, with option of pretty printing 20 | """ 21 | if pretty: 22 | print(json.dumps(json_data, indent=4)) 23 | else: 24 | print(json.dumps(json_data)) 25 | 26 | 27 | def main(): 28 | """ 29 | Main function for HoneyDB CLI tool 30 | """ 31 | try: 32 | api_id = os.environ["HONEYDB_API_ID"] 33 | api_key = os.environ["HONEYDB_API_KEY"] 34 | except KeyError as error: 35 | print("Environment variable not set {}".format(str(error))) 36 | exit() 37 | 38 | # Create honeydb object 39 | honeydb = api.Client(api_id, api_key) 40 | 41 | # Parse arguments 42 | parser = argparse.ArgumentParser(description="Process command line arguments.") 43 | 44 | parser.add_argument( 45 | "--bad-hosts", help="Get bad hosts.", default=False, action="store_true" 46 | ) 47 | parser.add_argument( 48 | "--ip-history", help="Get IP history.", default=False, action="store_true" 49 | ) 50 | parser.add_argument( 51 | "--payload-history", 52 | help="Get payload history data", 53 | default=False, 54 | action="store_true", 55 | ) 56 | parser.add_argument( 57 | "--payload-history-services", 58 | help="Get payload history services data", 59 | default=False, 60 | action="store_true", 61 | ) 62 | parser.add_argument( 63 | "--payload-history-remote-hosts", 64 | help="Get payload history remote hosts data", 65 | default=False, 66 | action="store_true", 67 | ) 68 | parser.add_argument( 69 | "--payload-history-attributes", 70 | help="Get payload history attributes data", 71 | default=False, 72 | action="store_true", 73 | ) 74 | parser.add_argument( 75 | "--sensor-data-count", 76 | help="Get sensor data count.", 77 | default=False, 78 | action="store_true", 79 | ) 80 | parser.add_argument( 81 | "--sensor-data", help="Get sensor data.", default=False, action="store_true" 82 | ) 83 | parser.add_argument( 84 | "--services", help="Get services data.", default=False, action="store_true" 85 | ) 86 | parser.add_argument( 87 | "--stats", help="Get stats.", default=False, action="store_true" 88 | ) 89 | parser.add_argument( 90 | "--stats-asn", help="Get stats asn.", default=False, action="store_true" 91 | ) 92 | parser.add_argument( 93 | "--twitter-threat-feed", 94 | help="Get Twitter Threat Feed.", 95 | default=False, 96 | action="store_true", 97 | ) 98 | parser.add_argument( 99 | "--nodes", help="Get nodes data.", default=False, action="store_true" 100 | ) 101 | parser.add_argument( 102 | "--netinfo-lookup", help="Get netinfo for IP.", type=str, default=None 103 | ) 104 | parser.add_argument( 105 | "--netinfo-network-addresses", 106 | help="Get network addresses for CIDR.", 107 | type=str, 108 | default=None, 109 | ) 110 | parser.add_argument( 111 | "--netinfo-prefixes", 112 | help="Get network prefixes for ASN.", 113 | type=int, 114 | default=None, 115 | ) 116 | parser.add_argument( 117 | "--netinfo-as-name", help="Get AS name for ASN.", type=int, default=None 118 | ) 119 | parser.add_argument( 120 | "--netinfo-geolocation", help="Get GEO location for IP.", type=str, default=None 121 | ) 122 | parser.add_argument( 123 | "--datacenter", 124 | help="Get datacenter IP ranges.", 125 | choices=[ 126 | "aws", 127 | "azure", 128 | "azure/china", 129 | "azure/germany", 130 | "azure/gov", 131 | "gcp", 132 | "ibm", 133 | "oracle", 134 | ], 135 | default=None, 136 | ) 137 | parser.add_argument( 138 | "--mydata", help="Filter on mydata.", default=False, action="store_true" 139 | ) 140 | parser.add_argument( 141 | "--service", help="Filter bad-hosts by service name", type=str, default=None 142 | ) 143 | parser.add_argument("--date", help="Date in format YYYY-MM-DD") 144 | parser.add_argument( 145 | "--year", 146 | type=int, 147 | help="Year in the format YYYY", 148 | ) 149 | parser.add_argument("--month", type=int, help="Month in the format MM (1-12)") 150 | parser.add_argument( 151 | "--ip-address", 152 | help="IP address to filter on (Applies to Twitter Threat Feed only).", 153 | ) 154 | parser.add_argument("--hash", help="Hash value.") 155 | parser.add_argument("--attribute", help="Attribute value", type=str, default=None) 156 | parser.add_argument("--from-id", help="ID to continue retrieving sensor data.") 157 | parser.add_argument( 158 | "--pretty", 159 | help="Print JSON in pretty format.", 160 | default=False, 161 | action="store_true", 162 | ) 163 | 164 | args = parser.parse_args() 165 | 166 | if not len(sys.argv) > 1: 167 | parser.print_help() 168 | 169 | if args.bad_hosts: 170 | print_json_data(honeydb.bad_hosts(args.service, args.mydata), args.pretty) 171 | 172 | if args.ip_history: 173 | print_json_data(honeydb.ip_history(ip_address=args.ip_address), args.pretty) 174 | 175 | if args.payload_history: 176 | if args.year is not None or args.month is not None or args.hash is not None: 177 | print_json_data( 178 | honeydb.payload_history( 179 | year=args.year, month=args.month, hash=args.hash 180 | ), 181 | args.pretty, 182 | ) 183 | else: 184 | print("ERROR: at least one required parameter not provided.") 185 | 186 | if args.payload_history_services: 187 | print_json_data( 188 | honeydb.payload_history_services(service=args.service), 189 | args.pretty, 190 | ) 191 | 192 | if args.payload_history_remote_hosts: 193 | print_json_data( 194 | honeydb.payload_history_remote_hosts( 195 | remote_host=args.ip_address, hash=args.hash, year=args.year 196 | ), 197 | args.pretty, 198 | ) 199 | 200 | if args.payload_history_attributes: 201 | print_json_data( 202 | honeydb.payload_history_attributes(attribute=args.attribute), 203 | args.pretty, 204 | ) 205 | 206 | if args.sensor_data_count: 207 | if not args.date: 208 | print("--date argument required.") 209 | sys.exit() 210 | 211 | print_json_data(honeydb.sensor_data_count(args.date), args.pretty) 212 | 213 | if args.sensor_data: 214 | if not args.date: 215 | print("--date argument required.") 216 | sys.exit() 217 | 218 | if not args.from_id: 219 | print_json_data(honeydb.sensor_data(args.date), args.pretty) 220 | else: 221 | print_json_data( 222 | honeydb.sensor_data(args.date, from_id=args.from_id), args.pretty 223 | ) 224 | 225 | if args.services: 226 | print_json_data(honeydb.services(), args.pretty) 227 | 228 | if args.stats: 229 | print_json_data(honeydb.stats(year=args.year, month=args.month), args.pretty) 230 | 231 | if args.stats_asn: 232 | print_json_data(honeydb.stats_asn(), args.pretty) 233 | 234 | if args.twitter_threat_feed: 235 | if not args.ip_address: 236 | print_json_data(honeydb.twitter_threat_feed(), args.pretty) 237 | else: 238 | print_json_data( 239 | honeydb.twitter_threat_feed(ipaddress=args.ip_address), args.pretty 240 | ) 241 | 242 | if args.nodes: 243 | print_json_data(honeydb.nodes(args.mydata), args.pretty) 244 | 245 | if args.netinfo_lookup: 246 | print_json_data( 247 | honeydb.netinfo_lookup(ipaddress=args.netinfo_lookup), args.pretty 248 | ) 249 | 250 | if args.netinfo_network_addresses: 251 | print_json_data( 252 | honeydb.netinfo_network_addresses(cidr=args.netinfo_network_addresses), 253 | args.pretty, 254 | ) 255 | 256 | if args.netinfo_prefixes: 257 | print_json_data( 258 | honeydb.netinfo_prefixes(asn=args.netinfo_prefixes), args.pretty 259 | ) 260 | 261 | if args.netinfo_as_name: 262 | print_json_data(honeydb.netinfo_as_name(asn=args.netinfo_as_name), args.pretty) 263 | 264 | if args.netinfo_geolocation: 265 | print_json_data( 266 | honeydb.netinfo_geolocation(ipaddress=args.netinfo_geolocation), args.pretty 267 | ) 268 | 269 | if args.datacenter: 270 | print_json_data(honeydb.datacenter(datacenter=args.datacenter), args.pretty) 271 | 272 | 273 | if __name__ == "__main__": 274 | main() 275 | -------------------------------------------------------------------------------- /setup.cfg: -------------------------------------------------------------------------------- 1 | [metadata] 2 | description-file = README.md 3 | -------------------------------------------------------------------------------- /setup.py: -------------------------------------------------------------------------------- 1 | """ 2 | honeydb setup 3 | """ 4 | 5 | import os 6 | from setuptools import setup 7 | 8 | HERE = os.path.abspath(os.path.dirname(__file__)) 9 | 10 | with open(os.path.join(HERE, "README.rst")) as f: 11 | LONG_DESC = f.read() 12 | 13 | setup( 14 | name="honeydb", 15 | version="1.5.0", 16 | author="foospidy", 17 | description=("A Python API wrapper and CLI tool for the HoneyDB."), 18 | license="MIT", 19 | keywords="wrapper library honeydb api cli", 20 | url="https://honeydb.io", 21 | download_url="https://github.com/honeydbio/honeydb-python", 22 | packages=["honeydb", "honeydb.api"], 23 | long_description=LONG_DESC, 24 | classifiers=[ 25 | "Intended Audience :: Developers", 26 | "Topic :: Software Development :: Libraries :: Python Modules", 27 | "Programming Language :: Python :: 2.7", 28 | "License :: OSI Approved :: MIT License", 29 | ], 30 | install_requires=["requests"], 31 | scripts=["honeydb/bin/honeydb"], 32 | ) 33 | --------------------------------------------------------------------------------