Add AlienVault otx module WIP

Signed-off-by: Jay Townsend <townsend891@hotmail.com>
2024-09-22 08:16:35 +08:00 · 2019-09-22 15:10:03 +01:00 · 2019-09-22 15:10:03 +01:00 · 574403a958
parent 4c561bc798
commit 574403a958
4 changed files with 46 additions and 1 deletions
--- a/theHarvester/main.py
+++ b/theHarvester/main.py
@ -35,7 +35,7 @@ def start():
    parser.add_argument('-b', '--source', help='''baidu, bing, bingapi, censys, crtsh, dnsdumpster,
                        dogpile, duckduckgo, github-code, google,
                        hunter, intelx,
-                        linkedin, linkedin_links, netcraft, securityTrails, threatcrowd,
+                        linkedin, linkedin_links, netcraft, otx, securityTrails, threatcrowd,
                        trello, twitter, vhost, virustotal, yahoo''')

    args = parser.parse_args()
@ -308,6 +308,19 @@ def start():
                    db = stash.stash_manager()
                    db.store_all(word, all_hosts, 'host', 'netcraft')

+                elif engineitem == 'otx':
+                    print('\033[94m[*] Searching AlienVault OTX. \033[0m')
+                    from theHarvester.discovery import otxsearch
+                    try:
+                        otxsearch_search = otxsearch.SearchOtx(word)
+                        otxsearch_search.process()
+                        hosts = filter(otxsearch_search.get_hostnames())
+                        all_hosts.extend(hosts)
+                        db = stash.stash_manager()
+                        db.store_all(word, all_hosts, 'host', 'otx')
+                    except Exception as e:
+                        print(e)
+
                elif engineitem == 'securityTrails':
                    print('\033[94m[*] Searching SecurityTrails. \033[0m')
                    from theHarvester.discovery import securitytrailssearch
--- a/theHarvester/discovery/init.py
+++ b/theHarvester/discovery/init.py
@ -12,6 +12,7 @@
           'intelxsearch',
           'linkedinsearch',
           'netcraft',
+           'otxsearch',
           'port_scanner',
           'securitytrailssearch',
           'shodansearch',
--- a/theHarvester/discovery/otxsearch.py
+++ b/theHarvester/discovery/otxsearch.py
@ -0,0 +1,30 @@
+from theHarvester.lib.core import *
+from theHarvester.parsers import myparser
+import grequests
+
+
+class SearchOtx:
+
+    def __init__(self, word):
+        self.word = word
+        self.results = ''
+        self.totalresults = ''
+
+    def do_search(self):
+        base_url = f'https://otx.alienvault.com/api/v1/indicators/domain/{self.word}/passive_dns'
+        headers = {'User-Agent': Core.get_user_agent()}
+        try:
+            request = grequests.get(base_url, headers=headers)
+            data = grequests.map([request])
+            self.results = data[0].content.decode('UTF-8')
+        except Exception as e:
+            print(e)
+        self.totalresults += self.results
+
+    def get_hostnames(self) -> Set:
+        return myparser.Parser(self.totalresults, self.word).hostnames()
+
+    def process(self):
+        self.do_search()
+        self.get_hostnames()
+        print('\tSearching results.')
--- a/theHarvester/lib/core.py
+++ b/theHarvester/lib/core.py
@ -80,6 +80,7 @@ def get_supportedengines() -> Set[Union[str, Any]]:
                            'linkedin',
                            'linkedin_links',
                            'netcraft',
+                            'otx',
                            'securityTrails',
                            'threatcrowd',
                            'trello',