How to use the passivetotal.libs.dns.DnsRequest.from_config function in passivetotal
To help you get started, we’ve selected a few passivetotal examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
passivetotal / python_api / examples / pdns_multiput.py View on Github 
def main():
"""Perform a passive DNS lookup and save the output."""
if len(sys.argv) <= 1:
print("Usage: python pdns_multiput ")
sys.exit(1)
query = sys.argv[1]
output_formats = ['json', 'xml', 'stix', 'csv', 'table']
client = DnsRequest.from_config()
raw_results = client.get_passive_dns(query=query)
pdns_results = DnsResponse(raw_results)
for format_type in output_formats:
save_location = "/tmp/%s.pdns.%s" % (query, format_type)
tmp = open(save_location, "w")
tmp.write(getattr(pdns_results, format_type))
tmp.close()
print("Saved results inside of /tmp/%s" % (query))import sys
from passivetotal.libs.dns import DnsRequest
from passivetotal.libs.dns import DnsUniqueResponse
from passivetotal.libs.whois import WhoisRequest
from passivetotal.libs.whois import WhoisResponse
from passivetotal.common.utilities import is_ip
query = sys.argv[1]
if not is_ip(query):
raise Exception("This script only accepts valid IP addresses!")
sys.exit(1)
# look up the unique resolutions
client = DnsRequest.from_config()
raw_results = client.get_unique_resolutions(query=query)
loaded = DnsUniqueResponse(raw_results)
whois_client = WhoisRequest.from_config()
for record in loaded.get_records()[:3]:
raw_whois = whois_client.get_whois_details(query=record.resolve)
whois = WhoisResponse(raw_whois)
print(record.resolve, whois.contactEmail)There are times when it's difficult to tell which items have been tagged as
something malicious or suspicious. This script will take an initial starting
point and print out any tagged items along with their tags.
"""
__author__ = 'Brandon Dixon (brandon@passivetotal.org)'
__version__ = '1.0.0'
__description__ = "Surface tagged items from a passive DNS query"
__keywords__ = ['pdns', 'tags', 'triage', 'analysis']
import sys
from passivetotal.libs.dns import DnsRequest
from passivetotal.libs.enrichment import EnrichmentRequest
query = sys.argv[1]
client = DnsRequest.from_config()
enricher = EnrichmentRequest.from_config()
def main():
"""Take an initial seed and identify OSINT tags."""
initial_seed = client.get_unique_resolutions(query=query)
all_records = initial_seed.get('results', list())
all_records += query
for item in all_records:
tmp = enricher.get_enrichment(query=item)
tags = tmp.get('tags', list())
if len(tags) > 0:
print("%s - %s" % (item, ', '.join(tags)))
if __name__ == "__main__":
main()def call_dns(args):
"""Abstract call to DNS-based queries."""
client = DnsRequest.from_config()
pruned = prune_args(
query=args.query,
end=args.end,
start=args.start,
timeout=args.timeout,
sources=args.sources
)
if args.unique:
data = client.get_unique_resolutions(**pruned)
else:
data = client.get_passive_dns(**pruned)
return datapassivetotal
Library for the RiskIQ PassiveTotal and Illuminate API
Package Health Score
42 / 100Popular passivetotal functions
- passivetotal.api.Client
- passivetotal.common.const.SSL_VALID_FIELDS
- passivetotal.common.exceptions.INVALID_FIELD_TYPE
- passivetotal.common.exceptions.INVALID_VALUE_TYPE
- passivetotal.common.exceptions.MISSING_FIELD
- passivetotal.common.utilities.is_ip
- passivetotal.common.utilities.prune_args
- passivetotal.common.utilities.to_bool
- passivetotal.common.utilities.to_csv
- passivetotal.libs.actions.ActionsClient
- passivetotal.libs.attributes.AttributeRequest
- passivetotal.libs.dns.DnsRequest
- passivetotal.libs.dns.DnsRequest.from_config
- passivetotal.libs.enrichment.EnrichmentRequest
- passivetotal.libs.enrichment.EnrichmentRequest.from_config
- passivetotal.libs.ssl.SslRequest
- passivetotal.libs.whois.WhoisRequest
- passivetotal.response.Response