diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..47ce980 --- /dev/null +++ b/.gitignore @@ -0,0 +1,3 @@ +__pycache__/* +colors.pyc +output/* diff --git a/danger-zone.py b/danger-zone.py index b0b5989..7570684 100644 --- a/danger-zone.py +++ b/danger-zone.py @@ -41,9 +41,9 @@ domains_from_email = util.get_domain_from_email(email, elastic_output) if len(domains_from_email) > 0: - print "Found domain: " + print("Found domain: ") for i_domain in domains_from_email: - print bcolors.OKGREEN + i_domain + bcolors.ENDC + print(bcolors.OKGREEN + i_domain + bcolors.ENDC) G.add_edge(email, i_domain) answer1 = raw_input("Do you want to check domains? [y/n] ") @@ -61,17 +61,17 @@ ip_help.append(i_ip) G.add_edge(j_domain, i_ip, color='yellow') else: - print "[*] Bye " + print("[*] Bye ") tools.save_graph(G, email) sys.exit() else: - print "No domain found" + print("No domain found") sys.exit() if len(ip_help) > 0: - print "Found following IPs " + print("Found following IPs ") for j_ip in ip_help: - print bcolors.OKGREEN + j_ip + bcolors.ENDC + print(bcolors.OKGREEN + j_ip + bcolors.ENDC) answer2 = raw_input("Do you want to check IP(s)? [y/n] ") if answer2 == "y": @@ -80,16 +80,16 @@ domain_from_ip = util.get_domain_from_ip(k_ip, elastic_output) for k_domain in domain_from_ip: G.add_edge(k_ip, k_domain) - print k_domain + print(k_domain) else: - print "[*] Bye" + print("[*] Bye") tools.save_graph(G, email) sys.exit() else: tools.save_graph(G, email) - print "No IP was found" + print("No IP was found") sys.exit() tools.save_graph(G, email) @@ -102,10 +102,10 @@ domain_from_ip = util.get_domain_from_ip(address, elastic_output) - print "Found domain:" + print("Found domain:") for i_domain in domain_from_ip: G.add_edge(address, i_domain) - print bcolors.OKGREEN + i_domain + bcolors.ENDC + print(bcolors.OKGREEN + i_domain + bcolors.ENDC) if len(domain_from_ip) > 0: answer3 = raw_input("Do you want to check domain(s)? [y/n] ") @@ -130,13 +130,13 @@ tools.save_graph(G, address) else: - print "No domain found" + print("No domain found") sys.exit() if len(emails_help) > 0: - print "Found emails:" + print("Found emails:") for j_email in emails_help: - print j_email + print(j_email) answer4 = raw_input("Do you want to check email(s) [y/n] ") if answer4 == 'y': @@ -151,12 +151,12 @@ tools.save_graph(G, address) sys.exit() else: - print "No email found" + print("No email found") tools.save_graph(G, address) sys.exit() if len(domains_help) > 0: - print "Found domains:" + print("Found domains:") for l_domain in domains_help: tools.finding(l_domain) @@ -167,7 +167,7 @@ G.add_edge(l_domain, l_email) else: tools.save_graph(G, address) - print "No domain found" + print("No domain found") sys.exit() tools.save_graph(G, address) @@ -182,17 +182,17 @@ ip_tmp = util.get_ip_from_domain(domain, elastic_output) email_tmp = util.get_email_from_domain(domain, elastic_output) - print "[*] Found email" + print("[*] Found email") for i_email in email_tmp: G.add_edge(domain, i_email) - print i_email + print(i_email) - print "[*] Found IP: " + print("[*] Found IP: ") for i_ip in ip_tmp: - print bcolors.HEADER + i_ip + bcolors.ENDC + print(bcolors.HEADER + i_ip + bcolors.ENDC) G.add_edge(domain, i_ip) - print "[*] Going deeper..." + print("[*] Going deeper...") for j_email in email_tmp: tools.finding(j_email) domains_from_email1 = util.get_domain_from_email(j_email, elastic_output) diff --git a/domains.py b/domains.py index fed357b..996c4be 100644 --- a/domains.py +++ b/domains.py @@ -16,7 +16,7 @@ def get_tld(self): try: tld_from_domain = get_tld("https://" + self.domain, as_object=True) except: - print "Unknown domain" + print("Unknown domain") return False req_tld = requests.get("https://raw.githubusercontent.com/mikewesthad/tld-data/master/data/tlds.json") @@ -24,7 +24,7 @@ def get_tld(self): for i in json_tld: if i['domain'] == "." + tld_from_domain.extension: - print "." + tld_from_domain.extension + " is sponsored by " + i['sponsor'] + print("." + tld_from_domain.extension + " is sponsored by " + i['sponsor']) def threatcrowd(self, elastic_output): output = {} @@ -33,17 +33,17 @@ def threatcrowd(self, elastic_output): if json_threatcrowd['response_code'] == "0": return False - print "--------------------Threatcrowd module------------------------" + print("--------------------Threatcrowd module------------------------") votes = json_threatcrowd['votes'] trust = "non-trusted" if votes < 0 else "trusted" if votes > 0 else "no opinion" - print "Reputation of " + self.domain + ": " + trust + print("Reputation of " + self.domain + ": " + trust) - print "[*] Domain was resolved to following IPs: " + print("[*] Domain was resolved to following IPs: ") for i, j in enumerate(json_threatcrowd['resolutions']): if i == 3: break if len(j['ip_address']) > 1: - print bcolors.HEADER + j['ip_address'] + bcolors.ENDC + print(bcolors.HEADER + j['ip_address'] + bcolors.ENDC) output[j["ip_address"]] = j["last_resolved"] else: @@ -60,7 +60,7 @@ def threatcrowd(self, elastic_output): # return json_threatcrowd def whois(self, key, elastic_output): - print "-------------------WhoIs module---------------------" + print("-------------------WhoIs module---------------------") req_whois = requests.get("https://api.whoxy.com/?key=" + key + "&whois=" + self.domain) json_whois = json.loads(req_whois.content) # # @@ -68,34 +68,34 @@ def whois(self, key, elastic_output): output = {self.domain: {}} if json_whois['status'] == 0: - print bcolors.FAIL + "Whois Retrieval Failed" + bcolors.ENDC + print(bcolors.FAIL + "Whois Retrieval Failed" + bcolors.ENDC) try: if json_whois['domain_registered'] != 'no': - print "[*] Domain " + bcolors.HEADER + json_whois[ + print("[*] Domain " + bcolors.HEADER + json_whois[ 'domain_name'] + bcolors.ENDC + " was registered on " + bcolors.OKGREEN + json_whois[ - 'create_date'] + bcolors.ENDC + " in " + json_whois['domain_registrar']['registrar_name'] - print "[*] Name servers" + 'create_date'] + bcolors.ENDC + " in " + json_whois['domain_registrar']['registrar_name']) + print("[*] Name servers") output[self.domain]['create_date'] = json_whois['create_date'] for j in json_whois['name_servers']: - print bcolors.OKBLUE + j + bcolors.ENDC + print(bcolors.OKBLUE + j + bcolors.ENDC) output[self.domain]['contact'] = json_whois['registrant_contact'] output[self.domain]['dns'] = json_whois['name_servers'] output[self.domain]['domain_name'] = json_whois['domain_name'] - print "[*] Contact: " + print("[*] Contact: ") for k in json_whois['registrant_contact']: - print bcolors.OKBLUE + json_whois['registrant_contact'][k] + bcolors.ENDC + print(bcolors.OKBLUE + json_whois['registrant_contact'][k] + bcolors.ENDC) else: - print bcolors.FAIL + "No match for domain" + self.domain + bcolors.ENDC + print(bcolors.FAIL + "No match for domain" + self.domain + bcolors.ENDC) except KeyError as e: - print bcolors.FAIL + "No information found about " + e.message + bcolors.ENDC + print(bcolors.FAIL + "No information found about " + e.message + bcolors.ENDC) # create_date, domain_registered, domain_registar, name_servers @@ -108,7 +108,7 @@ def whois(self, key, elastic_output): # return json_whois def whois_history(self, key, elastic_output): - print "-------------------WhoIs history module---------------------" + print("-------------------WhoIs history module---------------------") req_whois_history = requests.get( "http://api.whoxy.com/?key=" + key + "&history=" + self.domain) json_whois_history = json.loads(req_whois_history.content) @@ -117,20 +117,19 @@ def whois_history(self, key, elastic_output): help = 0 if json_whois_history['status'] == 0: - print "Whois Retrieval Failed" + print("Whois Retrieval Failed") return False - print "[*} Found " + bcolors.OKGREEN + str( - json_whois_history['total_records_found']) + bcolors.ENDC + " result(s)" + print("[*} Found " + bcolors.OKGREEN + str( + json_whois_history['total_records_found']) + bcolors.ENDC + " result(s)") if json_whois_history['total_records_found'] > 0: for c, i in enumerate(json_whois_history['whois_records']): try: - print "[*] Domain " + bcolors.HEADER + self.domain + bcolors.ENDC + " was registered on " + i[ - 'create_date'] + " in " + \ - i['domain_registrar']['registrar_name'] + print("[*] Domain " + bcolors.HEADER + self.domain + bcolors.ENDC + " was registered on " + i[ + 'create_date'] + " in " + i['domain_registrar']['registrar_name']) # output = {counter: {'create_date': i['create_date'], 'contact': i['registrant_contact'], # 'dns': i['name_servers']}} output[c] = {} @@ -139,23 +138,23 @@ def whois_history(self, key, elastic_output): output[c]['dns'] = i['name_servers'] output[c]['domain_name'] = i['domain_name'] - print "[*] Contact: " + print("[*] Contact: ") for k in i['registrant_contact']: - print bcolors.OKBLUE + i['registrant_contact'][k] + bcolors.ENDC + print(bcolors.OKBLUE + i['registrant_contact'][k] + bcolors.ENDC) - print "[*] Name servers:" + print("[*] Name servers:") for j in i["name_servers"]: - print bcolors.OKBLUE + j + bcolors.ENDC + print(bcolors.OKBLUE + j + bcolors.ENDC) help = help + 1 except KeyError as e: - print bcolors.FAIL + "No information found about " + e.message + bcolors.ENDC + print(bcolors.FAIL + "No information found about " + e.message + bcolors.ENDC) help = help - 1 - print "---" + print("---") else: - "No records found" + print("No records found") return False # output = { sdate: :{create_date : xxx, contact : {xxx : xxx}, dns : [xxx]} @@ -169,7 +168,7 @@ def whois_history(self, key, elastic_output): # return json_whois_history def virustotal_opinion(self, key): - print "-------------------VirusTotal module---------------------" + print("-------------------VirusTotal module---------------------") req_virustotal = requests.get( "https://www.virustotal.com/vtapi/v2/url/report?apikey=" + key + "&allinfo=true&resource=" + self.domain) @@ -181,11 +180,11 @@ def virustotal_opinion(self, key): json_virustotal = json.loads(req_virustotal.content) if json_virustotal['response_code'] == 0: - print "[*] No results from VirusTotal" + print("[*] No results from VirusTotal") return False - print "[*] Domain " + self.domain + " was last scanned on " + json_virustotal['scan_date'] - print "[*] Has " + str(json_virustotal['positives']) + " positive results" + print("[*] Domain " + self.domain + " was last scanned on " + json_virustotal['scan_date']) + print("[*] Has " + str(json_virustotal['positives']) + " positive results") # dorobic skaner @@ -196,50 +195,49 @@ def virustotal_opinion(self, key): # return json_virustotal def wayback(self): - print "----------------------Wayback Machine module------------------------" + print("----------------------Wayback Machine module------------------------") req_wayback = requests.get("http://archive.org/wayback/available?url=" + self.domain) json_wayback = json.loads(req_wayback.content) if json_wayback['archived_snapshots']: - print json_wayback['archived_snapshots']['closest']['url'] + print(json_wayback['archived_snapshots']['closest']['url']) else: - print "No results for " + self.domain + print("No results for " + self.domain) return json_wayback - # print res def virustotal(self, key, elastic_output): output = {self.domain: []} help = 0 - print "----------------VirusTotal module---------------------------" + print("----------------VirusTotal module---------------------------") req_virustotal = requests.get( "https://www.virustotal.com/vtapi/v2/domain/report?apikey=" + key + "&domain=" + self.domain) if req_virustotal.status_code == 204: - print "API limitation, putting into sleep for 70 sec" + print("API limitation, putting into sleep for 70 sec") time.sleep(70) req_virustotal = requests.get( "https://www.virustotal.com/vtapi/v2/domain/report?apikey=" + key + "&domain=" + self.domain) if req_virustotal.status_code == 403: - print "Wrong API key, no more info can be gathered" + print("Wrong API key, no more info can be gathered") sys.exit() json_virustotal = json.loads(req_virustotal.content) if json_virustotal['response_code'] != 0: - print "[*] Domain was resolved to following IPs: " + print("[*] Domain was resolved to following IPs: ") for i in json_virustotal['resolutions']: - print bcolors.HEADER + i['ip_address'] + bcolors.ENDC + " on " + bcolors.OKBLUE + i[ - 'last_resolved'] + bcolors.ENDC + print(bcolors.HEADER + i['ip_address'] + bcolors.ENDC + " on " + bcolors.OKBLUE + i[ + 'last_resolved'] + bcolors.ENDC) output[self.domain].append(i['ip_address']) help = help + 1 if help > 2: break else: - print bcolors.FAIL + "Nothing found" + bcolors.ENDC + print(bcolors.FAIL + "Nothing found" + bcolors.ENDC) # output = { self.domain : [xxx.xxx,zzz.zzz,yyy.yyy] if elastic_output: diff --git a/emails.py b/emails.py index b5c083b..8b74255 100644 --- a/emails.py +++ b/emails.py @@ -15,25 +15,25 @@ class Email: def __init__(self, email_address): self.email_address = email_address - print bcolors.UNDERLINE + "------------------Trumail module----------------" + bcolors.ENDC - print "[*] Checking for validity" + print(bcolors.UNDERLINE + "------------------Trumail module----------------" + bcolors.ENDC) + print("[*] Checking for validity") req_trumail = requests.get("https://api.trumail.io/v2/lookups/json?email=" + self.email_address) self.json_trumail = json.loads(req_trumail.content) try: if not self.json_trumail['validFormat']: - print bcolors.FAIL + "[*] Wrong email format" + bcolors.ENDC + print(bcolors.FAIL + "[*] Wrong email format" + bcolors.ENDC) sys.exit() elif not self.json_trumail['deliverable']: - print "It seems like email address " + bcolors.FAIL + email_address + bcolors.ENDC + " is not deliverable" + print("It seems like email address " + bcolors.FAIL + email_address + bcolors.ENDC + " is not deliverable") elif not self.json_trumail['hostExists']: - print bcolors.FAIL + email_address + bcolors.ENDC + " may be not real because host does not exists" + print(bcolors.FAIL + email_address + bcolors.ENDC + " may be not real because host does not exists") else: - print bcolors.OKGREEN + "Email test passed" + bcolors.ENDC + print(bcolors.OKGREEN + "Email test passed" + bcolors.ENDC) except KeyError: - print "No response received from mail server" + print("No response received from mail server") def whoxy(self, key, elastic_output): - print bcolors.UNDERLINE + "------------Reverse whoxy module-----------------------" + bcolors.ENDC + print(bcolors.UNDERLINE + "------------Reverse whoxy module-----------------------" + bcolors.ENDC) req_whoxy = requests.get( "https://api.whoxy.com/?key=" + key + "&reverse=whois&email=" + self.email_address) json_whoxy = json.loads(req_whoxy.content) @@ -41,7 +41,7 @@ def whoxy(self, key, elastic_output): output = {self.email_address: {}} if json_whoxy['status'] == 0: - print json_whoxy['status_reason'] + print(json_whoxy['status_reason']) sys.exit() guard = 0 @@ -49,15 +49,15 @@ def whoxy(self, key, elastic_output): # with open('whois_history.json') as f: # data = json.load(f) - print "Found " + bcolors.OKGREEN + str(json_whoxy[ - 'total_results']) + bcolors.ENDC + " results for email: " + bcolors.HEADER + self.email_address + bcolors.ENDC + print("Found " + bcolors.OKGREEN + + str(json_whoxy['total_results']) + bcolors.ENDC + + " results for email: " + bcolors.HEADER + self.email_address + bcolors.ENDC) if json_whoxy['total_results'] > 0: for i in json_whoxy['search_result']: - print "[*] Domain " + bcolors.HEADER + i[ - 'domain_name'] + bcolors.ENDC + " was registered on " + bcolors.OKGREEN + i[ - 'create_date'] + bcolors.ENDC + print("[*] Domain " + bcolors.HEADER + i['domain_name'] + + bcolors.ENDC + " was registered on " + bcolors.OKGREEN + i['create_date'] + bcolors.ENDC) output[self.email_address][guard] = {i['domain_name']: {}} output[self.email_address][guard]['domain_name'] = i['domain_name'] output[self.email_address][guard]['create_date'] = i['create_date'] @@ -68,18 +68,18 @@ def whoxy(self, key, elastic_output): # output[self.email_address][i['domain_name']]['create_date']= i['create_date'] # output[self.email_address][i['domain_name']]['contact'] = i['registrant_contact'] # output[self.email_address][i['domain_name']]['dns'] = i['name_servers'] - print "[*] Name servers:" + print("[*] Name servers:") for j in i['name_servers']: - print bcolors.OKBLUE + j + bcolors.ENDC + print(bcolors.OKBLUE + j + bcolors.ENDC) - print "[*] Contact: " + print("[*] Contact: ") for k in i['registrant_contact']: - print bcolors.OKBLUE + i['registrant_contact'][k] + bcolors.ENDC + print(bcolors.OKBLUE + i['registrant_contact'][k] + bcolors.ENDC) except KeyError as e: guard = guard - 1 - print e - print "No more info" + print(str(e)) + print("No more info") guard = guard + 1 @@ -87,7 +87,7 @@ def whoxy(self, key, elastic_output): break else: - print "No records found" + print("No records found") # domain_name : create_date : xxx, dn # output = { self.email :{domain : xxx, create_date : xxx, contact : {xxx : xxx}, dns : [xxx]} @@ -100,16 +100,16 @@ def whoxy(self, key, elastic_output): # return json_whoxy def haveibeenpwned(self): - print bcolors.UNDERLINE + "-------------------HaveIBeenPwned module---------------------" + bcolors.ENDC + print(bcolors.UNDERLINE + "-------------------HaveIBeenPwned module---------------------" + bcolors.ENDC) user_agent = { "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36"} req_haveibeenpwned = requests.get("https://haveibeenpwned.com/api/v2/breachedaccount/" + self.email_address, headers=user_agent) if req_haveibeenpwned.status_code != 200: if req_haveibeenpwned.status_code == 404: - print "account not pwned" + print("account not pwned") return False - print "Connection error " + str(req_haveibeenpwned.status_code) + " " + req_haveibeenpwned.text + print("Connection error " + str(req_haveibeenpwned.status_code) + " " + req_haveibeenpwned.text) return False json_haveibeenpwned = json.loads(req_haveibeenpwned.content) @@ -119,17 +119,17 @@ def haveibeenpwned(self): if len(domains) > 0: for i in domains: - print bcolors.OKGREEN + i + bcolors.ENDC + print(bcolors.OKGREEN + i + bcolors.ENDC) else: - print "No results" + print("No results") return domains def check_username(self): - print bcolors.UNDERLINE + "-------------------Checking usernames---------------------" + bcolors.ENDC + print(bcolors.UNDERLINE + "-------------------Checking usernames---------------------" + bcolors.ENDC) username = self.email_address.split('@')[0] - print "[*] https://username-availability.herokuapp.com/" - print "[*] Looking for username " + bcolors.OKGREEN + username + bcolors.ENDC + print("[*] https://username-availability.herokuapp.com/") + print("[*] Looking for username " + bcolors.OKGREEN + username + bcolors.ENDC) social_sites = ["asciinema", "behance", "deviantart", "facebook", "twitter", "instagram", "medium", "gitlab", "github", "openhub", "pinterest", "soundcloud", "tumblr"] @@ -139,21 +139,21 @@ def check_username(self): social_sites_req = requests.get("https://username-availability.herokuapp.com/check/" + i + "/" + username) social_sites_json = json.loads(social_sites_req.content) if social_sites_json['usable']: - print social_sites_json['url'] + print(social_sites_json['url']) possible_accounts.append(social_sites_json['url']) return possible_accounts def google(self): - print bcolors.UNDERLINE + "------------Google module---------------------" + bcolors.ENDC - print "First Page" + print(bcolors.UNDERLINE + "------------Google module---------------------" + bcolors.ENDC) + print("First Page") search_results = google.search("\"" + self.email_address + "\"", 1) results = {} others = [] for result in search_results: - print bcolors.OKGREEN + result.name + bcolors.ENDC - print bcolors.FAIL + result.description + bcolors.ENDC - print result.link + print(bcolors.OKGREEN + result.name + bcolors.ENDC) + print(bcolors.FAIL + result.description + bcolors.ENDC) + print(result.link) others.append(result.name) others.append(result.description) others.append(result.link) diff --git a/ip.py b/ip.py index dad6edb..3b19769 100644 --- a/ip.py +++ b/ip.py @@ -5,7 +5,7 @@ import tools import sys - +from itertools import islice # es = Elasticsearch([{'host': 'localhost', 'port': 9200}]) @@ -14,23 +14,22 @@ class Ip: def __init__(self, ip_address): self.ip_address = ip_address - def geolocation(self, elastic_output): - print "-------------Geolocation module---------------------" + def geolocation(self, elastic_output): + print("-------------Geolocation module---------------------") req_geolocation = requests.get("https://extreme-ip-lookup.com/json/" + self.ip_address) json_geolocation = json.loads(req_geolocation.content) - + try: business_name = json_geolocation['businessName'] - print bcolors.HEADER + self.ip_address + bcolors.ENDC + " belongs to " + bcolors.OKGREEN + business_name if len( - business_name) > 0 else "No business name for that IP" - print "It is from " + bcolors.OKGREEN + json_geolocation['country'] + ", " + json_geolocation[ - 'city'] + ", " + json_geolocation[ - 'region'] + bcolors.ENDC + print(bcolors.HEADER + self.ip_address + bcolors.ENDC + " belongs to " + bcolors.OKGREEN + business_name if len( + business_name) > 0 else "No business name for that IP") + print("It is from " + bcolors.OKGREEN + json_geolocation['country'] + ", " + json_geolocation[ + 'city'] + ", " + json_geolocation['region'] + bcolors.ENDC) except KeyError: - print bcolors.FAIL + "Error" + bcolors.ENDC + print(bcolors.FAIL + "Error" + bcolors.ENDC) - coordinates = dict(json_geolocation.items()[8:11]) + coordinates = dict(list(islice(json_geolocation.items(), 9, 11))) if elastic_output: tools.elast('coordinates', 'ip', coordinates) @@ -39,7 +38,7 @@ def geolocation(self, elastic_output): return coordinates def threatcrowd_ip(self, elastic_output): - print "----------------ThreatCrowd module---------------------------" + print("----------------ThreatCrowd module---------------------------") req_threatcrowd = requests.get("https://www.threatcrowd.org/searchApi/v2/ip/report/?ip=" + self.ip_address) json_threatcrowd = json.loads(req_threatcrowd.content) @@ -51,25 +50,25 @@ def threatcrowd_ip(self, elastic_output): output = {self.ip_address: {}} if json_threatcrowd['response_code'] == 0: - print "[*] " + bcolors.FAIL + "No information about " + bcolors.HEADER + self.ip_address + bcolors.ENDC + print("[*] " + bcolors.FAIL + "No information about " + bcolors.HEADER + self.ip_address + bcolors.ENDC) return False try: - newlist = sorted(json_threatcrowd['resolutions'], key=lambda k: k['last_resolved']) + newlist = sorted(json_threatcrowd['resolutions'], key = lambda k: k['last_resolved']) except KeyError: newlist = [] - print "Error" + print("Error") - print "[*] Newest resolution from ThreatCrowd" + print("[*] Newest resolution from ThreatCrowd") for i, j in enumerate(reversed(newlist)): - print bcolors.HEADER + self.ip_address + bcolors.ENDC + " was resolved to " + bcolors.OKGREEN + j[ - 'domain'] + bcolors.ENDC + " on " + bcolors.OKGREEN + j['last_resolved'] + bcolors.ENDC + print(bcolors.HEADER + self.ip_address + bcolors.ENDC + " was resolved to " + bcolors.OKGREEN + j[ + 'domain'] + bcolors.ENDC + " on " + bcolors.OKGREEN + j['last_resolved'] + bcolors.ENDC) output[self.ip_address]['domain'] = j['domain'] output[self.ip_address]['last_resolved'] = j['last_resolved'] if i == 2: break trust = bcolors.WARNING + "non-trusted" + bcolors.ENDC if votes < 0 else bcolors.OKGREEN + "trusted" + bcolors.ENDC if votes > 0 else "no opinion" - print "Reputation of " + bcolors.HEADER + self.ip_address + bcolors.ENDC + ": " + trust + print("Reputation of " + bcolors.HEADER + self.ip_address + bcolors.ENDC + ": " + trust) output[self.ip_address]['trust'] = trust @@ -84,46 +83,46 @@ def threatcrowd_ip(self, elastic_output): def virustotal(self, key, elastic_output): help = 0 output = {self.ip_address: {'detected': {}, 'hostname': {}}} - print "----------------VirusTotal module---------------------------" + print("----------------VirusTotal module---------------------------") req_virustotal = requests.get( "https://www.virustotal.com/vtapi/v2/ip-address/report?apikey=" + key + "&ip=" + self.ip_address) if req_virustotal.status_code == 403: - print "Wrong API key, no more info can be gathered" + print("Wrong API key, no more info can be gathered") sys.exit() if req_virustotal.status_code == 204: - print "API limit, putting into sleep for 70 sec" + print("API limit, putting into sleep for 70 sec") time.sleep(70) req_virustotal = requests.get( "https://www.virustotal.com/vtapi/v2/ip-address/report?apikey=" + key + "&ip=" + self.ip_address) json_virustotal = json.loads(req_virustotal.content) - print "[*] Following url(s) was/were hosted on ip " + bcolors.HEADER + self.ip_address + bcolors.ENDC + ' and consider as dangerous: ' + print("[*] Following url(s) was/were hosted on ip " + bcolors.HEADER + self.ip_address + bcolors.ENDC + ' and consider as dangerous: ') try: for i in json_virustotal['detected_urls']: # output[self.ip_address]['detected']['url'] = i['url'] output[self.ip_address]['detected'][i['url']] = i['scan_date'] - print i['url'] + " on " + bcolors.OKGREEN + i['scan_date'] + bcolors.ENDC + print(i['url'] + " on " + bcolors.OKGREEN + i['scan_date'] + bcolors.ENDC) help = help + 1 if help == 3: break except KeyError: - print "Nothing found" + print("Nothing found") return False sorted_json_virustotal = sorted(json_virustotal['resolutions'], key=lambda k: k['last_resolved'], reverse=True) help = 0 - print "[*] Newest resolution from VirusTotal" + print("[*] Newest resolution from VirusTotal") for i in sorted_json_virustotal: if help < 3: - print bcolors.HEADER + self.ip_address + bcolors.ENDC + " was resolved to " + bcolors.OKGREEN + i[ - 'hostname'] + bcolors.ENDC + " on " + bcolors.OKGREEN + i['last_resolved'] + bcolors.ENDC + print(bcolors.HEADER + self.ip_address + bcolors.ENDC + " was resolved to " + bcolors.OKGREEN + i[ + 'hostname'] + bcolors.ENDC + " on " + bcolors.OKGREEN + i['last_resolved'] + bcolors.ENDC) output[self.ip_address]['hostname'][i['hostname']] = i['last_resolved'] help = help + 1 else: diff --git a/tools.py b/tools.py index a2d2d21..dd773ff 100644 --- a/tools.py +++ b/tools.py @@ -14,7 +14,7 @@ def parse_config(): with open(conf_file, 'r') as read_conf: conf = json.load(read_conf) except Exception as e: - print "Unable to parse config file: {0}".format(e) + print("Unable to parse config file: {0}".format(e)) sys.exit() return conf @@ -24,10 +24,10 @@ def test_connection(): config = parse_config() try: es = Elasticsearch(host=config['elastic']['host'], port=config['elastic']['port']) - print "Succesfully connected to ElasticSearch" + print("Succesfully connected to ElasticSearch") return es except: - print 'Unable to connect to Elasticsearch. \nCheck your connection and settings.json file' + print('Unable to connect to Elasticsearch. \nCheck your connection and settings.json file') sys.exit() @@ -36,7 +36,7 @@ def elast(index, doc_type, body): es = Elasticsearch(host=config['elastic']['host'], port=config['elastic']['port']) # es = Elasticsearch([{'host': 'localhost', 'port': 9200}]) ids = [] - print "[*] Saving output to Elasticsearch" + print("[*] Saving output to Elasticsearch") try: resp = es.search(index=index) for i in resp['hits']['hits']: @@ -62,7 +62,10 @@ def json_output(name, filename, data): def finding(finding): - print bcolors.OKGREEN + "---------------------------------------------------------" + bcolors.ENDC + finding + bcolors.OKGREEN + "---------------------------------------------------------" + bcolors.ENDC + print(bcolors.OKGREEN + + "---------------------------------------------------------" + + bcolors.ENDC + finding + bcolors.OKGREEN + + "---------------------------------------------------------" + bcolors.ENDC) def save_graph(G, name): @@ -75,7 +78,7 @@ def save_graph(G, name): # plt.figure(figsize=(10,10)) timestr = time.strftime("%Y%m%d-%H%M%S") - print "[*] Saving graph to graph/" + timestr + '-' + name + ".png" + print("[*] Saving graph to graph/" + timestr + '-' + name + ".png") plt.savefig(directory + timestr + '-' + name + ".png") plt.show() raw_input("Press Enter to quit...") diff --git a/utils.py b/utils.py index 71a6360..d4c872a 100644 --- a/utils.py +++ b/utils.py @@ -73,7 +73,7 @@ def get_ip_from_domain(self, domain_name, elastic_output): for i in domain_virustotal[domain_name]: new_ip.append(i) else: - print "Nothing found" + print("Nothing found") return new_ip