Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

scripts #1735

Closed
wants to merge 1 commit into from
Closed

scripts #1735

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 18 additions & 0 deletions crowd.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
import requests
import os

os.environ["http_proxy"] = "http://a:[email protected]:3"
os.environ["https_proxy"] = "http://user:[email protected]:3"
os.environ["no_proxy"] = "localhost,127.0.0.0/8,*.local"

url = "https://api.us-2.crowdstrike.com:443/oauth2/token"

session = requests.Session()
session.trust_env = True

h = {"Accept":"application/json","Content-Type":"application/x-www-form-urlencoded","user-agent":"oca_stixshifter_1.0"}
params = {"client_id":"asdf","client_secret":"asdf"}

r = session.post(url, headers=h, params=params).json()

print(r)
14 changes: 14 additions & 0 deletions crowd.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
export http_proxy="http://a:[email protected]:3"
export https_proxy="http://a:[email protected]:3"
export no_proxy="localhost,127.0.0.0/8,*.local,s3.us-east-1.amazonaws.com"

export STIX_SHIFTER_ENABLE_TRUST_ENV="true"

echo "================CURL================="
curl -v l-location 'https://api.us-2.crowdstrike.com:443/oauth2/token' --header 'accept: application/json' --header 'user-agent: oca_stixshifter_1.0' --header 'Content-Type: application/x-www-form-urlencoded' --data-urlencode 'client_id=asfd' --data-urlencode 'client_secret=asdf'
echo "================Python Request ==============="
python crowd.py :q!
echo "================Stix Shifter===================="
python main.py transmit crowdstrike "{\"host\":\"api.us-2.crowdstrike.com\"}" "{\"auth\":{\"client_id\":\"asdf\", \"client_secret\":\"asdf\"}}" ping
echo "================Stix Shifter===================="
python main.py transmit stix_bundle "{\"host\":\"https://raw.githubusercontent.com/opencybersecurityalliance/stix-shifter/develop/data/cybox/qradar/qradar_observed_2000.json\"}" "{\"auth\":{}}" ping
21 changes: 21 additions & 0 deletions images.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
import yaml

with open("list.txt") as stream:
try:
image_list = yaml.safe_load(stream)
list = ""

for image, information in image_list.items():
image_info = information[0]

image_name = image_info['image']
image_tag = image_info['tag']

image_name_tag = image_name + ":" + image_tag

list += image_name_tag + " "

print(list)

except yaml.YAMLError as exc:
print(exc)
228 changes: 228 additions & 0 deletions list.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,228 @@
atp:
- name: main
image: isc-car-connector-atp
tag: 2.8.10
aws:
- name: main
image: isc-car-connector-aws
tag: 2.8.10
azure:
- name: main
image: isc-car-connector-azure
tag: 2.8.10
drm:
- name: main
image: isc-car-connector-drm
tag: 1.4.1
carcybereason:
- name: main
image: isc-car-connector-cybereason
tag: 2.8.10
carcrowdstrike:
- name: main
image: isc-car-connector-crowdstrike
tag: 2.8.10
gcp:
- name: main
image: isc-car-connector-gcp
tag: 2.8.10
guardium:
- name: main
image: isc-car-connector-guardium
tag: 1.4.0
iam:
- name: main
image: isc-car-connector-iam
tag: 1.4.4
carqradar:
- name: main
image: isc-car-connector-qradar
tag: 3.1.6.2
tanium:
- name: main
image: isc-car-connector-tanium
tag: 2.8.10
tenable:
- name: main
image: isc-car-connector-tenable
tag: 1.6.4
nozomi:
- name: main
image: isc-car-connector-nozomi
tag: 2.8.10
okta:
- name: main
image: isc-car-connector-okta
tag: 2.8.10
proofpoint:
- name: main
image: isc-car-connector-proofpoint
tag: 2.8.10
qualys:
- name: main
image: isc-car-connector-qualys
tag: 2.8.10
randori:
- name: main
image: isc-car-connector-randori
tag: 2.8.10
rhacs:
- name: main
image: isc-car-connector-rhacs
tag: 2.8.10
arcsight:
- name: main
image: stix_shifter_modules_arcsight
tag: 7.1.0
awsathena:
- name: main
image: stix_shifter_modules_aws_athena
tag: 7.1.0
awscloudwatchlogs:
- name: main
image: stix_shifter_modules_aws_cloud_watch_logs
tag: 7.1.0
udiawsguardduty:
- name: main
image: stix_shifter_modules_aws_guardduty
tag: 7.1.0
udiazureloganalytics:
- name: main
image: stix_shifter_modules_azure_log_analytics
tag: 7.1.0
azuresentinel:
- name: main
image: stix_shifter_modules_azure_sentinel
tag: 7.1.0
bigfix:
- name: main
image: stix_shifter_modules_bigfix
tag: 7.1.0
carbonblack:
- name: main
image: stix_shifter_modules_carbonblack
tag: 7.1.0
cbcloud:
- name: main
image: stix_shifter_modules_cbcloud
tag: 7.1.0
udiciscosecureemail:
- name: main
image: stix_shifter_modules_cisco_secure_email
tag: 7.1.0
crowdstrike:
- name: main
image: stix_shifter_modules_crowdstrike
tag: 7.1.0
udicrowdstrikelogscale:
- name: main
image: stix_shifter_modules_crowdstrike_logscale
tag: 7.1.0
cybereason:
- name: main
image: stix_shifter_modules_cybereason
tag: 7.1.0
udidarktrace:
- name: main
image: stix_shifter_modules_darktrace
tag: 7.1.0
elasticecs:
- name: main
image: stix_shifter_modules_elastic_ecs
tag: 7.1.0
udigcpchronicle:
- name: main
image: stix_shifter_modules_gcp_chronicle
tag: 7.1.0
udiguardium:
- name: main
image: stix_shifter_modules_guardium
tag: 7.1.0
udiibmsecurityverify:
- name: main
image: stix_shifter_modules_ibm_security_verify
tag: 7.1.0
msatp:
- name: main
image: stix_shifter_modules_msatp
tag: 7.1.0
udinozomivantage:
- name: main
image: stix_shifter_modules_nozomi_vantage
tag: 7.1.0
udiokta:
- name: main
image: stix_shifter_modules_okta
tag: 7.1.0
onelogin:
- name: main
image: stix_shifter_modules_onelogin
tag: 7.1.0
udipaloalto:
- name: main
image: stix_shifter_modules_paloalto
tag: 7.1.0
udiproofpoint:
- name: main
image: stix_shifter_modules_proofpoint
tag: 7.1.0
proxy:
- name: main
image: stix_shifter_modules_proxy
tag: 7.1.0
qradar:
- name: main
image: stix_shifter_modules_qradar
tag: 7.1.0
udireaqta:
- name: main
image: stix_shifter_modules_reaqta
tag: 7.1.0
udirhacs:
- name: main
image: stix_shifter_modules_rhacs
tag: 7.1.0
secretserver:
- name: main
image: stix_shifter_modules_secretserver
tag: 7.1.0
securityadvisor:
- name: main
image: stix_shifter_modules_security_advisor
tag: 7.1.0
udisentinelone:
- name: main
image: stix_shifter_modules_sentinelone
tag: 7.1.0
splunk:
- name: main
image: stix_shifter_modules_splunk
tag: 7.1.0
stixbundle:
- name: main
image: stix_shifter_modules_stix_bundle
tag: 7.1.0
udisumologic:
- name: main
image: stix_shifter_modules_sumologic
tag: 7.1.0
udisymantecendpointsecurity:
- name: main
image: stix_shifter_modules_symantec_endpoint_security
tag: 7.1.0
uditanium:
- name: main
image: stix_shifter_modules_tanium
tag: 7.1.0
uditrellixendpointsecurityhx:
- name: main
image: stix_shifter_modules_trellix_endpoint_security_hx
tag: 7.1.0
udivectra:
- name: main
image: stix_shifter_modules_vectra
tag: 7.1.0
udisysdig:
- name: main
image: stix_shifter_modules_sysdig
tag: 7.1.0
Loading