You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Right now Shodan and Censys are just a collection of independent functions. This causes a lot of crappy logic in helper.py to the tune of if service == "censys-v2": iocs = censys.censys_v2_extract_certs(iocs, new_res).
Ideally each active plugin would be loaded as a generic, repeatable class, and we could just loop through all active plugins at each of these steps instead of explicitly looking for the slugs we know we've defined.
For example, censys.py does the following:
Search for certificate data
Clean JSON blobs
Remove data from keys that is likely to be highly variable (timestamps, crawler IDs, etc)
Extract certificates from JSON blob and add to IOCs
Run a custom search against Censys
Search Censys for IPs related to a specific certificate
Get the details of a specific IP/host
shodan.py basically does the same exact stuff. This should pretty much always be the same for all plugins capable of generating misphunter-host objects.
clean JSON blobs
Remove data from keys that is likely to be highly variable (timestamps, crawler IDs, etc)
Extract certificates from JSON blob and add to IOCs
Run a custom search against Shodan
Search Shodan for IPs related to a specific certificate
Get the details of a specific IP/host
The text was updated successfully, but these errors were encountered:
Right now Shodan and Censys are just a collection of independent functions. This causes a lot of crappy logic in
helper.py
to the tune ofif service == "censys-v2": iocs = censys.censys_v2_extract_certs(iocs, new_res)
.Ideally each active plugin would be loaded as a generic, repeatable class, and we could just loop through all active plugins at each of these steps instead of explicitly looking for the slugs we know we've defined.
For example,
censys.py
does the following:shodan.py
basically does the same exact stuff. This should pretty much always be the same for all plugins capable of generating misphunter-host objects.The text was updated successfully, but these errors were encountered: