Skip to content

Commit

Permalink
Merge pull request #18 from PitterPatterPython/spycloud-inv-funcs
Browse files Browse the repository at this point in the history
Spycloud inv funcs
  • Loading branch information
robd518 authored Sep 26, 2024
2 parents aa3c9d5 + 3084ddd commit 900cef3
Show file tree
Hide file tree
Showing 2 changed files with 64 additions and 2 deletions.
64 changes: 63 additions & 1 deletion ppp_connectors/spycloud.py
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
from typing import Dict, Any, List
from requests import Response
import sys
from .broker import make_request
from .helpers import check_required_env_vars, combine_env_configs

Expand Down Expand Up @@ -141,7 +142,7 @@ def spycloud_ato_phone_number(phone_number:str, **kwargs: Dict[str, Any]) -> Res
search for the sha1, sha256, or sha512 hash of the phone number.
Returns:
Response: requests.Respone json response from the request
Response: requests.Response json response from the request
"""

# Define required environment variables
Expand All @@ -165,6 +166,16 @@ def spycloud_ato_phone_number(phone_number:str, **kwargs: Dict[str, Any]) -> Res
return result

def spycloud_ato_breach_catalog(query:str, **kwargs: Dict[str, Any]) -> Response:
"""List or Query the Breach Catalog
Args:
query (str): Query value to search the breach catalog for.
Returns:
Response: requests.Response json response from the request
"""

# Define required environment variables
required_vars: List[str] = [
Expand All @@ -187,4 +198,55 @@ def spycloud_ato_breach_catalog(query:str, **kwargs: Dict[str, Any]) -> Response

result: Response = make_request(method=method, url=url, headers=headers, params=params)

return result

def spycloud_inv_search(search_type: str, query:str, **kwargs: Dict[str, Any]) -> Response:

# Define required environment variables
required_vars: List[str] = [
'SPYCLOUD_API_INV_KEY'
]

# Check and ensure that required variables are present, exits if not
check_required_env_vars(env_config, required_vars)

# These are valid endpoints and their corresponding full URLs. We'll use these
# to check that the user passed a valid 'search_type' parameter
base_url: str = 'https://api.spycloud.io/investigations-v2/breach/data'
valid_endpoints: Dict[str, str] = {
'domain': f'{base_url}/domains',
'email': f'{base_url}/emails',
'ip': f'{base_url}/ips',
'infected-machine-id': f'{base_url}/infected-machine-ids',
'log-id': f'{base_url}/log-ids',
'password': f'{base_url}/passwords',
'username': f'{base_url}/usernames',
'email-username': f'{base_url}/email-usernames',
'phone-number': f'{base_url}/phone-numbers',
'social-handle': f'{base_url}/social-handles',
'bank-number': f'{base_url}/bank-numbers',
'cc-number': f'{base_url}/cc-numbers',
'drivers-license': f'{base_url}/drivers-licenses',
'national-id': f'{base_url}/national-ids',
'passport-number': f'{base_url}/passport-numbers',
'ssn': f'{base_url}/social-security-numbers',
}

# Completely exit if they supply an invalid search_type
if search_type not in valid_endpoints:
print(f'[!] Error: "{search_type}" is not a valid search type. Must be one of '
f'{", ".join(valid_endpoints.keys())}', file=sys.stderr)
sys.exit(1)

method: str = 'get'
url: str = f'{valid_endpoints[search_type]}/{query}'

headers: Dict = {
'accept': 'application/json',
'x-api-key': env_config['SPYCLOUD_API_INV_KEY']
}
params: Dict = dict(kwargs)

result: Response = make_request(method=method, url=url, headers=headers, params=params)

return result
2 changes: 1 addition & 1 deletion pyproject.toml
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
[tool.poetry]
name = "ppp-connectors"
packages = [{ include = "ppp_connectors" }]
version = "0.3.0"
version = "0.3.1"
description = "A simple, lightweight set of connectors and functions to various APIs, controlled by a central broker."
authors = [
"Rob D'Aveta <[email protected]>",
Expand Down

0 comments on commit 900cef3

Please sign in to comment.