-
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsearch_url.py
62 lines (56 loc) · 2.87 KB
/
search_url.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
import requests, argparse, json
import virustotal_python
from pprint import pprint
from base64 import urlsafe_b64encode
def nslookup(url):
main_url = "https://dns-lookup5.p.rapidapi.com/simple"
querystring = {"domain":url,"recordType":"NS"}
headers = {
"X-RapidAPI-Key": "<Enter RapidAPI key>",
"X-RapidAPI-Host": "dns-lookup5.p.rapidapi.com"
}
response = requests.request("GET", main_url, headers=headers, params=querystring)
print("nslookup results:")
print(response.json())
print("----------------------------------------------------------------------------------------------------------")
def safe_browsing(url):
key='<Enter Google SafeBrowsing Key>'
url = "https://safebrowsing.googleapis.com/v4/threatMatches:find"
payload = {'client': {'clientId': "phishing", 'clientVersion': "0.1"},
'threatInfo': {'threatTypes': ["SOCIAL_ENGINEERING", "MALWARE", "POTENTIALLY_HARMFUL_APPLICATION"],
'platformTypes': ["ANY_PLATFORM"],
'threatEntryTypes': ["URL"],
'threatEntries': [{'url': "http://malware.testing.google.test/testing/malware/"}]
}
}
params = {'key': api_key}
response = requests.post(url, params=params, json=payload)
print("Google Safe SafeBrowsing Results:")
print(response.json())
print("----------------------------------------------------------------------------------------------------------")
def virustotal_search(url):
with virustotal_python.Virustotal("<Enter VirusTotal Key>") as vtotal:
try:
resp = vtotal.request("urls", data={"url": url}, method="POST")
# Safe encode URL in base64 format
# https://developers.virustotal.com/reference/url
url_id = urlsafe_b64encode(url.encode()).decode().strip("=")
report = vtotal.request(f"urls/{url_id}")
print("VirusTotal Results:")
pprint(report.object_type)
pprint(report.data)
print("----------------------------------------------------------------------------------------------------------")
except virustotal_python.VirustotalError as err:
print(f"Failed to send URL: {url} for analysis to VirusTotal and get the report: {err}")
print("----------------------------------------------------------------------------------------------------------")
if __name__ == "__main__":
parser = argparse.ArgumentParser()
parser = argparse.ArgumentParser(description="Check the maliciousness of a URL")
parser.add_argument("--url", help="URL to be investigated")
args = parser.parse_args()
if args.url:
url_search = args.url
print("----------------------------------RESULTS----------------------------------------------------------")
nslookup(url_search)
safe_browsing(url_search)
virustotal_search(url_search)