Skip to content

InQuest/python-inquestlabs

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

81 Commits
tests
tests
 
 
.gitignore
.gitignore
 
 
.travis.yml
.travis.yml
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
inquestlabs.py
inquestlabs.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

python-inquestlabs

A Pythonic interface and command line tool for interacting with the InQuest Labs API. Note that an API key is not required to interact with this API. Users without an API key are rate limited to 1,337 requests in 24-hour sliding window and are unable to download samples (sorry, we tried, too much abuse). Fret not however, API keys are free. Simply get in touch letting us know who you are, what kind of research you're doing, and what kind of volume of requests we may expect to see from you.

Searchable API documentation with multi-language snippets: https://labs.inquest.net/docs/

OpenAPI (Swagger) specification: https://app.swaggerhub.com/apis-docs/InQuest.net/InQuestLabs/1.0

InQuest Labs Command Line Driver

Usage:
    inquestlabs [options] dfi list
    inquestlabs [options] dfi details <sha256> [--attributes]
    inquestlabs [options] dfi download <sha256> <path>
    inquestlabs [options] dfi attributes <sha256> [--filter=<filter>]
    inquestlabs [options] dfi search (code|context|metadata|ocr) <keyword>
    inquestlabs [options] dfi search (md5|sha1|sha256|sha512) <hash>
    inquestlabs [options] dfi search (domain|email|filename|ip|url|xmpid) <ioc>
    inquestlabs [options] dfi sources
    inquestlabs [options] dfi upload <path>
    inquestlabs [options] iocdb list
    inquestlabs [options] iocdb search <keyword>
    inquestlabs [options] iocdb sources
    inquestlabs [options] repdb list
    inquestlabs [options] repdb search <keyword>
    inquestlabs [options] repdb sources
    inquestlabs [options] yara (b64re|base64re) <regex> [(--big-endian|--little-endian)]
    inquestlabs [options] yara hexcase <instring>
    inquestlabs [options] yara uint <instring> [--offset=<offset>] [--hex]
    inquestlabs [options] yara widere <regex> [(--big-endian|--little-endian)]
    inquestlabs [options] stats

Options:
    --api=<apikey>      Specify an API key.
    --config=<config>   Configuration file with API key [default: ~/.iqlabskey].
    --debug             Docopt debugging.
    --filter=<filter>   Filter by attributes type (domain, email, filename, ip, url, xmpid)
    -h --help           Show this screen.
    --hex               Treat <instring> as hex bytes.
    -l --limits         Show remaining API credits and limit reset window.
    --proxy=<proxy>     Intermediate proxy
    --verbose=<level>   Verbosity level, outputs to stderr [default: 0].
    --version           Show version.

InQuest Labs API Integrations

The following third-party projects integrate with InQuest Labs:

Get in touch or issue a pull-request to get your project listed.

Testing

Use pytest to test each case (or individually by specifying which file to test):

pytest tests/*

About

A Pythonic interface and command line tool for interacting with the InQuest Labs API.

labs.inquest.net

Resources

Readme

License

GPL-2.0 license

Contributing

Contributing
Activity
Custom properties

Stars

36 stars

Watchers

15 watching

Forks

6 forks
Report repository

Releases 3

v1.2.4 Latest
Jul 24, 2023
+ 2 releases

Packages

No packages published

Contributors 5

Languages