This repository has been archived by the owner on Apr 30, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 4
Where do I start
wes edited this page Jun 26, 2018
·
1 revision
IF YOU ARE WORKING ON THE BOX WHERE YOU JUST INSTALLED THE EASY BUTTON- SKIP RE-INSTALLING THE CLIENT AND GO STRAIGHT TO THE EXAMPLES
These integrations assume you have the python SDK successfully installed and a valid ~/.cif.yml config. Installing the python client is as easy as:
$ pip install 'cifsdk>=4.0.0a0'While CSIRT Gadgets DOES NOT ENDORSE ANY of these projects or services, we do our best to help bootstrap community integration. Please feel free to contribute integrations to the wiki!
$ cif --itype ipv4 --limit 5 --format table
+-------+----------+----------------------+----------------------+---------------+-------+----+-------+----------------------------------+------------+-------------+----------------+-----------------------------+---------------+
| tlp | group | lasttime | reporttime | indicator | itype | cc | asn | asn_desc | confidence | description | tags | rdata | provider |
+-------+----------+----------------------+----------------------+---------------+-------+----+-------+----------------------------------+------------+-------------+----------------+-----------------------------+---------------+
| amber | everyone | 2016-02-23T14:58:21Z | 2016-02-23T14:58:21Z | 107.180.51.16 | ipv4 | US | 26496 | AS-26496-GO-DADDY-COM-LLC GoDa.. | 13.996 | | phishing,rdata | lasttimeserc.com | openphish.com |
| amber | everyone | 2016-02-23T14:58:21Z | 2016-02-23T14:58:21Z | 216.69.185.19 | ipv4 | US | 26496 | AS-26496-GO-DADDY-COM-LLC GoDa.. | 13.996 | | phishing,rdata | ns37.domaincontrol.com | openphish.com |
| amber | everyone | 2016-02-23T14:58:22Z | 2016-02-23T14:58:22Z | 107.180.51.16 | ipv4 | US | 26496 | AS-26496-GO-DADDY-COM-LLC GoDa.. | 13.996 | | phishing,rdata | lasttimeserc.com | openphish.com |
| amber | everyone | 2016-02-23T14:58:22Z | 2016-02-23T14:58:22Z | 188.121.58.1 | ipv4 | NL | 26496 | AS-26496-GO-DADDY-COM-LLC GoDa.. | 13.996 | | phishing,rdata | inetsoftwaresolutions.co.uk | openphish.com |
| amber | everyone | 2016-02-23T14:58:22Z | 2016-02-23T14:58:22Z | 216.69.185.19 | ipv4 | US | 26496 | AS-26496-GO-DADDY-COM-LLC GoDa.. | 20.023 | | phishing,rdata | ns37.domaincontrol.com | spamhaus.org |
+-------+----------+----------------------+----------------------+---------------+-------+----+-------+----------------------------------+------------+-------------+----------------+-----------------------------+---------------+$ cif --itype ipv4 --limit 5 --format csv
amber,everyone,2016-02-23T14:58:21Z,2016-02-23T14:58:21Z,107.180.51.16,ipv4,US,26496,AS-26496-GO-DADDY-COM-LLC GoDa..,13.996,,"phishing,rdata",lasttimeserc.com,openphish.com
amber,everyone,2016-02-23T14:58:22Z,2016-02-23T14:58:22Z,107.180.51.16,ipv4,US,26496,AS-26496-GO-DADDY-COM-LLC GoDa..,13.996,,"phishing,rdata",lasttimeserc.com,openphish.com$ cif --itype ipv4 --limit 5 --format csv --fields tlp,group,reported_at,indicator
amber,everyone,2016-02-23T14:58:21Z,107.180.51.16
amber,everyone,2016-02-23T14:58:22Z,107.180.51.16
$ cif --itype ipv4 --limit 5 --format json
[{"geolocation": "33.6119,-111.8906", "protocol": 6, "cc": "US", "rir": "arin", "related": "e7ab7044e21120408423e3aef2e7c09842e53d004e48e053c0bc16fe5383b429", "prefix": "107.180.51.0/24", "timezone": "America/Phoenix", ... }]