search

InQuest / ThreatIngestor

Extract and aggregate threat intelligence.
https://inquest.readthedocs.io/projects/threatingestor/
GNU General Public License v2.0
831 stars 135 forks source link

Ingestion support for Gist streams. #88

Closed pedramamini closed 2 years ago

pedramamini commented 4 years ago

For example:

https://gist.github.com/silence-is-best

battleoverflow commented 2 years ago

Not a perfect solution, but we now have ingestion support for GitHub gist streams by username. Unfortunately, the API for gists does not offer queries (that I could find), so I found a workaround. Instead of searching for queries, we can use usernames. It shouldn't be too difficult to use something like BS4 as an example or a custom request (q=), but this is the quickest method for obtaining gists via the API.

These changes are already merged into develop if you're interested in viewing the changes.

Here's an example of the new config.yml file:

credentials:
  - name: github-auth
    username: USERNAME
    token: TOKEN

sources:
  - name: source-name
    credentials: github-auth
    module: github_gist
    user: GitHubUsername