junv / safebrowsing

Python Module: Google Safe Browsing Lookup v4
11 stars 5 forks source link

Better Script for Getting Clean Output Regarding your Queries #1

Open TheSecMaven opened 7 years ago

TheSecMaven commented 7 years ago

I am using this Repo in my work. Only problem I had was that the output of your test script within readme is unreadable to those who are using this. I cleaned up the output in a way that is useful.

Not a big deal but still an improvement. Also this will let you query using a URL provided as a command line argument, making it easier to use.

Hoping this can be added to the repo as the query script in some form or fashion! Thanks so much, have a great day.


import safebrowsing 
import sys
apikey = 'YOUR_API_KEY'
sb = safebrowsing.LookupAPI(apikey)
resp = sb.threat_matches_find(str(sys.argv[1]))
if(resp == {}):
    print "Site Status: Clean"
else:
    print "Url: " + resp['matches'][0]['threat']['url']
    print "Threat Category: " + resp['matches'][0]['threatType']
    print "Platform Category: " + resp['matches'][0]['platformType']
                                                                        `
npormambi commented 7 years ago

I am using ubuntu 14 and python 2.7 i tried with same code but i m getting below error ImportError : No module named safebrowsing

TheSecMaven commented 7 years ago

@npormambi You will have to run the script with the safebrowsing.py file in the same working directory as this script.

The safebrowsing.py file I am referring to is the safebrowsing.py located in the main branch of this repository. The source code for this file to which I am referring to can be found here: https://github.com/junv/safebrowsing/blob/master/safebrowsing.py

This repository is not a library that can be installed currently, which is likely what produced that error.

You could add that script to your path which would allow you to do what you seem to want but that is slightly more complicated.

If you start the python script with

import sys
sys.path.append("/home/me/mypy")

where the path is the same path that the safebrowsing.py file exists, then this would work. Attached below is full script that you would use if you wanted to do that. Simply change the path to the path your file is located.


import sys
sys.path.append("/home/me/mypy")
import safebrowsing 
import sys
apikey = 'YOUR_API_KEY'
sb = safebrowsing.LookupAPI(apikey)
resp = sb.threat_matches_find(str(sys.argv[1]))
if(resp == {}):
    print "Site Status: Clean"
else:
    print "Url: " + resp['matches'][0]['threat']['url']
    print "Threat Category: " + resp['matches'][0]['threatType']
    print "Platform Category: " + resp['matches'][0]['platformType']
                                                                        `
npormambi commented 7 years ago

@mkkeffeler I have installed Google-api-python client with the command mentioned on the site https://developers.google.com/api-client-library/python/apis/safebrowsing/v4

but if i do

locate safebrowsing.py

i dnt get anything Just wanted to know from where I will get this safebrowsing.py file

Thanks

TheSecMaven commented 7 years ago

@npormambi I apologize. I should have been more clear.

The safebrowsing.py file I am talking about comes from the repository that this issue is attached to. You can see the exact sourcecode of the file I am referencing here: https://github.com/junv/safebrowsing/blob/master/safebrowsing.py

I will edit my previous comment to reflect this clarification.

npormambi commented 7 years ago

@mkkeffeler Thanks it worked :) @junv Nice......

Deniece-long commented 7 years ago

I had executed safebrowsing.py. the sentence is resp = sb.threat_matches_find('ihaveaproblem.info'). so the results show {u'matches': [{u'threatType': u'SOCIAL_ENGINEERING', u'threatEntryType': u'URL', u'platformType': u'ANY_PLATFORM', u'threat': {u'url': u'ihaveaproblem.info'}, u'cacheDuration': u'300s'}]}.I want to know the detection urls where i'm write. and the malicious urls produce error infromation where seeing.

TheSecMaven commented 7 years ago

@LongTingyan I apologize but I cannot clearly follow your comment.

It looks like you successfully garnered a response from the Google Safebrowsing API, correct?

I do not understand what you mean by "I want to know the detection urls where i'm write". This doesn't have any logical coherence to it and I am thus unable to answer any questions that you may have.

Please clarify and get back to me. Thanks!