Skip to content
Official client for ONYPHE API access
Perl Other
  1. Perl 98.5%
  2. Other 1.5%
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.

Files

Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
bin
lib/Metabrik
t
Build.PL
Changes
LICENSE
MANIFEST
META.json
META.yml
Makefile.PL
README

README

Metabrik::Client::Onyphe
========================

   Official client to access the ONYPHE API.

   To know more: https://www.onyphe.io/

INSTALLATION

  A/ Install all dependencies (Ubuntu/Debian/Kali systems)

  $ sudo apt-get install -y build-essential less cpanminus libreadline-dev \
     coreutils libexpat1-dev phantomjs bsdutils libssl-dev libxml2-dev \
     procps aptitude

  B/ Install Metabrik and its Repository

  $ sudo cpanm -n Metabrik Metabrik::Repository

  C/ Install this module

  $ git clone https://github.com/onyphe/client onyphe
  $ cd onyphe
  $ perl Makefile.PL
  $ make
  $ make test
  $ sudo make install

  D/ Install api::onyphe Brik

  $ sudo perl -MMetabrik::Core::Context -e \
     'Metabrik::Core::Context->new_brik_run("brik::tool", "install", \
     "api::onyphe")'

  E/ Set your API key in the configuration file

  $ echo '<APIKEY>' > ~/.onyphe_rc

  F/ Enjoy

  $ onyphe

EXAMPLES

  # Query your user profile to get your remaining credits
  $ onyphe -simple user -fields credits

  # Or full profile information
  $ onyphe -simple user

  #
  # Query the simple API
  # See https://www.onyphe.io/documentation/api for more APIs
  #

  # Search reverse DNS information
  $ onyphe -simple reverse -value 8.8.8.8

  # Search data from free text and remove data field
  $ onyphe -simple datascan -value 'WD My Cloud' -fields -data

  # Get a summary of information from an IP address and remove data field
  $ onyphe -simple ip -value 8.8.8.8 -fields -data

  #
  # Query the search API (need subscription, see https://www.onyphe.io/pricing)
  # See https://www.onyphe.io/documentation/api for more APIs
  #

  # Search for some NGINX products and encode data field as Base64
  $ onyphe -search 'category:datascan product:NGINX' -encode data

  # Just display useful information to you
  $ onyphe -search 'category:datascan product:NGINX' \
     -fields ip,port,tls,product,productversion,cpe

  # Or remove unwanted fields
  $ onyphe -search 'category:datascan product:NGINX' -fields -data

  # Autoscroll through all results
  # !!! WARNING: may consume up to 1,000 credits
  $ onyphe -search 'category:datascan product:NGINX' \
     -fields ip,port,tls,product,productversion,cpe -autoscroll 1

  # Autoscroll feature but limit the number of pages to scroll
  $ onyphe -search 'category:datascan product:NGINX' \
     -fields ip,port,tls,product,productversion,cpe -autoscroll 1 -maxpage 10

  # Save Mirai threatlist information from yesterday results as CSV output
  $ onyphe -search 'category:threatlist threatlist:"ONYPHE - botnet/mirai" -dayago:1' \
     -fields subnet,tag -autoscroll 1 -verbose 0 -output csv > mirai.csv

  # Execute a where clause to return results that match criterias from another query
  # Here, we want to find modbus devices which also have a Web interface.
  # !!! WARNING: may consume up to 11,000 credits.
  $ onyphe -autoscroll 1 -fields ip,port,protocol,datamd5 \
       -search 'category:datascan protocol:modbus -dayago:1 \
     | -where category:datascan protocol:http ip:$ip'

COPYRIGHT AND LICENSE

   Copyright (c) 2018-2019, ONYPHE

   You may distribute this module under the terms of The BSD 3-Clause License.
   See LICENSE file in the source distribution archive.

You can’t perform that action at this time.