forked from intelowlproject/IntelOwl
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
author David Mihajlovic <david.mihajlovic@protonmail.com> 1716908101 +0200 committer David Mihajlovic <david.mihajlovic@protonmail.com> 1717135119 +0200 add traefik config and options for dev and prod working config with traefik finish traefik config prod/dev add documentation Vulners#1257 (intelowlproject#2340) * vulners * vulners wrapper * docs * lesser variables * migrations * code quality * migration * code --------- Co-authored-by: g4ze <bhaiyajionline@gmail.com> bump 6.0.3 updated docs Bump django-ses from 4.0.0 to 4.1.0 in /requirements (intelowlproject#2342) Bumps [django-ses](https://github.com/django-ses/django-ses) from 4.0.0 to 4.1.0. - [Release notes](https://github.com/django-ses/django-ses/releases) - [Changelog](https://github.com/django-ses/django-ses/blob/main/CHANGES.md) - [Commits](django-ses/django-ses@v4.0.0...v4.1.0) --- updated-dependencies: - dependency-name: django-ses dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> rework prod/local traefik and add deletion of get-docker.sh split traefik compose into base, prod and local get-docker.sh deletion without sudo change traefik compose naming
- Loading branch information
Showing
16 changed files
with
453 additions
and
51 deletions.
There are no files selected for viewing
235 changes: 235 additions & 0 deletions
235
api_app/analyzers_manager/migrations/0091_analyzer_config_vulners.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,235 @@ | ||
| from django.db import migrations | ||
| from django.db.models.fields.related_descriptors import ( | ||
| ForwardManyToOneDescriptor, | ||
| ForwardOneToOneDescriptor, | ||
| ManyToManyDescriptor, | ||
| ) | ||
|
|
||
| plugin = { | ||
| "python_module": { | ||
| "health_check_schedule": { | ||
| "minute": "0", | ||
| "hour": "0", | ||
| "day_of_week": "*", | ||
| "day_of_month": "*", | ||
| "month_of_year": "*", | ||
| }, | ||
| "update_schedule": None, | ||
| "module": "vulners.Vulners", | ||
| "base_path": "api_app.analyzers_manager.observable_analyzers", | ||
| }, | ||
| "name": "Vulners", | ||
| "description": "[Vulners](vulners.com) is the most complete and the only fully correlated security intelligence database, which goes through constant updates and links 200+ data sources in a unified machine-readable format. It contains 8 mln+ entries, including CVEs, advisories, exploits, and IoCs — everything you need to stay abreast on the latest security threats.", | ||
| "disabled": False, | ||
| "soft_time_limit": 60, | ||
| "routing_key": "default", | ||
| "health_check_status": True, | ||
| "type": "observable", | ||
| "docker_based": False, | ||
| "maximum_tlp": "AMBER", | ||
| "observable_supported": ["generic"], | ||
| "supported_filetypes": [], | ||
| "run_hash": False, | ||
| "run_hash_type": "", | ||
| "not_supported_filetypes": [], | ||
| "model": "analyzers_manager.AnalyzerConfig", | ||
| } | ||
|
|
||
| params = [ | ||
| { | ||
| "python_module": { | ||
| "module": "vulners.Vulners", | ||
| "base_path": "api_app.analyzers_manager.observable_analyzers", | ||
| }, | ||
| "name": "score_AI", | ||
| "type": "bool", | ||
| "description": "Score any vulnerability with Vulners AI.\r\nDefault: False", | ||
| "is_secret": False, | ||
| "required": False, | ||
| }, | ||
| { | ||
| "python_module": { | ||
| "module": "vulners.Vulners", | ||
| "base_path": "api_app.analyzers_manager.observable_analyzers", | ||
| }, | ||
| "name": "api_key_name", | ||
| "type": "str", | ||
| "description": "api key for vulners", | ||
| "is_secret": True, | ||
| "required": True, | ||
| }, | ||
| { | ||
| "python_module": { | ||
| "module": "vulners.Vulners", | ||
| "base_path": "api_app.analyzers_manager.observable_analyzers", | ||
| }, | ||
| "name": "skip", | ||
| "type": "int", | ||
| "description": "skip parameter for vulners analyzer", | ||
| "is_secret": False, | ||
| "required": False, | ||
| }, | ||
| { | ||
| "python_module": { | ||
| "module": "vulners.Vulners", | ||
| "base_path": "api_app.analyzers_manager.observable_analyzers", | ||
| }, | ||
| "name": "size", | ||
| "type": "int", | ||
| "description": "size parameter for vulners analyzer", | ||
| "is_secret": False, | ||
| "required": False, | ||
| }, | ||
| ] | ||
|
|
||
| values = [ | ||
| { | ||
| "parameter": { | ||
| "python_module": { | ||
| "module": "vulners.Vulners", | ||
| "base_path": "api_app.analyzers_manager.observable_analyzers", | ||
| }, | ||
| "name": "score_AI", | ||
| "type": "bool", | ||
| "description": "Score any vulnerability with Vulners AI.\r\nDefault: False", | ||
| "is_secret": False, | ||
| "required": False, | ||
| }, | ||
| "analyzer_config": "Vulners", | ||
| "connector_config": None, | ||
| "visualizer_config": None, | ||
| "ingestor_config": None, | ||
| "pivot_config": None, | ||
| "for_organization": False, | ||
| "value": False, | ||
| "updated_at": "2024-05-22T18:49:52.056060Z", | ||
| "owner": None, | ||
| }, | ||
| { | ||
| "parameter": { | ||
| "python_module": { | ||
| "module": "vulners.Vulners", | ||
| "base_path": "api_app.analyzers_manager.observable_analyzers", | ||
| }, | ||
| "name": "skip", | ||
| "type": "int", | ||
| "description": "skip parameter for vulners analyzer", | ||
| "is_secret": False, | ||
| "required": False, | ||
| }, | ||
| "analyzer_config": "Vulners", | ||
| "connector_config": None, | ||
| "visualizer_config": None, | ||
| "ingestor_config": None, | ||
| "pivot_config": None, | ||
| "for_organization": False, | ||
| "value": 0, | ||
| "updated_at": "2024-05-23T06:45:24.105426Z", | ||
| "owner": None, | ||
| }, | ||
| { | ||
| "parameter": { | ||
| "python_module": { | ||
| "module": "vulners.Vulners", | ||
| "base_path": "api_app.analyzers_manager.observable_analyzers", | ||
| }, | ||
| "name": "size", | ||
| "type": "int", | ||
| "description": "size parameter for vulners analyzer", | ||
| "is_secret": False, | ||
| "required": False, | ||
| }, | ||
| "analyzer_config": "Vulners", | ||
| "connector_config": None, | ||
| "visualizer_config": None, | ||
| "ingestor_config": None, | ||
| "pivot_config": None, | ||
| "for_organization": False, | ||
| "value": 5, | ||
| "updated_at": "2024-05-23T06:45:24.109831Z", | ||
| "owner": None, | ||
| }, | ||
| ] | ||
|
|
||
|
|
||
| def _get_real_obj(Model, field, value): | ||
| def _get_obj(Model, other_model, value): | ||
| if isinstance(value, dict): | ||
| real_vals = {} | ||
| for key, real_val in value.items(): | ||
| real_vals[key] = _get_real_obj(other_model, key, real_val) | ||
| value = other_model.objects.get_or_create(**real_vals)[0] | ||
| # it is just the primary key serialized | ||
| else: | ||
| if isinstance(value, int): | ||
| if Model.__name__ == "PluginConfig": | ||
| value = other_model.objects.get(name=plugin["name"]) | ||
| else: | ||
| value = other_model.objects.get(pk=value) | ||
| else: | ||
| value = other_model.objects.get(name=value) | ||
| return value | ||
|
|
||
| if ( | ||
| type(getattr(Model, field)) | ||
| in [ForwardManyToOneDescriptor, ForwardOneToOneDescriptor] | ||
| and value | ||
| ): | ||
| other_model = getattr(Model, field).get_queryset().model | ||
| value = _get_obj(Model, other_model, value) | ||
| elif type(getattr(Model, field)) in [ManyToManyDescriptor] and value: | ||
| other_model = getattr(Model, field).rel.model | ||
| value = [_get_obj(Model, other_model, val) for val in value] | ||
| return value | ||
|
|
||
|
|
||
| def _create_object(Model, data): | ||
| mtm, no_mtm = {}, {} | ||
| for field, value in data.items(): | ||
| value = _get_real_obj(Model, field, value) | ||
| if type(getattr(Model, field)) is ManyToManyDescriptor: | ||
| mtm[field] = value | ||
| else: | ||
| no_mtm[field] = value | ||
| try: | ||
| o = Model.objects.get(**no_mtm) | ||
| except Model.DoesNotExist: | ||
| o = Model(**no_mtm) | ||
| o.full_clean() | ||
| o.save() | ||
| for field, value in mtm.items(): | ||
| attribute = getattr(o, field) | ||
| if value is not None: | ||
| attribute.set(value) | ||
| return False | ||
| return True | ||
|
|
||
|
|
||
| def migrate(apps, schema_editor): | ||
| Parameter = apps.get_model("api_app", "Parameter") | ||
| PluginConfig = apps.get_model("api_app", "PluginConfig") | ||
| python_path = plugin.pop("model") | ||
| Model = apps.get_model(*python_path.split(".")) | ||
| if not Model.objects.filter(name=plugin["name"]).exists(): | ||
| exists = _create_object(Model, plugin) | ||
| if not exists: | ||
| for param in params: | ||
| _create_object(Parameter, param) | ||
| for value in values: | ||
| _create_object(PluginConfig, value) | ||
|
|
||
|
|
||
| def reverse_migrate(apps, schema_editor): | ||
| python_path = plugin.pop("model") | ||
| Model = apps.get_model(*python_path.split(".")) | ||
| Model.objects.get(name=plugin["name"]).delete() | ||
|
|
||
|
|
||
| class Migration(migrations.Migration): | ||
| atomic = False | ||
| dependencies = [ | ||
| ("api_app", "0062_alter_parameter_python_module"), | ||
| ("analyzers_manager", "0090_analyzer_config_cycat"), | ||
| ] | ||
|
|
||
| operations = [migrations.RunPython(migrate, reverse_migrate)] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,65 @@ | ||
| import logging | ||
|
|
||
| import requests | ||
|
|
||
| from api_app.analyzers_manager import classes | ||
| from tests.mock_utils import MockUpResponse, if_mock_connections, patch | ||
|
|
||
| logger = logging.getLogger(__name__) | ||
|
|
||
|
|
||
| class Vulners(classes.ObservableAnalyzer): | ||
| """ | ||
| This analyzer is a wrapper for the vulners project. | ||
| """ | ||
|
|
||
| score_AI: bool = False | ||
| skip: int = 0 | ||
| size: int = 5 | ||
| _api_key_name: str | ||
| url = "https://vulners.com/api/v3" | ||
|
|
||
| def search_ai(self): | ||
| return requests.post( | ||
| url=self.url + "/ai/scoretext/", | ||
| headers={"Content-Type": "application/json"}, | ||
| json={"text": self.observable_name, "apiKey": self._api_key_name}, | ||
| ) | ||
|
|
||
| def search_databse(self): | ||
| return requests.post( | ||
| url=self.url + "/search/lucene", | ||
| headers={"Content-Type": "application/json"}, | ||
| json={ | ||
| "query": self.observable_name, | ||
| "skip": self.size, | ||
| "size": self.skip, | ||
| "apiKey": self._api_key_name, | ||
| }, | ||
| ) | ||
|
|
||
| def run(self): | ||
| response = None | ||
| if self.score_AI: | ||
| response = self.search_ai() | ||
| else: | ||
| response = self.search_databse() | ||
| response.raise_for_status() | ||
| return response.json() | ||
|
|
||
| # this is a framework implication | ||
| def update(self) -> bool: | ||
| pass | ||
|
|
||
| @classmethod | ||
| def _monkeypatch(cls): | ||
| response = {"result": "OK", "data": {"score": [6.5, "NONE"]}} | ||
| patches = [ | ||
| if_mock_connections( | ||
| patch( | ||
| "requests.post", | ||
| return_value=MockUpResponse(response, 200), | ||
| ), | ||
| ) | ||
| ] | ||
| return super()._monkeypatch(patches=patches) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,6 +1,6 @@ | ||
| ### DO NOT CHANGE THIS VALUE !! | ||
| ### It should be updated only when you pull latest changes off from the 'master' branch of IntelOwl. | ||
| # this variable must start with "REACT_APP_" to be used in the frontend too | ||
| REACT_APP_INTELOWL_VERSION="v6.0.2" | ||
| REACT_APP_INTELOWL_VERSION="v6.0.3" | ||
| # if you want to use a nfs volume for shared files | ||
| # NFS_ADDRESS= |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,4 @@ | ||
| services: | ||
| nginx: | ||
| ports: | ||
| - "80:80" |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,15 @@ | ||
| services: | ||
| traefik: | ||
| image: "traefik:3.0" | ||
| labels: | ||
| - "traefik.enable=true" | ||
|
|
||
| nginx: | ||
| depends_on: | ||
| - traefik | ||
| labels: | ||
| - "traefik.enable=true" | ||
| - "traefik.http.services.nginx.loadbalancer.server.port=80" | ||
| expose: | ||
| - "80" | ||
|
|
Oops, something went wrong.