Python API client for Cortex.
Project description
Cortex4py
Cortex4py is a Python API client for Cortex, a powerful observable analysis engine where observables such as IP and email addresses, URLs, domain names, files or hashes can be analyzed one by one using a Web interface.
Cortex4py allows analysts to automate these operations and submit observables in bulk mode through the Cortex REST API from alternative SIRP platforms, custom scripts or MISP.
Caution - WIP
Cortex4py is considered work in progress. It is considered beta software though we are using it on a regular basis for the use case outlined above. It should be sufficient in most situations where you need to interact with Cortex’s REST API. If not, please feel free to contribute and submit pull requests or request missing features if you are not comfortable with Python.
Use It
On macOS and Linux, type:
sudo pip install cortex4py
Following is an example of a python script that runs an analysis using MaxMind analyzer
import sys
import json
from cortex4py.api import CortexApi
from cortex4py.api import CortexException
api = CortexApi('http://127.0.0.1:9000')
# Run analysis
job_id = None
try:
response = api.run_analyzer("MaxMind_GeoIP_3_0", "ip", 1, "8.8.8.8")
job_id = response["id"]
except CortexException as ex:
print('[ERROR]: Failed to run analyzer: {}'.format(ex.message))
sys.exit(0)
# Get the job report
try:
response = api.get_job_report(job_id, '30s')
print(json.dumps(response, indent=4, sort_keys=True))
except CortexException as ex:
print('[ERROR]: Failed to get job report'.format(ex.message))
sys.exit(0)If you are using Python on a Windows operating system, please forgo the sudo command.
License
Cortex4py is an open source and free software released under the AGPL (Affero General Public License). We, TheHive Project, are committed to ensure that Cortex4py will remain a free and open source project on the long-run.
Updates
Information, news and updates are regularly posted on TheHive Project Twitter account and on the blog.
Contributing
We welcome your contributions. Please feel free to fork the code, play with it, make some patches and send us pull requests using issues.
We do have a Code of conduct. Make sure to check it out before contributing.
Support
Please open an issue on GitHub if you’d like to report a bug or request a feature. We are also available on Gitter to help you out.
If you need to contact the project team, send an email to support@thehive-project.org.
Community Discussions
We have set up a Google forum at https://groups.google.com/a/thehive-project.org/d/forum/users. To request access, you need a Google account. You may create one using a Gmail address or without one.
Website
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
Built Distribution
Hashes for cortex4py-1.0.0-py2.py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 0f39f7b64994ec29defeb3c31db321c5cfaff73924481c0786c854606c8d3289 |
|
| MD5 | 83373f8f8101623cee97f25502c536b4 |
|
| BLAKE2b-256 | dcdddac1a05f0c8cc230bc74258eb95b5edf2add5cf6447a3a94b8ffa39c89f9 |
