Client library for Intezer cloud service
Project description
intezer-analyze
A cross-platform CLI tool which enables analyzing files with Intezer Analyze.
Prerequisites
Python 3.6 and above
Python and pip should be available in your path
Installation
pip install intezer-analyze-cli
Usage
Proxies
The CLI supports proxies. To use a proxy, set the environment variable HTTP_PROXY or HTTPS_PROXY to the proxy address.
Login
To begin using the cli, first you should login with your API key:
intezer-analyze login <api_key>
If you are running the CLI against an on premise deployment, enter the url:
intezer-analyze login <api_key> http://<address>/api
Analyze
Send a file or a directory for analysis in Intezer Analyze.
Usage
intezer-analyze analyze PATH
Parameters
PATH: Path to file or directory to send the files inside for analysis.
Examples:
Send a single file for analysis:
$ intezer-analyze analyze C:\threat.exe
Send all files in directory for analysis:
$ intezer-analyze analyze C:\files-to-analyze
For complete documentation please run intezer-analyze analyze --help
Analyze hashes file
Send a text file with list of hashes
Usage
intezer-analyze analyze-by-list PATH
Parameters
PATH: Path to txt file.
Example
Send txt file with hashes for analysis:
$ intezer-analyze analyze-by-list ~/files/hashes.txt
For complete documentation please run intezer-analyze analyze-by-list --help
Index
Send a file or a directory for indexing
Usage
intezer-analyze index PATH INDEX_AS [FAMILY_NAME]
Parameters
PATH: Path to file or directory to index
INDEX_AS: malicious or trusted
FAMILY_NAME: The family name (optional)
Example
index a single file:
$ intezer-analyze index ~/files/threat.exe.sample malicious family_name
index all files in directory:
$ intezer-analyze index ~/files/files-to-index trusted
For complete documentation please run intezer-analyze index --help
Index hashes file
Send a text file with list of hashes to index
Usage
intezer-analyze index-by-list PATH --index-as=INDEX [FAMILY_NAME]
Parameters
PATH: Path to txt file
--index-as: malicious or trusted
FAMILY_NAME: The family name (optional)
Example
Send a file with hashes and verdict for indexing:
$ intezer-analyze index-by-list ~/files/hashes.txt --index-as=malicious family_name
For complete documentation please run intezer-analyze index-by-list --help
Upload offline endpoint scan
Upload an offline scan created by running the Intezer Endpoint Scanner with '-o' flag
Usage
intezer-analyze upload-endpoint-scan OFFLINE_SCAN_DIRECTORY
Parameters
OFFLINE_SCAN_DIRECTORY: Path to directory with offline endpoint scan results
Examples:
Upload a directory with offline endpoint scan results:
$ intezer-analyze upload-endpoint-scan /home/user/offline_scans/scan_MYPC_2019-01-01_00-00-00
For complete documentation please run intezer-analyze upload-endpoint-scan --help
Upload multiple offline endpoint scans
Upload multiple offline scans created by running the Intezer Endpoint Scanner with '-o' flag
Usage
intezer-analyze upload-endpoint-scans-in-directory OFFLINE_SCANS_ROOT_DIRECTORY
Parameters
OFFLINE_SCANS_ROOT_DIRECTORY: Path to root directory containing offline endpoint scan results
Examples:
Upload a directory with offline endpoint scan results:
$ intezer-analyze upload-endpoint-scans-in-directory /home/user/offline_scans
For complete documentation please run intezer-analyze upload-endpoint-scans-in-directory --help
Upload all subdirectories with .eml files to analyze
Upload a directory with .eml files
Parameter
UPLOAD_EMAILS_IN_DIRECTORY: Path to root directory containing the .eml files
Examples:
$ intezer-analyze upload-emails-in-directory /path/to/emails_root_directory
Troubleshooting
The cli produce a log file named intezer-analyze-cli.log in the current working directory.
To enable console output, set the environment variable INTEZER_DEBUG=1.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file intezer_analyze_cli-1.12.0.tar.gz.
File metadata
- Download URL: intezer_analyze_cli-1.12.0.tar.gz
- Upload date:
- Size: 16.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.9.22
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
09ffbfc378ac1bbb6dba130c4babb9b609d7cc3db4e7f8c9e1053a4029c4e88c
|
|
| MD5 |
a0e7d46fef5dcc86581ca634c76ebb1b
|
|
| BLAKE2b-256 |
062f90c3e16857c7839da450e1e2c2c56518c5b667f04a3b9044d6a9b753b04b
|
File details
Details for the file intezer_analyze_cli-1.12.0-py3-none-any.whl.
File metadata
- Download URL: intezer_analyze_cli-1.12.0-py3-none-any.whl
- Upload date:
- Size: 17.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.9.22
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
921ee2d078ec20ed609ca3c9194af4df9de1fa20fcdec89bde601ff0b59d98eb
|
|
| MD5 |
cb4abde2b865fd96d5abadc58f66bdce
|
|
| BLAKE2b-256 |
0a390553d31330b29c12fdf719d40a47a359cedbb1776a26644919fca5a24ca6
|