A command-line client to interact with the MalwareBazaar API
Project description
Malware Bazaar Client
This is bwbzcl, a Python-based client for the bazaar.abuse.ch API.
Installation
The most recent release is available on the Python Package Index (PyPI):
pip install mwbzcl
This will also create an executable called mwbzcl in the bin directory.
Example Usage
After setting the environment variable MALWARE_BAZAAR_API_KEY to the value from your bazaar.abuse.ch profile, a
typical session might look like the following:
$ mwbzcl --json signature AgentTesla | jq -r "select(.tags[] | contains ("""exe""")) | .sha256"
1f71b476b9450a59fc8b76f1c3e0ddb8eab1dcd34a0cb451b1d1d2f1aa882ab2
a349d5cf195bf2126c239760539077607db536a57529957577b93ef58a44daf6
24c871a763e208ba82f7ce7df48fea42c962214954181dc72f17c9112cc74c5e
8d4cb50c1044910b9464e20dc05f2e61643cce2898348a0ede91330736a831df
5eb9b4d6d7e12e2b605adb64d332ec0ef196520106ee561a99b528c7f82f49ef
d69aa1932b2e702e5065ee19da9fc9cf2b05e7dbaa617141b14eaa501a14955e
$ mwbzcl download 1f71b476b9450a59fc8b76f1c3e0ddb8eab1dcd34a0cb451b1d1d2f1aa882ab2
[INFO] Downloaded 1 file(s), 0 skipped.
Development
I recommend creating a virtual environment to set up a local development environment:
python -m venv C:\path\to\venv
C:\path\to\venv\Scripts\activate.bat
pip install -r requirements.txt
SET PYTHONPATH=C:\path\to\repository\
Now you can call client.py as you would otherwise call mwbzcl.
Changelog
2023-05-13 - Version 1.0.6
- Allow to pass MD5 and SHA1 hashes for downloads:
$ mwbzcl download eb8d50fd5a3afa04fe7fb476f2df9e99 b915056524f1b25937074727cdf5f87c
[WARNING] Argument "eb8d50fd5a3afa04fe7fb476f2df9e99" not a valid SHA256 hash...
[WARNING] Translated to "3a60658cdbf960c135f07bd06d36124b5926b85c59a9c01948976b199e3959f8".
[WARNING] Argument "b915056524f1b25937074727cdf5f87c" not a valid SHA256 hash...
[ERROR] Query status of "hash_not_found"
[INFO] Downloaded 1 file(s), 0 skipped.
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file mwbzcl-1.0.6.tar.gz.
File metadata
- Download URL: mwbzcl-1.0.6.tar.gz
- Upload date:
- Size: 5.6 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.7.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
f56314d8ff21eff6d35965525dac9ea315d3083bc1d3c0716f9a64eef909eecf
|
|
| MD5 |
fb801d83920bcfd663c3e4fc5727f256
|
|
| BLAKE2b-256 |
90919befef9366b98d15ac47da56e1e0c04fb0c22a4c1db3a87a646d3cd54e86
|
File details
Details for the file mwbzcl-1.0.6-py3-none-any.whl.
File metadata
- Download URL: mwbzcl-1.0.6-py3-none-any.whl
- Upload date:
- Size: 6.2 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.7.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
0e1870fa07591f3ce734f9db3b8d994ad1a70a050922efc6aa0860efd86afb61
|
|
| MD5 |
4646ca6fb31d9d53bd01f19f0c4af1ab
|
|
| BLAKE2b-256 |
fa22406f158d867f376d49b71d5ca729b3b4dde8d8693aa450ef21991d9cb57a
|
