Skip to main content

Set of clients to interface with various VMware products

Project description

GitHub tag (latest SemVer) GitHub GitHub issues

Threat Analysis Unit Clients

Overview

Threat Analysis Unit Clients (shortened as tau-clients) is a set of clients that can be used to programmatically interface with various VMware products and/or external services or resources, with a focus on threat analysis and intelligence collection.

Try it out

Notes

Build & Run

This package can be installed via pip, just run pip install tau-clients or pip install -e .

To run a simple example just create a valid configuration file using data/tau_clients.ini.template.

import configparser
from tau_clients import nsx_defender

conf = configparser.ConfigParser()
conf.read("./data/tau_clients.ini")
portal_client = nsx_defender.PortalClient.from_conf(conf, "portal")
result = portal_client.get_tasks_from_knowledgebase(
    query_string="file_sha1: 'ba81b98f00168b86578e5f5de93d26ed83769432'",
)

Scripts

This package includes the following console scripts ready to be used (assuming a valid configuration file is also provided):

  • download_artifacts.py: download all the available analysis artifacts given a file has or task uuid.
  • submit_samples.py: submit the samples contained in the provided directory; if a file hash is provided download the sample from VirusTotal.

Contributing

The tau-clients project team welcomes contributions from the community. Before you start working with tau-clients, please read our Developer Certificate of Origin. All contributions to this repository must be signed as described on that page. Your signature certifies that you wrote the patch or have the right to pass it on as an open-source patch. For more detailed information, refer to CONTRIBUTING.md.

Development

Create the virtual env:

python3 -m venv venv

Activate the virtual env:

source ./venv/bin/activate

Install tox:

pip install tox

Run tests:

tox

Due to a bug in tox if you update the dependencies in setup.cfg the environments will not be re-created, leading to errors when running the tests (see https://github.com/tox-dev/tox/issues/93). As workaround, pass the --recreate flag after updating the dependencies.

Before committing, install the package in dev mode (needed by pylint):

pip install -e .

Install pylint and pre-commit:

pip install pylint pre-commit

Install the hook:

pre-commit install

If you want to run pre-commit on all files use the following command:

pre-commit run --all-files

License

BSD 2-Clause

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

tau_clients-0.3.2.tar.gz (38.1 kB view details)

Uploaded Source

Built Distribution

tau_clients-0.3.2-py3-none-any.whl (32.0 kB view details)

Uploaded Python 3

File details

Details for the file tau_clients-0.3.2.tar.gz.

File metadata

  • Download URL: tau_clients-0.3.2.tar.gz
  • Upload date:
  • Size: 38.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.1.1 CPython/3.9.20

File hashes

Hashes for tau_clients-0.3.2.tar.gz
Algorithm Hash digest
SHA256 78ca37298d334441a85d60d7fb5469227228fbdf49827d9f5b93b5a86a6c3c4c
MD5 cd1ffbde9cd0a8a293697cb588ab5b72
BLAKE2b-256 dad674c8e0a5effcd99443dd6e3c05a8f282f8dc0a2736aa54a07c8fcb027c33

See more details on using hashes here.

File details

Details for the file tau_clients-0.3.2-py3-none-any.whl.

File metadata

  • Download URL: tau_clients-0.3.2-py3-none-any.whl
  • Upload date:
  • Size: 32.0 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.1.1 CPython/3.9.20

File hashes

Hashes for tau_clients-0.3.2-py3-none-any.whl
Algorithm Hash digest
SHA256 68a17578edcc92a1b101b7561657c7f0bea5bc501be699b71b1ead3198cf5372
MD5 00a4b97399da4674242d6b914adc906b
BLAKE2b-256 6e5196caca47afb767ad4d0ae43e78ccbe5c8cc410b470f5ad2bb2f65a58ffaf

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page