Set of clients to interface with various VMware products
Project description
Threat Analysis Unit Clients
Overview
Threat Analysis Unit Clients (shortened as tau-clients
) is a set of clients that can be used
to programmatically interface with various VMware products and/or external services or
resources, with a focus on threat analysis and intelligence collection.
Try it out
Notes
- A client might require a specific and valid license; for example, both
PortalClient
andAnalysisClient
require a valid NSX Defender license. - Support and bug reports are exclusively handled via GitHub.
- A fully supported commercial implementation of
AnalysisClient
is available here: https://analysis.lastline.com/analysis/api-docs/html/analysis_client.html
Build & Run
This package can be installed via pip, just run pip install tau-clients
or pip install -e .
To run a simple example just create a valid configuration file using data/tau_clients.ini.template
.
import configparser
from tau_clients import nsx_defender
conf = configparser.ConfigParser()
conf.read("./data/tau_clients.ini")
portal_client = nsx_defender.PortalClient.from_conf(conf, "portal")
result = portal_client.get_tasks_from_knowledgebase(
query_string="file_sha1: 'ba81b98f00168b86578e5f5de93d26ed83769432'",
)
Scripts
This package includes the following console scripts ready to be used (assuming a valid configuration file is also provided):
download_artifacts.py
: download all the available analysis artifacts given a file has or task uuid.submit_samples.py
: submit the samples contained in the provided directory; if a file hash is provided download the sample from VirusTotal.
Contributing
The tau-clients project team welcomes contributions from the community. Before you start working with tau-clients, please read our Developer Certificate of Origin. All contributions to this repository must be signed as described on that page. Your signature certifies that you wrote the patch or have the right to pass it on as an open-source patch. For more detailed information, refer to CONTRIBUTING.md.
Development
Create the virtual env:
python3 -m venv venv
Activate the virtual env:
source ./venv/bin/activate
Install tox
:
pip install tox
Run tests:
tox
Due to a bug in tox
if you update the dependencies in setup.cfg
the environments will not be
re-created, leading to errors when running the tests
(see https://github.com/tox-dev/tox/issues/93).
As workaround, pass the --recreate
flag after updating the dependencies.
Before committing, install the package in dev mode (needed by pylint
):
pip install -e .
Install pylint
and pre-commit
:
pip install pylint pre-commit
Install the hook:
pre-commit install
If you want to run pre-commit on all files use the following command:
pre-commit run --all-files
License
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file tau_clients-0.3.3.tar.gz
.
File metadata
- Download URL: tau_clients-0.3.3.tar.gz
- Upload date:
- Size: 38.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.1 CPython/3.9.20
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | d329a1bb6881e687f2596deff685b4b9372fe42929a26c60c1088f5e7b82f741 |
|
MD5 | ca0e2640ad8fd5026b40d7c41c8eb917 |
|
BLAKE2b-256 | d240e8e89ef79f316111315fdaf52e8f01db7e90538298c3435898462f786c8e |
File details
Details for the file tau_clients-0.3.3-py3-none-any.whl
.
File metadata
- Download URL: tau_clients-0.3.3-py3-none-any.whl
- Upload date:
- Size: 32.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.1 CPython/3.9.20
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 49f34c0b586a28cc5627f3b90f5bfe9c1ab59a12e76c745894c4489b03651891 |
|
MD5 | 7312b9fbfdc604394fe61284cda411b6 |
|
BLAKE2b-256 | d34cc8f01cdbd8e35bd2717becff74aa72b90d63dc18d5988c146ba6b40ad95d |