Skip to main content
Donate to the Python Software Foundation or Purchase a PyCharm License to Benefit the PSF! Donate Now

No project description provided

Project description

1 Introduction

This release provides access to the corresponding functionality through both public API_KEY and private API_KEY.

The public API_KEY can access the file detection function of the cloud sandbox. You need to register for a ThreatBook online account and view your API Key through the Personal Center, which will be used for all your API operations without submitting via the web, uploading the file/URL for analysis and extracting the completed analysis. Report data. The ThreatBook Online Sandbox API is a free service available for free websites and programs. Please do not use the API for any commercial product or service, as an alternative to an anti-virus product, or for any project that may directly or indirectly damage the anti-virus industry.

The private API_KEY provides an easy way to invoke data from the Threat Analytics Platform database and its detection and analysis capabilities from any client. It includes the following functions: file digital signature identification, new registered domain query, email registration information query, domain analysis, IOC detection, IP analysis, IP reputation query, etc. As our business customer or partner, we will deliver your corresponding apikey by mail.

2 Installation

$ pip install threatbook_API
Once you have successfully installed the package, you can use it by

importing it. The following example shows how to get the current whois information for a domain:

from threatbook_API.domain_analysis_query import DomainAnalysis

# create an instance object
test = DomainAnalysis('your private api_key')

# Get the current whois information of the domain
info = test.get_cur_whois('domain to be queried  ')

3 Features

1. Structure

├── README.rst
└── threatbook_api
    └── example

2. Function

  • This module provides the IP address corresponding to the domain name, the IP address related geographical location information, the current Whois information, the threat type, the related attack gang or security event information.
  • module provides a list of domain names registered with an email based on email. See the documentation for details.
  • module provides the following features:
    1 Upload the file you want to analyze. 2 Get a detailed report or a specified report of the uploaded file. 3 Get the digital signature information of the file.
  • module provides a judgment based on the domain name or IP whether it has threat information such as C2.
  • module provides geographic location information related to IP addresses, bound domain name information, threat types, related attack gangs or security event information, and so on.
  • module provides real-time access to IP information and portrait information based on IP, and obtains basic IP attribute information such as IDC host, dynamic IP, downtime, VPN, proxy IP, and so on.
  • example:Some examples for easier use.

For more detailed information, please see the corresponding documentation for each module.

4 Problem Description

This SDK uses the python 3.x version by default. If you need to use python 2.x version, Chinese may not display the problem properly. To solve this problem, please refer to this link:

5 Code License

The MIT License (MIT).

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Filename, size & hash SHA256 hash help File type Python version Upload date
threatbook_api-0.1.7.tar.gz (9.9 kB) Copy SHA256 hash SHA256 Source None

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN SignalFx SignalFx Supporter DigiCert DigiCert EV certificate StatusPage StatusPage Status page