intelmq.bots.parsers.openphish package¶
Submodules¶
intelmq.bots.parsers.openphish.parser module¶
-
intelmq.bots.parsers.openphish.parser.
BOT
¶ alias of
intelmq.bots.parsers.openphish.parser.OpenPhishParserBot
-
class
intelmq.bots.parsers.openphish.parser.
OpenPhishParserBot
(*args, **kwargs)¶ Bases:
intelmq.lib.bot.ParserBot
Parse the OpenPhish feed
-
process
()¶
-
intelmq.bots.parsers.openphish.parser_commercial module¶
-
intelmq.bots.parsers.openphish.parser_commercial.
BOT
¶ alias of
intelmq.bots.parsers.openphish.parser_commercial.OpenPhishCommercialParserBot
-
class
intelmq.bots.parsers.openphish.parser_commercial.
OpenPhishCommercialParserBot
(*args, **kwargs)¶ Bases:
intelmq.lib.bot.ParserBot
Parse the OpenPhish feed
List of source fields: [
‘asn’, ‘asn_name’, ‘brand’, ‘country_code’, ‘country_name’, ‘discover_time’, ‘emails’, ‘family_id’, ‘host’, ‘ip’, ‘isotime’, ‘page_language’, ‘phishing_kit’, ‘screenshot’, ‘sector’, ‘ssl_cert_issued_by’, ‘ssl_cert_issued_to’, ‘ssl_cert_serial’, ‘tld’, ‘url’,]
-
parse
(report: intelmq.lib.message.Report)¶ A JSON Stream parses (one JSON data structure per line)
-
parse_line
(line, report)¶ A generator which can yield one or more messages contained in line.
Report has the full message, thus you can access some metadata. Override for your use.
-
recover_line
(line: dict) → str¶ Reverse of parse for JSON pulses.
Recovers a fully functional report with only the problematic pulse. Using a string as input here is not possible, as the input may span over multiple lines. Output is not identical to the input, but has the same content.
Parameters: line as dict. (The) – Returns: The JSON-encoded line as string. Return type: str
-