Add APIv3 scripts

import_ips.py

@@ -0,0 +1,68 @@
+"""import_ips.py: retrieve and export IP addresses for all domains in a given Detectify team
+
+The API key permissions required by this script are the following:
+- API key version 3
+
+Usage: import_ips.py [-h] -f file key
+"""
+
+
+import argparse
+import csv
+import requests
+import json
+
+
+
+API_ROOT = 'https://api.detectify.com/rest'
+
+def export_to_csv(ips: list, file: str) -> None:
+    """Export all assets from a given Detectify team to csv
+
+    :param all_assets: A list of dictionaries containing asset information
+    :param file: The name of the file to save to
+    """
+    with open(f'{file}', 'w', newline='') as f:
+        writer = csv.writer(f)
+        writer.writerow(['id','ip_address','active','enriched','domain_name','asset_id','team_id','ip_version','first_seen_at','disappeared_at','autonomous-system-name','autonomous-system-domain','autonomous-system-number','geolocation-continent','geolocation-continent_name','geolocation-country','geolocation-country-name']) 
+        for line in ips:
+            writer.writerow([line['id'],line['ip_address'],line['active'],line['enriched'],line['domain_name'],line['asset_id'],line['team_id'],line['ip_version'],line['first_seen_at'],line['disappeared_at'],line['autonomous_system']['name'],line['autonomous_system']['domain'],line['autonomous_system']['number'],line['geolocation']['continent'],line['geolocation']['continent_name'],line['geolocation']['country'],line['geolocation']['country_name']])
+
+
+def get_ips(key):
+    """Get IP addresses from Detectify.
+
+    :param key: A Detectify API key with access to the following permissions:
+        new APIv3 should be enabled
+    :return: A list of all IP addresses
+    """
+    ips_list = []
+    urlpath = f'{API_ROOT}/v3/ips'
+    while True: 
+        r = requests.get(url=urlpath,
+                         headers={'Authorization': key,
+                                  'content-type': 'application/json'})
+        ips_list += r.json()["items"]
+        if "next" in r.json()["pagination"]:
+            urlpath = r.json()["pagination"]["next"]
+        else:
+            return ips_list
+
+def main():
+
+
+    parser = argparse.ArgumentParser(description='Export a list of IP addresses from Detectify')
+    parser.add_argument('key', type=str, help='a valid Detectify API key')
+    parser.add_argument('-f', '--file', type=str, help='save location for exported results in .csv format')
+    args = parser.parse_args()
+    ips = get_ips(args.key)
+    if args.file:
+        export_to_csv(ips, args.file)
+
+    print("Your file is ready!")
+
+
+if __name__ == '__main__':
+    main()
+
+

import_policy_breaches.py

@@ -0,0 +1,73 @@
+"""import_policy_breaches.py: retrieve and export the policy breaches in the attack surface in a given Detectify team
+
+The API key permissions required by this script are the following:
+- API key version 3
+
+Usage: import_policy_breaches.py [-h] -f file key
+"""
+
+import argparse
+import csv
+import requests
+import json
+
+
+
+API_ROOT = 'https://api.detectify.com/rest'
+
+
+def export_to_csv(breaches: list, file: str) -> None:
+    """Export all assets from a given Detectify team to csv
+
+    :param all_assets: A list of dictionaries containing asset information
+    :param file: The name of the file to save to
+    """
+    with open(f'{file}', 'w', newline='') as f:
+        writer = csv.writer(f)
+        writer.writerow(['id','policy_id','policy_name','asset_id','asset_name','severity','active','status','status_updated_at','first_seen_at','disappeared_at']) 
+        for line in breaches:
+            writer.writerow([line['id'],line['policy_id'],line['policy_name'],line['asset_id'],line['asset_name'],line['severity'],line['active'],line['status'],line['status_updated_at'],line['first_seen_at'],line['disappeared_at']])
+
+
+
+def get_policy_breaches(key):
+    """Get policy breaches from Detectify.
+
+    :param key: A Detectify API key with access to the following permissions:
+        new APIv3 should be enabled
+    :return: A list of all policy breaches
+    """
+    policy_breaches_list = []
+    urlpath = f'{API_ROOT}/v3/breaches'
+    while True: 
+        r = requests.get(url=urlpath,
+                         headers={'Authorization': key,
+                                  'content-type': 'application/json'})
+        policy_breaches_list += r.json()["items"]
+        if "next" in r.json()["pagination"]:
+            urlpath = r.json()["pagination"]["next"]
+        else:
+            return policy_breaches_list
+
+
+
+
+def main():
+
+
+    parser = argparse.ArgumentParser(description='Export a list of policy breaches from Detectify')
+    parser.add_argument('key', type=str, help='a valid Detectify API key')
+    parser.add_argument('-f', '--file', type=str, help='save location for exported results in .csv format')
+    args = parser.parse_args()
+    policy_breaches = get_policy_breaches(args.key)
+
+    if args.file:
+        export_to_csv(policy_breaches, args.file)
+
+
+    print("Your file is ready!")
+
+if __name__ == '__main__':
+    main()
+
+

import_ports.py

@@ -0,0 +1,69 @@
+"""import_ports.py: retrieve and export all port information in the attack surface in a given Detectify team
+
+The API key permissions required by this script are the following:
+- API key version 3
+
+Usage: import_ports.py [-h] -f file key
+"""
+
+import argparse
+import csv
+import requests
+import json
+
+
+
+API_ROOT = 'https://api.detectify.com/rest'
+
+
+def export_to_csv(ports: list, file: str) -> None:
+    """Export all assets from a given Detectify team to csv
+
+    :param all_assets: A list of dictionaries containing asset information
+    :param file: The name of the file to save to
+    """
+    with open(f'{file}', 'w', newline='') as f:
+        writer = csv.writer(f)
+        writer.writerow(['id','team_id','asset_id','domain_name','ip_address','port','status','first_seen_at','disappeared_at']) 
+        for line in ports:
+            writer.writerow([line['id'],line['team_id'],line['asset_id'],line['domain_name'],line['ip_address'],line['port'],line['status'],line['first_seen_at'],line['disappeared_at']])
+
+
+
+
+def get_ports(key):
+    """Get ports from Detectify.
+
+    :param key: A Detectify API key with access to the following permissions:
+        new APIv3 should be enabled
+    :return: A list of all ports
+    """
+    ports_list = []
+    urlpath = f'{API_ROOT}/v3/ports'
+    while True: 
+        r = requests.get(url=urlpath,
+                         headers={'Authorization': key,
+                                  'content-type': 'application/json'})
+        ports_list += r.json()["items"]
+        if "next" in r.json()["pagination"]:
+            urlpath = r.json()["pagination"]["next"]
+        else:
+            return ports_list
+
+def main():
+
+
+    parser = argparse.ArgumentParser(description='Export a list of ports from Detectify')
+    parser.add_argument('key', type=str, help='a valid Detectify API key')
+    parser.add_argument('-f', '--file', type=str, help='save location for exported results in .csv format')
+    args = parser.parse_args()
+    ports = get_ports(args.key)
+    if args.file:
+        export_to_csv(ports, args.file)
+    print("Your file is ready!")
+
+
+if __name__ == '__main__':
+    main()
+
+

import_technologies.py

@@ -0,0 +1,70 @@
+"""import_technologies.py: retrieve and export the Surface Monitoring settings for all domains in a given Detectify team
+
+The API key permissions required by this script are the following:
+- API key version 3
+
+Usage: import_technologies.py [-h] key
+"""
+
+import argparse
+import csv
+import requests
+import json
+
+
+
+API_ROOT = 'https://api.detectify.com/rest'
+
+
+def export_to_csv(techs: list, file: str) -> None:
+    """Export all assets from a given Detectify team to csv
+
+    :param all_assets: A list of dictionaries containing asset information
+    :param file: The name of the file to save to
+    """
+    with open(f'{file}', 'w', newline='') as f:
+        writer = csv.writer(f)
+        writer.writerow(['id','team_id','asset_id','domain_name','service_protocol','port','name','version','categories','active','first_seen_at','disappeared_at']) 
+        for line in techs:
+            writer.writerow([line['id'],line['team_id'],line['asset_id'],line['domain_name'],line['service_protocol'],line['port'],line['name'],line['version'],line['categories'],line['active'],line['first_seen_at'],line['disappeared_at']])
+
+
+
+
+def get_technologies(key):
+    """Get technologies from Detectify.
+
+    :param key: A Detectify API key with access to the following permissions:
+        new APIv3 should be enabled
+    :return: A list of all technologies
+    """
+    techs_list = []
+    urlpath = f'{API_ROOT}/v3/technologies'
+    while True: 
+        r = requests.get(url=urlpath,
+                         headers={'Authorization': key,
+                                  'content-type': 'application/json'})
+        techs_list += r.json()["items"]
+        if "next" in r.json()["pagination"]:
+            urlpath = r.json()["pagination"]["next"]
+        else:
+            return techs_list
+
+def main():
+
+
+    parser = argparse.ArgumentParser(description='Export a list of technologies from Detectify')
+    parser.add_argument('key', type=str, help='a valid Detectify API key')
+    parser.add_argument('-f', '--file', type=str, help='save location for exported results in .csv format')
+    args = parser.parse_args()
+    techs = get_technologies(args.key)
+    if args.file:
+        export_to_csv(techs, args.file)
+
+    print("Your file is ready!")
+
+
+if __name__ == '__main__':
+    main()
+
+

v3

@@ -0,0 +1 @@
+