LeakIX/LeakIXClient-Python
GitHub: LeakIX/LeakIXClient-Python
LeakIX官方Python客户端,提供对其泄露情报数据库的编程访问能力,支持按插件类型、地理位置、时间范围等多维度查询暴露服务和数据泄露事件。
Stars: 23 | Forks: 8
# LeakIX Python 客户端
[](https://pypi.org/project/leakix/)
[](https://pypi.org/project/leakix/)
官方 LeakIX Python 客户端
## 安装
```
pip install leakix
```
要运行测试,请使用 `make test`。
## 文档说明
文档字符串 (Docstrings) 用于记录库的文档。
类型提示 (Types) 也用于告知用户函数期望的对象类型。
每个 API 响应都封装在 `SuccessResponse` 或 `ErrorResponse` 对象中。
每个 API 响应都提供了 `is_success()` 或 `is_error()` 方法。
您可以通过在响应对象上调用 `json()` 方法来获取实际响应。
输出的事件描述于
[l9format](https://github.com/LeakIX/l9format-python) 中。
当您拥有 `l9Event` 类型(或更长的
`l9format.l9format.L9Event`)的对象时,您可以参考
[L9Event](https://github.com/LeakIX/l9format-python/blob/main/l9format/l9format.py#L158)
模型类以了解可用字段。
例如,要访问 `L9Event` 类型对象 `event` 的 IP,您可以
使用 `event.ip`。
每个对象都可以使用 `to_dict()` 方法转换回 Python 字典/JSON。
例如,对于子域名端点的响应,您可以使用以下方式获取单个 JSON:
```
def example_get_subdomains():
response = CLIENT.get_subdomains("leakix.net")
for subdomain in response.json():
print(subdomain.to_dict())
```
## 支持
如果您有任何问题,请随时提交 issue。
您也可以通过 `support@leakix.net` 联系我们。
如果您需要商业支持,请查看 https://leakix.net/plans。
## 示例
```
import decouple
from leakix import Client
from leakix.query import MustQuery, MustNotQuery, RawQuery
from leakix.field import PluginField, CountryField, TimeField, Operator
from leakix.plugin import Plugin
from datetime import datetime, timedelta
API_KEY = decouple.config("API_KEY")
BASE_URL = decouple.config("LEAKIX_HOST", default=None)
CLIENT = Client(api_key=API_KEY)
def example_get_host_filter_plugin():
response = CLIENT.get_host(ipv4="33.33.33.33")
assert response.status_code() == 200
def example_get_service_filter_plugin():
"""
Filter by fields. In this example, we want to have the NTLM services.
A list of plugins can be found in leakix.plugin
"""
query_http_ntlm = MustQuery(field=PluginField(Plugin.HttpNTLM))
response = CLIENT.get_service(queries=[query_http_ntlm])
assert response.status_code() == 200
# check we only get NTML related services
assert all((i.tags == ["ntlm"] for i in response.json()))
def example_get_service_filter_plugin_with_pagination():
"""
Filter by fields. In this example, we want to have the NTLM services.
A list of plugins can be found in leakix.plugin.
Ask for page 1 (starts at 0)
"""
query_http_ntlm = MustQuery(field=PluginField(Plugin.HttpNTLM))
response = CLIENT.get_service(queries=[query_http_ntlm], page=1)
assert response.status_code() == 200
# check we only get NTML related services
assert all((i.tags == ["ntlm"] for i in response.json()))
def example_get_leaks_filter_multiple_plugins():
query_http_ntlm = MustQuery(field=PluginField(Plugin.HttpNTLM))
query_country = MustQuery(field=CountryField("France"))
response = CLIENT.get_leak(queries=[query_http_ntlm, query_country])
assert response.status_code() == 200
assert all(
(
i.geoip.country_name == "France" and i.tags == ["ntlm"]
for i in response.json()
)
)
def example_get_leaks_multiple_filter_plugins_must_not():
query_http_ntlm = MustQuery(field=PluginField(Plugin.HttpNTLM))
query_country = MustNotQuery(field=CountryField("France"))
response = CLIENT.get_leak(queries=[query_http_ntlm, query_country])
assert response.status_code() == 200
assert all(
(
i.geoip.country_name != "France" and i.tags == ["ntlm"]
for i in response.json()
)
)
def example_get_leak_raw_query():
raw_query = '+plugin:HttpNTLM +country:"France"'
query = RawQuery(raw_query)
response = CLIENT.get_leak(queries=[query])
assert response.status_code() == 200
assert all(
(
i.geoip.country_name == "France" and i.tags == ["ntlm"]
for i in response.json()
)
)
def example_get_leak_plugins_with_time():
query_plugin = MustQuery(field=PluginField(Plugin.GitConfigHttpPlugin))
today = datetime.now()
one_month_ago = today - timedelta(days=30)
query_today = MustQuery(field=TimeField(today, Operator.StrictlySmaller))
query_yesterday = MustQuery(
field=TimeField(one_month_ago, Operator.StrictlyGreater)
)
queries = [query_today, query_yesterday, query_plugin]
response = CLIENT.get_leak(queries=queries)
assert response.status_code() == 200
def example_get_plugins():
response = CLIENT.get_plugins()
for p in response.json():
print(p.name)
print(p.description)
if __name__ == "__main__":
example_get_host_filter_plugin()
example_get_service_filter_plugin()
example_get_service_filter_plugin_with_pagination()
example_get_leaks_filter_multiple_plugins()
example_get_leaks_multiple_filter_plugins_must_not()
example_get_leak_plugins_with_time()
example_get_leak_raw_query()
example_get_plugins()
```
标签:API客户端, ESC4, HTTP/HTTPS抓包, L9Format, LeakIX, OSINT, Python, 威胁情报, 子域名收集, 密码管理, 对称加密, 开发者工具, 态势感知, 情报收集, 无后门, 漏洞研究, 网络安全, 自动化审计, 逆向工具, 隐私保护