{
    "info": {
        "author": "David Cannings",
        "author_email": "david@edeca.net",
        "bugtrack_url": null,
        "classifiers": [
            "Development Status :: 4 - Beta",
            "License :: OSI Approved :: Apache Software License",
            "Operating System :: OS Independent",
            "Programming Language :: Python :: 3"
        ],
        "description": "# Introduction\n\nThis tool converts technical indicators (IOCs) and search queries into the\nJSON format required for a Carbon Black alliance feed.  This can be imported\ninto your Carbon Black server manually or by adding a Threat Intelligence\nfeed, which will regularly update.\n\nIt was written by David Cannings ([@edeca](https://twitter.com/edeca)) and \nreleased by NCC Group under the AGPL.\n\nThe latest code can be found in the [Github repository](https://github.com/edeca/hydrocarbon).\n\n# Why would I use it?\n\nThis tool is useful if:\n\n* You want to synchronise watch lists across multiple Carbon Black servers.\n* You want to share indicators (and you don't have a central threat intel platform).\n\n# Quick start\n\nTo get started you will need:\n\n* A configuration file (see `examples/config.yaml`)\n* At least one data file (see `examples/data/`)\n\nFirst install the tool in a virtual environment:\n\n```\n# Create a new virtual environment\n$ python3 -m venv hydrocarbon_venv\n\n# Activate the virtual environment\n$ . hydrocarbon_venv/bin/activate  # On Windows run hydrocarbon_venv\\Scripts\\activate.ps1\n\n# Instal the module\n$ pip install hydrocarbon \n```\n\nNow generate a JSON file with feed data:\n\n```\n# Generate JSON from the example data \n$ hydrocarbon --config examples\\config.yaml --data examples\\data --output feed.json\n```\n\nYou can optionally provide two logos (100x100 and 370x97) to be included in\nthe feed data.  These wll be displayed in the web UI, for example:\n\n```\n# Generate JSON from the example data \n$ hydrocarbon --config examples\\config.yaml --data examples\\data --output feed.json \\\n              --icon-large examples\\large.jpg --icon-small examples\\small.jpg\n```\n\nINSERT IMAGE \n\nThe tool can be used from within your own Python scripts, see the FAQ.\n\n# FAQ\n\n## Why integrate with git?\n\nThe Carbon Black server needs a timestamp for every report.  Using git gives \nan accurate timestamp (from the latest commit) which does not change.  This\nensures that 'incremental' update mode is efficient, only changed reports will\nbe parsed.\n\nIt is possible to use without git.  However, this is not recommended for\nanything other than testing.\n\n## How can I delete indicators?\n\nThe Carbon Black Response server prefers to do an 'incremental' sync against \nfeeds.  This means that deleted items will not be removed.\n\nTo delete an item change `enabled` to `False` and regenerate the feed.\n\n## How can I automatically update my server?\n\nSimply copy the JSON file to a web server which can be accessed by the Carbon\nBlack instance.  You can optionally use basic authentication and provide the\nusername and password in the Carbon Black web interface.\n\nYou can add a new feed to the Threat Intelligence section in Carbon Black.\n\nThere seem to be no restrictions on the web server other than returning valid\nJSON.\n\n## How can I integrate this with my workflow?\n\nThe tool is a Python module which can be imported and used from your own code.\n\n```python\nfrom hydrocarbon import FeedGenerator\n\nbuilder = FeedGenerator(\"/path/to/config.yaml\")\nbuilder.add_data_dir(\"/path/to/data/\")\n\nwith open(\"output.json\", \"w\") as fh:\n    builder.generate_feed(fh)\n```\n\nSee `hydrocarbon/app.py` for an example implementation.",
        "description_content_type": "text/markdown",
        "docs_url": null,
        "download_url": "",
        "downloads": {
            "last_day": -1,
            "last_month": -1,
            "last_week": -1
        },
        "home_page": "https://github.com/edeca/hydrocarbon",
        "keywords": "",
        "license": "Apache Software License",
        "maintainer": "",
        "maintainer_email": "",
        "name": "hydrocarbon",
        "package_url": "https://pypi.org/project/hydrocarbon/",
        "platform": "",
        "project_url": "https://pypi.org/project/hydrocarbon/",
        "project_urls": {
            "Homepage": "https://github.com/edeca/hydrocarbon"
        },
        "release_url": "https://pypi.org/project/hydrocarbon/0.0.1/",
        "requires_dist": null,
        "requires_python": "",
        "summary": "Generate a Carbon Black alliance feed in JSON format from a git repository",
        "version": "0.0.1"
    },
    "last_serial": 5535190,
    "releases": {
        "0.0.1": [
            {
                "comment_text": "",
                "digests": {
                    "md5": "07911dc6cf5eecbfadb95f96d3ff9a3a",
                    "sha256": "fdad870835b79276518a61cda33498cae1daa153d36c01cd6dc04a24dea17711"
                },
                "downloads": -1,
                "filename": "hydrocarbon-0.0.1-py3.7.egg",
                "has_sig": false,
                "md5_digest": "07911dc6cf5eecbfadb95f96d3ff9a3a",
                "packagetype": "bdist_egg",
                "python_version": "3.7",
                "requires_python": null,
                "size": 16112,
                "upload_time": "2019-07-15T14:23:03",
                "url": "https://files.pythonhosted.org/packages/7a/bd/b5f7d14c80bf47c3301f5c8d4e9d319c5f99c751dfe76f16f536a1b02d51/hydrocarbon-0.0.1-py3.7.egg"
            },
            {
                "comment_text": "",
                "digests": {
                    "md5": "f2733a7bbe31a17fe169d089746202cc",
                    "sha256": "5cb72871fc9758bad823b6c5b684cf99bd73991de957707cf02fd2e16845833b"
                },
                "downloads": -1,
                "filename": "hydrocarbon-0.0.1.tar.gz",
                "has_sig": false,
                "md5_digest": "f2733a7bbe31a17fe169d089746202cc",
                "packagetype": "sdist",
                "python_version": "source",
                "requires_python": null,
                "size": 7647,
                "upload_time": "2019-07-15T14:23:05",
                "url": "https://files.pythonhosted.org/packages/47/e1/240d767061fa25fcc44fb156ec2ec01c688039a01a24952a04ee1bd0598e/hydrocarbon-0.0.1.tar.gz"
            }
        ]
    },
    "urls": [
        {
            "comment_text": "",
            "digests": {
                "md5": "07911dc6cf5eecbfadb95f96d3ff9a3a",
                "sha256": "fdad870835b79276518a61cda33498cae1daa153d36c01cd6dc04a24dea17711"
            },
            "downloads": -1,
            "filename": "hydrocarbon-0.0.1-py3.7.egg",
            "has_sig": false,
            "md5_digest": "07911dc6cf5eecbfadb95f96d3ff9a3a",
            "packagetype": "bdist_egg",
            "python_version": "3.7",
            "requires_python": null,
            "size": 16112,
            "upload_time": "2019-07-15T14:23:03",
            "url": "https://files.pythonhosted.org/packages/7a/bd/b5f7d14c80bf47c3301f5c8d4e9d319c5f99c751dfe76f16f536a1b02d51/hydrocarbon-0.0.1-py3.7.egg"
        },
        {
            "comment_text": "",
            "digests": {
                "md5": "f2733a7bbe31a17fe169d089746202cc",
                "sha256": "5cb72871fc9758bad823b6c5b684cf99bd73991de957707cf02fd2e16845833b"
            },
            "downloads": -1,
            "filename": "hydrocarbon-0.0.1.tar.gz",
            "has_sig": false,
            "md5_digest": "f2733a7bbe31a17fe169d089746202cc",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": null,
            "size": 7647,
            "upload_time": "2019-07-15T14:23:05",
            "url": "https://files.pythonhosted.org/packages/47/e1/240d767061fa25fcc44fb156ec2ec01c688039a01a24952a04ee1bd0598e/hydrocarbon-0.0.1.tar.gz"
        }
    ]
}