{ "info": { "author": "abusix", "author_email": "info@abusix.com", "bugtrack_url": null, "classifiers": [ "Development Status :: 4 - Beta", "Environment :: Console", "Intended Audience :: Customer Service", "Intended Audience :: System Administrators", "License :: OSI Approved :: Apache Software License", "Operating System :: MacOS :: MacOS X", "Operating System :: POSIX", "Programming Language :: Python :: 2", "Programming Language :: Python :: 2.7", "Programming Language :: Python :: 3", "Programming Language :: Python :: 3.3", "Programming Language :: Python :: 3.4", "Programming Language :: Python :: 3.5", "Programming Language :: Python :: 3.6", "Programming Language :: Python :: 3.7", "Topic :: Security" ], "description": "[![PyPi Version](https://img.shields.io/pypi/v/pyxarf.svg)](https://pypi.python.org/pypi/pyxarf)\n[![PyPi License](https://img.shields.io/pypi/l/pyxarf.svg)](https://pypi.python.org/pypi/pyxarf)\n[![PyPi Versions](https://img.shields.io/pypi/pyversions/pyxarf.svg)](https://pypi.python.org/pypi/pyxarf)\n[![PyPi Wheel](https://img.shields.io/pypi/wheel/pyxarf.svg)](https://pypi.python.org/pypi/pyxarf)\n\n# pyxarf - easy x-arf report generation\n\n## Introduction\n\npyxarf is a Python library for handling X-ARF Network Abuse Reporting.\n\n* pyxarf: A module for creating, validating and serializing X-ARF objects.\n* xarfmail: A module for sending X-ARF reports by E-Mail, with automatic Abuse Contact lookup provided by the free [querycontacts](https://pypi.python.org/pypi/querycontacts/) library.\n* xarfutil: A command line client for reporting in X-ARF directly from the Shell.\n\nFor more information on the reporting format X-ARF, check out it's [offical website](http://www.xarf.org).\n\n## Getting Started\n\n### Installation\n\n```bash\npip install pyxarf\n```\n\n### Calling the Script\n\n#### Report-Generation\n\nIn this first example, all required parameters for generating a X-ARF report are\nspecified directly at command line. Using the `--output-yaml` parameter, the\nvalidated report data is printed to `stdout` in YAML format.\n\n```bash\n$ xarfutil.py --evidence 'sample evidence data' --greeting 'greeting text here' \\\n --schema-url 'http://xarf.org/schema/abuse_login-attack_0.1.2.json' \\\n --schema-cache '/tmp/' --reported-from 'xarf-reports@example.com' \\\n --category 'abuse' --report-type 'login-attack' --report-id '1234567' \\\n --date 'Feb 3 2014 02:13:35 +0100' --source '83.169.54.26' \\\n --source-type 'ip-address' --attachment 'text/plain' --service 'ssh' \\\n --port 22 --output-yaml\n\nevidence: sample evidence data\nmachine_readable:\n Attachment: text/plain\n Category: abuse\n Date: Feb 3 2014 02:13:35 +0100\n Port: 22\n Report-ID: '1234567'\n Report-Type: login-attack\n Reported-From: xarf-reports@example.com\n Schema-URL: http://xarf.org/schema/abuse_login-attack_0.1.2.json\n Service: ssh\n Source: 83.169.54.26\n Source-Type: ip-address\n User-Agent: pyxarf 0.0.1\n```\n\n#### Sending Reports\n\nYou can send reports using the script by adding specific parameters.\n\n```bash\n$ xarfutil.py --evidence 'sample evidence data' \\\n--greeting 'greeting text here' \\\n--schema-url 'http://xarf.org/schema/abuse_login-attack_0.1.2.json' \\\n--schema-cache '/tmp/' --reported-from 'xarf@example.org' \\\n--category 'abuse' --report-type 'login-attack' --report-id '1234567' \\\n--date 'Feb 3 2014 02:13:35 +0100' --source '83.169.54.26' \\\n--source-type 'ip-address' --attachment 'text/plain' --service 'ssh' \\\n--port 22 --mail-server-host mx.example.org --mail-server-port 25 \\\n--mail-from 'xarf@example.org' --mail-subject 'x-arf sample report' \\\n--mail-to 'abuse@example.com' --send-email\n\nReport sent.\n```\n\nYou can also lookup the abuse contact for a given IP by adding the parameter `--lookup-contact`.\n\n\n\n## Using the API\n\n```python\nfrom __future__ import print_function\n\nfrom pyxarf import Xarf\n\nxarf = Xarf(\n evidence='sample evidence data',\n greeting='greeting text here',\n schema_url='http://www.xarf.org/schema/abuse_login-attack_0.1.2.json',\n schema_cache='/tmp/',\n reported_from='xarf-reports@example.com',\n category='abuse',\n report_type='login-attack',\n report_id='1234567',\n date='Feb 3 2014 02:13:35 +0100',\n source='83.169.54.26',\n source_type='ip-address',\n attachment='text/plain',\n service='ssh',\n port=22,\n)\n\nprint(xarf.to_json()) # return json\nprint()\nprint(xarf.to_yaml()) # return yaml\nprint()\nprint(xarf.get_report_obj()) # return python object (dict)\n```\n\n**Output:**\n\n```\n$ python sample.py\n{\"machine_readable\": {\"Reported-From\": \"xarf-reports@example.com\", \"Report-ID\": \"1234567\", \"Category\": \"abuse\", \"Report-Type\": \"login-attack\", \"Service\": \"ssh\", \"Port\": 22, \"Date\": \"Feb 3 2014 02:13:35 +0100\", \"Source\": \"83.169.54.26\", \"Source-Type\": \"ip-address\", \"Attachment\": \"text/plain\", \"Schema-URL\": \"http://www.x-arf.org/schema/abuse_login-attack_0.1.2.json\", \"User-Agent\": \"pyxarf 0.0.5\"}, \"evidence\": \"sample evidence data\"}\n\nevidence: sample evidence data\nmachine_readable:\n Attachment: text/plain\n Category: abuse\n Date: Feb 3 2014 02:13:35 +0100\n Port: 22\n Report-ID: '1234567'\n Report-Type: login-attack\n Reported-From: xarf-reports@example.com\n Schema-URL: http://www.x-arf.org/schema/abuse_login-attack_0.1.2.json\n Service: ssh\n Source: 83.169.54.26\n Source-Type: ip-address\n User-Agent: pyxarf 0.0.5\n\n\n{'machine_readable': {'Reported-From': 'xarf-reports@example.com', 'Report-ID': '1234567', 'Category': 'abuse', 'Report-Type': 'login-attack', 'Service': 'ssh', 'Port': 22, 'Date': 'Feb 3 2014 02:13:35 +0100', 'Source': '83.169.54.26', 'Source-Type': 'ip-address', 'Attachment': 'text/plain', 'Schema-URL': 'http://www.x-arf.org/schema/abuse_login-attack_0.1.2.json', 'User-Agent': 'pyxarf 0.0.5'}, 'evidence': 'sample evidence data'}\n```\n\n\n### Detecting Errors\n\nThe following example contains a error on line 17, as the specified JSON schema\ndefinies `port` to be a integer.\n\n```python\nfrom __future__ import print_function\n\nfrom pyxarf import Xarf\n\nxarf = Xarf(\n evidence='sample evidence data',\n greeting='greeting text here',\n schema_url='http://www.xarf.org/schema/abuse_login-attack_0.1.2.json',\n schema_cache='/tmp/',\n reported_from='xarf-reports@example.com',\n category='abuse',\n report_type='login-attack',\n report_id='1234567',\n date='Feb 3 2014 02:13:35 +0100',\n source='83.169.54.26',\n source_type='ip-address',\n attachment='text/plain',\n service='ssh',\n port='22',\n)\n\nprint(xarf.to_json())\n\n```\n**Output:**\n\n```\n$ python sample.py\nTraceback (most recent call last):\n File \"sample.py\", line 22, in \n print(xarf.to_json())\n File \"/home/user/dev/python-xarf/pyxarf/xarf.py\", line 362, in to_json\n return json_dumps(self.get_report_obj(part))\n File \"/home/user/dev/python-xarf/pyxarf/xarf.py\", line 395, in get_report_obj\n 'machine_readable': self._get_validated_machine_readable(),\n File \"/home/user/dev/python-xarf/pyxarf/xarf.py\", line 338, in _get_validated_machine_readable\n self.machine_readable\n File \"/home/user/dev/python-xarf/pyxarf/xarf.py\", line 290, in _validate_schema\n ', '.join(errors)\npyxarf.exceptions.ValidationError: Port '22' is not of type 'integer'\n```\n\n\n", "description_content_type": "text/markdown", "docs_url": null, "download_url": "", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "http://xarf.org/", "keywords": "keyword,search,purepython,aho-corasick,ahocorasick,abusix", "license": "Apache Software License", "maintainer": "", "maintainer_email": "", "name": "pyxarf", "package_url": "https://pypi.org/project/pyxarf/", "platform": "", "project_url": "https://pypi.org/project/pyxarf/", "project_urls": { "Company": "https://www.abusix.com/", "Homepage": "http://xarf.org/", "Source": "https://github.com/xarf/python-xarf" }, "release_url": "https://pypi.org/project/pyxarf/0.1.0/", "requires_dist": [ "jsonschema (>=3.0.2)", "PyYAML (>=5.1.2)", "dnspython (>=1.16.0)", "querycontacts (>=1.1.1)", "requests (>=2.22.0)" ], "requires_python": ">=2.7", "summary": "pyxarf - easy x-arf report generation", "version": "0.1.0" }, "last_serial": 5666738, "releases": { "0.0.5": [ { "comment_text": "", "digests": { "md5": "3a9b71f70ce2a8ff0e0d65751a7e3f9d", "sha256": "d6eb0ddc494f64751ab15984775ae7fd77584f3fb8a55d1c19cb80b9eae46349" }, "downloads": -1, "filename": "pyxarf-src-0.0.5.tar.gz", "has_sig": false, "md5_digest": "3a9b71f70ce2a8ff0e0d65751a7e3f9d", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 10206, "upload_time": "2015-02-24T13:43:30", "url": "https://files.pythonhosted.org/packages/ac/21/5c421c2e0478e320f1f4618a026cd540ba4b535dee4a74db904ec1335537/pyxarf-src-0.0.5.tar.gz" } ], "0.1.0": [ { "comment_text": "", "digests": { "md5": "79f7b86e49a4c9c4daf120fe3e9b52e4", "sha256": "4ca2adadce7a1c90fd1880651e368189f139da97eb5cfc0969f87aa6b46c63fb" }, "downloads": -1, "filename": "pyxarf-0.1.0-py2.py3-none-any.whl", "has_sig": false, "md5_digest": "79f7b86e49a4c9c4daf120fe3e9b52e4", "packagetype": "bdist_wheel", "python_version": "py2.py3", "requires_python": ">=2.7", "size": 13481, "upload_time": "2019-08-12T14:26:01", "url": "https://files.pythonhosted.org/packages/97/e5/04d308283a93a7914d706720a19c1988b95984d6df9fc21b93a2ec49b399/pyxarf-0.1.0-py2.py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "ef2dd0a0facc6d92d3af23a82f52b901", "sha256": "671462c701e962189e6ab76ac92f690b5871743b2b007fc68e0164102d2ed1c6" }, "downloads": -1, "filename": "pyxarf-0.1.0.tar.gz", "has_sig": false, "md5_digest": "ef2dd0a0facc6d92d3af23a82f52b901", "packagetype": "sdist", "python_version": "source", "requires_python": ">=2.7", "size": 14119, "upload_time": "2019-08-12T14:26:03", "url": "https://files.pythonhosted.org/packages/30/8a/ef87a4ed5162be3086c514ca49e84d542b75876190b9e9fb5084504a66b0/pyxarf-0.1.0.tar.gz" } ], "0.1.0.dev0": [ { "comment_text": "", "digests": { "md5": "8c61f901d0d80eca1ee47e187ecce395", "sha256": "cdd0ea69e9eb965c1555197a63050cce6f8b4c5a1cf66249138178f1c4fede82" }, "downloads": -1, "filename": "pyxarf-0.1.0.dev0-py2.py3-none-any.whl", "has_sig": false, "md5_digest": "8c61f901d0d80eca1ee47e187ecce395", "packagetype": "bdist_wheel", "python_version": "py2.py3", "requires_python": ">=2.7", "size": 13478, "upload_time": "2019-08-12T14:21:22", "url": "https://files.pythonhosted.org/packages/d1/e7/7df768be743b8e408a3b7cbb74f75cc3c1ee409def17376184e3d2e16edd/pyxarf-0.1.0.dev0-py2.py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "bf4684f5c3ae268371e7cd6142b00bb4", "sha256": "82dabbd3a78eafb5a696bf2734feac183fe04786e8c51daac9d4bb77117f2d12" }, "downloads": -1, "filename": "pyxarf-0.1.0.dev0.tar.gz", "has_sig": false, "md5_digest": "bf4684f5c3ae268371e7cd6142b00bb4", "packagetype": "sdist", "python_version": "source", "requires_python": ">=2.7", "size": 13977, "upload_time": "2019-08-12T14:21:24", "url": "https://files.pythonhosted.org/packages/58/a2/f4c93bea4e724ff32e547955d4985fbec2d9f7eff49896162b5cf6f321fd/pyxarf-0.1.0.dev0.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "79f7b86e49a4c9c4daf120fe3e9b52e4", "sha256": "4ca2adadce7a1c90fd1880651e368189f139da97eb5cfc0969f87aa6b46c63fb" }, "downloads": -1, "filename": "pyxarf-0.1.0-py2.py3-none-any.whl", "has_sig": false, "md5_digest": "79f7b86e49a4c9c4daf120fe3e9b52e4", "packagetype": "bdist_wheel", "python_version": "py2.py3", "requires_python": ">=2.7", "size": 13481, "upload_time": "2019-08-12T14:26:01", "url": "https://files.pythonhosted.org/packages/97/e5/04d308283a93a7914d706720a19c1988b95984d6df9fc21b93a2ec49b399/pyxarf-0.1.0-py2.py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "ef2dd0a0facc6d92d3af23a82f52b901", "sha256": "671462c701e962189e6ab76ac92f690b5871743b2b007fc68e0164102d2ed1c6" }, "downloads": -1, "filename": "pyxarf-0.1.0.tar.gz", "has_sig": false, "md5_digest": "ef2dd0a0facc6d92d3af23a82f52b901", "packagetype": "sdist", "python_version": "source", "requires_python": ">=2.7", "size": 14119, "upload_time": "2019-08-12T14:26:03", "url": "https://files.pythonhosted.org/packages/30/8a/ef87a4ed5162be3086c514ca49e84d542b75876190b9e9fb5084504a66b0/pyxarf-0.1.0.tar.gz" } ] }