Skip to content

Instantly share code, notes, and snippets.

@pyperanger

pyperanger/otx-dump.go

Last active December 10, 2020 18:05
Show Gist options
  • Save pyperanger/5b60864834b7ace46bc63214bcf40b43 to your computer and use it in GitHub Desktop.
Save pyperanger/5b60864834b7ace46bc63214bcf40b43 to your computer and use it in GitHub Desktop.
Download ZIP
AlienVault OTX Dump via API (unauth)
Raw
otx-dump.go
package main
import (
"encoding/json"
"fmt"
"net/http"
"strconv"
"io/ioutil"
"os"
"flag"
)
var (
tipo = flag.String("t", "", "Indicator Type( domain, hash, url, ..)")
query = flag.String("q", "", "Query to Search")
)
type OTX struct {
R []Result `json:"results"`
}
type Result struct {
Indicator string `json:"indicator"`
}
func main() {
flag.Parse()
if *tipo == "" || *query == "" {
flag.Usage()
return
}
urlbase := `https://otx.alienvault.com/otxapi/indicators/?type=`+*tipo+`&include_inactive=0&sort=-modified&q=modified:"" `+*query+`&page=`
f, err := os.OpenFile("dump.log", os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644)
if err != nil {
fmt.Println(err)
}
for i := 1 ; i < 100 ; i++ {
fmt.Println("PAGE: " + strconv.Itoa(i))
url := urlbase + strconv.Itoa(i) + "&limit=100"
req, err := http.Get(url)
if err != nil {
fmt.Println(err)
return
}
defer req.Body.Close()
b, err := ioutil.ReadAll(req.Body)
if err != nil {
fmt.Println(err)
return
}
var otexix OTX
err = json.Unmarshal(b, &otexix)
if err != nil {
return
}
for _, in := range otexix.R {
fmt.Println(in.Indicator)
if _, err := f.Write( []byte(in.Indicator+"\n")) ; err != nil {
fmt.Println(err)
}
}
}
if err := f.Close(); err != nil {
fmt.Println(err)
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment