Compare commits
4 Commits
main
...
ablesov/fi
| Author | SHA1 | Date | |
|---|---|---|---|
|
13ddb3b0bc | ||
|
daca707ad8 | ||
|
|
216db5d387 | ||
|
|
887e90cd06 |
@ -13,6 +13,7 @@ import os
|
||||
import re
|
||||
import sys
|
||||
import whois
|
||||
from security import safe_command
|
||||
|
||||
|
||||
class ZeekEngine(object):
|
||||
@ -396,7 +397,7 @@ class ZeekEngine(object):
|
||||
# This check can be good if the domain has already been cached by
|
||||
# the device so it wont appear in self.dns.
|
||||
|
||||
if any([cert["cn"].endswith(r["domain"]) for r in self.dns]):
|
||||
if any(cert["cn"].endswith(r["domain"]) for r in self.dns):
|
||||
continue
|
||||
|
||||
for domain in self.bl_domains:
|
||||
@ -445,10 +446,10 @@ class ZeekEngine(object):
|
||||
"""
|
||||
Start zeek and check the logs.
|
||||
"""
|
||||
sp.Popen("cd {} && /opt/zeek/bin/zeek -Cr capture.pcap protocols/ssl/validate-certs".format(
|
||||
self.working_dir), shell=True).wait()
|
||||
sp.Popen("cd {} && mv *.log assets/".format(self.working_dir),
|
||||
shell=True).wait()
|
||||
safe_command.run(sp.Popen, "cd {} && /opt/zeek/bin/zeek -Cr capture.pcap protocols/ssl/validate-certs".format(
|
||||
self.working_dir), shell=False).wait()
|
||||
safe_command.run(sp.Popen, "cd {} && mv *.log assets/".format(self.working_dir),
|
||||
shell=False).wait()
|
||||
self.fill_dns(self.working_dir + "/assets/")
|
||||
self.netflow_check(self.working_dir + "/assets/")
|
||||
self.ssl_check(self.working_dir + "/assets/")
|
||||
|
||||
@ -15,3 +15,6 @@ netifaces==0.11.0
|
||||
weasyprint==59.0
|
||||
python-whois==0.8.0
|
||||
six==1.16.0
|
||||
security==1.2.1 \
|
||||
--hash=sha256:4ca5f8cfc6b836e2192a84bb5a28b72c17f3cd1abbfe3281f917394c6e6c9238
|
||||
--hash=sha256:0a9dc7b457330e6d0f92bdae3603fecb85394beefad0fd3b5058758a58781ded
|
||||
|
||||
Loading…
Reference in New Issue
Block a user