Skip to content

Commit

Permalink
Merge branch 'feature/sinkdb_v2' into release/2.8.0
Browse files Browse the repository at this point in the history
  • Loading branch information
@dadokkio
dadokkio committed Jun 17, 2020
2 parents 52040d7 + 6cee433 commit 7338edd
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 3 deletions.
2 changes: 1 addition & 1 deletion analyzers/SinkDB/SinkDB.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
"url": "https://github.com/RedLegg/sinkdb-analyzer",
"version": "1.1",
"description": "Check if ip is sinkholed via the new sinkdb.abuse.ch HTTPS API. Original analyzer can be found at https://github.com/BSI-CERT-Bund/sinkdb-analyzer",
"dataTypeList": ["ip", "domain", "mail"],
"dataTypeList": ["ip", "domain", "fqdn", "mail"],
"command": "SinkDB/sinkdb.py",
"baseConfig": "SinkDB",
"configurationItems": [
Expand Down
4 changes: 2 additions & 2 deletions analyzers/SinkDB/sinkdb.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ class SinkDBAnalyzer(Analyzer):
def __init__(self):
Analyzer.__init__(self)

if self.data_type not in ['ip', 'domain', 'mail']:
if self.data_type not in ['ip', 'domain', 'fqdn', 'mail']:
self.error('SinkDB Analyzer only usable with the ip, domain, and mail data types.')

self.apikey = self.get_param('config.key', None, 'HTTPS API Key needed for querying SinkDB.')
Expand All @@ -19,7 +19,7 @@ def query_db(self, indicator):
if self.data_type == 'ip':
return self.parse_entries(json.loads(self.do_post("api_key={}&ipv4={}".format(self.apikey, self.data)).text))

elif self.data_type == 'domain':
elif self.data_type in ('domain', 'fqdn'):
return self.parse_entries(json.loads(self.do_post("api_key={}&domain={}".format(self.apikey, self.data)).text))

elif self.data_type == 'mail':
Expand Down

0 comments on commit 7338edd

Please sign in to comment.