In hrbrmstr/passivetotal: Tools for Working with the 'PassiveTotal' 'API'
passivetotal is an R package to interface with the PassiveTotal API
This has BREAKNG CHANGES since it now only works with version 2 of the API.
You should set PASSIVETOTAL_USER & PASSIVETOTAL_API_KEY in .Renviron or you'll either be prompted for them or will need to pass them to each function manually.
NOTE that all the API functions are wrapped with memoise::meomoise, meaning that
they cache results. Use the forget function to clear the cache for any given
function.
The following functions are implemented:
account_history: Get history associated with your account.account_info: Get account details your account.account_notifications: Get notifications that have been posted to your account.account_organization: Get details about the organization your account is associated with.account_sources: Get source details for a specific source.account_teamstream: Get the teamstream for the organization your account is associated with.is_compromised: Get the status of an observableis_dynamic: Get the status of an observableis_fqdn: Validate that a string looks like a fully qualified domain nameis_ipv4: Validate that a string is an IPv4 addressis_monitored: Get the status of an observableis_sinkhole: Get the status of an observablepassive_auth: Get or set PASSIVETOTAL_USER & PASSIVETOTAL_API_KEY valuespassive_classification: Get the status of a classification domainpassive_dns: Get passive DNS datapassive_enrich: Enrich the given query with metadatapassive_host: Get detailed information about a hostpassive_malware: Get malware datapassive_osint: Get opensource intelligence datapassive_ssl_certificate: Get the SSL certificate associated with the SHA-1.passive_ssl_history: Get the SSL certificate history associated with an IP address or SHA-1passive_ssl_search: Get the SSL certificate associated with the SHA-1.passive_status: Get the status of an observablepassive_subdomains: Get subdomains using a wildcard querypassive_tags: Get the tags for a query valuepassive_tag_search: Search for items based on tag valuepassive_tracker: Get all tracking codes for a domain or IP address.passive_tracker_search: Get hosts matching a specific tracker IDpassive_unique: Get unique resolutions from passive DNS datapassive_whois: Get WHOIS data for a domain or IP addresspassive_whois_search: Get WHOIS records based on field matching queries.
Installation
devtools::install_github("hrbrmstr/passivetotal")
library(passivetotal)
library(dplyr)
library(jsonlite)
is_fqdn("rud.is")
is_ipv4("10.10.10.10")
toJSON(passive_classification("passivetotal.org"), pretty=TRUE)
tbl_df(passive_dns("passivetotal.org")$results)
toJSON(passive_subdomains("*.passivetotal.org"), pretty=TRUE)
toJSON(passive_unique("passivetotal.org"), pretty=TRUE)
passive_host("passivetotal.org")
passive_malware("xxxmobiletubez.com")
passive_osint("xxxmobiletubez.com")
toJSON(passive_enrich("passivetotal.org"), pretty=TRUE)
toJSON(passive_ssl_certificate("e9a6647d6aba52dc47b3838c920c9ee59bad7034"), pretty=TRUE)
toJSON(passive_ssl_history("52.8.228.23"), pretty=TRUE)
toJSON(passive_ssl_search(query="www.passivetotal.org", field="subjectCommonName"), pretty=TRUE)
passive_status("passivetotal.org", "compromised")
passive_status("passivetotal.org", "dynamic")
passive_status("passivetotal.org", "monitor")
passive_status("52.8.228.23", "sinkhole")
passive_status("52.8.228.23", "s")
passive_tracker_search(query="UA-61048133", type="GoogleAnalyticsAccountNumber")
passive_tracker("passivetotal.org")
toJSON(passive_whois("passivetotal.org"), pretty=TRUE)
passive_whois_search(query="domains@riskiq.com", field="email")
Code of Conduct
Please note that this project is released with a Contributor Code of Conduct. By participating in this project you agree to abide by its terms.
hrbrmstr/passivetotal documentation built on May 17, 2019, 5:12 p.m.
R Package Documentation
Browse R Packages
We want your feedback!
Note that we can't provide technical support on individual packages. You should contact the package authors for that.
passivetotal is an R package to interface with the PassiveTotal API
This has BREAKNG CHANGES since it now only works with version 2 of the API.
You should set PASSIVETOTAL_USER & PASSIVETOTAL_API_KEY in .Renviron or you'll either be prompted for them or will need to pass them to each function manually.
NOTE that all the API functions are wrapped with memoise::meomoise, meaning that
they cache results. Use the forget function to clear the cache for any given
function.
The following functions are implemented:
account_history: Get history associated with your account.account_info: Get account details your account.account_notifications: Get notifications that have been posted to your account.account_organization: Get details about the organization your account is associated with.account_sources: Get source details for a specific source.account_teamstream: Get the teamstream for the organization your account is associated with.is_compromised: Get the status of an observableis_dynamic: Get the status of an observableis_fqdn: Validate that a string looks like a fully qualified domain nameis_ipv4: Validate that a string is an IPv4 addressis_monitored: Get the status of an observableis_sinkhole: Get the status of an observablepassive_auth: Get or setPASSIVETOTAL_USER&PASSIVETOTAL_API_KEYvaluespassive_classification: Get the status of a classification domainpassive_dns: Get passive DNS datapassive_enrich: Enrich the given query with metadatapassive_host: Get detailed information about a hostpassive_malware: Get malware datapassive_osint: Get opensource intelligence datapassive_ssl_certificate: Get the SSL certificate associated with the SHA-1.passive_ssl_history: Get the SSL certificate history associated with an IP address or SHA-1passive_ssl_search: Get the SSL certificate associated with the SHA-1.passive_status: Get the status of an observablepassive_subdomains: Get subdomains using a wildcard querypassive_tags: Get the tags for a query valuepassive_tag_search: Search for items based on tag valuepassive_tracker: Get all tracking codes for a domain or IP address.passive_tracker_search: Get hosts matching a specific tracker IDpassive_unique: Get unique resolutions from passive DNS datapassive_whois: Get WHOIS data for a domain or IP addresspassive_whois_search: Get WHOIS records based on field matching queries.
Installation
devtools::install_github("hrbrmstr/passivetotal")
library(passivetotal) library(dplyr) library(jsonlite) is_fqdn("rud.is") is_ipv4("10.10.10.10") toJSON(passive_classification("passivetotal.org"), pretty=TRUE) tbl_df(passive_dns("passivetotal.org")$results) toJSON(passive_subdomains("*.passivetotal.org"), pretty=TRUE) toJSON(passive_unique("passivetotal.org"), pretty=TRUE) passive_host("passivetotal.org") passive_malware("xxxmobiletubez.com") passive_osint("xxxmobiletubez.com") toJSON(passive_enrich("passivetotal.org"), pretty=TRUE) toJSON(passive_ssl_certificate("e9a6647d6aba52dc47b3838c920c9ee59bad7034"), pretty=TRUE) toJSON(passive_ssl_history("52.8.228.23"), pretty=TRUE) toJSON(passive_ssl_search(query="www.passivetotal.org", field="subjectCommonName"), pretty=TRUE) passive_status("passivetotal.org", "compromised") passive_status("passivetotal.org", "dynamic") passive_status("passivetotal.org", "monitor") passive_status("52.8.228.23", "sinkhole") passive_status("52.8.228.23", "s") passive_tracker_search(query="UA-61048133", type="GoogleAnalyticsAccountNumber") passive_tracker("passivetotal.org") toJSON(passive_whois("passivetotal.org"), pretty=TRUE) passive_whois_search(query="domains@riskiq.com", field="email")
Code of Conduct
Please note that this project is released with a Contributor Code of Conduct. By participating in this project you agree to abide by its terms.
R Package Documentation
Browse R Packages
We want your feedback!
Note that we can't provide technical support on individual packages. You should contact the package authors for that.
Embedding an R snippet on your website
Add the following code to your website.
For more information on customizing the embed code, read Embedding Snippets.