passivetotal
is an R package to interface with the PassiveTotal API
This has BREAKNG CHANGES since it now only works with version 2 of the API.
You should set PASSIVETOTAL_USER
& PASSIVETOTAL_API_KEY
in .Renviron
or you'll either be prompted for them or will need to pass them to each function manually.
NOTE that all the API functions are wrapped with memoise::meomoise
, meaning that
they cache results. Use the forget
function to clear the cache for any given
function.
The following functions are implemented:
account_history
: Get history associated with your account.account_info
: Get account details your account.account_notifications
: Get notifications that have been posted to your account.account_organization
: Get details about the organization your account is associated with.account_sources
: Get source details for a specific source.account_teamstream
: Get the teamstream for the organization your account is associated with.is_compromised
: Get the status of an observableis_dynamic
: Get the status of an observableis_fqdn
: Validate that a string looks like a fully qualified domain nameis_ipv4
: Validate that a string is an IPv4 addressis_monitored
: Get the status of an observableis_sinkhole
: Get the status of an observablepassive_auth
: Get or set PASSIVETOTAL_USER
& PASSIVETOTAL_API_KEY
valuespassive_classification
: Get the status of a classification domainpassive_dns
: Get passive DNS datapassive_enrich
: Enrich the given query with metadatapassive_host
: Get detailed information about a hostpassive_malware
: Get malware datapassive_osint
: Get opensource intelligence datapassive_ssl_certificate
: Get the SSL certificate associated with the SHA-1.passive_ssl_history
: Get the SSL certificate history associated with an IP address or SHA-1passive_ssl_search
: Get the SSL certificate associated with the SHA-1.passive_status
: Get the status of an observablepassive_subdomains
: Get subdomains using a wildcard querypassive_tags
: Get the tags for a query valuepassive_tag_search
: Search for items based on tag valuepassive_tracker
: Get all tracking codes for a domain or IP address.passive_tracker_search
: Get hosts matching a specific tracker IDpassive_unique
: Get unique resolutions from passive DNS datapassive_whois
: Get WHOIS data for a domain or IP addresspassive_whois_search
: Get WHOIS records based on field matching queries.devtools::install_github("hrbrmstr/passivetotal")
library(passivetotal) library(dplyr) library(jsonlite) is_fqdn("rud.is") is_ipv4("10.10.10.10") toJSON(passive_classification("passivetotal.org"), pretty=TRUE) tbl_df(passive_dns("passivetotal.org")$results) toJSON(passive_subdomains("*.passivetotal.org"), pretty=TRUE) toJSON(passive_unique("passivetotal.org"), pretty=TRUE) passive_host("passivetotal.org") passive_malware("xxxmobiletubez.com") passive_osint("xxxmobiletubez.com") toJSON(passive_enrich("passivetotal.org"), pretty=TRUE) toJSON(passive_ssl_certificate("e9a6647d6aba52dc47b3838c920c9ee59bad7034"), pretty=TRUE) toJSON(passive_ssl_history("52.8.228.23"), pretty=TRUE) toJSON(passive_ssl_search(query="www.passivetotal.org", field="subjectCommonName"), pretty=TRUE) passive_status("passivetotal.org", "compromised") passive_status("passivetotal.org", "dynamic") passive_status("passivetotal.org", "monitor") passive_status("52.8.228.23", "sinkhole") passive_status("52.8.228.23", "s") passive_tracker_search(query="UA-61048133", type="GoogleAnalyticsAccountNumber") passive_tracker("passivetotal.org") toJSON(passive_whois("passivetotal.org"), pretty=TRUE) passive_whois_search(query="domains@riskiq.com", field="email")
Please note that this project is released with a Contributor Code of Conduct. By participating in this project you agree to abide by its terms.
Add the following code to your website.
For more information on customizing the embed code, read Embedding Snippets.