[Analyzer] WAD #814
Comments
|
Good catch but we do not usually integrate tools that actively scan a target in IntelOwl. This is because IntelOwl is not a tool that should be used for perfroming reconnaissance of a target. There are plenty of other projects that do that better and this has never been its main goal. I have already closed other similar issues. However I understand that the framework completely supports these use cases and could integrate several similar tools/services. The point is that we should categorize them differently. We cannot just add them as normal analyzers. I guess that a little customization for the "reconnaissance tools/services" can be thought and done once we will start working on the playbooks (#628). The playbooks will allow to group some analyzers together, to better separate use cases from one another. So I think we could keep this issue as a reminder. But right now, considering the almost all the IntelOwl users just run "all the analyzers", I think we should avoid this. |
|
from 2021 to 2023, now it could be time to start thinking about this. We have implemented Playbooks and we have IntelOwl v4. |
|
this could be implemented like a normal analyzer |
|
Hello! I would like to work on this issue. :D |
|
ok, i'll assign it to you |
|
This issue can be closed now. #2655 |
* Added service_api_key parameter and migrations * Added mb_get and mb_google * Added logging for api key * Fix deepsource warning * WAD Analyzer, Closes #814 (#2655) * WAD Analyzer, Closes #814 * Remove WAD from FREE_TO_USE_ANALYZERS playbook * Update WAD maximum_tlp to CLEAR * Fix WAD monkeypatch * Update WAD error message to a more generic one * Update migration number and dependencies * Added service_api_key parameter and migrations * Added mb_get and mb_google * Added logging for api key * Fix deepsource warning * Fixed migration number * Removed wrongly duplicated migration * Added other analyzers to reverse_migrate * Added common mixin and updated code accordingly * Solved MRO * Deepsource * Made mixin compatible with ingestors * Removed inheritance from analyzers * Added missing return statement * Removed old configs and used a property * Left behind values * Added explainatory comment --------- Co-authored-by: Pragati Raj <basedBaba@proton.me>
* WAD Analyzer, Closes intelowlproject#814 * Remove WAD from FREE_TO_USE_ANALYZERS playbook * Update WAD maximum_tlp to CLEAR * Fix WAD monkeypatch * Update WAD error message to a more generic one * Update migration number and dependencies
* Added service_api_key parameter and migrations * Added mb_get and mb_google * Added logging for api key * Fix deepsource warning * WAD Analyzer, Closes intelowlproject#814 (intelowlproject#2655) * WAD Analyzer, Closes intelowlproject#814 * Remove WAD from FREE_TO_USE_ANALYZERS playbook * Update WAD maximum_tlp to CLEAR * Fix WAD monkeypatch * Update WAD error message to a more generic one * Update migration number and dependencies * Added service_api_key parameter and migrations * Added mb_get and mb_google * Added logging for api key * Fix deepsource warning * Fixed migration number * Removed wrongly duplicated migration * Added other analyzers to reverse_migrate * Added common mixin and updated code accordingly * Solved MRO * Deepsource * Made mixin compatible with ingestors * Removed inheritance from analyzers * Added missing return statement * Removed old configs and used a property * Left behind values * Added explainatory comment --------- Co-authored-by: Pragati Raj <basedBaba@proton.me>
We can retrieve more information about the infrastructure behind a domain using WAD.
Since it is actually contacting the domain, we should add the
leak_infoflag in the configuration.The text was updated successfully, but these errors were encountered: