public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2024-12-28 15:58:24 +01:00
Code Issues Projects Releases Wiki Activity

working script

Browse Source
This commit is contained in:
josehelps 2023-07-10 10:47:02 -04:00
parent fa3f6bbc0c
commit b3d11316d4
2 changed files with 52 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
bin/check_detection_urls.py Normal file
View File

@ -0,0 +1,50 @@
import os
import argparse
import requests
import yaml
import csv
def check_url(url):
try:
response = requests.get(url)
return response.status_code
except requests.exceptions.RequestException as e:
return str(e)
def process_yaml(file_path, verbose, csv_writer):
with open(file_path, 'r') as stream:
try:
yaml_content = yaml.safe_load(stream)
if 'Detection' in yaml_content:
for detection in yaml_content['Detection']:
for key, value in detection.items():
if isinstance(value, str) and value.startswith('http'):
status = check_url(value)
if status != 200:
if verbose:
print(f'URL {value} in file {file_path} returned status {status}')
csv_writer.writerow([file_path, key, value, status])
except yaml.YAMLError as exc:
print(exc)
def main():
parser = argparse.ArgumentParser(description='Check URLs in YAML files.')
parser.add_argument('-d', '--directory', required=True, help='Directory to check')
parser.add_argument('-v', '--verbose', action='store_true', help='Verbose output')
parser.add_argument('-o', '--output', default='results.csv', help='Output CSV file')
args = parser.parse_args()
with open(args.output, 'w', newline='') as csvfile:
csv_writer = csv.writer(csvfile)
csv_writer.writerow(['File Path', 'Field Name', 'URL', 'Status'])
for root, dirs, files in os.walk(args.directory):
for file in files:
if file.endswith('.yml'):
if args.verbose:
print(f'Processing file {os.path.join(root, file)}')
process_yaml(os.path.join(root, file), args.verbose, csv_writer)
if __name__ == "__main__":
main()

2
bin/results.csv Normal file
View File

@ -0,0 +1,2 @@
File Path,Field Name,URL,Status
yml/OSLibraries/Pcwutl.yml,Analysis,https://redcanary.com/threat-detection-report/techniques/rundll32/,403
1 File Path Field Name URL Status
2 yml/OSLibraries/Pcwutl.yml Analysis https://redcanary.com/threat-detection-report/techniques/rundll32/ 403