Add url param to joe (demisto#2220)

* added parameter url to joe security; * added tests * add more docs for common python * added examples * revert SHA1 * add test to common python
Spaikiu · Oct 9, 2018 · 0020995 · 0020995
1 parent e6d7cd5
commit 0020995
Show file tree

Hide file tree

Showing 2 changed files with 44 additions and 1 deletion.
diff --git a/Integrations/integration-JoeSecurity.yml b/Integrations/integration-JoeSecurity.yml
@@ -7,6 +7,11 @@ category: Forensics & Malware Analysis
 image: data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAHgAAAAyCAYAAACXpx/YAAAAAXNSR0IArs4c6QAAENxJREFUeAHtWQl4ldWZPsu/3CUbSchySQDZCoKCgjqySHCXEe2oUZHK4EIoBJC6QXXa3jodiyOioAJGFouWWqOFoaiMSA1YZWTUQSyKgpKEJBBC1ntzl387854bEgICBmmfcWb+73ne+y9n/d/vO9/3nXMJccVlwGXAZcBlwGXAZcBlwGXAZcBlwGXAZcBlwGXAZcBlwGXAZcBlwGXAZcBlwGXAZcBl4GQM0JMVnNH78fcO0Bm51hb2aMZVj2E6j5A3F/7HGfXpNv5ODJxKwbJsIOABxAl634N3rce8H1/cS+VJ91DqXE8o3WNQ8h5JTt9BRs/dTKbRyDF1C4IKKQtax7w7+YOOoj5ABsCAEFABNACufEcGxqFdDdAI1B+HQ3geCXSIMuGBK9WbHt6pXvfg78iEOefDIhTBySRgqc3JClMhv7Y4mYD3XjJ3U2r+jJLfn1W89PaODk58I5U5GXgHOAiYgA00AR8DvwTygVNKMChYYeEr/JSVvieFf+15ylV6MhmKgnMBp1MFSfBYYAZQAGwBiHL9T8Yw1bdCMLHI/OpwCfmoxIQiORT7DKFkCBPksE1JtkKxAgVpePUH4zbddcWU4hTh+EksfHfVc7Nekv0cJ7l4XgBMBPYDrwPbAQP4AfAPwGDgC+AO4AOgQ/JnPHsBU/SJwjSHCkrSBHEYJywmCKtnuv6VHY0+v3/Z9L90NPgfvxG058yS+ZTyH5qWsb5m6YwHMSXQCAbb0FkPXZ7tqRR8sk5uQMFrgFT0VnLVnFwtyftvUO5qs3T+83gXBxKC2VEMICfZ/jyIcFKMKU98bcAln9x55d1DkoUtaGv0iqrlM3a218M1Ffg9cBWwAvglIJXcWZLwcDfwEBAGbgLkqiaBKQsGKsmpm7iq5wk5unCIAORkpIdnmpfEW5tvqX626BX55vsgvQumeMh5l25U/CljjeaG9ys/XT02kFygab17FAnV19cJN2zeXzJr3enOVbrA0xXfkQZoK6ius38WjtgL5Zbh/aDOnXVWrnyP58+pTWYi8E668cut/RduWbOriSlp3KP+Ivv2+/2d2v4T7qVyfwpMBY5XLl4llPoUrlOAALAMyASIqnkvR3KXZ8WjhmVEnjYjoZuNeOSGeDh8YzzccmOkobZQmC1/knW/L1Je9kJM2PFSs7V5LbGMl0lZmUUVzWtRdpvq8cx0KJcL6rRFOe0WR1ekQa6971xH9VxgHqqSSsgBupQpqxbZiNh8/12fbnxifd8Ld36Q1+cGRctfgvabARkW5gCrAKnADg+A+xPJG3j5JDAP+CGw3OI0W6WMUEXdY1RW/qp2bfAQ3p9SAhOCPitbTRaWSZE6hutKg9IrfFPufCy5eyjJT1ObhMIyQzUl0xLJY17hQq/pqWG1sQtjpPRmmSe0SdFzanZ0j5ac1tPa+/Ts+ODCV7RmUsWrBrfESTCYcLv9Ji1OiXKm0pbqFeW19S/2gxcsCL6jfFnxsY8KEnHiEUKZY/a7ZpYeUTK47Jh5UkRV6b3RI6McvQSDSuAjopkewuQ3fBcFt3fGicNrTTMyg7y7WsbFauDEpLS36Hy1ydp9194x6aYpPxp78NMKsjfUVIhiqeA7ADlxqfAY0BWRhjD5CH6jMNJCYRfUEUla9/RkvD+pgntPCeaY3kCxqvAxGqfp8EZUpJCmXsXPf0Jta0H5sunlaE9ypy0bwRU+jTE2iCaRVMpyheOI5p73rPjQam58TknPnKvS7D554bpFVYT8QbaRku/lU9VuI26JNR/+Eo9T69Pq/kVPyRoR2K/cq/14aaPFRLGp+0eRaGuFwwMVZ5094OJopPnPe6o/j2ppmRPseGSgHbMIY8pEq995FypMcIZ4IxTdDExfMh+x+u3EQPgZPrxIPXQosFgZmDSIRUJSH5POTMFvPC4zW4kxQDnQZYG7NracP+Z10qv/hN4HQuSrPeR8UljISWnp36GT3cCHXe6MkFrUlaQWAd2FxXbYFLGdil6C6yvypi9bzojzPoseqil/IdhhNNm3P+53fCnLVV3/e4oYbdlOM2UC+SAbwnXPaNs0ziaFwZtyPd5sXdfXEM77yzkJx4oLQS1KGeeK2o1qnheJZY2iutqf2ELmJx2CFTgAvuQSIZjMK4hC6DmciAJHV+cJrg7XdG9fJFbEEq0NgohBTFEugeVEFGrtcIxYAPeaIwOpLZJtJZ4nLKE4lOZrmoeZjv01SjoUXDlsaC/dse7EmBqW+aNt48nfM5CrF5WPb/zqo+K0fsOX/Pvs3jLT7bL0/NPrO6rG3RBPSfXrqqJkeu2cXCxdLzrQgbmA1sXOpEuU5Mv6/Vmu/q592HkRCpisePWxxDHHWpZ5gKb0fKfHj5duqo7F1pEXftKEsgKqKFcK20LiGnuSWJHfCq5FLaJcoXLjCa5o4/K7p48QVDuPcNbfMmNxatm/I7b1ssNoC5TMLYuHFEU95MBAiBkjAq6085wd2zZsE3kntdvcKXcithEnTNFuxvz2W5HQqzYRO4gw36cOLxaWkdjoVwYaf+ar9D6d6Ut/UdE9l8ajzcurdx2el53v1/UU/8OO4/xU1Twj+hTNT/26ZF6zHFPT6OVc86lGuLnBMeKr5bszWcGyPb5bPTs5p+94TfXtRar6BlLVb4uZiXbyR4k2R2z4UVVVQQDnTixJJnCyfR/gHgALvUsi68mVKbdMVnnwjhhi6nTRK389M2O32rYYgzFymaLeRhm9LV/TbzMLH50kFD4YClaFYe2uqq98lJQ+liCKXPfYwUAg6Wec8xzH0s+CIi6iSMGpZW3vm3Noalnw2AMaX9GTud1JUhfnio2aqhErFn3LMprmHFg+9/P2L8wvLpHfjK92KOKzlVM0v9WSrgU0cEeY8mAIrsoKFC14Q1W9sxFNBhm2MhQttspmjIjxXFGosJQ/VilMru4zVzDh9KAZDRMt1UgbXErUXW37VNn3t0qe2ZqVUVtNQnHTdGC68Sxdxkp8UCIWy31uIqH41o7aKrQbVmKbVvPHoEx+XiOFr6zzZtTnZBhiLDOjt1KqXM017xUiM/1OhXEvcQS8n5HRM3fgfDpnhQk9wgOLvlBnjmObDrPNg4yqMkvHnsH54njltg19er8wGMRUVg3lSoM8IkHpiI8RKywY8bA2wxG8w4C6KeEdLWbyF/iO823bdzEabQ0ULerJFM+5NuZsxWNvkuWzEp7kG50eM8KJH6QCpCQGtIm9E9ZoWq2hSwbESFpbURd+cbr0UlPo1p733Vq15dPdDaqi7ScvBJvQci/QF/AAUkldhXSBEu3zwy0EGW102fTqqqXT1nS3PrkRHgYxC3ti27ncoU4qYhziG02nwp4ITU8WFpmCDxuNw5GvLYQJI3J4m+2IxBaOUWzyTlPQpt3wjmmJdcyRFcN1nb7sWhIMC8fcwOTRDVevIfLYl5LzBON5+J5yYhvvt/farmCZsS4FurcXnOIq3aiURLKi6Xn7VJ/3A8eM9basiFx1XZMvnzq3xt9t/Pb0HpVNlp2lU7rpSMNXcZUKlvvgrspwVHwSuPRUDT4qKTGhzrqEbVLitS07ApdNuMqrjZamy5zW+rOthsODrWhkSLyx4eKaxXcvUGPNISbjLTq2HNrjVP3LMuFQuaPoEESg0/FCHe06bhy4awjsBPZ2VIRF15qxVoM69kW9+vnzqeIdoagad+LGtppV9+1vr9keg+UquQ/4T2Ble+EJrtIgrgZkrCoHyPq7aOi6Z6qW11V8OpJ7U+ddt6Rh2/oZ6Z1PpWS1Y2XOqrSRn5T9anRdRcu0wgdzk5x4YzTeuO5IpQ24ygz65wA8fgK4nFRSUSINdAiQ2J7IxCOuZwwSZpgTGwelUmyCDQbtBcIvJQJpDSWNSH7+i2s6GGQ5qsc30mk49NvqbjWh3kaAE6r582c+HUiprT/cwtlOuPKRKlcuCkxddKunKfqm44/FFZNoEX+S1hjDHlaX46AnlQ3Mv/OxAKGedKFq1wqu3CIsqZv2tZSYTdd/GDZFCMNwHUOyixaeo1u0tU/PYZVlu7Z81qt77nvc4x9nEbsQDnykk8jvnI4tmhykfdR/xf124HFgFHAikZZUDNwErADk1iQhLbTHa97UrNcdM9Kb6erL1z5TJeNCwvKOVGm7wC2TovnnFOzYtO6RXVuGlYyZeLA2KWOQFjcXHmj+UO4TpUg3OxPIBdYDo4GTSRYKpOe5EPgF8C5AYtwzVlG0zaqW+rbiTdqk+JLfUpKS39K8SS8hqcrDqQF2PHyjrzm+CXujD7HV0YimPMWzA+/lK8O3CV9gm9ot9z1K/RubUr1ZdmvsJeyOG5Ecdee6b7Wdm7HV9ue8a6blvasm52zK9NCBpm1h+4uP5ups5s/cQpOS31G9vl8ji45BQwSuOuGOHSEUyrGukDLL+p0FY7SVMZpYeJU18RASKbllJJjj9V5vt808PWvtlwd3n0NKg4blOKU2lI8682Bdo0wjssdvhts9YaLr9hUsk5s5gFxFG4Eg8DYgDy7kRHKAImASIA1hMQBv1yZlxTQ8fnl0lmJG0hXNM8ox429c9sTuDdWVO/58oGL73taWZlNoPHvQlinjxjdUXXN99RexNRfe8Nm6fkOv6BZp3WrV1y7F/rdzfJMrWI4nlSfn8TTwKnAAkPVSAGlE0usMAB4BngASwh2liZjmHsFoCpImH9iUMQrpuahnwmkwTesVUXlgVQUSMWSk/wg7fwikj4QfzObQPciSf5aEcHS4u9HxOZGVs97rMe3ZIsS72VxVemP195LxD4YSJoax3yY8Aq/wqC2sLKoq2fhfI4U41teGZd5vR0KfQSmrhe0gNEgyWb3gfB/2SXVWNHR0ERQGKVN/U+NQVs6YVo2qVGbNVv+FSxlLHUYVTz8keThcEhSJn/x+ZCeNm4mub4P1XITsmVGT/OGLlXNDibIjP0cHaHshU+6HgJsBGUsaAGl5GUAjsAaQq7wC+IYUPLsvJ4Wl3A97vUdPTlHMWJjs+njtM/v+8voOW00PL963c4yvW/rQpy64Mq3GnzU4ORbeYsTiUw6smHnC/jCAdLv3Az8C5Fz3AyYgcwXpmrcCzwClwDGCEyqPnZSRbsWsVEY1ua+GPqzWKjN2kBxHgiyT7lgYZoYQOleEEY/6Iw2HFj3c4aVkneE4djzsGHk4H06lYNthZlMu8Rz4qGSanBPpMfnRDJKankdiVjStKat8V+nNRgGODvc2n5WtOo3WvkVzagMTF2Rqqf4kM9IYql79kOQXttQmMLZM1RHJcdsMH1z1UMIgEiU4Hs1T0nrLv9/jhl43uLzucBmUL8vypi4eSzR9A05cuBWOXla9cua2RJsjP8crWL6WBw2DgXOAPECu1HLgY2APkOgY1xML/ne9atyocR7FNwlWPKyxsfK+iqqPr4ZP7EFNc3iLz3+W6ji2xzReioSrfl73QlCehJ1KNBQOA0YDcl7S4CoBqVy50iVJ//8kGGQ9vk7uR5KSlum+5HFWNLyhsmzTjWRX6bFJ3t+SmYJVwrPvg+UjiVfbgPUDN+ZUI7HZLoS1pnpJ8Tt/y7H/r/edM33JA7rmQ8jQ8nBqtdMMhyZXr5z9yfHf3R6Dj3//V3kuu4PGyKTgh3lO2jg4gogZtWtrX3xAxntXzpABHEifh5yBIJg8G4/EnqpbOXvvGXbpNv8+MRAoCvr6FM6XeQj7Ps3LnYvLgMuAy4DLgMuAy4DLgMuAy4DLgMuAy4DLgMuAy4DLgMuAy4DLgMuAy4DLgMuAy8D/Jgb+G4hOxgQdqh+uAAAAAElFTkSuQmCC
 description: Sandbox Cloud
 configuration:
+- display: 'Joe Security url '
+  name: url
+  defaultvalue: https://jbxcloud.joesecurity.org
+  type: 0
+  required: true
 - display: API Key
   name: api_key
   defaultvalue: ""
@@ -37,8 +42,9 @@ script:
     # disable insecure warnings
     requests.packages.urllib3.disable_warnings()
 
+
     ''' GLOBAL VARS '''
-    BASE_URL = 'https://jbxcloud.joesecurity.org/api/'
+    BASE_URL = urljoin(demisto.params().get('url'), 'api/')
     USE_SSL = not demisto.params().get('insecure', False)
     MAX_POLLS = int(demisto.params().get('maxpolls', 300))
 
@@ -973,3 +979,7 @@ script:
     description: Download the sample file of an analysis. for security reasons, the
       extension will be "dontrun"
   runonce: false
+releaseNotes: Added url parameter
+tests:
+  - JoeSecurityTestPlaybook
+  - JoeSecurityTestDetonation
diff --git a/Scripts/script-CommonServerPython.yml b/Scripts/script-CommonServerPython.yml
@@ -28,6 +28,36 @@ script: |-
   thresholds = {'xfeScore': 4, 'vtPositives': 10, 'vtPositiveUrlsForIP': 30}
   dbotscores = {'Critical': 4, 'High': 3, 'Medium': 2,'Low': 1, 'Unknown': 0, 'Informational': 0.5}
 
+  def urljoin(url, suffix=""):
+      """
+          Will join url and its suffix
+
+          Example:
+          "https://google.com/", "/"   => "https://google.com/"
+          "https://google.com", "/"   => "https://google.com/"
+          "https://google.com", "api"   => "https://google.com/api"
+          "https://google.com", "/api"  => "https://google.com/api"
+          "https://google.com/", "api"  => "https://google.com/api"
+          "https://google.com/", "/api" => "https://google.com/api"
+
+          :type url: ``string``
+          :param url: URL string (required)
+
+          :type suffix: ``string``
+          :param suffix: the second part of the url
+
+          :rtype: ``string``
+          :return: Full joined url
+      """
+      if url[-1:] != "/":
+          url = url + "/"
+
+      if suffix.startswith("/"):
+          suffix = suffix[1:]
+          return url + suffix
+
+      return url + suffix
+
   def positiveUrl(entry):
       """
          Checks if the given entry from a URL reputation query is positive (known bad) (deprecated)
@@ -1140,3 +1170,6 @@ system: true
 scripttarget: 0
 dependson: {}
 timeout: 0s
+releaseNotes: Added urljoin
+tests:
+  - TestPYCommonServer