GitHub - CiscoSecurity/tr-04-get-dispositions: Get the disposition for an observable

Threat Response Get Dispositions:

This script queries the Threat Response API for the disposition of any observable. If an observable is not provided as a command line argument, the script will prompt for one. An access token will be generated as needed (not found or invalid) and written to disk.

Before using you must update the following:

CLIENT_ID
CLIENT_PASSWORD

Usage:

python get_dispositions.py
Enter an observable: 630325cac09ac3fab908f903e3b00d0dadd5fdaa0875ed8496fcbb97a558d0da

or

python get_sha256_disposition.py 630325cac09ac3fab908f903e3b00d0dadd5fdaa0875ed8496fcbb97a558d0da

Example script output:

AMP File Reputation    2    Malicious    630325cac09ac3fab908f903e3b00d0dadd5fdaa0875ed8496fcbb97a558d0da
AMP Global Intel       2    Malicious    630325cac09ac3fab908f903e3b00d0dadd5fdaa0875ed8496fcbb97a558d0da
VirusTotal             2    Malicious    630325cac09ac3fab908f903e3b00d0dadd5fdaa0875ed8496fcbb97a558d0da

Name		Name	Last commit message	Last commit date
Latest commit History 13 Commits
README.md		README.md
get_dispositions.py		get_dispositions.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Threat Response Get Dispositions:

Before using you must update the following:

Usage:

Example script output:

About

Releases

Packages

Languages

CiscoSecurity/tr-04-get-dispositions

Folders and files

Latest commit

History

Repository files navigation

Threat Response Get Dispositions:

Before using you must update the following:

Usage:

Example script output:

About

Topics

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages