Skip to content

MatthewClarkMay/wildfire-api-scripts

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
lib
lib
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
api.conf
api.conf
 
 
verdict-codes.txt
verdict-codes.txt
 
 

Repository files navigation

Bash scripts for querying Palo Alto Wildfire API

Setup

  1. Add API key to api.conf:

Recommended Usage

./lib/submit-file.sh api.conf $sample_file
./lib/get-verdict.sh api.conf $hash
./lib/get-verdicts.sh api.conf $hash_file
./lib/get-report.sh api.conf $hash > report.pdf

Notes

  • Hashes must be MD5 or SHA256
  • Files containing multiple hashes must be 500 lines or less
  • submit-file.sh performs NO checks to ensure Wildfire accepts that particular filetype, you can find a list of supported types in the Palo Alto Wildfire Docs

Status Codes

  • 0 : benign
  • 1 : malware
  • 2 : grayware
  • -100 : pending, the sample exists, but there is currently no verdict
  • -101 : error
  • -102 : unknown, cannot find sample record in the database
  • -103 : invalid hash value

NOTE: When sending an invalid hash value, an HTTP 421 status is returned.

About

Bash scripts for querying Palo Alto Wildfire API.

Resources

Readme

License

Apache-2.0 license
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages