{"id":19531067,"url":"https://github.com/yeti-platform/pyeti","last_synced_at":"2025-04-26T13:31:21.436Z","repository":{"id":52650069,"uuid":"90411599","full_name":"yeti-platform/pyeti","owner":"yeti-platform","description":"Python bindings for Yeti's API","archived":false,"fork":false,"pushed_at":"2023-09-12T16:01:41.000Z","size":191,"stargazers_count":17,"open_issues_count":6,"forks_count":12,"subscribers_count":6,"default_branch":"master","last_synced_at":"2024-07-15T21:49:45.733Z","etag":null,"topics":["api","enrichment","infosec","intelligence","python","threat-hunting","threat-sharing","threatintel"],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/yeti-platform.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-05-05T19:53:26.000Z","updated_at":"2024-03-28T09:29:41.000Z","dependencies_parsed_at":"2023-01-22T07:30:10.058Z","dependency_job_id":null,"html_url":"https://github.com/yeti-platform/pyeti","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yeti-platform%2Fpyeti","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yeti-platform%2Fpyeti/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yeti-platform%2Fpyeti/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yeti-platform%2Fpyeti/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/yeti-platform","download_url":"https://codeload.github.com/yeti-platform/pyeti/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":224036441,"owners_count":17245034,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["api","enrichment","infosec","intelligence","python","threat-hunting","threat-sharing","threatintel"],"created_at":"2024-11-11T01:40:51.412Z","updated_at":"2024-11-11T01:40:53.098Z","avatar_url":"https://github.com/yeti-platform.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# pyeti-python3\n\nPyeti-Python (pyeti) is the bundle uses to interface with the YETI API. This is the new package that can be installed directly with pip.\nPyeti-python allows you to extract data from YETI such as specific observables (malware, IP, domains...). It can be used to plug in your own tool and enrich your Threat Intelligence feed with Yeti.\n\n## Getting Started\n\nTo install it you can clone the repo and run the following command:\n\n```bash\npoetry install\n```\n\nYou can also install it with pip:\n\n```bash\npip install yeti-python\n```\n\nOnce installed the first thing to do is to get your API key from the Yeti interface.\n![image](./yeti_api.png)\n\nThen you can configure your script with the following information to test the connection:\n\n```python\nserver=\"\u003cIPofYETI\u003e\"\nkey=\"\u003cAPIKEY\u003e\"\ntag=\"\u003cNameoftheObservable\u003e\" # example: 'lokibot'\n\napi = pyeti.YetiApi(url=\"http://%s:5000/api/\" % server, api_key=key)\nrequest = api.observable_search(tags=tag, count=50)\n```\n\n## Testing\n\nYou can run tests from the root directory by running:\n\nTo test client api python of yeti setup a pyeti.conf in folder tests.\n\nIn pyeti.conf\n\n```yaml\n[yeti]\nurl = http://127.0.0.1:5000/api\napi_key = your_api_key\n```\n\n```bash\ncd tests\npython test_observables.py\n```\n\n__Note that most tests require a full running install of Yeti on localhost:5000.__\n\n## Use cases\n\nFirst thing is to import the library and instantiate a client.\n\n```python\nimport pyeti, json    # json is only used for pretty printing in the examples below \napi = pyeti.YetiApi(url=\"http://localhost:5000/api/\")\n```\n\nIf you are using a self signed cert on your yeti instance you can set the `verify_ssl` parameter to `True` to ignore warnings.\nOtherwise all ssl connections are verified by default.\n\n```python\nimport pyeti, json    # json is only used for pretty printing in the examples below \napi = pyeti.YetiApi(url=\"http://localhost:5000/api/\", verify_ssl=False)\n```\n\n### Adding observables\n\n```python\nresults = api.observable_add(\"google.com\", ['google'])\nprint(json.dumps(results, indent=4, sort_keys=True))\n```\n\n### Bulk add\n\n```python\nresults = api.observable_bulk_add([\"google.com\", \"bing.com\", \"yahoo.com\"])\nprint(len(results))\n3\nprint(json.dumps(results[1], indent=4, sort_keys=True))\n```\n\n### Get a single observable\n\n```python\nresults = api.observable_add(\"google.com\")\nprint(results['id'])\ninfo = api.observable_details(results['id'])\nprint(json.dumps(info, indent=4, sort_keys=True))\n```\n\n### Search for observables\n\n```python\napi.observable_add(\"search-domain.com\")\nresult = api.observable_search(value=\"search-dom[a-z]+\", regex=True)\nprint(json.dumps(result, indent=4, sort_keys=True))\n```\n\n### Add observables\n\n```python\nresult = api.observable_file_add(\"/tmp/hello.txt\", tags=['benign'])\nprint(json.dumps(result, indent=4, sort_keys=True))\n# Get file contents\napi.observable_file_contents(objectid=\"594fff86bf365e6270f8914b\")\n'Hello!\\n'\napi.observable_file_contents(filehash=\"e134ced312b3511d88943d57ccd70c83\") # you can also use any hash computed above\n'Hello!\\n'\n```\n\n## License\n\nThis project is licensed under the Apache License - see the [LICENSE.md](./LICENSE.md) file for details\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fyeti-platform%2Fpyeti","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fyeti-platform%2Fpyeti","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fyeti-platform%2Fpyeti/lists"}