Google Safe Browsing checks URLs against Google's constantly updated lists of unsafe web resources. For example it can find social engineering sites (phishing and deceptive sites) and sites that host malware or unwanted software. Any URL found on a Safe Browsing list is considered unsafe. The API lets your client applications send URLs within a HTTP POST to the Google Safe Browsing server to check their status.
This project focuses on an OpenDXL wrapper for the Google Safe Browsing API.
https://www.mcafee.com/us/developers/open-dxl/index.aspx
- Python SDK Installation link
- Certificate Files Creation link
- ePO Certificate Authority (CA) Import link
- ePO Broker Certificates Export link
[Certs]
BrokerCertChain=certs/brokercert.crt
CertFile=certs/client.crt
PrivateKey=certs/client.key
[Brokers]
{}={};8883;To use the Lookup API you need a Google Account, a Google Developer Console project, and an API key. You also need to activate the Safe Browsing APIs for use with this project.
Define the GOOGLE_SAFE_BROWSING_API_KEY variable inside the service.py script.
GOOGLE_SAFE_BROWSING_API_KEY = ''
Set the variables SERVICE_INPUT and TOPIC_INPUT
SERVICE_INPUT = "/reputation"
TOPIC_INPUT = SERVICE_INPUT + "/googlesafebrowsing"- run the service
python service.py
- run the client specifying the TOPIC and the destination PAYLOAD
python client.py -t /reputation/googlesafebrowsing -p www.google.com
python client.py -t /reputation/googlesafebrowsing -p www.google.com result is coming:
{'safe'}
python client.py -t /reputation/googlesafebrowsing -p www.----.info/errorreport/ty5ug6h4ndma4/ result is coming:
{u'matches': [{u'threatType': u'SOCIAL_ENGINEERING', u'threatEntryType': u'URL', u'platformType': u'ANY_PLATFORM', u'threat': {u'url': u'www.----.info/errorreport/ty5ug6h4ndma4/'}, u'cacheDuration': u'300s'}]}