From 5fbde2e4503244daadc8a707ae1e201c48b8499a Mon Sep 17 00:00:00 2001 From: Joshua Hiller Date: Sat, 5 Dec 2020 16:03:56 -0500 Subject: [PATCH 01/32] Package layout updates --- falconpy/services/__init__.py | 0 {falconpy/services => src/falconpy}/README.MD | 0 {falconpy => src/falconpy}/__init__.py | 2 +- {falconpy => src/falconpy}/api_complete.py | 45 ++++++++-------- .../falconpy}/cloud_connect_aws.py | 51 +++++++++---------- .../services => src/falconpy}/detects.py | 45 ++++++++-------- .../falconpy}/device_control_policies.py | 51 +++++++++---------- .../falconpy}/event_streams.py | 45 ++++++++-------- .../falconpy}/falconx_sandbox.py | 51 +++++++++---------- .../falconpy}/firewall_management.py | 51 +++++++++---------- .../falconpy}/firewall_policies.py | 51 +++++++++---------- .../services => src/falconpy}/host_group.py | 45 ++++++++-------- {falconpy/services => src/falconpy}/hosts.py | 45 ++++++++-------- .../services => src/falconpy}/incidents.py | 51 +++++++++---------- {falconpy/services => src/falconpy}/intel.py | 45 ++++++++-------- {falconpy/services => src/falconpy}/iocs.py | 51 +++++++++---------- {falconpy/services => src/falconpy}/oauth2.py | 45 ++++++++-------- .../falconpy}/prevention_policy.py | 51 +++++++++---------- .../falconpy}/real_time_response.py | 45 ++++++++-------- .../falconpy}/real_time_response_admin.py | 51 +++++++++---------- .../falconpy}/sensor_update_policy.py | 45 ++++++++-------- .../falconpy}/spotlight_vulnerabilities.py | 45 ++++++++-------- .../falconpy}/user_management.py | 51 +++++++++---------- 23 files changed, 451 insertions(+), 511 deletions(-) delete mode 100644 falconpy/services/__init__.py rename {falconpy/services => src/falconpy}/README.MD (100%) rename {falconpy => src/falconpy}/__init__.py (86%) rename {falconpy => src/falconpy}/api_complete.py (93%) rename {falconpy/services => src/falconpy}/cloud_connect_aws.py (81%) rename {falconpy/services => src/falconpy}/detects.py (70%) rename {falconpy/services => src/falconpy}/device_control_policies.py (83%) rename {falconpy/services => src/falconpy}/event_streams.py (63%) rename {falconpy/services => src/falconpy}/falconx_sandbox.py (78%) rename {falconpy/services => src/falconpy}/firewall_management.py (88%) rename {falconpy/services => src/falconpy}/firewall_policies.py (83%) rename {falconpy/services => src/falconpy}/host_group.py (81%) rename {falconpy/services => src/falconpy}/hosts.py (71%) rename {falconpy/services => src/falconpy}/incidents.py (75%) rename {falconpy/services => src/falconpy}/intel.py (85%) rename {falconpy/services => src/falconpy}/iocs.py (80%) rename {falconpy/services => src/falconpy}/oauth2.py (60%) rename {falconpy/services => src/falconpy}/prevention_policy.py (83%) rename {falconpy/services => src/falconpy}/real_time_response.py (88%) rename {falconpy/services => src/falconpy}/real_time_response_admin.py (84%) rename {falconpy/services => src/falconpy}/sensor_update_policy.py (88%) rename {falconpy/services => src/falconpy}/spotlight_vulnerabilities.py (63%) rename {falconpy/services => src/falconpy}/user_management.py (83%) diff --git a/falconpy/services/__init__.py b/falconpy/services/__init__.py deleted file mode 100644 index e69de29bb..000000000 diff --git a/falconpy/services/README.MD b/src/falconpy/README.MD similarity index 100% rename from falconpy/services/README.MD rename to src/falconpy/README.MD diff --git a/falconpy/__init__.py b/src/falconpy/__init__.py similarity index 86% rename from falconpy/__init__.py rename to src/falconpy/__init__.py index 6faf70618..e68db4b2f 100644 --- a/falconpy/__init__.py +++ b/src/falconpy/__init__.py @@ -4,7 +4,7 @@ The CrowdStrike Falcon API SDK """ -__version__ = '0.1.7' +__version__ = '0.1.2' __maintainer__ = 'Joshua Hiller' __author__ = 'CrowdStrike' __credits__ = 'CrowdStrike' \ No newline at end of file diff --git a/falconpy/api_complete.py b/src/falconpy/api_complete.py similarity index 93% rename from falconpy/api_complete.py rename to src/falconpy/api_complete.py index 03e44bb07..bdd982494 100644 --- a/falconpy/api_complete.py +++ b/src/falconpy/api_complete.py @@ -4,33 +4,30 @@ # # # api_complete.py - All-in-one CrowdStrike Falcon OAuth2 API harness # ##################################################################################################### -# Copyright CrowdStrike 2020 +# This is free and unencumbered software released into the public domain. -# By accessing or using this script, sample code, application programming interface, tools, -# and/or associated documentation (if any) (collectively, “Tools”), You (i) represent and -# warrant that You are entering into this Agreement on behalf of a company, organization -# or another legal entity (“Entity”) that is currently a customer or partner of -# CrowdStrike, Inc. (“CrowdStrike”), and (ii) have the authority to bind such Entity and -# such Entity agrees to be bound by this Agreement. +# Anyone is free to copy, modify, publish, use, compile, sell, or +# distribute this software, either in source code form or as a compiled +# binary, for any purpose, commercial or non-commercial, and by any +# means. -# CrowdStrike grants Entity a non-exclusive, non-transferable, non-sublicensable, royalty -# free and limited license to access and use the Tools solely for Entity’s internal business -# purposes and in accordance with its obligations under any agreement(s) it may have with -# CrowdStrike. Entity acknowledges and agrees that CrowdStrike and its licensors retain all -# right, title and interest in and to the Tools, and all intellectual property rights -# embodied therein, and that Entity has no right, title or interest therein except for the -# express licenses granted hereunder and that Entity will treat such Tools as CrowdStrike’s -# confidential information. +# In jurisdictions that recognize copyright laws, the author or authors +# of this software dedicate any and all copyright interest in the +# software to the public domain. We make this dedication for the benefit +# of the public at large and to the detriment of our heirs and +# successors. We intend this dedication to be an overt act of +# relinquishment in perpetuity of all present and future rights to this +# software under copyright law. -# THE TOOLS ARE PROVIDED “AS-IS” WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED OR -# STATUTORY OR OTHERWISE. CROWDSTRIKE SPECIFICALLY DISCLAIMS ALL SUPPORT OBLIGATIONS AND -# ALL WARRANTIES, INCLUDING WITHOUT LIMITATION, ALL IMPLIED WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT. IN NO EVENT SHALL CROWDSTRIKE -# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -# OF THE TOOLS, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +# IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR +# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +# OTHER DEALINGS IN THE SOFTWARE. + +# For more information, please refer to import requests import json diff --git a/falconpy/services/cloud_connect_aws.py b/src/falconpy/cloud_connect_aws.py similarity index 81% rename from falconpy/services/cloud_connect_aws.py rename to src/falconpy/cloud_connect_aws.py index 7207a0603..c007a185a 100644 --- a/falconpy/services/cloud_connect_aws.py +++ b/src/falconpy/cloud_connect_aws.py @@ -4,33 +4,30 @@ # # # cloud_connect_aws - Falcon X Discover API Interface Class # ################################################################################################################ -# Copyright CrowdStrike 2020 - -# By accessing or using this script, sample code, application programming interface, tools, -# and/or associated documentation (if any) (collectively, “Tools”), You (i) represent and -# warrant that You are entering into this Agreement on behalf of a company, organization -# or another legal entity (“Entity”) that is currently a customer or partner of -# CrowdStrike, Inc. (“CrowdStrike”), and (ii) have the authority to bind such Entity and -# such Entity agrees to be bound by this Agreement. - -# CrowdStrike grants Entity a non-exclusive, non-transferable, non-sublicensable, royalty -# free and limited license to access and use the Tools solely for Entity’s internal business -# purposes and in accordance with its obligations under any agreement(s) it may have with -# CrowdStrike. Entity acknowledges and agrees that CrowdStrike and its licensors retain all -# right, title and interest in and to the Tools, and all intellectual property rights -# embodied therein, and that Entity has no right, title or interest therein except for the -# express licenses granted hereunder and that Entity will treat such Tools as CrowdStrike’s -# confidential information. - -# THE TOOLS ARE PROVIDED “AS-IS” WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED OR -# STATUTORY OR OTHERWISE. CROWDSTRIKE SPECIFICALLY DISCLAIMS ALL SUPPORT OBLIGATIONS AND -# ALL WARRANTIES, INCLUDING WITHOUT LIMITATION, ALL IMPLIED WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT. IN NO EVENT SHALL CROWDSTRIKE -# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -# OF THE TOOLS, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# This is free and unencumbered software released into the public domain. + +# Anyone is free to copy, modify, publish, use, compile, sell, or +# distribute this software, either in source code form or as a compiled +# binary, for any purpose, commercial or non-commercial, and by any +# means. + +# In jurisdictions that recognize copyright laws, the author or authors +# of this software dedicate any and all copyright interest in the +# software to the public domain. We make this dedication for the benefit +# of the public at large and to the detriment of our heirs and +# successors. We intend this dedication to be an overt act of +# relinquishment in perpetuity of all present and future rights to this +# software under copyright law. + +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +# IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR +# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +# OTHER DEALINGS IN THE SOFTWARE. + +# For more information, please refer to import requests import json diff --git a/falconpy/services/detects.py b/src/falconpy/detects.py similarity index 70% rename from falconpy/services/detects.py rename to src/falconpy/detects.py index 9925fc769..abdd09183 100644 --- a/falconpy/services/detects.py +++ b/src/falconpy/detects.py @@ -4,33 +4,30 @@ # # # detects - Falcon X Detections API Interface Class # ################################################################################################################ -# Copyright CrowdStrike 2020 +# This is free and unencumbered software released into the public domain. -# By accessing or using this script, sample code, application programming interface, tools, -# and/or associated documentation (if any) (collectively, “Tools”), You (i) represent and -# warrant that You are entering into this Agreement on behalf of a company, organization -# or another legal entity (“Entity”) that is currently a customer or partner of -# CrowdStrike, Inc. (“CrowdStrike”), and (ii) have the authority to bind such Entity and -# such Entity agrees to be bound by this Agreement. +# Anyone is free to copy, modify, publish, use, compile, sell, or +# distribute this software, either in source code form or as a compiled +# binary, for any purpose, commercial or non-commercial, and by any +# means. -# CrowdStrike grants Entity a non-exclusive, non-transferable, non-sublicensable, royalty -# free and limited license to access and use the Tools solely for Entity’s internal business -# purposes and in accordance with its obligations under any agreement(s) it may have with -# CrowdStrike. Entity acknowledges and agrees that CrowdStrike and its licensors retain all -# right, title and interest in and to the Tools, and all intellectual property rights -# embodied therein, and that Entity has no right, title or interest therein except for the -# express licenses granted hereunder and that Entity will treat such Tools as CrowdStrike’s -# confidential information. +# In jurisdictions that recognize copyright laws, the author or authors +# of this software dedicate any and all copyright interest in the +# software to the public domain. We make this dedication for the benefit +# of the public at large and to the detriment of our heirs and +# successors. We intend this dedication to be an overt act of +# relinquishment in perpetuity of all present and future rights to this +# software under copyright law. -# THE TOOLS ARE PROVIDED “AS-IS” WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED OR -# STATUTORY OR OTHERWISE. CROWDSTRIKE SPECIFICALLY DISCLAIMS ALL SUPPORT OBLIGATIONS AND -# ALL WARRANTIES, INCLUDING WITHOUT LIMITATION, ALL IMPLIED WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT. IN NO EVENT SHALL CROWDSTRIKE -# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -# OF THE TOOLS, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +# IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR +# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +# OTHER DEALINGS IN THE SOFTWARE. + +# For more information, please refer to import requests import json diff --git a/falconpy/services/device_control_policies.py b/src/falconpy/device_control_policies.py similarity index 83% rename from falconpy/services/device_control_policies.py rename to src/falconpy/device_control_policies.py index b3632e847..839a0ad74 100644 --- a/falconpy/services/device_control_policies.py +++ b/src/falconpy/device_control_policies.py @@ -4,33 +4,30 @@ # # # device_control_policies - Falcon X Device Control Policies API Interface Class. # ################################################################################################################ -# Copyright CrowdStrike 2020 - -# By accessing or using this script, sample code, application programming interface, tools, -# and/or associated documentation (if any) (collectively, “Tools”), You (i) represent and -# warrant that You are entering into this Agreement on behalf of a company, organization -# or another legal entity (“Entity”) that is currently a customer or partner of -# CrowdStrike, Inc. (“CrowdStrike”), and (ii) have the authority to bind such Entity and -# such Entity agrees to be bound by this Agreement. - -# CrowdStrike grants Entity a non-exclusive, non-transferable, non-sublicensable, royalty -# free and limited license to access and use the Tools solely for Entity’s internal business -# purposes and in accordance with its obligations under any agreement(s) it may have with -# CrowdStrike. Entity acknowledges and agrees that CrowdStrike and its licensors retain all -# right, title and interest in and to the Tools, and all intellectual property rights -# embodied therein, and that Entity has no right, title or interest therein except for the -# express licenses granted hereunder and that Entity will treat such Tools as CrowdStrike’s -# confidential information. - -# THE TOOLS ARE PROVIDED “AS-IS” WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED OR -# STATUTORY OR OTHERWISE. CROWDSTRIKE SPECIFICALLY DISCLAIMS ALL SUPPORT OBLIGATIONS AND -# ALL WARRANTIES, INCLUDING WITHOUT LIMITATION, ALL IMPLIED WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT. IN NO EVENT SHALL CROWDSTRIKE -# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -# OF THE TOOLS, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# This is free and unencumbered software released into the public domain. + +# Anyone is free to copy, modify, publish, use, compile, sell, or +# distribute this software, either in source code form or as a compiled +# binary, for any purpose, commercial or non-commercial, and by any +# means. + +# In jurisdictions that recognize copyright laws, the author or authors +# of this software dedicate any and all copyright interest in the +# software to the public domain. We make this dedication for the benefit +# of the public at large and to the detriment of our heirs and +# successors. We intend this dedication to be an overt act of +# relinquishment in perpetuity of all present and future rights to this +# software under copyright law. + +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +# IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR +# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +# OTHER DEALINGS IN THE SOFTWARE. + +# For more information, please refer to import requests import json diff --git a/falconpy/services/event_streams.py b/src/falconpy/event_streams.py similarity index 63% rename from falconpy/services/event_streams.py rename to src/falconpy/event_streams.py index 3e28b19f0..f7239b88f 100644 --- a/falconpy/services/event_streams.py +++ b/src/falconpy/event_streams.py @@ -4,33 +4,30 @@ # # # event_streams - Falcon X Horizon Event Stream API Interface Class # ################################################################################################################ -# Copyright CrowdStrike 2020 +# This is free and unencumbered software released into the public domain. -# By accessing or using this script, sample code, application programming interface, tools, -# and/or associated documentation (if any) (collectively, “Tools”), You (i) represent and -# warrant that You are entering into this Agreement on behalf of a company, organization -# or another legal entity (“Entity”) that is currently a customer or partner of -# CrowdStrike, Inc. (“CrowdStrike”), and (ii) have the authority to bind such Entity and -# such Entity agrees to be bound by this Agreement. +# Anyone is free to copy, modify, publish, use, compile, sell, or +# distribute this software, either in source code form or as a compiled +# binary, for any purpose, commercial or non-commercial, and by any +# means. -# CrowdStrike grants Entity a non-exclusive, non-transferable, non-sublicensable, royalty -# free and limited license to access and use the Tools solely for Entity’s internal business -# purposes and in accordance with its obligations under any agreement(s) it may have with -# CrowdStrike. Entity acknowledges and agrees that CrowdStrike and its licensors retain all -# right, title and interest in and to the Tools, and all intellectual property rights -# embodied therein, and that Entity has no right, title or interest therein except for the -# express licenses granted hereunder and that Entity will treat such Tools as CrowdStrike’s -# confidential information. +# In jurisdictions that recognize copyright laws, the author or authors +# of this software dedicate any and all copyright interest in the +# software to the public domain. We make this dedication for the benefit +# of the public at large and to the detriment of our heirs and +# successors. We intend this dedication to be an overt act of +# relinquishment in perpetuity of all present and future rights to this +# software under copyright law. -# THE TOOLS ARE PROVIDED “AS-IS” WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED OR -# STATUTORY OR OTHERWISE. CROWDSTRIKE SPECIFICALLY DISCLAIMS ALL SUPPORT OBLIGATIONS AND -# ALL WARRANTIES, INCLUDING WITHOUT LIMITATION, ALL IMPLIED WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT. IN NO EVENT SHALL CROWDSTRIKE -# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -# OF THE TOOLS, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +# IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR +# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +# OTHER DEALINGS IN THE SOFTWARE. + +# For more information, please refer to import requests import json diff --git a/falconpy/services/falconx_sandbox.py b/src/falconpy/falconx_sandbox.py similarity index 78% rename from falconpy/services/falconx_sandbox.py rename to src/falconpy/falconx_sandbox.py index aca5cee68..41b9a6d98 100644 --- a/falconpy/services/falconx_sandbox.py +++ b/src/falconpy/falconx_sandbox.py @@ -4,33 +4,30 @@ # # # falconx_sandbox - Falcon X Sandbox API Interface Class # ################################################################################################################ -# Copyright CrowdStrike 2020 - -# By accessing or using this script, sample code, application programming interface, tools, -# and/or associated documentation (if any) (collectively, “Tools”), You (i) represent and -# warrant that You are entering into this Agreement on behalf of a company, organization -# or another legal entity (“Entity”) that is currently a customer or partner of -# CrowdStrike, Inc. (“CrowdStrike”), and (ii) have the authority to bind such Entity and -# such Entity agrees to be bound by this Agreement. - -# CrowdStrike grants Entity a non-exclusive, non-transferable, non-sublicensable, royalty -# free and limited license to access and use the Tools solely for Entity’s internal business -# purposes and in accordance with its obligations under any agreement(s) it may have with -# CrowdStrike. Entity acknowledges and agrees that CrowdStrike and its licensors retain all -# right, title and interest in and to the Tools, and all intellectual property rights -# embodied therein, and that Entity has no right, title or interest therein except for the -# express licenses granted hereunder and that Entity will treat such Tools as CrowdStrike’s -# confidential information. - -# THE TOOLS ARE PROVIDED “AS-IS” WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED OR -# STATUTORY OR OTHERWISE. CROWDSTRIKE SPECIFICALLY DISCLAIMS ALL SUPPORT OBLIGATIONS AND -# ALL WARRANTIES, INCLUDING WITHOUT LIMITATION, ALL IMPLIED WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT. IN NO EVENT SHALL CROWDSTRIKE -# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -# OF THE TOOLS, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# This is free and unencumbered software released into the public domain. + +# Anyone is free to copy, modify, publish, use, compile, sell, or +# distribute this software, either in source code form or as a compiled +# binary, for any purpose, commercial or non-commercial, and by any +# means. + +# In jurisdictions that recognize copyright laws, the author or authors +# of this software dedicate any and all copyright interest in the +# software to the public domain. We make this dedication for the benefit +# of the public at large and to the detriment of our heirs and +# successors. We intend this dedication to be an overt act of +# relinquishment in perpetuity of all present and future rights to this +# software under copyright law. + +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +# IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR +# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +# OTHER DEALINGS IN THE SOFTWARE. + +# For more information, please refer to import requests import json diff --git a/falconpy/services/firewall_management.py b/src/falconpy/firewall_management.py similarity index 88% rename from falconpy/services/firewall_management.py rename to src/falconpy/firewall_management.py index 25b4a10f4..ceee52ade 100644 --- a/falconpy/services/firewall_management.py +++ b/src/falconpy/firewall_management.py @@ -4,33 +4,30 @@ # # # firewall_management - Falcon X Firewall Management API Interface Class # ################################################################################################################ -# Copyright CrowdStrike 2020 - -# By accessing or using this script, sample code, application programming interface, tools, -# and/or associated documentation (if any) (collectively, “Tools”), You (i) represent and -# warrant that You are entering into this Agreement on behalf of a company, organization -# or another legal entity (“Entity”) that is currently a customer or partner of -# CrowdStrike, Inc. (“CrowdStrike”), and (ii) have the authority to bind such Entity and -# such Entity agrees to be bound by this Agreement. - -# CrowdStrike grants Entity a non-exclusive, non-transferable, non-sublicensable, royalty -# free and limited license to access and use the Tools solely for Entity’s internal business -# purposes and in accordance with its obligations under any agreement(s) it may have with -# CrowdStrike. Entity acknowledges and agrees that CrowdStrike and its licensors retain all -# right, title and interest in and to the Tools, and all intellectual property rights -# embodied therein, and that Entity has no right, title or interest therein except for the -# express licenses granted hereunder and that Entity will treat such Tools as CrowdStrike’s -# confidential information. - -# THE TOOLS ARE PROVIDED “AS-IS” WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED OR -# STATUTORY OR OTHERWISE. CROWDSTRIKE SPECIFICALLY DISCLAIMS ALL SUPPORT OBLIGATIONS AND -# ALL WARRANTIES, INCLUDING WITHOUT LIMITATION, ALL IMPLIED WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT. IN NO EVENT SHALL CROWDSTRIKE -# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -# OF THE TOOLS, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# This is free and unencumbered software released into the public domain. + +# Anyone is free to copy, modify, publish, use, compile, sell, or +# distribute this software, either in source code form or as a compiled +# binary, for any purpose, commercial or non-commercial, and by any +# means. + +# In jurisdictions that recognize copyright laws, the author or authors +# of this software dedicate any and all copyright interest in the +# software to the public domain. We make this dedication for the benefit +# of the public at large and to the detriment of our heirs and +# successors. We intend this dedication to be an overt act of +# relinquishment in perpetuity of all present and future rights to this +# software under copyright law. + +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +# IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR +# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +# OTHER DEALINGS IN THE SOFTWARE. + +# For more information, please refer to import requests import json diff --git a/falconpy/services/firewall_policies.py b/src/falconpy/firewall_policies.py similarity index 83% rename from falconpy/services/firewall_policies.py rename to src/falconpy/firewall_policies.py index 12d8d36f5..74417d2c7 100644 --- a/falconpy/services/firewall_policies.py +++ b/src/falconpy/firewall_policies.py @@ -4,33 +4,30 @@ # # # firewall_policies - Falcon X Firewall Policies API Interface Class. # ################################################################################################################ -# Copyright CrowdStrike 2020 - -# By accessing or using this script, sample code, application programming interface, tools, -# and/or associated documentation (if any) (collectively, “Tools”), You (i) represent and -# warrant that You are entering into this Agreement on behalf of a company, organization -# or another legal entity (“Entity”) that is currently a customer or partner of -# CrowdStrike, Inc. (“CrowdStrike”), and (ii) have the authority to bind such Entity and -# such Entity agrees to be bound by this Agreement. - -# CrowdStrike grants Entity a non-exclusive, non-transferable, non-sublicensable, royalty -# free and limited license to access and use the Tools solely for Entity’s internal business -# purposes and in accordance with its obligations under any agreement(s) it may have with -# CrowdStrike. Entity acknowledges and agrees that CrowdStrike and its licensors retain all -# right, title and interest in and to the Tools, and all intellectual property rights -# embodied therein, and that Entity has no right, title or interest therein except for the -# express licenses granted hereunder and that Entity will treat such Tools as CrowdStrike’s -# confidential information. - -# THE TOOLS ARE PROVIDED “AS-IS” WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED OR -# STATUTORY OR OTHERWISE. CROWDSTRIKE SPECIFICALLY DISCLAIMS ALL SUPPORT OBLIGATIONS AND -# ALL WARRANTIES, INCLUDING WITHOUT LIMITATION, ALL IMPLIED WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT. IN NO EVENT SHALL CROWDSTRIKE -# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -# OF THE TOOLS, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# This is free and unencumbered software released into the public domain. + +# Anyone is free to copy, modify, publish, use, compile, sell, or +# distribute this software, either in source code form or as a compiled +# binary, for any purpose, commercial or non-commercial, and by any +# means. + +# In jurisdictions that recognize copyright laws, the author or authors +# of this software dedicate any and all copyright interest in the +# software to the public domain. We make this dedication for the benefit +# of the public at large and to the detriment of our heirs and +# successors. We intend this dedication to be an overt act of +# relinquishment in perpetuity of all present and future rights to this +# software under copyright law. + +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +# IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR +# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +# OTHER DEALINGS IN THE SOFTWARE. + +# For more information, please refer to import requests import json diff --git a/falconpy/services/host_group.py b/src/falconpy/host_group.py similarity index 81% rename from falconpy/services/host_group.py rename to src/falconpy/host_group.py index 8174fa261..bfa5187e9 100644 --- a/falconpy/services/host_group.py +++ b/src/falconpy/host_group.py @@ -4,33 +4,30 @@ # # # host_groups - Falcon X Host Groups API Interface Class # ################################################################################################################ -# Copyright CrowdStrike 2020 +# This is free and unencumbered software released into the public domain. -# By accessing or using this script, sample code, application programming interface, tools, -# and/or associated documentation (if any) (collectively, “Tools”), You (i) represent and -# warrant that You are entering into this Agreement on behalf of a company, organization -# or another legal entity (“Entity”) that is currently a customer or partner of -# CrowdStrike, Inc. (“CrowdStrike”), and (ii) have the authority to bind such Entity and -# such Entity agrees to be bound by this Agreement. +# Anyone is free to copy, modify, publish, use, compile, sell, or +# distribute this software, either in source code form or as a compiled +# binary, for any purpose, commercial or non-commercial, and by any +# means. -# CrowdStrike grants Entity a non-exclusive, non-transferable, non-sublicensable, royalty -# free and limited license to access and use the Tools solely for Entity’s internal business -# purposes and in accordance with its obligations under any agreement(s) it may have with -# CrowdStrike. Entity acknowledges and agrees that CrowdStrike and its licensors retain all -# right, title and interest in and to the Tools, and all intellectual property rights -# embodied therein, and that Entity has no right, title or interest therein except for the -# express licenses granted hereunder and that Entity will treat such Tools as CrowdStrike’s -# confidential information. +# In jurisdictions that recognize copyright laws, the author or authors +# of this software dedicate any and all copyright interest in the +# software to the public domain. We make this dedication for the benefit +# of the public at large and to the detriment of our heirs and +# successors. We intend this dedication to be an overt act of +# relinquishment in perpetuity of all present and future rights to this +# software under copyright law. -# THE TOOLS ARE PROVIDED “AS-IS” WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED OR -# STATUTORY OR OTHERWISE. CROWDSTRIKE SPECIFICALLY DISCLAIMS ALL SUPPORT OBLIGATIONS AND -# ALL WARRANTIES, INCLUDING WITHOUT LIMITATION, ALL IMPLIED WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT. IN NO EVENT SHALL CROWDSTRIKE -# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -# OF THE TOOLS, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +# IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR +# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +# OTHER DEALINGS IN THE SOFTWARE. + +# For more information, please refer to import requests import json diff --git a/falconpy/services/hosts.py b/src/falconpy/hosts.py similarity index 71% rename from falconpy/services/hosts.py rename to src/falconpy/hosts.py index bd8779757..57c8c220e 100644 --- a/falconpy/services/hosts.py +++ b/src/falconpy/hosts.py @@ -4,33 +4,30 @@ # # # hosts - Falcon X Hosts API Interface Class # ################################################################################################################ -# Copyright CrowdStrike 2020 +# This is free and unencumbered software released into the public domain. -# By accessing or using this script, sample code, application programming interface, tools, -# and/or associated documentation (if any) (collectively, “Tools”), You (i) represent and -# warrant that You are entering into this Agreement on behalf of a company, organization -# or another legal entity (“Entity”) that is currently a customer or partner of -# CrowdStrike, Inc. (“CrowdStrike”), and (ii) have the authority to bind such Entity and -# such Entity agrees to be bound by this Agreement. +# Anyone is free to copy, modify, publish, use, compile, sell, or +# distribute this software, either in source code form or as a compiled +# binary, for any purpose, commercial or non-commercial, and by any +# means. -# CrowdStrike grants Entity a non-exclusive, non-transferable, non-sublicensable, royalty -# free and limited license to access and use the Tools solely for Entity’s internal business -# purposes and in accordance with its obligations under any agreement(s) it may have with -# CrowdStrike. Entity acknowledges and agrees that CrowdStrike and its licensors retain all -# right, title and interest in and to the Tools, and all intellectual property rights -# embodied therein, and that Entity has no right, title or interest therein except for the -# express licenses granted hereunder and that Entity will treat such Tools as CrowdStrike’s -# confidential information. +# In jurisdictions that recognize copyright laws, the author or authors +# of this software dedicate any and all copyright interest in the +# software to the public domain. We make this dedication for the benefit +# of the public at large and to the detriment of our heirs and +# successors. We intend this dedication to be an overt act of +# relinquishment in perpetuity of all present and future rights to this +# software under copyright law. -# THE TOOLS ARE PROVIDED “AS-IS” WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED OR -# STATUTORY OR OTHERWISE. CROWDSTRIKE SPECIFICALLY DISCLAIMS ALL SUPPORT OBLIGATIONS AND -# ALL WARRANTIES, INCLUDING WITHOUT LIMITATION, ALL IMPLIED WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT. IN NO EVENT SHALL CROWDSTRIKE -# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -# OF THE TOOLS, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +# IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR +# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +# OTHER DEALINGS IN THE SOFTWARE. + +# For more information, please refer to import requests import json diff --git a/falconpy/services/incidents.py b/src/falconpy/incidents.py similarity index 75% rename from falconpy/services/incidents.py rename to src/falconpy/incidents.py index 419367907..e84eb5b78 100644 --- a/falconpy/services/incidents.py +++ b/src/falconpy/incidents.py @@ -4,33 +4,30 @@ # # # incidents - Falcon X Incidents API Interface Class # ################################################################################################################ -# Copyright CrowdStrike 2020 - -# By accessing or using this script, sample code, application programming interface, tools, -# and/or associated documentation (if any) (collectively, “Tools”), You (i) represent and -# warrant that You are entering into this Agreement on behalf of a company, organization -# or another legal entity (“Entity”) that is currently a customer or partner of -# CrowdStrike, Inc. (“CrowdStrike”), and (ii) have the authority to bind such Entity and -# such Entity agrees to be bound by this Agreement. - -# CrowdStrike grants Entity a non-exclusive, non-transferable, non-sublicensable, royalty -# free and limited license to access and use the Tools solely for Entity’s internal business -# purposes and in accordance with its obligations under any agreement(s) it may have with -# CrowdStrike. Entity acknowledges and agrees that CrowdStrike and its licensors retain all -# right, title and interest in and to the Tools, and all intellectual property rights -# embodied therein, and that Entity has no right, title or interest therein except for the -# express licenses granted hereunder and that Entity will treat such Tools as CrowdStrike’s -# confidential information. - -# THE TOOLS ARE PROVIDED “AS-IS” WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED OR -# STATUTORY OR OTHERWISE. CROWDSTRIKE SPECIFICALLY DISCLAIMS ALL SUPPORT OBLIGATIONS AND -# ALL WARRANTIES, INCLUDING WITHOUT LIMITATION, ALL IMPLIED WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT. IN NO EVENT SHALL CROWDSTRIKE -# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -# OF THE TOOLS, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# This is free and unencumbered software released into the public domain. + +# Anyone is free to copy, modify, publish, use, compile, sell, or +# distribute this software, either in source code form or as a compiled +# binary, for any purpose, commercial or non-commercial, and by any +# means. + +# In jurisdictions that recognize copyright laws, the author or authors +# of this software dedicate any and all copyright interest in the +# software to the public domain. We make this dedication for the benefit +# of the public at large and to the detriment of our heirs and +# successors. We intend this dedication to be an overt act of +# relinquishment in perpetuity of all present and future rights to this +# software under copyright law. + +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +# IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR +# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +# OTHER DEALINGS IN THE SOFTWARE. + +# For more information, please refer to import requests import json diff --git a/falconpy/services/intel.py b/src/falconpy/intel.py similarity index 85% rename from falconpy/services/intel.py rename to src/falconpy/intel.py index 30bbcdcf7..8eb14b177 100644 --- a/falconpy/services/intel.py +++ b/src/falconpy/intel.py @@ -4,33 +4,30 @@ # # # intel - Falcon X Threat Intelligence API Interface Class # ################################################################################################################ -# Copyright CrowdStrike 2020 +# This is free and unencumbered software released into the public domain. -# By accessing or using this script, sample code, application programming interface, tools, -# and/or associated documentation (if any) (collectively, “Tools”), You (i) represent and -# warrant that You are entering into this Agreement on behalf of a company, organization -# or another legal entity (“Entity”) that is currently a customer or partner of -# CrowdStrike, Inc. (“CrowdStrike”), and (ii) have the authority to bind such Entity and -# such Entity agrees to be bound by this Agreement. +# Anyone is free to copy, modify, publish, use, compile, sell, or +# distribute this software, either in source code form or as a compiled +# binary, for any purpose, commercial or non-commercial, and by any +# means. -# CrowdStrike grants Entity a non-exclusive, non-transferable, non-sublicensable, royalty -# free and limited license to access and use the Tools solely for Entity’s internal business -# purposes and in accordance with its obligations under any agreement(s) it may have with -# CrowdStrike. Entity acknowledges and agrees that CrowdStrike and its licensors retain all -# right, title and interest in and to the Tools, and all intellectual property rights -# embodied therein, and that Entity has no right, title or interest therein except for the -# express licenses granted hereunder and that Entity will treat such Tools as CrowdStrike’s -# confidential information. +# In jurisdictions that recognize copyright laws, the author or authors +# of this software dedicate any and all copyright interest in the +# software to the public domain. We make this dedication for the benefit +# of the public at large and to the detriment of our heirs and +# successors. We intend this dedication to be an overt act of +# relinquishment in perpetuity of all present and future rights to this +# software under copyright law. -# THE TOOLS ARE PROVIDED “AS-IS” WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED OR -# STATUTORY OR OTHERWISE. CROWDSTRIKE SPECIFICALLY DISCLAIMS ALL SUPPORT OBLIGATIONS AND -# ALL WARRANTIES, INCLUDING WITHOUT LIMITATION, ALL IMPLIED WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT. IN NO EVENT SHALL CROWDSTRIKE -# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -# OF THE TOOLS, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +# IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR +# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +# OTHER DEALINGS IN THE SOFTWARE. + +# For more information, please refer to import requests import json diff --git a/falconpy/services/iocs.py b/src/falconpy/iocs.py similarity index 80% rename from falconpy/services/iocs.py rename to src/falconpy/iocs.py index dd0d6df60..bf5f1c68f 100644 --- a/falconpy/services/iocs.py +++ b/src/falconpy/iocs.py @@ -4,33 +4,30 @@ # # # iocs - Falcon X Indicators of Compromise API Interface Class # ################################################################################################################ -# Copyright CrowdStrike 2020 - -# By accessing or using this script, sample code, application programming interface, tools, -# and/or associated documentation (if any) (collectively, “Tools”), You (i) represent and -# warrant that You are entering into this Agreement on behalf of a company, organization -# or another legal entity (“Entity”) that is currently a customer or partner of -# CrowdStrike, Inc. (“CrowdStrike”), and (ii) have the authority to bind such Entity and -# such Entity agrees to be bound by this Agreement. - -# CrowdStrike grants Entity a non-exclusive, non-transferable, non-sublicensable, royalty -# free and limited license to access and use the Tools solely for Entity’s internal business -# purposes and in accordance with its obligations under any agreement(s) it may have with -# CrowdStrike. Entity acknowledges and agrees that CrowdStrike and its licensors retain all -# right, title and interest in and to the Tools, and all intellectual property rights -# embodied therein, and that Entity has no right, title or interest therein except for the -# express licenses granted hereunder and that Entity will treat such Tools as CrowdStrike’s -# confidential information. - -# THE TOOLS ARE PROVIDED “AS-IS” WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED OR -# STATUTORY OR OTHERWISE. CROWDSTRIKE SPECIFICALLY DISCLAIMS ALL SUPPORT OBLIGATIONS AND -# ALL WARRANTIES, INCLUDING WITHOUT LIMITATION, ALL IMPLIED WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT. IN NO EVENT SHALL CROWDSTRIKE -# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -# OF THE TOOLS, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# This is free and unencumbered software released into the public domain. + +# Anyone is free to copy, modify, publish, use, compile, sell, or +# distribute this software, either in source code form or as a compiled +# binary, for any purpose, commercial or non-commercial, and by any +# means. + +# In jurisdictions that recognize copyright laws, the author or authors +# of this software dedicate any and all copyright interest in the +# software to the public domain. We make this dedication for the benefit +# of the public at large and to the detriment of our heirs and +# successors. We intend this dedication to be an overt act of +# relinquishment in perpetuity of all present and future rights to this +# software under copyright law. + +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +# IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR +# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +# OTHER DEALINGS IN THE SOFTWARE. + +# For more information, please refer to import requests import json diff --git a/falconpy/services/oauth2.py b/src/falconpy/oauth2.py similarity index 60% rename from falconpy/services/oauth2.py rename to src/falconpy/oauth2.py index 18d5f4467..fc500830d 100644 --- a/falconpy/services/oauth2.py +++ b/src/falconpy/oauth2.py @@ -4,33 +4,30 @@ # # # oauth2 - Falcon X oAuth API Authentication Interface Class # ################################################################################################################ -# Copyright CrowdStrike 2020 +# This is free and unencumbered software released into the public domain. -# By accessing or using this script, sample code, application programming interface, tools, -# and/or associated documentation (if any) (collectively, “Tools”), You (i) represent and -# warrant that You are entering into this Agreement on behalf of a company, organization -# or another legal entity (“Entity”) that is currently a customer or partner of -# CrowdStrike, Inc. (“CrowdStrike”), and (ii) have the authority to bind such Entity and -# such Entity agrees to be bound by this Agreement. +# Anyone is free to copy, modify, publish, use, compile, sell, or +# distribute this software, either in source code form or as a compiled +# binary, for any purpose, commercial or non-commercial, and by any +# means. -# CrowdStrike grants Entity a non-exclusive, non-transferable, non-sublicensable, royalty -# free and limited license to access and use the Tools solely for Entity’s internal business -# purposes and in accordance with its obligations under any agreement(s) it may have with -# CrowdStrike. Entity acknowledges and agrees that CrowdStrike and its licensors retain all -# right, title and interest in and to the Tools, and all intellectual property rights -# embodied therein, and that Entity has no right, title or interest therein except for the -# express licenses granted hereunder and that Entity will treat such Tools as CrowdStrike’s -# confidential information. +# In jurisdictions that recognize copyright laws, the author or authors +# of this software dedicate any and all copyright interest in the +# software to the public domain. We make this dedication for the benefit +# of the public at large and to the detriment of our heirs and +# successors. We intend this dedication to be an overt act of +# relinquishment in perpetuity of all present and future rights to this +# software under copyright law. -# THE TOOLS ARE PROVIDED “AS-IS” WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED OR -# STATUTORY OR OTHERWISE. CROWDSTRIKE SPECIFICALLY DISCLAIMS ALL SUPPORT OBLIGATIONS AND -# ALL WARRANTIES, INCLUDING WITHOUT LIMITATION, ALL IMPLIED WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT. IN NO EVENT SHALL CROWDSTRIKE -# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -# OF THE TOOLS, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +# IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR +# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +# OTHER DEALINGS IN THE SOFTWARE. + +# For more information, please refer to import requests import json diff --git a/falconpy/services/prevention_policy.py b/src/falconpy/prevention_policy.py similarity index 83% rename from falconpy/services/prevention_policy.py rename to src/falconpy/prevention_policy.py index d74506bb4..400c39eae 100644 --- a/falconpy/services/prevention_policy.py +++ b/src/falconpy/prevention_policy.py @@ -4,33 +4,30 @@ # # # prevention_policy - Falcon X Prevention Policy API Interface Class # ################################################################################################################ -# Copyright CrowdStrike 2020 - -# By accessing or using this script, sample code, application programming interface, tools, -# and/or associated documentation (if any) (collectively, “Tools”), You (i) represent and -# warrant that You are entering into this Agreement on behalf of a company, organization -# or another legal entity (“Entity”) that is currently a customer or partner of -# CrowdStrike, Inc. (“CrowdStrike”), and (ii) have the authority to bind such Entity and -# such Entity agrees to be bound by this Agreement. - -# CrowdStrike grants Entity a non-exclusive, non-transferable, non-sublicensable, royalty -# free and limited license to access and use the Tools solely for Entity’s internal business -# purposes and in accordance with its obligations under any agreement(s) it may have with -# CrowdStrike. Entity acknowledges and agrees that CrowdStrike and its licensors retain all -# right, title and interest in and to the Tools, and all intellectual property rights -# embodied therein, and that Entity has no right, title or interest therein except for the -# express licenses granted hereunder and that Entity will treat such Tools as CrowdStrike’s -# confidential information. - -# THE TOOLS ARE PROVIDED “AS-IS” WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED OR -# STATUTORY OR OTHERWISE. CROWDSTRIKE SPECIFICALLY DISCLAIMS ALL SUPPORT OBLIGATIONS AND -# ALL WARRANTIES, INCLUDING WITHOUT LIMITATION, ALL IMPLIED WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT. IN NO EVENT SHALL CROWDSTRIKE -# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -# OF THE TOOLS, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# This is free and unencumbered software released into the public domain. + +# Anyone is free to copy, modify, publish, use, compile, sell, or +# distribute this software, either in source code form or as a compiled +# binary, for any purpose, commercial or non-commercial, and by any +# means. + +# In jurisdictions that recognize copyright laws, the author or authors +# of this software dedicate any and all copyright interest in the +# software to the public domain. We make this dedication for the benefit +# of the public at large and to the detriment of our heirs and +# successors. We intend this dedication to be an overt act of +# relinquishment in perpetuity of all present and future rights to this +# software under copyright law. + +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +# IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR +# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +# OTHER DEALINGS IN THE SOFTWARE. + +# For more information, please refer to import requests import json diff --git a/falconpy/services/real_time_response.py b/src/falconpy/real_time_response.py similarity index 88% rename from falconpy/services/real_time_response.py rename to src/falconpy/real_time_response.py index f6d493f4a..e3990f146 100644 --- a/falconpy/services/real_time_response.py +++ b/src/falconpy/real_time_response.py @@ -4,33 +4,30 @@ # # # real_time_response - Falcon X Real Time Response API Interface Class # ################################################################################################################ -# Copyright CrowdStrike 2020 +# This is free and unencumbered software released into the public domain. -# By accessing or using this script, sample code, application programming interface, tools, -# and/or associated documentation (if any) (collectively, “Tools”), You (i) represent and -# warrant that You are entering into this Agreement on behalf of a company, organization -# or another legal entity (“Entity”) that is currently a customer or partner of -# CrowdStrike, Inc. (“CrowdStrike”), and (ii) have the authority to bind such Entity and -# such Entity agrees to be bound by this Agreement. +# Anyone is free to copy, modify, publish, use, compile, sell, or +# distribute this software, either in source code form or as a compiled +# binary, for any purpose, commercial or non-commercial, and by any +# means. -# CrowdStrike grants Entity a non-exclusive, non-transferable, non-sublicensable, royalty -# free and limited license to access and use the Tools solely for Entity’s internal business -# purposes and in accordance with its obligations under any agreement(s) it may have with -# CrowdStrike. Entity acknowledges and agrees that CrowdStrike and its licensors retain all -# right, title and interest in and to the Tools, and all intellectual property rights -# embodied therein, and that Entity has no right, title or interest therein except for the -# express licenses granted hereunder and that Entity will treat such Tools as CrowdStrike’s -# confidential information. +# In jurisdictions that recognize copyright laws, the author or authors +# of this software dedicate any and all copyright interest in the +# software to the public domain. We make this dedication for the benefit +# of the public at large and to the detriment of our heirs and +# successors. We intend this dedication to be an overt act of +# relinquishment in perpetuity of all present and future rights to this +# software under copyright law. -# THE TOOLS ARE PROVIDED “AS-IS” WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED OR -# STATUTORY OR OTHERWISE. CROWDSTRIKE SPECIFICALLY DISCLAIMS ALL SUPPORT OBLIGATIONS AND -# ALL WARRANTIES, INCLUDING WITHOUT LIMITATION, ALL IMPLIED WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT. IN NO EVENT SHALL CROWDSTRIKE -# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -# OF THE TOOLS, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +# IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR +# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +# OTHER DEALINGS IN THE SOFTWARE. + +# For more information, please refer to import requests import json diff --git a/falconpy/services/real_time_response_admin.py b/src/falconpy/real_time_response_admin.py similarity index 84% rename from falconpy/services/real_time_response_admin.py rename to src/falconpy/real_time_response_admin.py index 06086cd0f..34d6d0f4b 100644 --- a/falconpy/services/real_time_response_admin.py +++ b/src/falconpy/real_time_response_admin.py @@ -4,33 +4,30 @@ # # # real_time_response_admin - Falcon X Real Time Response Administration API Interface Class # ################################################################################################################ -# Copyright CrowdStrike 2020 - -# By accessing or using this script, sample code, application programming interface, tools, -# and/or associated documentation (if any) (collectively, “Tools”), You (i) represent and -# warrant that You are entering into this Agreement on behalf of a company, organization -# or another legal entity (“Entity”) that is currently a customer or partner of -# CrowdStrike, Inc. (“CrowdStrike”), and (ii) have the authority to bind such Entity and -# such Entity agrees to be bound by this Agreement. - -# CrowdStrike grants Entity a non-exclusive, non-transferable, non-sublicensable, royalty -# free and limited license to access and use the Tools solely for Entity’s internal business -# purposes and in accordance with its obligations under any agreement(s) it may have with -# CrowdStrike. Entity acknowledges and agrees that CrowdStrike and its licensors retain all -# right, title and interest in and to the Tools, and all intellectual property rights -# embodied therein, and that Entity has no right, title or interest therein except for the -# express licenses granted hereunder and that Entity will treat such Tools as CrowdStrike’s -# confidential information. - -# THE TOOLS ARE PROVIDED “AS-IS” WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED OR -# STATUTORY OR OTHERWISE. CROWDSTRIKE SPECIFICALLY DISCLAIMS ALL SUPPORT OBLIGATIONS AND -# ALL WARRANTIES, INCLUDING WITHOUT LIMITATION, ALL IMPLIED WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT. IN NO EVENT SHALL CROWDSTRIKE -# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -# OF THE TOOLS, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# This is free and unencumbered software released into the public domain. + +# Anyone is free to copy, modify, publish, use, compile, sell, or +# distribute this software, either in source code form or as a compiled +# binary, for any purpose, commercial or non-commercial, and by any +# means. + +# In jurisdictions that recognize copyright laws, the author or authors +# of this software dedicate any and all copyright interest in the +# software to the public domain. We make this dedication for the benefit +# of the public at large and to the detriment of our heirs and +# successors. We intend this dedication to be an overt act of +# relinquishment in perpetuity of all present and future rights to this +# software under copyright law. + +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +# IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR +# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +# OTHER DEALINGS IN THE SOFTWARE. + +# For more information, please refer to import requests import json diff --git a/falconpy/services/sensor_update_policy.py b/src/falconpy/sensor_update_policy.py similarity index 88% rename from falconpy/services/sensor_update_policy.py rename to src/falconpy/sensor_update_policy.py index 7345a8ca5..b968714a9 100644 --- a/falconpy/services/sensor_update_policy.py +++ b/src/falconpy/sensor_update_policy.py @@ -4,33 +4,30 @@ # # # sensor_update_policy - Falcon X Sensor Policy Management API Interface Class # ################################################################################################################ -# Copyright CrowdStrike 2020 +# This is free and unencumbered software released into the public domain. -# By accessing or using this script, sample code, application programming interface, tools, -# and/or associated documentation (if any) (collectively, “Tools”), You (i) represent and -# warrant that You are entering into this Agreement on behalf of a company, organization -# or another legal entity (“Entity”) that is currently a customer or partner of -# CrowdStrike, Inc. (“CrowdStrike”), and (ii) have the authority to bind such Entity and -# such Entity agrees to be bound by this Agreement. +# Anyone is free to copy, modify, publish, use, compile, sell, or +# distribute this software, either in source code form or as a compiled +# binary, for any purpose, commercial or non-commercial, and by any +# means. -# CrowdStrike grants Entity a non-exclusive, non-transferable, non-sublicensable, royalty -# free and limited license to access and use the Tools solely for Entity’s internal business -# purposes and in accordance with its obligations under any agreement(s) it may have with -# CrowdStrike. Entity acknowledges and agrees that CrowdStrike and its licensors retain all -# right, title and interest in and to the Tools, and all intellectual property rights -# embodied therein, and that Entity has no right, title or interest therein except for the -# express licenses granted hereunder and that Entity will treat such Tools as CrowdStrike’s -# confidential information. +# In jurisdictions that recognize copyright laws, the author or authors +# of this software dedicate any and all copyright interest in the +# software to the public domain. We make this dedication for the benefit +# of the public at large and to the detriment of our heirs and +# successors. We intend this dedication to be an overt act of +# relinquishment in perpetuity of all present and future rights to this +# software under copyright law. -# THE TOOLS ARE PROVIDED “AS-IS” WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED OR -# STATUTORY OR OTHERWISE. CROWDSTRIKE SPECIFICALLY DISCLAIMS ALL SUPPORT OBLIGATIONS AND -# ALL WARRANTIES, INCLUDING WITHOUT LIMITATION, ALL IMPLIED WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT. IN NO EVENT SHALL CROWDSTRIKE -# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -# OF THE TOOLS, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +# IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR +# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +# OTHER DEALINGS IN THE SOFTWARE. + +# For more information, please refer to import requests import json diff --git a/falconpy/services/spotlight_vulnerabilities.py b/src/falconpy/spotlight_vulnerabilities.py similarity index 63% rename from falconpy/services/spotlight_vulnerabilities.py rename to src/falconpy/spotlight_vulnerabilities.py index 24c039685..a6888c6b8 100644 --- a/falconpy/services/spotlight_vulnerabilities.py +++ b/src/falconpy/spotlight_vulnerabilities.py @@ -4,33 +4,30 @@ # # # spotlight_vulnerabilities - Falcon X Spotlight Vulnerabilities API Interface Class # ################################################################################################################ -# Copyright CrowdStrike 2020 +# This is free and unencumbered software released into the public domain. -# By accessing or using this script, sample code, application programming interface, tools, -# and/or associated documentation (if any) (collectively, “Tools”), You (i) represent and -# warrant that You are entering into this Agreement on behalf of a company, organization -# or another legal entity (“Entity”) that is currently a customer or partner of -# CrowdStrike, Inc. (“CrowdStrike”), and (ii) have the authority to bind such Entity and -# such Entity agrees to be bound by this Agreement. +# Anyone is free to copy, modify, publish, use, compile, sell, or +# distribute this software, either in source code form or as a compiled +# binary, for any purpose, commercial or non-commercial, and by any +# means. -# CrowdStrike grants Entity a non-exclusive, non-transferable, non-sublicensable, royalty -# free and limited license to access and use the Tools solely for Entity’s internal business -# purposes and in accordance with its obligations under any agreement(s) it may have with -# CrowdStrike. Entity acknowledges and agrees that CrowdStrike and its licensors retain all -# right, title and interest in and to the Tools, and all intellectual property rights -# embodied therein, and that Entity has no right, title or interest therein except for the -# express licenses granted hereunder and that Entity will treat such Tools as CrowdStrike’s -# confidential information. +# In jurisdictions that recognize copyright laws, the author or authors +# of this software dedicate any and all copyright interest in the +# software to the public domain. We make this dedication for the benefit +# of the public at large and to the detriment of our heirs and +# successors. We intend this dedication to be an overt act of +# relinquishment in perpetuity of all present and future rights to this +# software under copyright law. -# THE TOOLS ARE PROVIDED “AS-IS” WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED OR -# STATUTORY OR OTHERWISE. CROWDSTRIKE SPECIFICALLY DISCLAIMS ALL SUPPORT OBLIGATIONS AND -# ALL WARRANTIES, INCLUDING WITHOUT LIMITATION, ALL IMPLIED WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT. IN NO EVENT SHALL CROWDSTRIKE -# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -# OF THE TOOLS, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +# IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR +# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +# OTHER DEALINGS IN THE SOFTWARE. + +# For more information, please refer to import requests import json diff --git a/falconpy/services/user_management.py b/src/falconpy/user_management.py similarity index 83% rename from falconpy/services/user_management.py rename to src/falconpy/user_management.py index 55997df23..61f216d9a 100644 --- a/falconpy/services/user_management.py +++ b/src/falconpy/user_management.py @@ -4,33 +4,30 @@ # # # user_management - Falcon X User Management API Interface Class # ################################################################################################################ -# Copyright CrowdStrike 2020 - -# By accessing or using this script, sample code, application programming interface, tools, -# and/or associated documentation (if any) (collectively, “Tools”), You (i) represent and -# warrant that You are entering into this Agreement on behalf of a company, organization -# or another legal entity (“Entity”) that is currently a customer or partner of -# CrowdStrike, Inc. (“CrowdStrike”), and (ii) have the authority to bind such Entity and -# such Entity agrees to be bound by this Agreement. - -# CrowdStrike grants Entity a non-exclusive, non-transferable, non-sublicensable, royalty -# free and limited license to access and use the Tools solely for Entity’s internal business -# purposes and in accordance with its obligations under any agreement(s) it may have with -# CrowdStrike. Entity acknowledges and agrees that CrowdStrike and its licensors retain all -# right, title and interest in and to the Tools, and all intellectual property rights -# embodied therein, and that Entity has no right, title or interest therein except for the -# express licenses granted hereunder and that Entity will treat such Tools as CrowdStrike’s -# confidential information. - -# THE TOOLS ARE PROVIDED “AS-IS” WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED OR -# STATUTORY OR OTHERWISE. CROWDSTRIKE SPECIFICALLY DISCLAIMS ALL SUPPORT OBLIGATIONS AND -# ALL WARRANTIES, INCLUDING WITHOUT LIMITATION, ALL IMPLIED WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT. IN NO EVENT SHALL CROWDSTRIKE -# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -# OF THE TOOLS, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# This is free and unencumbered software released into the public domain. + +# Anyone is free to copy, modify, publish, use, compile, sell, or +# distribute this software, either in source code form or as a compiled +# binary, for any purpose, commercial or non-commercial, and by any +# means. + +# In jurisdictions that recognize copyright laws, the author or authors +# of this software dedicate any and all copyright interest in the +# software to the public domain. We make this dedication for the benefit +# of the public at large and to the detriment of our heirs and +# successors. We intend this dedication to be an overt act of +# relinquishment in perpetuity of all present and future rights to this +# software under copyright law. + +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +# IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR +# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +# OTHER DEALINGS IN THE SOFTWARE. + +# For more information, please refer to import requests import json From 01946ec1d3ecfde44e54745a32eab05f1f8b431b Mon Sep 17 00:00:00 2001 From: Joshua Hiller Date: Sat, 5 Dec 2020 16:32:30 -0500 Subject: [PATCH 02/32] Package updates --- {src/falconpy => falconpy}/README.MD | 0 {src/falconpy => falconpy}/__init__.py | 0 {src/falconpy => falconpy}/api_complete.py | 0 .../cloud_connect_aws.py | 0 {src/falconpy => falconpy}/detects.py | 0 .../device_control_policies.py | 0 {src/falconpy => falconpy}/event_streams.py | 0 {src/falconpy => falconpy}/falconx_sandbox.py | 0 .../firewall_management.py | 0 .../firewall_policies.py | 0 {src/falconpy => falconpy}/host_group.py | 0 {src/falconpy => falconpy}/hosts.py | 0 {src/falconpy => falconpy}/incidents.py | 0 {src/falconpy => falconpy}/intel.py | 0 {src/falconpy => falconpy}/iocs.py | 0 {src/falconpy => falconpy}/oauth2.py | 0 .../prevention_policy.py | 0 .../real_time_response.py | 0 .../real_time_response_admin.py | 0 .../sensor_update_policy.py | 0 .../spotlight_vulnerabilities.py | 0 {src/falconpy => falconpy}/user_management.py | 0 setup.py | 25 +++++++++++++------ 23 files changed, 18 insertions(+), 7 deletions(-) rename {src/falconpy => falconpy}/README.MD (100%) rename {src/falconpy => falconpy}/__init__.py (100%) rename {src/falconpy => falconpy}/api_complete.py (100%) rename {src/falconpy => falconpy}/cloud_connect_aws.py (100%) rename {src/falconpy => falconpy}/detects.py (100%) rename {src/falconpy => falconpy}/device_control_policies.py (100%) rename {src/falconpy => falconpy}/event_streams.py (100%) rename {src/falconpy => falconpy}/falconx_sandbox.py (100%) rename {src/falconpy => falconpy}/firewall_management.py (100%) rename {src/falconpy => falconpy}/firewall_policies.py (100%) rename {src/falconpy => falconpy}/host_group.py (100%) rename {src/falconpy => falconpy}/hosts.py (100%) rename {src/falconpy => falconpy}/incidents.py (100%) rename {src/falconpy => falconpy}/intel.py (100%) rename {src/falconpy => falconpy}/iocs.py (100%) rename {src/falconpy => falconpy}/oauth2.py (100%) rename {src/falconpy => falconpy}/prevention_policy.py (100%) rename {src/falconpy => falconpy}/real_time_response.py (100%) rename {src/falconpy => falconpy}/real_time_response_admin.py (100%) rename {src/falconpy => falconpy}/sensor_update_policy.py (100%) rename {src/falconpy => falconpy}/spotlight_vulnerabilities.py (100%) rename {src/falconpy => falconpy}/user_management.py (100%) diff --git a/src/falconpy/README.MD b/falconpy/README.MD similarity index 100% rename from src/falconpy/README.MD rename to falconpy/README.MD diff --git a/src/falconpy/__init__.py b/falconpy/__init__.py similarity index 100% rename from src/falconpy/__init__.py rename to falconpy/__init__.py diff --git a/src/falconpy/api_complete.py b/falconpy/api_complete.py similarity index 100% rename from src/falconpy/api_complete.py rename to falconpy/api_complete.py diff --git a/src/falconpy/cloud_connect_aws.py b/falconpy/cloud_connect_aws.py similarity index 100% rename from src/falconpy/cloud_connect_aws.py rename to falconpy/cloud_connect_aws.py diff --git a/src/falconpy/detects.py b/falconpy/detects.py similarity index 100% rename from src/falconpy/detects.py rename to falconpy/detects.py diff --git a/src/falconpy/device_control_policies.py b/falconpy/device_control_policies.py similarity index 100% rename from src/falconpy/device_control_policies.py rename to falconpy/device_control_policies.py diff --git a/src/falconpy/event_streams.py b/falconpy/event_streams.py similarity index 100% rename from src/falconpy/event_streams.py rename to falconpy/event_streams.py diff --git a/src/falconpy/falconx_sandbox.py b/falconpy/falconx_sandbox.py similarity index 100% rename from src/falconpy/falconx_sandbox.py rename to falconpy/falconx_sandbox.py diff --git a/src/falconpy/firewall_management.py b/falconpy/firewall_management.py similarity index 100% rename from src/falconpy/firewall_management.py rename to falconpy/firewall_management.py diff --git a/src/falconpy/firewall_policies.py b/falconpy/firewall_policies.py similarity index 100% rename from src/falconpy/firewall_policies.py rename to falconpy/firewall_policies.py diff --git a/src/falconpy/host_group.py b/falconpy/host_group.py similarity index 100% rename from src/falconpy/host_group.py rename to falconpy/host_group.py diff --git a/src/falconpy/hosts.py b/falconpy/hosts.py similarity index 100% rename from src/falconpy/hosts.py rename to falconpy/hosts.py diff --git a/src/falconpy/incidents.py b/falconpy/incidents.py similarity index 100% rename from src/falconpy/incidents.py rename to falconpy/incidents.py diff --git a/src/falconpy/intel.py b/falconpy/intel.py similarity index 100% rename from src/falconpy/intel.py rename to falconpy/intel.py diff --git a/src/falconpy/iocs.py b/falconpy/iocs.py similarity index 100% rename from src/falconpy/iocs.py rename to falconpy/iocs.py diff --git a/src/falconpy/oauth2.py b/falconpy/oauth2.py similarity index 100% rename from src/falconpy/oauth2.py rename to falconpy/oauth2.py diff --git a/src/falconpy/prevention_policy.py b/falconpy/prevention_policy.py similarity index 100% rename from src/falconpy/prevention_policy.py rename to falconpy/prevention_policy.py diff --git a/src/falconpy/real_time_response.py b/falconpy/real_time_response.py similarity index 100% rename from src/falconpy/real_time_response.py rename to falconpy/real_time_response.py diff --git a/src/falconpy/real_time_response_admin.py b/falconpy/real_time_response_admin.py similarity index 100% rename from src/falconpy/real_time_response_admin.py rename to falconpy/real_time_response_admin.py diff --git a/src/falconpy/sensor_update_policy.py b/falconpy/sensor_update_policy.py similarity index 100% rename from src/falconpy/sensor_update_policy.py rename to falconpy/sensor_update_policy.py diff --git a/src/falconpy/spotlight_vulnerabilities.py b/falconpy/spotlight_vulnerabilities.py similarity index 100% rename from src/falconpy/spotlight_vulnerabilities.py rename to falconpy/spotlight_vulnerabilities.py diff --git a/src/falconpy/user_management.py b/falconpy/user_management.py similarity index 100% rename from src/falconpy/user_management.py rename to falconpy/user_management.py diff --git a/setup.py b/setup.py index 7b79b841c..ca429fdb3 100644 --- a/setup.py +++ b/setup.py @@ -1,30 +1,41 @@ -import setuptools +from setuptools import find_packages +from setuptools import setup +from glob import glob +from os.path import basename +from os.path import dirname +from os.path import splitext with open("README.md", "r") as fh: long_description = fh.read() -setuptools.setup( +setup( name="crowdstrike-falconpy", - version="0.1.7", + version="0.1.3", author="CrowdStrike", maintainer="Joshua Hiller", description="The CrowdStrike Falcon API SDK for Python 3", long_description=long_description, long_description_content_type="text/markdown", url="https://github.com/CrowdStrike/falconpy", - packages=["falconpy"], + packages=find_packages('falconpy'), package_dir={'': 'falconpy'}, + py_modules=[splitext(basename(path))[0] for path in glob('falconpy/*.py')], + include_package_data=True, install_requires=[ - "requests", - "urllib3" + "requests", + "urllib3" ], classifiers=[ + "Intended Audience :: Developers", + "Operating System :: Unix", + "Operating System :: POSIX", + "Operating System :: Microsoft :: Windows", "Programming Language :: Python :: 3", "Programming Language :: Python :: 3.6", "Programming Language :: Python :: 3.7", "Programming Language :: Python :: 3.8", "Programming Language :: Python :: 3.9", - "License :: Other/Proprietary License", + "License :: OSI Approved :: The Unlicense (Unlicense)", "Operating System :: OS Independent", ], python_requires='>=3.6', From 2260c87c32864ff17180346711f0f9d0e5f0dec0 Mon Sep 17 00:00:00 2001 From: Joshua Hiller Date: Sat, 5 Dec 2020 16:37:21 -0500 Subject: [PATCH 03/32] Cleaning up tabs --- setup.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/setup.py b/setup.py index ca429fdb3..fd3d40404 100644 --- a/setup.py +++ b/setup.py @@ -22,8 +22,8 @@ py_modules=[splitext(basename(path))[0] for path in glob('falconpy/*.py')], include_package_data=True, install_requires=[ - "requests", - "urllib3" + "requests", + "urllib3" ], classifiers=[ "Intended Audience :: Developers", From 9a3429c85ee135d1ed59ca39dacd6ac41bf2cc2e Mon Sep 17 00:00:00 2001 From: Joshua Hiller Date: Sat, 5 Dec 2020 16:42:32 -0500 Subject: [PATCH 04/32] README and LICENSE updates --- LICENSE | 45 +++++++++++++++++++++------------------------ README.md | 48 +++++++++++++++++++++++------------------------- 2 files changed, 44 insertions(+), 49 deletions(-) diff --git a/LICENSE b/LICENSE index 48334c4dd..fdddb29aa 100644 --- a/LICENSE +++ b/LICENSE @@ -1,27 +1,24 @@ -Copyright CrowdStrike 2020 +This is free and unencumbered software released into the public domain. -By accessing or using this script, sample code, application programming interface, tools, -and/or associated documentation (if any) (collectively, “Tools”), You (i) represent and -warrant that You are entering into this Agreement on behalf of a company, organization -or another legal entity (“Entity”) that is currently a customer or partner of -CrowdStrike, Inc. (“CrowdStrike”), and (ii) have the authority to bind such Entity and -such Entity agrees to be bound by this Agreement. +Anyone is free to copy, modify, publish, use, compile, sell, or +distribute this software, either in source code form or as a compiled +binary, for any purpose, commercial or non-commercial, and by any +means. -CrowdStrike grants Entity a non-exclusive, non-transferable, non-sublicensable, royalty -free and limited license to access and use the Tools solely for Entity’s internal business -purposes and in accordance with its obligations under any agreement(s) it may have with -CrowdStrike. Entity acknowledges and agrees that CrowdStrike and its licensors retain all -right, title and interest in and to the Tools, and all intellectual property rights -embodied therein, and that Entity has no right, title or interest therein except for the -express licenses granted hereunder and that Entity will treat such Tools as CrowdStrike’s -confidential information. +In jurisdictions that recognize copyright laws, the author or authors +of this software dedicate any and all copyright interest in the +software to the public domain. We make this dedication for the benefit +of the public at large and to the detriment of our heirs and +successors. We intend this dedication to be an overt act of +relinquishment in perpetuity of all present and future rights to this +software under copyright law. -THE TOOLS ARE PROVIDED “AS-IS” WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED OR -STATUTORY OR OTHERWISE. CROWDSTRIKE SPECIFICALLY DISCLAIMS ALL SUPPORT OBLIGATIONS AND -ALL WARRANTIES, INCLUDING WITHOUT LIMITATION, ALL IMPLIED WARRANTIES OF MERCHANTABILITY, -FITNESS FOR PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT. IN NO EVENT SHALL CROWDSTRIKE -BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THE TOOLS, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. \ No newline at end of file +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR +OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +OTHER DEALINGS IN THE SOFTWARE. + +For more information, please refer to diff --git a/README.md b/README.md index 63511db7a..643a10c0f 100644 --- a/README.md +++ b/README.md @@ -42,37 +42,35 @@ Currently the solution defines a class for each service (_ex: cloud_connect_aws_ ## Installation FalconPy is available on PyPI: ```bash -$ python -m pip install falconpy +$ python -m pip install crowdstrike-falconpy ``` ## Documentation Documentation can be found in the [GitHub Wiki](https://github.com/CrowdStrike/falconpy/wiki). ## License -Copyright CrowdStrike 2020 +This is free and unencumbered software released into the public domain. -By accessing or using this script, sample code, application programming interface, tools, -and/or associated documentation (if any) (collectively, “Tools”), You (i) represent and -warrant that You are entering into this Agreement on behalf of a company, organization -or another legal entity (“Entity”) that is currently a customer or partner of -CrowdStrike, Inc. (“CrowdStrike”), and (ii) have the authority to bind such Entity and -such Entity agrees to be bound by this Agreement. +Anyone is free to copy, modify, publish, use, compile, sell, or +distribute this software, either in source code form or as a compiled +binary, for any purpose, commercial or non-commercial, and by any +means. -CrowdStrike grants Entity a non-exclusive, non-transferable, non-sublicensable, royalty -free and limited license to access and use the Tools solely for Entity’s internal business -purposes and in accordance with its obligations under any agreement(s) it may have with -CrowdStrike. Entity acknowledges and agrees that CrowdStrike and its licensors retain all -right, title and interest in and to the Tools, and all intellectual property rights -embodied therein, and that Entity has no right, title or interest therein except for the -express licenses granted hereunder and that Entity will treat such Tools as CrowdStrike’s -confidential information. +In jurisdictions that recognize copyright laws, the author or authors +of this software dedicate any and all copyright interest in the +software to the public domain. We make this dedication for the benefit +of the public at large and to the detriment of our heirs and +successors. We intend this dedication to be an overt act of +relinquishment in perpetuity of all present and future rights to this +software under copyright law. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR +OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +OTHER DEALINGS IN THE SOFTWARE. + +For more information, please refer to -THE TOOLS ARE PROVIDED “AS-IS” WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED OR -STATUTORY OR OTHERWISE. CROWDSTRIKE SPECIFICALLY DISCLAIMS ALL SUPPORT OBLIGATIONS AND -ALL WARRANTIES, INCLUDING WITHOUT LIMITATION, ALL IMPLIED WARRANTIES OF MERCHANTABILITY, -FITNESS FOR PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT. IN NO EVENT SHALL CROWDSTRIKE -BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THE TOOLS, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. From 70c81506453dfc3be7f377575f741e79d48053de Mon Sep 17 00:00:00 2001 From: Joshua Hiller Date: Sat, 5 Dec 2020 17:04:11 -0500 Subject: [PATCH 05/32] More package testing --- setup.py | 8 ++++---- {falconpy => src/falconpy}/README.MD | 0 {falconpy => src/falconpy}/__init__.py | 2 +- {falconpy => src/falconpy}/api_complete.py | 0 {falconpy => src/falconpy}/cloud_connect_aws.py | 0 {falconpy => src/falconpy}/detects.py | 0 {falconpy => src/falconpy}/device_control_policies.py | 0 {falconpy => src/falconpy}/event_streams.py | 0 {falconpy => src/falconpy}/falconx_sandbox.py | 0 {falconpy => src/falconpy}/firewall_management.py | 0 {falconpy => src/falconpy}/firewall_policies.py | 0 {falconpy => src/falconpy}/host_group.py | 0 {falconpy => src/falconpy}/hosts.py | 0 {falconpy => src/falconpy}/incidents.py | 0 {falconpy => src/falconpy}/intel.py | 0 {falconpy => src/falconpy}/iocs.py | 0 {falconpy => src/falconpy}/oauth2.py | 0 {falconpy => src/falconpy}/prevention_policy.py | 0 {falconpy => src/falconpy}/real_time_response.py | 0 {falconpy => src/falconpy}/real_time_response_admin.py | 0 {falconpy => src/falconpy}/sensor_update_policy.py | 0 {falconpy => src/falconpy}/spotlight_vulnerabilities.py | 0 {falconpy => src/falconpy}/user_management.py | 0 23 files changed, 5 insertions(+), 5 deletions(-) rename {falconpy => src/falconpy}/README.MD (100%) rename {falconpy => src/falconpy}/__init__.py (86%) rename {falconpy => src/falconpy}/api_complete.py (100%) rename {falconpy => src/falconpy}/cloud_connect_aws.py (100%) rename {falconpy => src/falconpy}/detects.py (100%) rename {falconpy => src/falconpy}/device_control_policies.py (100%) rename {falconpy => src/falconpy}/event_streams.py (100%) rename {falconpy => src/falconpy}/falconx_sandbox.py (100%) rename {falconpy => src/falconpy}/firewall_management.py (100%) rename {falconpy => src/falconpy}/firewall_policies.py (100%) rename {falconpy => src/falconpy}/host_group.py (100%) rename {falconpy => src/falconpy}/hosts.py (100%) rename {falconpy => src/falconpy}/incidents.py (100%) rename {falconpy => src/falconpy}/intel.py (100%) rename {falconpy => src/falconpy}/iocs.py (100%) rename {falconpy => src/falconpy}/oauth2.py (100%) rename {falconpy => src/falconpy}/prevention_policy.py (100%) rename {falconpy => src/falconpy}/real_time_response.py (100%) rename {falconpy => src/falconpy}/real_time_response_admin.py (100%) rename {falconpy => src/falconpy}/sensor_update_policy.py (100%) rename {falconpy => src/falconpy}/spotlight_vulnerabilities.py (100%) rename {falconpy => src/falconpy}/user_management.py (100%) diff --git a/setup.py b/setup.py index fd3d40404..f3811f7e1 100644 --- a/setup.py +++ b/setup.py @@ -10,16 +10,16 @@ setup( name="crowdstrike-falconpy", - version="0.1.3", + version="0.1.7", author="CrowdStrike", maintainer="Joshua Hiller", description="The CrowdStrike Falcon API SDK for Python 3", long_description=long_description, long_description_content_type="text/markdown", url="https://github.com/CrowdStrike/falconpy", - packages=find_packages('falconpy'), - package_dir={'': 'falconpy'}, - py_modules=[splitext(basename(path))[0] for path in glob('falconpy/*.py')], + packages=find_packages("src"), + package_dir={"": "src"}, + py_modules=[splitext(basename(path))[0] for path in glob("src/*.py")], include_package_data=True, install_requires=[ "requests", diff --git a/falconpy/README.MD b/src/falconpy/README.MD similarity index 100% rename from falconpy/README.MD rename to src/falconpy/README.MD diff --git a/falconpy/__init__.py b/src/falconpy/__init__.py similarity index 86% rename from falconpy/__init__.py rename to src/falconpy/__init__.py index e68db4b2f..6faf70618 100644 --- a/falconpy/__init__.py +++ b/src/falconpy/__init__.py @@ -4,7 +4,7 @@ The CrowdStrike Falcon API SDK """ -__version__ = '0.1.2' +__version__ = '0.1.7' __maintainer__ = 'Joshua Hiller' __author__ = 'CrowdStrike' __credits__ = 'CrowdStrike' \ No newline at end of file diff --git a/falconpy/api_complete.py b/src/falconpy/api_complete.py similarity index 100% rename from falconpy/api_complete.py rename to src/falconpy/api_complete.py diff --git a/falconpy/cloud_connect_aws.py b/src/falconpy/cloud_connect_aws.py similarity index 100% rename from falconpy/cloud_connect_aws.py rename to src/falconpy/cloud_connect_aws.py diff --git a/falconpy/detects.py b/src/falconpy/detects.py similarity index 100% rename from falconpy/detects.py rename to src/falconpy/detects.py diff --git a/falconpy/device_control_policies.py b/src/falconpy/device_control_policies.py similarity index 100% rename from falconpy/device_control_policies.py rename to src/falconpy/device_control_policies.py diff --git a/falconpy/event_streams.py b/src/falconpy/event_streams.py similarity index 100% rename from falconpy/event_streams.py rename to src/falconpy/event_streams.py diff --git a/falconpy/falconx_sandbox.py b/src/falconpy/falconx_sandbox.py similarity index 100% rename from falconpy/falconx_sandbox.py rename to src/falconpy/falconx_sandbox.py diff --git a/falconpy/firewall_management.py b/src/falconpy/firewall_management.py similarity index 100% rename from falconpy/firewall_management.py rename to src/falconpy/firewall_management.py diff --git a/falconpy/firewall_policies.py b/src/falconpy/firewall_policies.py similarity index 100% rename from falconpy/firewall_policies.py rename to src/falconpy/firewall_policies.py diff --git a/falconpy/host_group.py b/src/falconpy/host_group.py similarity index 100% rename from falconpy/host_group.py rename to src/falconpy/host_group.py diff --git a/falconpy/hosts.py b/src/falconpy/hosts.py similarity index 100% rename from falconpy/hosts.py rename to src/falconpy/hosts.py diff --git a/falconpy/incidents.py b/src/falconpy/incidents.py similarity index 100% rename from falconpy/incidents.py rename to src/falconpy/incidents.py diff --git a/falconpy/intel.py b/src/falconpy/intel.py similarity index 100% rename from falconpy/intel.py rename to src/falconpy/intel.py diff --git a/falconpy/iocs.py b/src/falconpy/iocs.py similarity index 100% rename from falconpy/iocs.py rename to src/falconpy/iocs.py diff --git a/falconpy/oauth2.py b/src/falconpy/oauth2.py similarity index 100% rename from falconpy/oauth2.py rename to src/falconpy/oauth2.py diff --git a/falconpy/prevention_policy.py b/src/falconpy/prevention_policy.py similarity index 100% rename from falconpy/prevention_policy.py rename to src/falconpy/prevention_policy.py diff --git a/falconpy/real_time_response.py b/src/falconpy/real_time_response.py similarity index 100% rename from falconpy/real_time_response.py rename to src/falconpy/real_time_response.py diff --git a/falconpy/real_time_response_admin.py b/src/falconpy/real_time_response_admin.py similarity index 100% rename from falconpy/real_time_response_admin.py rename to src/falconpy/real_time_response_admin.py diff --git a/falconpy/sensor_update_policy.py b/src/falconpy/sensor_update_policy.py similarity index 100% rename from falconpy/sensor_update_policy.py rename to src/falconpy/sensor_update_policy.py diff --git a/falconpy/spotlight_vulnerabilities.py b/src/falconpy/spotlight_vulnerabilities.py similarity index 100% rename from falconpy/spotlight_vulnerabilities.py rename to src/falconpy/spotlight_vulnerabilities.py diff --git a/falconpy/user_management.py b/src/falconpy/user_management.py similarity index 100% rename from falconpy/user_management.py rename to src/falconpy/user_management.py From 123ed9d8fd3b96325815877a937f7b5e0842b6ff Mon Sep 17 00:00:00 2001 From: Joshua Hiller Date: Mon, 7 Dec 2020 15:07:58 -0500 Subject: [PATCH 06/32] Broken link fixes --- README.md | 40 ++++++++++++++++++++-------------------- 1 file changed, 20 insertions(+), 20 deletions(-) diff --git a/README.md b/README.md index 643a10c0f..6a82c588e 100644 --- a/README.md +++ b/README.md @@ -16,28 +16,28 @@ This project contains a collection of Python classes that abstract CrowdStrike F Currently the solution defines a class for each service (_ex: cloud_connect_aws_), with endpoint methods defined as class methods. There is also a single _uber_-class that provides an interface to the entire API with a single handler. ### Available classes -+ [cloud_connect_aws.py](services/cloud_connect_aws.py) - AWS Cloud -+ [detects.py](services/detects.py) - Detections -+ [device_control_policies.py](services/device_control_policies.py) - Device Control -+ [event_streams.py](services/event_streams.py) - Event Streams -+ [falconx_sandbox.py](services/falconx_sandbox.py) - The Falcon Sandbox -+ [firewall_management.py](services/firewall_management.py) - Firewall administration -+ [firewall_policies.py](services/firewall_policies.py) - Firewall policy management -+ [host_group.py](services/host_group.py) - Host groups -+ [hosts.py](services/hosts.py) - Hosts -+ [incidents.py](services/incidents.py) - Incidents -+ [intel.py](services/intel.py) - Threat Intel -+ [iocs.py](services/iocs.py) - Indicators of Compromise -+ [oauth2.py](services/oauth2.py) - OAuth2 authentication -+ [prevention_policy.py](services/prevention_policy.py) - Prevention policies -+ [real_time_response_admin.py](services/real_time_response_admin.py) - Real time response administration -+ [real_time_response.py](services/real_time_response.py) - Real time response -+ [sensor_update_policy.py](services/sensor_update_policy.py) - Sensor policy management -+ [spotlight_vulnerabilities.py](services/spotlight_vulnerabilities.py) - Vulnerabilities -+ [user_management.py](services/user_management.py) - User administration ++ [cloud_connect_aws.py](src/falconpy/cloud_connect_aws.py) - AWS Cloud ++ [detects.py](src/falconpy/detects.py) - Detections ++ [device_control_policies.py](src/falconpy/device_control_policies.py) - Device Control ++ [event_streams.py](src/falconpy/event_streams.py) - Event Streams ++ [falconx_sandbox.py](src/falconpy/falconx_sandbox.py) - The Falcon Sandbox ++ [firewall_management.py](src/falconpy/firewall_management.py) - Firewall administration ++ [firewall_policies.py](src/falconpy/firewall_policies.py) - Firewall policy management ++ [host_group.py](src/falconpy/host_group.py) - Host groups ++ [hosts.py](src/falconpy/hosts.py) - Hosts ++ [incidents.py](src/falconpy/incidents.py) - Incidents ++ [intel.py](src/falconpy/intel.py) - Threat Intel ++ [iocs.py](src/falconpy/iocs.py) - Indicators of Compromise ++ [oauth2.py](src/falconpy/oauth2.py) - OAuth2 authentication ++ [prevention_policy.py](src/falconpy/prevention_policy.py) - Prevention policies ++ [real_time_response_admin.py](src/falconpy/real_time_response_admin.py) - Real time response administration ++ [real_time_response.py](src/falconpy/real_time_response.py) - Real time response ++ [sensor_update_policy.py](src/falconpy/sensor_update_policy.py) - Sensor policy management ++ [spotlight_vulnerabilities.py](src/falconpy/spotlight_vulnerabilities.py) - Vulnerabilities ++ [user_management.py](src/falconpy/user_management.py) - User administration ### Uber-class -+ [api_complete.py](api_complete.py) - CrowdStrike Falcon API full interface harness ++ [api_complete.py](src/falconpy/api_complete.py) - CrowdStrike Falcon API full interface harness ## Installation FalconPy is available on PyPI: From 4d6efd36d0102a056056da3040c983e065256e99 Mon Sep 17 00:00:00 2001 From: Joshua Hiller Date: Mon, 7 Dec 2020 23:29:23 -0500 Subject: [PATCH 07/32] Uber class custom headers, Content-Type retained --- src/falconpy/api_complete.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/falconpy/api_complete.py b/src/falconpy/api_complete.py index bdd982494..81df7c9c4 100644 --- a/src/falconpy/api_complete.py +++ b/src/falconpy/api_complete.py @@ -379,7 +379,7 @@ def deauthenticate(self): return revoked - def command(self, action="", parameters={}, body={}, data={}, ids=False, partition=False, override=False, files=[], content_type=False): + def command(self, action="", parameters={}, body={}, data={}, headers={}, ids=False, partition=False, override=False, files=[], content_type=False): """ Checks token expiration, renewing when necessary, then performs the request. """ if self.token_expired(): self.authenticate() @@ -395,6 +395,8 @@ def command(self, action="", parameters={}, body={}, data={}, ids=False, partiti if partition: FULL_URL = FULL_URL.format(str(partition)) HEADERS = self.headers() + for item in headers: + HEADERS[item] = headers[item] if content_type: HEADERS["Content-Type"] = str(content_type) DATA = data From 00b1208e4ed8d6d36ccc2e9500456700b55ba9fe Mon Sep 17 00:00:00 2001 From: Joshua Hiller Date: Mon, 7 Dec 2020 23:31:56 -0500 Subject: [PATCH 08/32] v0.1.8 - Uber class custom headers --- setup.py | 2 +- src/falconpy/__init__.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/setup.py b/setup.py index f3811f7e1..d271c1b52 100644 --- a/setup.py +++ b/setup.py @@ -10,7 +10,7 @@ setup( name="crowdstrike-falconpy", - version="0.1.7", + version="0.1.8", author="CrowdStrike", maintainer="Joshua Hiller", description="The CrowdStrike Falcon API SDK for Python 3", diff --git a/src/falconpy/__init__.py b/src/falconpy/__init__.py index 6faf70618..237c8e30b 100644 --- a/src/falconpy/__init__.py +++ b/src/falconpy/__init__.py @@ -4,7 +4,7 @@ The CrowdStrike Falcon API SDK """ -__version__ = '0.1.7' +__version__ = '0.1.8' __maintainer__ = 'Joshua Hiller' __author__ = 'CrowdStrike' __credits__ = 'CrowdStrike' \ No newline at end of file From 6f675e9b8545bfb3fd5a7d5daace2b1a484ce25e Mon Sep 17 00:00:00 2001 From: Joshua Hiller Date: Tue, 8 Dec 2020 01:15:20 -0500 Subject: [PATCH 09/32] Uber class fix for octet-stream file uploads --- setup.py | 2 +- src/falconpy/__init__.py | 2 +- src/falconpy/api_complete.py | 4 +++- 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/setup.py b/setup.py index d271c1b52..c11cbcd73 100644 --- a/setup.py +++ b/setup.py @@ -10,7 +10,7 @@ setup( name="crowdstrike-falconpy", - version="0.1.8", + version="0.1.9", author="CrowdStrike", maintainer="Joshua Hiller", description="The CrowdStrike Falcon API SDK for Python 3", diff --git a/src/falconpy/__init__.py b/src/falconpy/__init__.py index 237c8e30b..284def7ed 100644 --- a/src/falconpy/__init__.py +++ b/src/falconpy/__init__.py @@ -4,7 +4,7 @@ The CrowdStrike Falcon API SDK """ -__version__ = '0.1.8' +__version__ = '0.1.9' __maintainer__ = 'Joshua Hiller' __author__ = 'CrowdStrike' __credits__ = 'CrowdStrike' \ No newline at end of file diff --git a/src/falconpy/api_complete.py b/src/falconpy/api_complete.py index 81df7c9c4..7dee4c8ed 100644 --- a/src/falconpy/api_complete.py +++ b/src/falconpy/api_complete.py @@ -379,7 +379,7 @@ def deauthenticate(self): return revoked - def command(self, action="", parameters={}, body={}, data={}, headers={}, ids=False, partition=False, override=False, files=[], content_type=False): + def command(self, action="", parameters={}, body={}, data={}, headers={}, ids=False, partition=False, override=False, files=[], file_name=False, content_type=False): """ Checks token expiration, renewing when necessary, then performs the request. """ if self.token_expired(): self.authenticate() @@ -394,6 +394,8 @@ def command(self, action="", parameters={}, body={}, data={}, headers={}, ids=Fa FULL_URL = FULL_URL.format(ID_LIST) if partition: FULL_URL = FULL_URL.format(str(partition)) + if file_name: + FULL_URL = "{}?file_name={}".format(FULL_URL, str(file_name)) HEADERS = self.headers() for item in headers: HEADERS[item] = headers[item] From dfe335d2ee8b392edc12c7591b133c39397f45c6 Mon Sep 17 00:00:00 2001 From: Joshua Hiller Date: Tue, 8 Dec 2020 01:51:02 -0500 Subject: [PATCH 10/32] README.md updates --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index 92087b688..44e21662c 100644 --- a/README.md +++ b/README.md @@ -35,7 +35,6 @@ $ python -m pip uninstall crowdstrike-falconpy | [CrowdStrike Custom Indicators of Compromose (IOCs) APIs](https://falcon.crowdstrike.com/support/documentation/88/custom-ioc-apis) | [./src/falconpy/iocs.py](./src/falconpy/iocs.py) | | [CrowdStrike Detections APIs](https://falcon.crowdstrike.com/support/documentation/85/detection-and-prevention-policies-apis) | [./src/falconpy/detects.py](./src/falconpy/detects.py) | | [CrowdStrike Event Streams API](https://falcon.crowdstrike.com/support/documentation/89/event-streams-apis)| [./serices/event_streams.py](./src/falconpy/event_streams.py) | -| [CrowdStrike Event Streams APIs](https://falcon.crowdstrike.com/support/documentation/89/event-streams-apis) | *Coming Soon* | | [CrowdStrike Falcon Horizon APIs](https://falcon.crowdstrike.com/support/documentation/137/falcon-horizon-apis) | *Coming Soon* | | [CrowdStrike Falon X APIs](https://falcon.crowdstrike.com/support/documentation/92/falcon-x-apis) | *Coming Soon* | | [CrowdStrike Firewall Management API](https://falcon.crowdstrike.com/support/documentation/107/falcon-firewall-management-apis) | [./src/falconpy/firewall_management.py](./src/falconpy/firewall_management.py) | From ae63d10333f4e0397ec91b81e3df46a01fc02717 Mon Sep 17 00:00:00 2001 From: Joshua Hiller Date: Tue, 8 Dec 2020 05:13:50 -0500 Subject: [PATCH 11/32] Package development status alignment --- setup.py | 3 ++- src/falconpy/__init__.py | 4 ++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/setup.py b/setup.py index c11cbcd73..08e9cb58a 100644 --- a/setup.py +++ b/setup.py @@ -10,7 +10,7 @@ setup( name="crowdstrike-falconpy", - version="0.1.9", + version="0.1.10", author="CrowdStrike", maintainer="Joshua Hiller", description="The CrowdStrike Falcon API SDK for Python 3", @@ -26,6 +26,7 @@ "urllib3" ], classifiers=[ + "Development Status :: 4 - Beta", "Intended Audience :: Developers", "Operating System :: Unix", "Operating System :: POSIX", diff --git a/src/falconpy/__init__.py b/src/falconpy/__init__.py index 284def7ed..7c53c8211 100644 --- a/src/falconpy/__init__.py +++ b/src/falconpy/__init__.py @@ -4,7 +4,7 @@ The CrowdStrike Falcon API SDK """ -__version__ = '0.1.9' +__version__ = '0.1.10' __maintainer__ = 'Joshua Hiller' __author__ = 'CrowdStrike' -__credits__ = 'CrowdStrike' \ No newline at end of file +__credits__ = 'CrowdStrike' From 93450895b169a507be86e2221d2c5fde6fc3bb10 Mon Sep 17 00:00:00 2001 From: Joshua Hiller Date: Tue, 8 Dec 2020 11:53:35 -0500 Subject: [PATCH 12/32] Typo fix in README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 44e21662c..4e5745b7c 100644 --- a/README.md +++ b/README.md @@ -44,7 +44,7 @@ $ python -m pip uninstall crowdstrike-falconpy | [CrowdStrike Incident and Detection Monitoring APIs](https://falcon.crowdstrike.com/support/documentation/86/detections-monitoring-apis) | [./src/falconpy/incidents.py](./src/falconpy/incidents.py) | | [CrowdStrike Installation Token APIs](https://falcon.crowdstrike.com/support/documentation/120/Installation-token-APIs) | *Coming Soon* | | [CrowdStrike Intel API](https://falcon.crowdstrike.com/support/documentation/72/intel-apis) | [./src/falconpy/intel.py](./src/falconpy/intel.py) | -| [CrowdStrike MapQuery API](https://falcon.crowdstrike.com/support/documentation/113/malquery-apis) | *Coming Soon* | +| [CrowdStrike MalQuery API](https://falcon.crowdstrike.com/support/documentation/113/malquery-apis) | *Coming Soon* | | [CrowdStrike OAuth2 Auth Token APIs](https://falcon.crowdstrike.com/support/documentation/93/oauth2-auth-token-apis) | [./src/falconpy/oauth2.py](./src/falconpy/oauth2.py) | | [CrowdStrike Prevention Policy APIs](https://falcon.crowdstrike.com/support/documentation/85/detection-and-prevention-policies-apis) | [./src/falconpy/prevention_policy.py](./src/falconpy/prevention_policy.py) | | [CrowdStrike Real Time Response (RTR) APIs](https://falcon.crowdstrike.com/support/documentation/90/real-time-response-apis) | [./src/falconpy/real_time_response.py](./src/falconpy/real_time_response.py) | From f072ac76487dda7d4c13962bb89c7483b9451782 Mon Sep 17 00:00:00 2001 From: Joshua Hiller Date: Wed, 9 Dec 2020 18:38:11 -0500 Subject: [PATCH 13/32] Minor README.md text edits --- README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 043113444..144569d6c 100644 --- a/README.md +++ b/README.md @@ -18,7 +18,7 @@ $ python -m pip install crowdstrike-falconpy If you'd like to try the *absolute bleeding edge*, an automated GitHub action releases a test package with every merged pull request. To install the testing version: ```shell -$ python -m pip install -i https://test.pypi.org/simple/crowdstrike-falconpy +$ python -m pip install -i https://test.pypi.org/simple crowdstrike-falconpy ``` To uninstall/remove FalconPy: @@ -26,7 +26,7 @@ To uninstall/remove FalconPy: $ python -m pip uninstall crowdstrike-falconpy ``` -# Available Classes +# Service classes | OAuth2-Based API
*(CrowdStrike documentation, requires CrowdStrike customer login)* | Code Location | |:-|:-| | CrowdStrike Device Control API | [./src/falconpy/device_control_policies.py](./src/falconpy/device_control_policies.py) | @@ -56,7 +56,7 @@ $ python -m pip uninstall crowdstrike-falconpy | [Falcon Discover for Cloud and Containers - Azure Subscriptions APIs](https://falcon.crowdstrike.com/support/documentation/118/falcon-discover-for-cloud-and-containers-azure-subscription-apis) | *Coming Soon* | | [Falcon Discover for Cloud and Containers - GCP Projects APIs](https://falcon.crowdstrike.com/support/documentation/117/falcon-discover-for-cloud-and-containers-gcp-projects-apis) | *Coming Soon* | -## Uber-class +## Uber class + [./src/falconpy/api_complete.py](./src/falconpy/api_complete.py) - Provides an interface to all CrowdStrike APIs with a single handler. # Contributing @@ -91,7 +91,7 @@ See the wiki for extended documentation: [https://github.com/CrowdStrike/falconp *Coming soon*. ## Conference Presentations -*Coming soon.* +*Coming soon*. ## Blogs/Articles/Prose *Coming soon*. \ No newline at end of file From 1b9b1869a799a70281a95e4ecdba57a63f7eec60 Mon Sep 17 00:00:00 2001 From: Joshua Hiller Date: Wed, 9 Dec 2020 18:39:20 -0500 Subject: [PATCH 14/32] Initial unit tests: Service and Uber Auth / Revoke --- tests/test_authorization.py | 86 +++++++++++++++++++++++++++++++++++++ 1 file changed, 86 insertions(+) create mode 100644 tests/test_authorization.py diff --git a/tests/test_authorization.py b/tests/test_authorization.py new file mode 100644 index 000000000..f668c2f31 --- /dev/null +++ b/tests/test_authorization.py @@ -0,0 +1,86 @@ +# A valid CrowdStrike Falcon API key is required to run these tests. +# API client ID & secret should be stored in tests/test.config in JSON format. +# { +# "falcon_client_id": "CLIENT_ID_GOES_HERE", +# "falcon_client_secret": "CLIENT_SECRET_GOES_HERE" +# } +import json +import os +import sys +#Import our sibling src folder into the path +sys.path.append(os.path.abspath('../src')) +# Classes to test - manually imported from our sibling folder +import falconpy.api_complete as FalconSDK +import falconpy.oauth2 as FalconAuth +import falconpy.cloud_connect_aws as FalconAWS + +# The TestAuthorization class tests authentication and deauthentication +# for both the Uber and Service classes. +class TestAuthorization(): + def getConfig(self): + #Grab our config parameters + with open('%s/test.config' % os.path.dirname(os.path.abspath(__file__)), 'r') as file_config: + self.config = json.loads(file_config.read()) + + def uberAuth(self): + self.getConfig() + self.falcon = FalconSDK.APIHarness(creds={ + "client_id": self.config["falcon_client_id"], + "client_secret": self.config["falcon_client_secret"] + } + ) + self.falcon.authenticate() + if self.falcon.authenticated: + return True + else: + return False + + def uberRevoke(self): + return self.falcon.deauthenticate() + + def serviceAuth(self): + self.getConfig() + self.authorization = FalconAuth.OAuth2(creds={ + 'client_id': self.config["falcon_client_id"], + 'client_secret': self.config["falcon_client_secret"] + }) + + try: + self.token = self.authorization.token()['body']['access_token'] + + except: + self.token = False + + if self.token: + return True + else: + return False + + def serviceRevoke(self): + try: + result = self.authorization.revoke(token=self.token)["status_code"] + if result > 0: + return True + else: + return False + except: + return False + + def test_uberAuth(self): + assert self.uberAuth() == True + self.uberRevoke() + + def test_uberRevoke(self): + self.uberAuth() + assert self.uberRevoke() == True + + def test_serviceAuth(self): + assert self.serviceAuth() == True + self.serviceRevoke() + + def test_serviceRevoke(self): + self.serviceAuth() + assert self.serviceRevoke() == True + + + From 8f4c38d8bf42b836a0cf148f99424234c21b7000 Mon Sep 17 00:00:00 2001 From: Joshua Hiller Date: Wed, 9 Dec 2020 18:39:49 -0500 Subject: [PATCH 15/32] Initial unit tests: CCAWS - GetAWSSettings --- tests/test_cloud_connect_aws.py | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 tests/test_cloud_connect_aws.py diff --git a/tests/test_cloud_connect_aws.py b/tests/test_cloud_connect_aws.py new file mode 100644 index 000000000..f6f3bd182 --- /dev/null +++ b/tests/test_cloud_connect_aws.py @@ -0,0 +1,33 @@ +# A valid CrowdStrike Falcon API key is required to run these tests. +# API client ID & secret should be stored in tests/test.config in JSON format. +# { +# "falcon_client_id": "CLIENT_ID_GOES_HERE", +# "falcon_client_secret": "CLIENT_SECRET_GOES_HERE" +# } +import json +import os +import sys +# Authentication via the test_authorization.py +import test_authorization as Authorization + +#Import our sibling src folder into the path +sys.path.append(os.path.abspath('../src')) +# Classes to test - manually imported from sibling folder +import falconpy.cloud_connect_aws as FalconAWS + + +# The TestCloudConnectAWS class tests the cloud_connect_aws service class +class TestCloudConnectAWS: + def serviceCCAWS_GetAWSSettings(self): + auth = Authorization.TestAuthorization() + auth.serviceAuth() + falcon = FalconAWS.Cloud_Connect_AWS(access_token=auth.token) + if falcon.GetAWSSettings()["status_code"] > 0: + auth.serviceRevoke() + return True + else: + auth.serviceRevoke() + return False + + def test_GetAWSSettings(self): + assert self.serviceCCAWS_GetAWSSettings() == True From d0668f763bdd5b6d2375e824113c1169b03340ee Mon Sep 17 00:00:00 2001 From: Joshua Hiller Date: Tue, 15 Dec 2020 01:08:54 -0500 Subject: [PATCH 16/32] Uber class fix for non-JSON API responses --- setup.py | 2 +- src/falconpy/__init__.py | 2 +- src/falconpy/api_complete.py | 5 ++++- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/setup.py b/setup.py index 08e9cb58a..549c17842 100644 --- a/setup.py +++ b/setup.py @@ -10,7 +10,7 @@ setup( name="crowdstrike-falconpy", - version="0.1.10", + version="0.1.11", author="CrowdStrike", maintainer="Joshua Hiller", description="The CrowdStrike Falcon API SDK for Python 3", diff --git a/src/falconpy/__init__.py b/src/falconpy/__init__.py index 7c53c8211..4a351b7a6 100644 --- a/src/falconpy/__init__.py +++ b/src/falconpy/__init__.py @@ -4,7 +4,7 @@ The CrowdStrike Falcon API SDK """ -__version__ = '0.1.10' +__version__ = '0.1.11' __maintainer__ = 'Joshua Hiller' __author__ = 'CrowdStrike' __credits__ = 'CrowdStrike' diff --git a/src/falconpy/api_complete.py b/src/falconpy/api_complete.py index 7dee4c8ed..c64db8fe1 100644 --- a/src/falconpy/api_complete.py +++ b/src/falconpy/api_complete.py @@ -408,7 +408,10 @@ def command(self, action="", parameters={}, body={}, data={}, headers={}, ids=Fa if self.authenticated: try: response = requests.request(CMD[0][1].upper(), FULL_URL, json=BODY, data=DATA, params=PARAMS, headers=HEADERS, files=FILES, verify=False) - returned = self.Result()(status_code=response.status_code, headers=response.headers, body=response.json()) + if response.headers.get('content-type') == "application/json": + returned = self.Result()(status_code=response.status_code, headers=response.headers, body=response.json()) + else: + returned = response.content except Exception as e: returned = self.Result()(status_code=500, headers={}, body=str(e)) else: From ce7318e2c903a5763f45acd6a10789a31e491a60 Mon Sep 17 00:00:00 2001 From: Joshua Hiller Date: Tue, 15 Dec 2020 22:55:38 -0500 Subject: [PATCH 17/32] Updated to support GitHub workflow execution --- .github/workflows/linting.yml | 9 ++++++--- tests/test_authorization.py | 9 +++++++-- 2 files changed, 13 insertions(+), 5 deletions(-) diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml index d5c94b358..3974801a6 100644 --- a/.github/workflows/linting.yml +++ b/.github/workflows/linting.yml @@ -34,6 +34,9 @@ jobs: flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics # exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics -# - name: Test with pytest -# run: | -# pytest + - name: Test with pytest + env: + DEBUG_API_ID: ${{ secrets.DEBUG_API_ID }} + DEBUG_API_SECRET: ${{ secrets.DEBUG_API_SECRET }} + run: | + pytest diff --git a/tests/test_authorization.py b/tests/test_authorization.py index f668c2f31..97f32d800 100644 --- a/tests/test_authorization.py +++ b/tests/test_authorization.py @@ -19,8 +19,13 @@ class TestAuthorization(): def getConfig(self): #Grab our config parameters - with open('%s/test.config' % os.path.dirname(os.path.abspath(__file__)), 'r') as file_config: - self.config = json.loads(file_config.read()) + try: + self.config = {} + self.config["falcon_client_id"] = os.getenv("DEBUG_API_ID") + self.config["falcon_client_secret"] = os.getenv("DEBUG_API_SECRET") + except: + with open('%s/test.config' % os.path.dirname(os.path.abspath(__file__)), 'r') as file_config: + self.config = json.loads(file_config.read()) def uberAuth(self): self.getConfig() From f3059d71a1b828b3d427ac244daa633202614990 Mon Sep 17 00:00:00 2001 From: Joshua Hiller Date: Fri, 18 Dec 2020 13:55:13 -0500 Subject: [PATCH 18/32] Working directory fix --- tests/test_authorization.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/test_authorization.py b/tests/test_authorization.py index 97f32d800..b2c7f6214 100644 --- a/tests/test_authorization.py +++ b/tests/test_authorization.py @@ -8,7 +8,7 @@ import os import sys #Import our sibling src folder into the path -sys.path.append(os.path.abspath('../src')) +sys.path.append(os.path.abspath('./src')) # Classes to test - manually imported from our sibling folder import falconpy.api_complete as FalconSDK import falconpy.oauth2 as FalconAuth From 62132b91a253c630daaa874aa26db3e207743344 Mon Sep 17 00:00:00 2001 From: Joshua Hiller Date: Fri, 18 Dec 2020 14:22:14 -0500 Subject: [PATCH 19/32] Fixed authorization unit test 500 error --- tests/test_authorization.py | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/tests/test_authorization.py b/tests/test_authorization.py index b2c7f6214..961c39e39 100644 --- a/tests/test_authorization.py +++ b/tests/test_authorization.py @@ -19,13 +19,8 @@ class TestAuthorization(): def getConfig(self): #Grab our config parameters - try: - self.config = {} - self.config["falcon_client_id"] = os.getenv("DEBUG_API_ID") - self.config["falcon_client_secret"] = os.getenv("DEBUG_API_SECRET") - except: - with open('%s/test.config' % os.path.dirname(os.path.abspath(__file__)), 'r') as file_config: - self.config = json.loads(file_config.read()) + with open('%s/test.config' % os.path.dirname(os.path.abspath(__file__)), 'r') as file_config: + self.config = json.loads(file_config.read()) def uberAuth(self): self.getConfig() From cea896c769dc210dc0af263f39dc9d7b7e5f41c6 Mon Sep 17 00:00:00 2001 From: Joshua Hiller Date: Fri, 18 Dec 2020 14:29:23 -0500 Subject: [PATCH 20/32] Adjusted workflow directory --- tests/test_authorization.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/test_authorization.py b/tests/test_authorization.py index 961c39e39..ba8e221eb 100644 --- a/tests/test_authorization.py +++ b/tests/test_authorization.py @@ -10,9 +10,9 @@ #Import our sibling src folder into the path sys.path.append(os.path.abspath('./src')) # Classes to test - manually imported from our sibling folder -import falconpy.api_complete as FalconSDK -import falconpy.oauth2 as FalconAuth -import falconpy.cloud_connect_aws as FalconAWS +from falconpy import api_complete as FalconSDK +from falconpy import oauth2 as FalconAuth +from falconpy import cloud_connect_aws as FalconAWS # The TestAuthorization class tests authentication and deauthentication # for both the Uber and Service classes. From d9c8ee87cbff5a8aeaf3cc77e296758c2b6d607d Mon Sep 17 00:00:00 2001 From: Joshua Hiller Date: Fri, 18 Dec 2020 14:33:53 -0500 Subject: [PATCH 21/32] Added working directory --- .github/workflows/linting.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml index 3974801a6..fb46a1bc5 100644 --- a/.github/workflows/linting.yml +++ b/.github/workflows/linting.yml @@ -35,6 +35,7 @@ jobs: # exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics - name: Test with pytest + working-directory: src env: DEBUG_API_ID: ${{ secrets.DEBUG_API_ID }} DEBUG_API_SECRET: ${{ secrets.DEBUG_API_SECRET }} From 58318ae74cfbedc92a2c5588cc7b34f3c3e3f07f Mon Sep 17 00:00:00 2001 From: Joshua Hiller Date: Fri, 18 Dec 2020 14:37:20 -0500 Subject: [PATCH 22/32] Changed working directory --- .github/workflows/linting.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml index fb46a1bc5..225808b75 100644 --- a/.github/workflows/linting.yml +++ b/.github/workflows/linting.yml @@ -35,7 +35,7 @@ jobs: # exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics - name: Test with pytest - working-directory: src + working-directory: ./src env: DEBUG_API_ID: ${{ secrets.DEBUG_API_ID }} DEBUG_API_SECRET: ${{ secrets.DEBUG_API_SECRET }} From 6b2128f26f1ea3c2ddacf08a1d9879659f4ff0d3 Mon Sep 17 00:00:00 2001 From: Joshua Hiller Date: Fri, 18 Dec 2020 14:55:24 -0500 Subject: [PATCH 23/32] Working directory debugging --- src/tests/test_authorization.py | 92 +++++++++++++++++++++++++++++ src/tests/test_cloud_connect_aws.py | 33 +++++++++++ 2 files changed, 125 insertions(+) create mode 100644 src/tests/test_authorization.py create mode 100644 src/tests/test_cloud_connect_aws.py diff --git a/src/tests/test_authorization.py b/src/tests/test_authorization.py new file mode 100644 index 000000000..720b31a34 --- /dev/null +++ b/src/tests/test_authorization.py @@ -0,0 +1,92 @@ +# A valid CrowdStrike Falcon API key is required to run these tests. +# API client ID & secret should be stored in tests/test.config in JSON format. +# { +# "falcon_client_id": "CLIENT_ID_GOES_HERE", +# "falcon_client_secret": "CLIENT_SECRET_GOES_HERE" +# } +import json +import os +import sys +#Import our sibling src folder into the path +sys.path.append(os.path.abspath('src')) +# Classes to test - manually imported from our sibling folder +from falconpy import api_complete as FalconSDK +from falconpy import oauth2 as FalconAuth +from falconpy import cloud_connect_aws as FalconAWS + +# The TestAuthorization class tests authentication and deauthentication +# for both the Uber and Service classes. +class TestAuthorization(): + def getConfig(self): + #Grab our config parameters + try: + self.config = {} + self.config["falcon_client_id"] = os.getenv("DEBUG_API_ID") + self.config["falcon_client_secret"] = os.getenv("DEBUG_API_SECRET") + except: + with open('%s/test.config' % os.path.dirname(os.path.abspath(__file__)), 'r') as file_config: + self.config = json.loads(file_config.read()) + + def uberAuth(self): + self.getConfig() + self.falcon = FalconSDK.APIHarness(creds={ + "client_id": self.config["falcon_client_id"], + "client_secret": self.config["falcon_client_secret"] + } + ) + print(self.falcon.authenticate()) + self.falcon.authenticate() + if self.falcon.authenticated: + return True + else: + return False + + def uberRevoke(self): + return self.falcon.deauthenticate() + + def serviceAuth(self): + self.getConfig() + self.authorization = FalconAuth.OAuth2(creds={ + 'client_id': self.config["falcon_client_id"], + 'client_secret': self.config["falcon_client_secret"] + }) + + try: + self.token = self.authorization.token()['body']['access_token'] + + except: + self.token = False + + if self.token: + return True + else: + return False + + def serviceRevoke(self): + try: + result = self.authorization.revoke(token=self.token)["status_code"] + if result > 0: + return True + else: + return False + except: + return False + + def test_uberAuth(self): + assert self.uberAuth() == True + self.uberRevoke() + + def test_uberRevoke(self): + self.uberAuth() + assert self.uberRevoke() == True + + def test_serviceAuth(self): + assert self.serviceAuth() == True + self.serviceRevoke() + + def test_serviceRevoke(self): + self.serviceAuth() + assert self.serviceRevoke() == True + + + diff --git a/src/tests/test_cloud_connect_aws.py b/src/tests/test_cloud_connect_aws.py new file mode 100644 index 000000000..f6f3bd182 --- /dev/null +++ b/src/tests/test_cloud_connect_aws.py @@ -0,0 +1,33 @@ +# A valid CrowdStrike Falcon API key is required to run these tests. +# API client ID & secret should be stored in tests/test.config in JSON format. +# { +# "falcon_client_id": "CLIENT_ID_GOES_HERE", +# "falcon_client_secret": "CLIENT_SECRET_GOES_HERE" +# } +import json +import os +import sys +# Authentication via the test_authorization.py +import test_authorization as Authorization + +#Import our sibling src folder into the path +sys.path.append(os.path.abspath('../src')) +# Classes to test - manually imported from sibling folder +import falconpy.cloud_connect_aws as FalconAWS + + +# The TestCloudConnectAWS class tests the cloud_connect_aws service class +class TestCloudConnectAWS: + def serviceCCAWS_GetAWSSettings(self): + auth = Authorization.TestAuthorization() + auth.serviceAuth() + falcon = FalconAWS.Cloud_Connect_AWS(access_token=auth.token) + if falcon.GetAWSSettings()["status_code"] > 0: + auth.serviceRevoke() + return True + else: + auth.serviceRevoke() + return False + + def test_GetAWSSettings(self): + assert self.serviceCCAWS_GetAWSSettings() == True From 8d4196305650aff351ef34cc2f45469872f6b59b Mon Sep 17 00:00:00 2001 From: Joshua Hiller Date: Fri, 18 Dec 2020 14:57:50 -0500 Subject: [PATCH 24/32] Debugging workflows --- .github/workflows/linting.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml index 225808b75..3070614ab 100644 --- a/.github/workflows/linting.yml +++ b/.github/workflows/linting.yml @@ -40,4 +40,4 @@ jobs: DEBUG_API_ID: ${{ secrets.DEBUG_API_ID }} DEBUG_API_SECRET: ${{ secrets.DEBUG_API_SECRET }} run: | - pytest + pytest -m pytest From 301ad3f11a8d4f713fa4302e16dbab326c511315 Mon Sep 17 00:00:00 2001 From: Joshua Hiller Date: Fri, 18 Dec 2020 15:00:10 -0500 Subject: [PATCH 25/32] Lessee if this werks... --- src/tests/__init__.py | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 src/tests/__init__.py diff --git a/src/tests/__init__.py b/src/tests/__init__.py new file mode 100644 index 000000000..e69de29bb From 0c8bc3f2a0f2c2f14197b7fe9f31c56f42be08d1 Mon Sep 17 00:00:00 2001 From: Joshua Hiller Date: Fri, 18 Dec 2020 15:00:36 -0500 Subject: [PATCH 26/32] Reverted linting.yml change --- .github/workflows/linting.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml index 3070614ab..225808b75 100644 --- a/.github/workflows/linting.yml +++ b/.github/workflows/linting.yml @@ -40,4 +40,4 @@ jobs: DEBUG_API_ID: ${{ secrets.DEBUG_API_ID }} DEBUG_API_SECRET: ${{ secrets.DEBUG_API_SECRET }} run: | - pytest -m pytest + pytest From b6a4d310557d8519f07f446d7f6f0aae6a47ae4e Mon Sep 17 00:00:00 2001 From: Joshua Hiller Date: Fri, 18 Dec 2020 15:03:41 -0500 Subject: [PATCH 27/32] Now there's a test package --- src/tests/test_cloud_connect_aws.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/tests/test_cloud_connect_aws.py b/src/tests/test_cloud_connect_aws.py index f6f3bd182..902734fb6 100644 --- a/src/tests/test_cloud_connect_aws.py +++ b/src/tests/test_cloud_connect_aws.py @@ -8,12 +8,12 @@ import os import sys # Authentication via the test_authorization.py -import test_authorization as Authorization +from tests import test_authorization as Authorization #Import our sibling src folder into the path sys.path.append(os.path.abspath('../src')) # Classes to test - manually imported from sibling folder -import falconpy.cloud_connect_aws as FalconAWS +from falconpy import cloud_connect_aws as FalconAWS # The TestCloudConnectAWS class tests the cloud_connect_aws service class From d4f4b6908441ca752c162696d9298f5729577eca Mon Sep 17 00:00:00 2001 From: Joshua Hiller Date: Fri, 18 Dec 2020 16:41:33 -0500 Subject: [PATCH 28/32] Pytest debugging --- .github/workflows/linting.yml | 1 - src/tests/test_authorization.py | 92 ----------------------------- src/tests/test_cloud_connect_aws.py | 33 ----------- {src/tests => tests}/__init__.py | 0 tests/test_authorization.py | 9 +-- tests/test_cloud_connect_aws.py | 6 +- 6 files changed, 8 insertions(+), 133 deletions(-) delete mode 100644 src/tests/test_authorization.py delete mode 100644 src/tests/test_cloud_connect_aws.py rename {src/tests => tests}/__init__.py (100%) diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml index 225808b75..3974801a6 100644 --- a/.github/workflows/linting.yml +++ b/.github/workflows/linting.yml @@ -35,7 +35,6 @@ jobs: # exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics - name: Test with pytest - working-directory: ./src env: DEBUG_API_ID: ${{ secrets.DEBUG_API_ID }} DEBUG_API_SECRET: ${{ secrets.DEBUG_API_SECRET }} diff --git a/src/tests/test_authorization.py b/src/tests/test_authorization.py deleted file mode 100644 index 720b31a34..000000000 --- a/src/tests/test_authorization.py +++ /dev/null @@ -1,92 +0,0 @@ -# A valid CrowdStrike Falcon API key is required to run these tests. -# API client ID & secret should be stored in tests/test.config in JSON format. -# { -# "falcon_client_id": "CLIENT_ID_GOES_HERE", -# "falcon_client_secret": "CLIENT_SECRET_GOES_HERE" -# } -import json -import os -import sys -#Import our sibling src folder into the path -sys.path.append(os.path.abspath('src')) -# Classes to test - manually imported from our sibling folder -from falconpy import api_complete as FalconSDK -from falconpy import oauth2 as FalconAuth -from falconpy import cloud_connect_aws as FalconAWS - -# The TestAuthorization class tests authentication and deauthentication -# for both the Uber and Service classes. -class TestAuthorization(): - def getConfig(self): - #Grab our config parameters - try: - self.config = {} - self.config["falcon_client_id"] = os.getenv("DEBUG_API_ID") - self.config["falcon_client_secret"] = os.getenv("DEBUG_API_SECRET") - except: - with open('%s/test.config' % os.path.dirname(os.path.abspath(__file__)), 'r') as file_config: - self.config = json.loads(file_config.read()) - - def uberAuth(self): - self.getConfig() - self.falcon = FalconSDK.APIHarness(creds={ - "client_id": self.config["falcon_client_id"], - "client_secret": self.config["falcon_client_secret"] - } - ) - print(self.falcon.authenticate()) - self.falcon.authenticate() - if self.falcon.authenticated: - return True - else: - return False - - def uberRevoke(self): - return self.falcon.deauthenticate() - - def serviceAuth(self): - self.getConfig() - self.authorization = FalconAuth.OAuth2(creds={ - 'client_id': self.config["falcon_client_id"], - 'client_secret': self.config["falcon_client_secret"] - }) - - try: - self.token = self.authorization.token()['body']['access_token'] - - except: - self.token = False - - if self.token: - return True - else: - return False - - def serviceRevoke(self): - try: - result = self.authorization.revoke(token=self.token)["status_code"] - if result > 0: - return True - else: - return False - except: - return False - - def test_uberAuth(self): - assert self.uberAuth() == True - self.uberRevoke() - - def test_uberRevoke(self): - self.uberAuth() - assert self.uberRevoke() == True - - def test_serviceAuth(self): - assert self.serviceAuth() == True - self.serviceRevoke() - - def test_serviceRevoke(self): - self.serviceAuth() - assert self.serviceRevoke() == True - - - diff --git a/src/tests/test_cloud_connect_aws.py b/src/tests/test_cloud_connect_aws.py deleted file mode 100644 index 902734fb6..000000000 --- a/src/tests/test_cloud_connect_aws.py +++ /dev/null @@ -1,33 +0,0 @@ -# A valid CrowdStrike Falcon API key is required to run these tests. -# API client ID & secret should be stored in tests/test.config in JSON format. -# { -# "falcon_client_id": "CLIENT_ID_GOES_HERE", -# "falcon_client_secret": "CLIENT_SECRET_GOES_HERE" -# } -import json -import os -import sys -# Authentication via the test_authorization.py -from tests import test_authorization as Authorization - -#Import our sibling src folder into the path -sys.path.append(os.path.abspath('../src')) -# Classes to test - manually imported from sibling folder -from falconpy import cloud_connect_aws as FalconAWS - - -# The TestCloudConnectAWS class tests the cloud_connect_aws service class -class TestCloudConnectAWS: - def serviceCCAWS_GetAWSSettings(self): - auth = Authorization.TestAuthorization() - auth.serviceAuth() - falcon = FalconAWS.Cloud_Connect_AWS(access_token=auth.token) - if falcon.GetAWSSettings()["status_code"] > 0: - auth.serviceRevoke() - return True - else: - auth.serviceRevoke() - return False - - def test_GetAWSSettings(self): - assert self.serviceCCAWS_GetAWSSettings() == True diff --git a/src/tests/__init__.py b/tests/__init__.py similarity index 100% rename from src/tests/__init__.py rename to tests/__init__.py diff --git a/tests/test_authorization.py b/tests/test_authorization.py index 4090a2931..b2419a2ea 100644 --- a/tests/test_authorization.py +++ b/tests/test_authorization.py @@ -8,11 +8,11 @@ import os import sys #Import our sibling src folder into the path -sys.path.append(os.path.abspath('./src')) +sys.path.append(os.path.abspath('src/falconpy')) # Classes to test - manually imported from our sibling folder -from falconpy import api_complete as FalconSDK -from falconpy import oauth2 as FalconAuth -from falconpy import cloud_connect_aws as FalconAWS +import api_complete as FalconSDK +import oauth2 as FalconAuth + # The TestAuthorization class tests authentication and deauthentication # for both the Uber and Service classes. @@ -34,6 +34,7 @@ def uberAuth(self): "client_secret": self.config["falcon_client_secret"] } ) + print(self.falcon.authenticate()) self.falcon.authenticate() if self.falcon.authenticated: return True diff --git a/tests/test_cloud_connect_aws.py b/tests/test_cloud_connect_aws.py index f6f3bd182..3cfdf01a7 100644 --- a/tests/test_cloud_connect_aws.py +++ b/tests/test_cloud_connect_aws.py @@ -8,12 +8,12 @@ import os import sys # Authentication via the test_authorization.py -import test_authorization as Authorization +from tests import test_authorization as Authorization #Import our sibling src folder into the path -sys.path.append(os.path.abspath('../src')) +sys.path.append(os.path.abspath('src/falconpy')) # Classes to test - manually imported from sibling folder -import falconpy.cloud_connect_aws as FalconAWS +import cloud_connect_aws as FalconAWS # The TestCloudConnectAWS class tests the cloud_connect_aws service class From baaf7e3e46c6daf3359d5c26e261ec0a93aa2efa Mon Sep 17 00:00:00 2001 From: Joshua Hiller Date: Fri, 18 Dec 2020 16:50:17 -0500 Subject: [PATCH 29/32] Trying it another way --- tests/test_authorization.py | 6 +++--- tests/test_cloud_connect_aws.py | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/tests/test_authorization.py b/tests/test_authorization.py index b2419a2ea..84a1d5fab 100644 --- a/tests/test_authorization.py +++ b/tests/test_authorization.py @@ -8,10 +8,10 @@ import os import sys #Import our sibling src folder into the path -sys.path.append(os.path.abspath('src/falconpy')) +sys.path.append(os.path.abspath('src')) # Classes to test - manually imported from our sibling folder -import api_complete as FalconSDK -import oauth2 as FalconAuth +from falconpy import api_complete as FalconSDK +from falconpy import oauth2 as FalconAuth # The TestAuthorization class tests authentication and deauthentication diff --git a/tests/test_cloud_connect_aws.py b/tests/test_cloud_connect_aws.py index 3cfdf01a7..5da75f8d5 100644 --- a/tests/test_cloud_connect_aws.py +++ b/tests/test_cloud_connect_aws.py @@ -11,9 +11,9 @@ from tests import test_authorization as Authorization #Import our sibling src folder into the path -sys.path.append(os.path.abspath('src/falconpy')) +sys.path.append(os.path.abspath('src')) # Classes to test - manually imported from sibling folder -import cloud_connect_aws as FalconAWS +from falconpy import cloud_connect_aws as FalconAWS # The TestCloudConnectAWS class tests the cloud_connect_aws service class From 1aa39521c4de906270744c06772bac7f659fafbc Mon Sep 17 00:00:00 2001 From: Joshua Hiller Date: Fri, 18 Dec 2020 16:54:57 -0500 Subject: [PATCH 30/32] Another variation --- tests/conftest.py | 0 tests/test_authorization.py | 1 - 2 files changed, 1 deletion(-) create mode 100644 tests/conftest.py diff --git a/tests/conftest.py b/tests/conftest.py new file mode 100644 index 000000000..e69de29bb diff --git a/tests/test_authorization.py b/tests/test_authorization.py index 84a1d5fab..f72bc9444 100644 --- a/tests/test_authorization.py +++ b/tests/test_authorization.py @@ -34,7 +34,6 @@ def uberAuth(self): "client_secret": self.config["falcon_client_secret"] } ) - print(self.falcon.authenticate()) self.falcon.authenticate() if self.falcon.authenticated: return True From 9a014b4d5b65307a1003948e8fd6d3ec855e6280 Mon Sep 17 00:00:00 2001 From: Joshua Hiller Date: Thu, 24 Dec 2020 15:30:33 -0500 Subject: [PATCH 31/32] Fix to reduce flakiness in test_authorization.py --- tests/test_authorization.py | 71 +++++++++++++++++++++++-------------- 1 file changed, 45 insertions(+), 26 deletions(-) diff --git a/tests/test_authorization.py b/tests/test_authorization.py index f72bc9444..8b88b5920 100644 --- a/tests/test_authorization.py +++ b/tests/test_authorization.py @@ -1,9 +1,17 @@ # A valid CrowdStrike Falcon API key is required to run these tests. +# You can store these values in your environment (this is the preferred method). +# Example: +# export DEBUG_API_ID={CLIENT_ID_GOES_HERE} +# export DEBUG_API_SECRET={CLIENT_SECRET_GOES_HERE} +# +# You may also store these values locally in a configuration file. +# DO NOT SUBMIT A COMMIT OR A PR THAT INCLUDES YOUR CONFIGURATION FILE. # API client ID & secret should be stored in tests/test.config in JSON format. # { # "falcon_client_id": "CLIENT_ID_GOES_HERE", # "falcon_client_secret": "CLIENT_SECRET_GOES_HERE" # } + import json import os import sys @@ -13,30 +21,38 @@ from falconpy import api_complete as FalconSDK from falconpy import oauth2 as FalconAuth - # The TestAuthorization class tests authentication and deauthentication # for both the Uber and Service classes. class TestAuthorization(): def getConfig(self): #Grab our config parameters - try: + if "DEBUG_API_ID" in os.environ and "DEBUG_API_SECRET" in os.environ: self.config = {} self.config["falcon_client_id"] = os.getenv("DEBUG_API_ID") self.config["falcon_client_secret"] = os.getenv("DEBUG_API_SECRET") - except: - with open('%s/test.config' % os.path.dirname(os.path.abspath(__file__)), 'r') as file_config: - self.config = json.loads(file_config.read()) + return True + else: + cur_path = os.path.dirname(os.path.abspath(__file__)) + if os.path.exists('%s/test.config' % cur_path): + with open('%s/test.config' % cur_path, 'r') as file_config: + self.config = json.loads(file_config.read()) + return True + else: + return False def uberAuth(self): - self.getConfig() - self.falcon = FalconSDK.APIHarness(creds={ - "client_id": self.config["falcon_client_id"], - "client_secret": self.config["falcon_client_secret"] - } - ) - self.falcon.authenticate() - if self.falcon.authenticated: - return True + status = self.getConfig() + if status: + self.falcon = FalconSDK.APIHarness(creds={ + "client_id": self.config["falcon_client_id"], + "client_secret": self.config["falcon_client_secret"] + } + ) + self.falcon.authenticate() + if self.falcon.authenticated: + return True + else: + return False else: return False @@ -44,20 +60,23 @@ def uberRevoke(self): return self.falcon.deauthenticate() def serviceAuth(self): - self.getConfig() - self.authorization = FalconAuth.OAuth2(creds={ - 'client_id': self.config["falcon_client_id"], - 'client_secret': self.config["falcon_client_secret"] - }) + status = self.getConfig() + if status: + self.authorization = FalconAuth.OAuth2(creds={ + 'client_id': self.config["falcon_client_id"], + 'client_secret': self.config["falcon_client_secret"] + }) - try: - self.token = self.authorization.token()['body']['access_token'] + try: + self.token = self.authorization.token()['body']['access_token'] + + except: + self.token = False - except: - self.token = False - - if self.token: - return True + if self.token: + return True + else: + return False else: return False From 80dac325539dfb6f42ebc1c3c9106711c7d10033 Mon Sep 17 00:00:00 2001 From: Joshua Hiller Date: Thu, 24 Dec 2020 16:00:09 -0500 Subject: [PATCH 32/32] Comment typo --- tests/test_authorization.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/test_authorization.py b/tests/test_authorization.py index 8b88b5920..6ef7f8525 100644 --- a/tests/test_authorization.py +++ b/tests/test_authorization.py @@ -1,8 +1,8 @@ # A valid CrowdStrike Falcon API key is required to run these tests. # You can store these values in your environment (this is the preferred method). # Example: -# export DEBUG_API_ID={CLIENT_ID_GOES_HERE} -# export DEBUG_API_SECRET={CLIENT_SECRET_GOES_HERE} +# export DEBUG_API_ID=CLIENT_ID_GOES_HERE +# export DEBUG_API_SECRET=CLIENT_SECRET_GOES_HERE # # You may also store these values locally in a configuration file. # DO NOT SUBMIT A COMMIT OR A PR THAT INCLUDES YOUR CONFIGURATION FILE.