Hugging Face's logo

Spaces:
Agents-MCP-Hackathon
/
TDAgentTools
Sleeping

App Files Community
13
RodDoSanz commited on
Commit
013177f
ยท
1 Parent(s): 0e077b9

feat: add examples and imporve ui

Browse files
Files changed (6) hide show
  1. tdagent/tools/get_domain_information.py +13 -8
  2. tdagent/tools/get_url_content.py +6 -3
  3. tdagent/tools/query_abuse_ip_db.py +4 -2
  4. tdagent/tools/rdap.py +3 -2
  5. tdagent/tools/retrieve_from_mitre_attack.py +9 -2
  6. tdagent/tools/virus_total.py +4 -2
tdagent/tools/get_domain_information.py CHANGED
@@ -325,39 +325,44 @@ def retrieve_ioc_from_threatfox(potentially_ioc: str) -> str:
325
 
326
  geo_location_tool = gr.Interface(
327
  fn=get_geolocation,
328
- inputs=["text"],
329
- outputs="json",
330
  title="Domain Associated Geolocation Finder",
331
  description="Retrieves the geolocation associated to an input ip address",
332
  theme="default",
 
333
  )
334
 
335
  dns_enumeration_tool = gr.Interface(
336
  fn=enumerate_dns,
337
- inputs=["text"],
338
- outputs="json",
339
  title="DNS record enumerator of domains",
340
  description="Retrieves several dns record types for the input domain names",
341
  theme="default",
 
342
  )
343
 
344
  scrap_subdomains_tool = gr.Interface(
345
  fn=scrap_subdomains_for_domain,
346
- inputs=["text"],
347
- outputs="json",
348
  title="Subdomains Extractor of domains",
349
  description="Retrieves the subdomains for the input domain if they are common",
350
  theme="default",
 
351
  )
352
 
353
  extractor_of_ioc_from_threatfox_tool = gr.Interface(
354
  fn=retrieve_ioc_from_threatfox,
355
- inputs=["text"],
356
- outputs="text",
357
  title="IoC information extractor associated to particular entities",
358
  description=(
359
  "If information as an Indicator of Compromise (IoC) exists "
360
  "for the input url, domain or hash, it retrieves it"
361
  ),
362
  theme="default",
 
 
363
  )
 
325
 
326
  geo_location_tool = gr.Interface(
327
  fn=get_geolocation,
328
+ inputs=gr.Textbox(label="ip"),
329
+ outputs=gr.JSON(label="Geolocation of IP"),
330
  title="Domain Associated Geolocation Finder",
331
  description="Retrieves the geolocation associated to an input ip address",
332
  theme="default",
333
+ examples=["1.0.3.255", "59.34.7.3"],
334
  )
335
 
336
  dns_enumeration_tool = gr.Interface(
337
  fn=enumerate_dns,
338
+ inputs=gr.Textbox(label="domain"),
339
+ outputs=gr.JSON(label="DNS records"),
340
  title="DNS record enumerator of domains",
341
  description="Retrieves several dns record types for the input domain names",
342
  theme="default",
343
+ examples=["owasp.org", "nist.gov"],
344
  )
345
 
346
  scrap_subdomains_tool = gr.Interface(
347
  fn=scrap_subdomains_for_domain,
348
+ inputs=gr.Textbox(label="domain"),
349
+ outputs=gr.JSON(label="Subdomains managed by domain"),
350
  title="Subdomains Extractor of domains",
351
  description="Retrieves the subdomains for the input domain if they are common",
352
  theme="default",
353
+ examples=["github.com", "netacea.com"],
354
  )
355
 
356
  extractor_of_ioc_from_threatfox_tool = gr.Interface(
357
  fn=retrieve_ioc_from_threatfox,
358
+ inputs=gr.Textbox(label="IoC - url, domains or hash"),
359
+ outputs=gr.Text(label="Entity information as an IoC"),
360
  title="IoC information extractor associated to particular entities",
361
  description=(
362
  "If information as an Indicator of Compromise (IoC) exists "
363
  "for the input url, domain or hash, it retrieves it"
364
  ),
365
  theme="default",
366
+ examples=["advertipros.com", "dev.couplesparks.com"],
367
+ example_labels=["๐Ÿ‘พ IoC 1", "๐Ÿ‘พ IoC 2"],
368
  )
tdagent/tools/get_url_content.py CHANGED
@@ -51,13 +51,16 @@ def get_url_http_content(
51
 
52
  gr_get_url_http_content = gr.Interface(
53
  fn=get_url_http_content,
54
- inputs=["text", "text"],
55
- outputs="text",
56
  title="Get the content of a URL using an HTTP GET request.",
57
  description=(
58
  "Get the content of a URL in one of the specified content types."
59
  " The server may not honor the content type and if it fails the"
60
  " reason should also be returned with the corresponding HTTP"
61
- " error code."
62
  ),
 
 
 
63
  )
 
51
 
52
  gr_get_url_http_content = gr.Interface(
53
  fn=get_url_http_content,
54
+ inputs=[gr.Textbox(label="url"), gr.Textbox(label="content type")],
55
+ outputs=gr.Text(label="content"),
56
  title="Get the content of a URL using an HTTP GET request.",
57
  description=(
58
  "Get the content of a URL in one of the specified content types."
59
  " The server may not honor the content type and if it fails the"
60
  " reason should also be returned with the corresponding HTTP"
61
+ " error code. Be wary of retrieving the content of malicious urls."
62
  ),
63
+ examples=[
64
+ ["https://google.com", "html"],
65
+ ],
66
  )
tdagent/tools/query_abuse_ip_db.py CHANGED
@@ -156,11 +156,13 @@ def query_abuseipdb(ip_address: str, days: int = 30) -> str:
156
 
157
  gr_query_abuseipdb = gr.Interface(
158
  fn=query_abuseipdb,
159
- inputs=["text"],
160
- outputs="text",
161
  title="AbuseIPDB IP Checker",
162
  description=(
163
  "Check if an IP address has been reported for abusive behavior"
164
  " using AbuseIP DB API"
165
  ),
 
 
166
  )
 
156
 
157
  gr_query_abuseipdb = gr.Interface(
158
  fn=query_abuseipdb,
159
+ inputs=gr.Textbox(label="ip"),
160
+ outputs=gr.Text(label="Report on abusive behaviour"),
161
  title="AbuseIPDB IP Checker",
162
  description=(
163
  "Check if an IP address has been reported for abusive behavior"
164
  " using AbuseIP DB API"
165
  ),
166
+ examples=["5.252.155.14", "77.239.99.248"],
167
+ example_labels=["๐Ÿ‘พ Malicious IP 1", "๐Ÿ‘พ Malicious IP 2"],
168
  )
tdagent/tools/rdap.py CHANGED
@@ -102,8 +102,9 @@ def query_rdap( # noqa: PLR0911
102
 
103
  gr_query_rdap = gr.Interface(
104
  fn=query_rdap,
105
- inputs=["text"],
106
- outputs="json",
107
  title="Get RDAP information for a given URL.",
108
  description="Query a RDAP database to gather information about a url or domain.",
 
109
  )
 
102
 
103
  gr_query_rdap = gr.Interface(
104
  fn=query_rdap,
105
+ inputs=gr.Textbox(label="url or ip"),
106
+ outputs=gr.JSON(label="Report from RDAP"),
107
  title="Get RDAP information for a given URL.",
108
  description="Query a RDAP database to gather information about a url or domain.",
109
+ examples=["8.8.8.8", "pastebin.com"],
110
  )
tdagent/tools/retrieve_from_mitre_attack.py CHANGED
@@ -42,11 +42,18 @@ def get_stix_object_of_attack_id(
42
 
43
  gr_get_stix_of_attack_id = gr.Interface(
44
  fn=get_stix_object_of_attack_id,
45
- inputs=["text", "text"],
46
- outputs="json",
 
 
 
47
  title="MITRE ATT&CK STIX information",
48
  description=(
49
  "Retrieves a specific STIX object identified by an ATT&CK ID across all ATT&CK"
50
  " matrices"
51
  ),
 
 
 
 
52
  )
 
42
 
43
  gr_get_stix_of_attack_id = gr.Interface(
44
  fn=get_stix_object_of_attack_id,
45
+ inputs=[
46
+ gr.Textbox(label="Mitre technique ID"),
47
+ gr.Textbox(label="Mitre object type"),
48
+ ],
49
+ outputs=gr.JSON(label="Mitre report"),
50
  title="MITRE ATT&CK STIX information",
51
  description=(
52
  "Retrieves a specific STIX object identified by an ATT&CK ID across all ATT&CK"
53
  " matrices"
54
  ),
55
+ examples=[
56
+ ["T1568.002", "attack-pattern"],
57
+ ["M1042", "course-of-action"],
58
+ ],
59
  )
tdagent/tools/virus_total.py CHANGED
@@ -69,8 +69,10 @@ Cache Status: Hit
69
 
70
  gr_virus_total_url_info = gr.Interface(
71
  fn=get_virus_total_url_info,
72
- inputs=["text"],
73
- outputs="text",
74
  title="VirusTotal URL Scanner",
75
  description="Get URL Info from VirusTotal URL Scanner. Scan URL is not available",
 
 
76
  )
 
69
 
70
  gr_virus_total_url_info = gr.Interface(
71
  fn=get_virus_total_url_info,
72
+ inputs=gr.Textbox(label="url"),
73
+ outputs=gr.Text(label="VirusTotal report"),
74
  title="VirusTotal URL Scanner",
75
  description="Get URL Info from VirusTotal URL Scanner. Scan URL is not available",
76
+ examples=["https://advertipros.com//?u=script", "https://google.com"],
77
+ example_labels=["๐Ÿ‘พ Malicious URL", "๐Ÿง‘โ€๐Ÿ’ป Benign URL"],
78
  )