msticpy.context.domain_utils module
Functions to support investigation of a domain or url.
Includes functions to conduct common investigation steps when dealing
with a domain or url, such as getting a screenshot or validating the TLD.
-
class msticpy.context.domain_utils.DomainValidator
Bases: object
Assess a domain’s validity.
-
in_abuse_list(url_domain: str) → Tuple[bool, Optional[Certificate]]
Validate if a domain or URL’s SSL cert the abuse.ch SSL Abuse List.
- Parameters
url_domain (str) – The url or domain to validate.
- Returns
True if valid in the list, False if not.
Certificate - the certificate loaded from the domain.
- Return type
Tuple[bool, Optional[Certificate]]
-
static is_resolvable(url_domain: str) → bool
Validate if a domain or URL be be resolved to an IP address.
- Parameters
url_domain (str) – The url or domain to validate.
- Returns
True if valid resolvable, False if not.
- Return type
result
-
property ssl_abuse_list: DataFrame
Return the class SSL Blacklist.
- Returns
SSL Blacklist
- Return type
pd.DataFrame
-
static validate_tld(url_domain: str) → bool
Validate if a domain’s TLD is valid.
- Parameters
url_domain (str) – The url or domain to validate.
- Returns
True if valid public TLD, False if not.
- Return type
result
-
msticpy.context.domain_utils.dns_components(domain: str) → dict
Return components of domain as dict.
- Parameters
domain (str) – The domain to extract.
- Returns
Returns subdomain and TLD components from a domain.
- Return type
dict
-
msticpy.context.domain_utils.dns_resolve(url_domain: str, rec_type: str = 'A') → Dict[str, Any]
Validate if a domain or URL be be resolved to an IP address.
- Parameters
url_domain (str) – The url or domain to validate.
rec_type (str) – The DNS record type to query, by default “A”
- Returns
Resolver result as dictionary.
- Return type
Dict[str, Any]
-
msticpy.context.domain_utils.ip_rev_resolve(ip_address: str) → Dict[str, Any]
Reverse lookup for IP Address.
- Parameters
ip_address (str) – The IP address to query.
- Returns
Resolver result as dictionary.
- Return type
Dict[str, Any]
-
msticpy.context.domain_utils.screenshot(url: str, api_key: Optional[str] = None) → Response
Get a screenshot of a url with Browshot.
- Parameters
-
- Returns
image_data – The final screenshot request response data.
- Return type
httpx.Response
-
msticpy.context.domain_utils.url_components(url: str) → Dict[str, str]
Return parsed Url components as dict.