Malshare ingestor

[pranjalg1331]

Closes #1399

Description

Please include a summary of the change and link to the related issue.

Type of change

Please delete options that are not relevant.

• Bug fix (non-breaking change which fixes an issue).
• [ x] New feature (non-breaking change which adds functionality).
• Breaking change (fix or feature that would cause existing functionality to not work as expected).

Checklist

• [ x] I have read and understood the rules about how to Contribute to this project
• [ x] The pull request is for the branch develop
• [ x] A new plugin (analyzer, connector, visualizer, playbook, pivot or ingestor) was added or changed, in which case:
  • [x ] I strictly followed the documentation "How to create a Plugin"
  • Usage file was updated. A link to the PR to the docs repo has been added as a comment here.
  • Advanced-Usage was updated (in case the plugin provides additional optional configuration). A link to the PR to the docs repo has been added as a comment here.
  • [ x] I have dumped the configuration from Django Admin using the dumpplugin command and added it in the project as a data migration. ("How to share a plugin with the community")
  • If a File analyzer was added and it supports a mimetype which is not already supported, you added a sample of that type inside the archive test_files.zip and you added the default tests for that mimetype in test_classes.py.
  • If you created a new analyzer and it is free (does not require any API key), please add it in the FREE_TO_USE_ANALYZERS playbook by following this guide.
  • Check if it could make sense to add that analyzer/connector to other freely available playbooks.
  • I have provided the resulting raw JSON of a finished analysis and a screenshot of the results.
  • [ x] If the plugin interacts with an external service, I have created an attribute called precisely url that contains this information. This is required for Health Checks.
  • [ x] If the plugin requires mocked testing, _monkeypatch() was used in its class to apply the necessary decorators.
  • [ x] I have added that raw JSON sample to the MockUpResponse of the _monkeypatch() method. This serves us to provide a valid sample for testing.
• I have inserted the copyright banner at the start of the file: # This file is a part of IntelOwl https://github.com/intelowlproject/IntelOwl # See the file 'LICENSE' for copying permission.
• If external libraries/packages with restrictive licenses were used, they were added in the Legal Notice section.
• [ x] Linters (Black, Flake, Isort) gave 0 errors. If you have correctly installed pre-commit, it does these checks and adjustments on your behalf.
• I have added tests for the feature/bug I solved (see tests folder). All the tests (new and old ones) gave 0 errors.
• If the GUI has been modified:
  • I have a provided a screenshot of the result in the PR.
  • I have created new frontend tests for the new component or updated existing ones.
• After you had submitted the PR, if DeepSource, Django Doctors or other third-party linters have triggered any alerts during the CI checks, I have solved those alerts.

Important Rules

• If you miss to compile the Checklist properly, your PR won't be reviewed by the maintainers.
• Everytime you make changes to the PR and you think the work is done, you should explicitly ask for a review by using GitHub's reviewing system detailed here.

[pranjalg1331]

[pranjalg1331]

Please review.

[fgibertoni]

VT ?

[pranjalg1331]

Sorry, misstype. Updated.

[fgibertoni]

Can you please use the requests.get params parameter for each of the request parameter ? This avoid longer f-string and I think it's more readable

[pranjalg1331]

updated

[fgibertoni]

Can you please use the requests.get params parameter for each of the request parameter ? This avoid longer f-string and I think it's more readable

[fgibertoni]

Please pull the latest changes from develop to fix the error in CI

[pranjalg1331]

I have pulled the latest changes, but the test is still failing.

[fgibertoni]

I don't think you did it correctly. You need to have this commit in your branch

[pranjalg1331]

Changes from your commit are already being reflected in my branch.

[pranjalg1331]

Should I push a commit to fix the Spamhaus error?

[fgibertoni]

Can you please try pulling again ? Should be solved now hopefully

[fgibertoni]

This is duplicated, I think we can set it as class attribute

[pranjalg1331]

created base_url class attribute.

[fgibertoni]

I was thinking about having a class attribute called endpoint that has it's value to api.php.
Then, when making the request you combine self.url and self.endpoint

[pranjalg1331]

Got it..Updated

[fgibertoni]

Please also write a more meaningful log here (different from run), so we can follow the execution flow during debugging.

[pranjalg1331]

Updated