API reference¶
Lookyloo¶
- class pylookyloo.Lookyloo(root_url: str = 'https://lookyloo.circl.lu/')¶
- enqueue(url: Optional[str] = None, quiet: bool = False, **kwargs) str ¶
Enqueue an URL.
- Parameters:
url – URL to enqueue
quiet – Returns the UUID only, instead of the whole URL
kwargs – accepts all the parameters supported by Lookyloo.scrape
- get_apikey(username: str, password: str) Dict[str, str] ¶
Get the API key for the given user.
- get_capture_stats(tree_uuid: str) Dict[str, Any] ¶
Get statistics of the capture
- get_complete_capture(capture_uuid: str) BytesIO ¶
Returns a zip files that contains the screenshot, the har, the rendered HTML, and the cookies.
- Parameters:
capture_uuid – UUID of the capture
- get_cookies(capture_uuid: str) List[Dict[str, str]] ¶
Returns the complete cookies jar.
- Parameters:
capture_uuid – UUID of the capture
- get_hash_occurrences(h: str) Dict[str, Any] ¶
Returns the base 64 body related the the hash, and a list of all the captures containing that hash.
- Parameters:
h – sha512 to search
- get_hashes(capture_uuid: str, algorithm: str = 'sha512', hashes_only: bool = True) StringIO ¶
Returns all the hashes of all the bodies (including the embedded contents)
- Parameters:
capture_uuid – UUID of the capture
algorithm – The algorithm of the hashes
hashes_only – If False, will also return the URLs related to the hashes
- get_hostname_occurrences(hostname: str, with_urls_occurrences: bool = False) Dict[str, Any] ¶
Returns all the captures contining the hostname. It will be pretty slow on very common domains.
- Parameters:
hostname – Hostname to lookup
with_urls_occurrences – If true, add details about the related URLs.
- get_hostnames(capture_uuid: str) Dict[str, Any] ¶
Returns all the hostnames seen during the capture.
- Parameters:
capture_uuid – UUID of the capture
- get_html(capture_uuid: str) StringIO ¶
Returns the rendered HTML as it would be in the browser after the page loaded.
- Parameters:
capture_uuid – UUID of the capture
- get_info(tree_uuid: str) Dict[str, Any] ¶
Get information about the capture (url, timestamp, user agent)
- get_redirects(capture_uuid: str) Dict[str, Any] ¶
Returns the initial redirects.
- Parameters:
capture_uuid – UUID of the capture
- get_screenshot(capture_uuid: str) BytesIO ¶
Returns the screenshot.
- Parameters:
capture_uuid – UUID of the capture
- get_stats() Dict[str, Any] ¶
Returns all the captures contining the URL
- get_status(tree_uuid: str) Dict[str, Any] ¶
Get the status of a capture: * -1: Unknown capture. * 0: The capture is queued up but not processed yet. * 1: The capture is ready. * 2: The capture is ongoing and will be ready soon.
- get_url_occurrences(url: str) Dict[str, Any] ¶
Returns all the captures contining the URL
- Parameters:
url – URL to lookup
- get_urls(capture_uuid: str) Dict[str, Any] ¶
Returns all the URLs seen during the capture.
- Parameters:
capture_uuid – UUID of the capture
- hide_capture(tree_uuid: str) Dict ¶
Hide a capture from the index page (requires an authenticated user, use init_apikey first)
- init_apikey(username: Optional[str] = None, password: Optional[str] = None, apikey: Optional[str] = None)¶
Init the API key for the current session. All the requests against lookyloo after this call will be authenticated.
- property is_up: bool¶
Test if the given instance is accessible
- misp_export(tree_uuid: str) Dict ¶
Export the capture in MISP format
- misp_push(tree_uuid: str) Union[Dict, List] ¶
Push the capture to a pre-configured MISP instance (requires an authenticated user, use init_apikey first) Note: if the response is a dict, it is an error mesage. If it is a list, it’s a list of MISP event.
- rebuild_capture(tree_uuid: str) Dict ¶
Force rebuild a capture (requires an authenticated user, use init_apikey first)
- trigger_modules(tree_uuid: str, force: bool = False) Dict ¶
Trigger all the available 3rd party modules on the given capture. :param force: Trigger the modules even if they were already triggered today.