The PacketTotal SDK is a collection of modules that provide access to PacketTotal's REST API interface.
The official API documentation can be found here
- Python 3.5 or higher.
pip install -r requirements.txt
python setup.py install
If you need to override the API base URL or version you can do so with the below environmental variables.
export PACKETTOTAL_API_BASE_URL="https://api.packettotal.com/"
export PACKETTOTAL_API_VERSION_STRING="v1"
You can request an API key here.
The SDK ships with a library for interacting with the PacketTotal API, as well as a script to provide easy access to this library.
packettotal usage
from packettotal_sdk import packettotal_api
api = packettotal_api.PacketTotalApi('my-api-key')
response = api.usage()
print(response.status_code, response.json())
packettotal analyze --path /path/to/my/pcap.pcap --name my-publicly-shared-pcap-name
from packettotal_sdk import packettotal_api
api = packettotal_api.PacketTotalApi('my-api-key')
response = api.analyze(open('/path/to/my/pcap.pcap', 'rb'), pcap_name='my-publicly-shared-pcap-name')
print(response.status_code, response.json())
packettotal search --query google.com
packettotal search_by_pcap --path /path/to/my/pcap.pcap
from packettotal_sdk import search_tools
api = search_tools.SearchTools('my-api-key')
response = api.search_by_pcap(open('my-public-pcap.pcap', 'rb'))
print(response.status_code, response.json())
packettotal ioc_search --ioc-path /path/to/my_line_delim_iocs.txt
from packettotal_sdk import search_tools
api = search_tools.SearchTools('my-api-key')
response = api.search_by_iocs(open('my_line_delim_iocs.txt', 'r'))
print(response.status_code, response.json())
Static HTML version of the SDK's API Module can be found here.
The official REST API documentation is available here
Or ...
Build Sphinx Docs with search by following the seps below:
- From the root directory run
make html
ormake.bat
if on Windows. - Navigate to
_build/html/index.html
in a web-browser.