bazaar_update.py

#!/usr/bin/env python3
import requests
import json
import sys
import argparse

__author__ = "Corsin Camichel"
__copyright__ = "Copyright 2020, Corsin Camichel"
__license__ = "Creative Commons Attribution-ShareAlike 4.0 International License."
__version__ = "1.0"
__email__ = "cocaman@gmail.com"

parser = argparse.ArgumentParser(description='Update a malware sample on Malware Bazaar by abuse.ch. Notice: You can only update your own samples.')
parser.add_argument('-s', '--hash', help='Hash to update (required)', type=str, metavar="HASH", required=True)
parser.add_argument('-k', '--key', help='Key (required)', type=str, metavar="KEY", required=True, choices=['urlhaus', 'any_run', 'joe_sandbox', 
                                'malpedia', 'twitter', 'links', 'dropped_by_md5', 'dropped_by_sha256', 'dropped_by_malware', 'dropping_md5', 
                                'dropping_sha256', 'dropping_malware', 'add_tag', 'remove_tag', 'comment'])
parser.add_argument('-v', '--value', help='Value (required)', type=str, metavar="VALUE", required=True)
args = parser.parse_args()

headers = { 'API-KEY': '' }

data = {
    'query': 'update',
    'sha256_hash': ''+args.hash+'',
    'key': ''+args.key+'',
    'value': ''+args.value+''
}

response = requests.post('https://mb-api.abuse.ch/api/v1/', data=data, timeout=15, headers=headers)
print(response.content.decode("utf-8", "ignore"))