PhishingIndicator¶

class trustar.models.phishing_submission.PhishingIndicator(indicator_type=None, value=None, source_key=None, normalized_indicator_score=None, original_indicator_score=None)¶

Models a PhishingIndicator.

Variables:

indicator_type – The type of the extracted entity (e.g. URL, IP, …)
value – The value of an extracted entity (e.g. www.badsite.com, etc.)
source_key – A string that is associated with the closed source providing context (e.g. ‘virustotal’, ‘crowdstrike_indicator’)
normalized_indicator_score – The normalized score associated with a context entity
original_indicator_score – A score given to the indicator by its original source

classmethod from_dict(phishing_indicator)¶

Creates a phishing indicator object from a dictionary.

Parameters:	phishing_indicator – The phishing indicator dictionary.

to_dict(remove_nones=False)¶

Creates a dictionary representation of a phishing indicator.

Parameters:	remove_nones – Whether `None` values should be filtered out of the dictionary. Defaults to `False`.
Returns:	A PhishingIndicator object.