PhishingIndicator¶
-
class
trustar.models.phishing_submission.
PhishingIndicator
(indicator_type=None, value=None, source_key=None, normalized_indicator_score=None, original_indicator_score=None)¶ Models a PhishingIndicator.
Variables: - indicator_type – The type of the extracted entity (e.g. URL, IP, …)
- value – The value of an extracted entity (e.g. www.badsite.com, etc.)
- source_key – A string that is associated with the closed source providing context (e.g. ‘virustotal’, ‘crowdstrike_indicator’)
- normalized_indicator_score – The normalized score associated with a context entity
- original_indicator_score – A score given to the indicator by its original source
-
classmethod
from_dict
(phishing_indicator)¶ Creates a phishing indicator object from a dictionary.
Parameters: phishing_indicator – The phishing indicator dictionary.
-
to_dict
(remove_nones=False)¶ Creates a dictionary representation of a phishing indicator.
Parameters: remove_nones – Whether None
values should be filtered out of the dictionary. Defaults toFalse
.Returns: A PhishingIndicator object.