Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Yoav_Lasman
Employee Alumnus
Employee Alumnus

Get early access to our new Threat Prevention APIs

Take control of new Threat Prevention APIs powered by the largest Threat Cloud in the industry:

 

URL Reputation – for a domain/URL returns the classification and risk in accessing the resource

File Reputation – for a file digest (md5/sha1/sha256/sha512) returns the risk in downloading the file without the need to scan it

IP Reputation  - for an IP address returns it’s classification and risk in accessing a resource hosted on it

Mail Security – upload an email for scanning against malware and phishing attacks, based on award winning Sandblast engines

 

All APIs are RESTful, simple to use and can be integrated as part of a SOAR application, home-made application and more!

If you’re a Check Point customer interested in participating in the early availability stage drop me a mail at yoav@checkpoint.com

12 Replies
Yoav_Lasman
Employee Alumnus
Employee Alumnus

Detailed API instructions including samples in Java/Python can now be found in our GitHub repository.

 

Check it out here - https://github.com/CheckPointSW/reputation-service-api

0 Kudos
Martin_Raska
Advisor
Advisor

There is typo in the python code

rep_res = requests.post(f'https://rep.checkpoint.com/{service}-rep/service/v2.0/query?resource={resource}')

this f char is repeating in code and prevent from compilation. After fix those, its running.

Python v3.6

Click 7.0

Requests 2.22

 

Martin_Raska
Advisor
Advisor

no, still not working, we can run it without any command

root@cacti-virtual-machine:/home/cacti# reputation-api
Usage: reputation-api [OPTIONS]
Try "reputation-api --help" for help.

Error: Missing option "-s" / "--service". Choose from:
url,
file,
ip.

But with arguments
root@cacti-virtual-machine:/home/cacti# reputation-api -s url -r www.abc.com -ck XXYYZZ
api.utils.exceptions.StatusCodeException: Operation failed with status {self.status_code}
0 Kudos
aviadl
Employee Alumnus
Employee Alumnus

Hi Martin,

The f is not a typo. It's a new way to format strings in python and the change introduce in python 3.6 (https://www.python.org/dev/peps/pep-0498/), so if you're running python 3.6, the code should work.

Once you removed only the from your code without changing the strings formats, your code will not work as expected.

 

We'll update the code to support older versions of python 3.

Meanwhile, feel free to contact me and I'll be happy to assists you: aviadl@checkpoint.com

Martin_Raska
Advisor
Advisor

Hi Aviadl,
I dont know what exactly changed but right now I am able to compile your code with Python 3.6 and rep-api is working correctly.

root@cacti-virtual-machine:/home/cacti/REP_API_F# reputation-api -s url -r www.aaa.com -ck XXZZYY
www.aaa.com is Benign with risk 0/100
aviadl
Employee Alumnus
Employee Alumnus

That's great!
Blason_R
Leader
Leader

Hey,

May be I am passing wrong header - but can you help me fixing the typo with reputation-api?

curl -XGET -H Client-Key https://rep.checkpoint.com/rep-auth/service/v1.0/request

Plus on my Ubuntu 18.04 python3 getting below errors

Traceback (most recent call last):
File "/usr/local/bin/reputation-api", line 11, in <module>
load_entry_point('reputation-service-API-client==1.0.1', 'console_scripts', 'reputation-api')()
File "/usr/local/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 489, in load_entry_point
return get_distribution(dist).load_entry_point(group, name)
File "/usr/local/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 2852, in load_entry_point
return ep.load()
File "/usr/local/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 2443, in load
return self.resolve()
File "/usr/local/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 2449, in resolve
module = __import__(self.module_name, fromlist=['__name__'], level=0)
File "build/bdist.linux-x86_64/egg/api/__main__.py", line 7, in <module>
File "/usr/local/lib/python2.7/dist-packages/reputation_service_API_client-1.0.1-py2.7.egg/api/utils/exceptions.py", line 2
def __init__(self, status_code: int, *args: object) -> None:

Thanks and Regards,
Blason R
CCSA,CCSE,CCCS
0 Kudos
aviadl
Employee Alumnus
Employee Alumnus

Hi @Blason_R ,

For curl, please try this command:

curl -X GET 'https://rep.checkpoint.com/rep-auth/service/v1.0/request' -H 'Client-Key: <your client key>'

Replace <your client key> with your client key 🙂

 

As for the python error:

  • Can you write the full command you tried?
  • Can you make sure you actually running python 3? from the traceback I see that it's running from python 2.7 somehow.

 

Waiting for your updates,

Aviad

0 Kudos
Blason_R
Leader
Leader

Yes I have python 2.7 installed as well along with Python 3. 

Also, the main query is I am not able to generate Client-key using curl parameter. How do I generate the ck?

Thanks and Regards,
Blason R
CCSA,CCSE,CCCS
0 Kudos
aviadl
Employee Alumnus
Employee Alumnus

You can't generate Client-Key yourself.

Please contact TCAPI_SUPPORT@checkpoint.com to get a key

Blason_R
Leader
Leader

Oh - I misread probably then 🙂

So I need a ck and based on this I can generate the token which is valid for a week right?

 

Thanks and Regards,
Blason R
CCSA,CCSE,CCCS
0 Kudos
aviadl
Employee Alumnus
Employee Alumnus

Yes 😊

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events