Dragonfly client

Dragonfly class

class pydragonfly.Dragonfly(api_key: str, logger: Optional[logging.Logger] = None)[source]
class Action

pydragonfly.Dragonfly.Action

class Analysis

pydragonfly.Dragonfly.Analysis

class Invitation

pydragonfly.Dragonfly.Invitation

class Organization

pydragonfly.Dragonfly.Organization

Note: delete and leave methods are intentionally not provided to avoid accidents. Please use the GUI for those operations.

class Profile

pydragonfly.Dragonfly.Profile

class Report

pydragonfly.Dragonfly.Report

class Rule

pydragonfly.Dragonfly.Rule

class Sample

pydragonfly.Dragonfly.Sample

class UserAccessInfo

pydragonfly.Dragonfly.UserAccessInfo

property _headers: Dict[str, str]
_server_url: str = 'https://dragonfly.certego.net'
analysis_result(analysis_id: Union[str, int], waiting_time: int = 10, max_wait_cycle: int = 30) pydragonfly.sdk.resources.analysis.AnalysisResult[source]

Utility function to retrieve an analysis’ result.

Total waiting time = waiting_time x max_wait_cycle.

Parameters

  • analysis_id (int|str) – Analysis ID to fetch result of.

  • waiting_time (int, optional) – Wait time between subsequent HTTP requests. Default 10.

  • max_wait_cycle (int, optional) – Maximum number of HTTP requests. Default 30.

New in version 0.0.4.

analyze_file(sample_name: str, sample_buffer: bytes, retrieve_analysis: bool = True, profiles: Optional[List[int]] = None, private: bool = False, root: bool = False, operating_system: Optional[str] = None, arguments: Optional[List[str]] = None, dll_entrypoints: Optional[List[str]] = None) Union[pydragonfly.sdk.resources.analysis.AnalysisResult, int][source]

Utility function to create a new analysis and get analysis ID or optionally receive result directly.

Parameters

  • sample_name (str) – Name of the sample to analyze.

  • sample_buffer (bytes) – Sample buffer in bytes form.

  • retrieve_analysis (bool, optional) – If True, fetch and return result otherwise return only analysis ID. Default True.

  • profiles (List[int], optional) – List of IDs of profiles to emulate against. Default [1,2].

  • private (bool, optional) – Mark analysis as private limitting access to you and members in your organization only. Requires paid subscription. Default False.

  • root (bool, optional) – Emulate with root permissions on OS level. Default False.

  • operating_system (str, optional) – OS of the given sample. Default None i.e. detected by dragonfly.

  • arguments (List[str], optional) – List of extra CLI arguments to pass to the emulator. Only use if you know what you are doing. Default None.

  • dll_entrypoints (List[str], optional) – DLL entrypoints. Default None.

New in version 0.0.4.