new node types

2025-09-17 22:09:39 +02:00
parent ecfb27e02a
commit 284660ab8c
6 changed files with 66 additions and 39 deletions
--- a/providers/crtsh_provider.py
+++ b/providers/crtsh_provider.py
@@ -293,6 +293,16 @@ class CrtShProvider(BaseProvider):
            cert_domains = self._extract_domains_from_certificate(cert_data)
            all_discovered_domains.update(cert_domains)

+            issuer_name = self._parse_issuer_organization(cert_data.get('issuer_name', ''))
+            if issuer_name:
+                result.add_relationship(
+                    source_node=domain,
+                    target_node=issuer_name,
+                    relationship_type='issued_by',
+                    provider=self.name,
+                    confidence=0.95
+                )
+
            for cert_domain in cert_domains:
                if not _is_valid_domain(cert_domain):
                    continue
--- a/providers/shodan_provider.py
+++ b/providers/shodan_provider.py
@@ -215,6 +215,27 @@ class ShodanProvider(BaseProvider):
        """
        result = ProviderResult()

+        isp_name = data.get('org')
+        asn_value = data.get('asn')
+
+        if isp_name and asn_value:
+            result.add_relationship(
+                source_node=ip,
+                target_node=isp_name,
+                relationship_type='ip_to_isp',
+                provider=self.name,
+                confidence=0.9,
+                raw_data={'asn': asn_value}
+            )
+            result.add_attribute(
+                target_node=isp_name,
+                name='asn',
+                value=asn_value,
+                attr_type='isp_info',
+                provider=self.name,
+                confidence=0.9
+            )
+
        for key, value in data.items():
            if key == 'hostnames':
                for hostname in value:
@@ -235,24 +256,6 @@ class ShodanProvider(BaseProvider):
                            raw_data=data,
                            discovery_method="shodan_host_lookup"
                        )
-            elif key == 'asn':
-                asn_name = f"AS{value[2:]}" if isinstance(value, str) and value.startswith('AS') else f"AS{value}"
-                result.add_relationship(
-                    source_node=ip,
-                    target_node=asn_name,
-                    relationship_type='shodan_asn_membership',
-                    provider=self.name,
-                    confidence=0.7,
-                    raw_data=data
-                )
-                self.log_relationship_discovery(
-                    source_node=ip,
-                    target_node=asn_name,
-                    relationship_type='shodan_asn_membership',
-                    confidence_score=0.7,
-                    raw_data=data,
-                    discovery_method="shodan_asn_lookup"
-                )
            elif key == 'ports':
                for port in value:
                    result.add_attribute(