TheHive-Project
diff --git a/‎responders/OvhCloud/OvhDomainOrder.json‎
Lines changed: 81 additions & 0 deletions b/‎responders/OvhCloud/OvhDomainOrder.json‎
Lines changed: 81 additions & 0 deletions
diff --git a/‎responders/OvhCloud/OvhDomainRedirection.json‎
Lines changed: 74 additions & 0 deletions b/‎responders/OvhCloud/OvhDomainRedirection.json‎
Lines changed: 74 additions & 0 deletions
diff --git a/‎responders/OvhCloud/README.md‎
Lines changed: 66 additions & 0 deletions b/‎responders/OvhCloud/README.md‎
Lines changed: 66 additions & 0 deletions
@@ -0,0 +1,81 @@
+{
+    "name": "OVH_Domain_Order",
+    "version": "1.0",
+    "author": "THA-CERT",
+    "url": "https://github.com/TheHive-Project/Cortex-Analyzers/blob/master/responders/OvhCloud",
+    "license": "AGPL-V3",
+    "description": "Buy an available Domain Name on OVH Cloud.",
+    "dataTypeList": ["thehive:case_artifact"],
+    "command": "OvhCloud/ovh_cloud.py",
+    "baseConfig": "OvhCloud",
+    "config": {
+      "service": "OvhDomainOrder"
+    },
+    "configurationItems": [
+        {
+            "name": "API_endpoint",
+            "description": "Specify here OVH API's endpoint. Eg: 'ovh-eu', 'ovh-us' or 'ovh-ca'.",
+            "type": "string",
+            "multi": false,
+            "required": true,
+            "defaultValue": "ovh-eu"
+        },
+        {
+            "name": "API_ovh_subsidiary",
+            "description": "Specify here which OVH subsidiary where you want to order. Will be 'EU', 'US' or 'CA' by default.",
+            "type": "string",
+            "multi": false,
+            "required": false
+        },
+        {
+            "name": "API_ak",
+            "description": "Specify here the Application key of your OVH Cloud account.",
+            "type": "string",
+            "multi": false,
+            "required": true
+        },
+        {
+            "name": "API_as",
+            "description": "Specify here the Application secret of your OVH Cloud account.",
+            "type": "string",
+            "multi": false,
+            "required": true
+        },
+        {
+            "name": "API_cs",
+            "description": "Specify here the Consumer secret of your OVH Cloud account.",
+            "type": "string",
+            "multi": false,
+            "required": true
+        },
+        {
+            "name": "price_limit",
+            "description": "Maximum allowed price to buy one domain name, WITHOUT Taxes. ⚠ PRICE LIMIT USES OVH SUBSIDIARY DEFAULT CURRENCY ⚠",
+            "type": "number",
+            "multi": false,
+            "required": true
+        },
+        {
+            "name": "required_configuration",
+            "description": "Set required confirguration values needed by OVH, in order to be able to finalize the order. More info: https://docs.ovh.com/fr/domains/api-order/#recuperation-des-configurations-requises. Format: 'LABEL:VALUE', EG: 'OWNER_CONTACT:/me/contact/1234'",
+            "type": "string",
+            "multi": true,
+            "required": false
+        },
+        {
+            "name": "thehive_url",
+            "description": "Optionally, specify here the API URL to add informational tags to observable.",
+            "type": "string",
+            "multi": false,
+            "required": false,
+            "defaultValue": "http://thehive:9000"
+        },
+        {
+            "name": "thehive_token",
+            "description": "Optionally, specify here the API Key to add informational tags to observable.",
+            "type": "string",
+            "multi": false,
+            "required": false
+        }
+    ]
+}
@@ -0,0 +1,74 @@
+{
+    "name": "OVH_Domain_Redirection",
+    "version": "1.0",
+    "author": "THA-CERT",
+    "url": "https://github.com/TheHive-Project/Cortex-Analyzers/blob/master/responders/OvhCloud",
+    "license": "AGPL-V3",
+    "description": "Redirect an owned Domain Name on OVH Cloud, to a specific URL.",
+    "dataTypeList": ["thehive:case_artifact"],
+    "command": "OvhCloud/ovh_cloud.py",
+    "baseConfig": "OvhCloud",
+    "config": {
+      "service": "OvhDomainRedirection"
+    },
+    "configurationItems": [
+        {
+            "name": "API_endpoint",
+            "description": "Specify here OVH API's endpoint. Eg: 'ovh-eu', 'ovh-us' or 'ovh-ca'.",
+            "type": "string",
+            "multi": false,
+            "required": true,
+            "defaultValue": "ovh-eu"
+        },
+        {
+            "name": "API_ovh_subsidiary",
+            "description": "Specify here which OVH subsidiary where you want to order. Will be 'EU', 'US' or 'CA' by default.",
+            "type": "string",
+            "multi": false,
+            "required": false
+        },
+        {
+            "name": "API_ak",
+            "description": "Specify here the Application key of your OVH Cloud account.",
+            "type": "string",
+            "multi": false,
+            "required": true
+        },
+        {
+            "name": "API_as",
+            "description": "Specify here the Application secret of your OVH Cloud account.",
+            "type": "string",
+            "multi": false,
+            "required": true
+        },
+        {
+            "name": "API_cs",
+            "description": "Specify here the Consumer secret of your OVH Cloud account.",
+            "type": "string",
+            "multi": false,
+            "required": true
+        },
+        {
+            "name": "domain_redirection",
+            "description": "Set URL where redirect to, after acquiring the current domain name. EG: 'https://www.myhomepage.com'",
+            "type": "string",
+            "multi": false,
+            "required": true
+        },
+        {
+            "name": "thehive_url",
+            "description": "Optionally, specify here the API URL to add informational tags to observable.",
+            "type": "string",
+            "multi": false,
+            "required": false,
+            "defaultValue": "http://thehive:9000"
+        },
+        {
+            "name": "thehive_token",
+            "description": "Optionally, specify here the API Key to add informational tags to observable.",
+            "type": "string",
+            "multi": false,
+            "required": false
+        }
+    ]
+}
@@ -0,0 +1,66 @@
+# OVH Cloud Responders
+
+
+## OVH Domain Order
+
+### Description
+*OVH Domain Order* can be used to purchase an **available** Domain Name with OVH Cloud registrar.  
+A price limit should be set to avoid too expensive acquisitions, depending of your budget.
+
+### Prerequisites
+To use this *OVH Domain Order* Responder, you will need:
+* an active OVHCloud account,
+* create a OVHCloud API Keys, with necessary rights. For example:
+  * post `/order/cart`
+  * get `/order/cart/*`
+  * post `/order/cart/*`
+
+### Parameters
+
+#### Price Limit
+A mandatory price limit has to be set, to avoid expensive acquisitions.
+
+> [!WARNING]
+> Maximum allowed price to buy a Domain Name corresponds to the price **WITHOUT Taxes**.  
+> **⚠ PRICE LIMIT USES OVH CLOUD SUBSIDIARY DEFAULT CURRENCY ⚠**
+
+#### Required Configurations
+Some Domain Name acquisition requires mandatory configuration(s), depending of the TLD or of OVH Subsidiaries.  
+A list of required configurations can be found on this [OVH Cloud website](https://help.ovhcloud.com/csm/en-domain-names-api-order?id=kb_article_view&sysparm_article=KB0051563#fetch-required-configurations).
+
+#### TheHive API
+Optionally, TheHive endpoint and API Key can be set, to allow *OVH Domain Order* Responder to add tags to the Observable, even when its execution fails.
+
+### Author
+**Thales Group CERT** - [thalesgroup-cert on GitHub](https://github.com/thalesgroup-cert)
+
+
+## OVH Domain Redirection
+
+### Description
+*OVH Domain Redirection* can be used to redirect an **owned** Domain Name, with OVH Cloud registrar, to the URL of your choice.  
+A price limit should be set to avoid too expensive acquisitions, depending of your budget.
+
+### Prerequisites
+To use this *OVH Domain Redirection* Responder, you will need:
+* an active OVHCloud account,
+* create a OVHCloud API Keys, with necessary rights. For example:
+  * get `/domain/zone/*`
+  * post `/domain/zone/*`
+  * put `/domain/zone/*`
+
+### Parameters
+
+#### Domain Redirection
+Set the full URL where to redirect parent domain and `www` subdomain.  
+  
+For example:
+* if domain redirection is set to `https://mydomain.com/abuse`,
+* and *OVH Domain Redirection* Responder is used on Observable `myd0main.com`,
+* then requests to `myd0main.com` & `www.myd0main.com` will redirect to `https://mydomain.com/abuse`.
+
+#### TheHive API
+Optionally, TheHive endpoint and API Key can be set, to allow *OVH Domain Redirection* Responder to add tags to the Observable, even when its execution fails.
+
+### Author
+**Thales Group CERT** - [thalesgroup-cert on GitHub](https://github.com/thalesgroup-cert)