Weekly ThreatFox IOC Query #16
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Weekly ThreatFox IOC Query | |
| # Run the workflow once a week at midnight GMT+1 (11:00 PM UTC on Sundays) | |
| on: | |
| schedule: | |
| - cron: "0 23 * * SUN" # Run every Sunday at 23:00 UTC (midnight GMT+1) | |
| workflow_dispatch: # Allow manual trigger of the workflow | |
| jobs: | |
| run-script: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v2 # Checkout the code from the repository | |
| - name: Set up Python | |
| uses: actions/setup-python@v2 | |
| with: | |
| python-version: '3.x' | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install -r requirements.txt # Install dependencies listed in the requirements.txt | |
| - name: Run the ThreatFox IOC Query script | |
| run: | | |
| python3 ThreatFoxQuery.py ${{ secrets.THREATFOX_API_KEY }} 7 # Replace API_KEY with the secret in your GitHub repo | |
| - name: Commit and push new IOC data | |
| run: | | |
| git config --global user.email "[email protected]" # Replace with your GitHub email | |
| git config --global user.name "Spacechrist" # Replace with your GitHub username | |
| git add . # Add changes to staging | |
| git commit -m "Update ThreatFox IOCs" || echo "No changes to commit" # Commit changes, if any | |
| git remote set-url origin https://x-access-token:${{ secrets.GH_TOKEN }}@github.com/${{ github.repository }}.git # Use the GitHub token for authentication | |
| git push origin main # Push changes to the main branch |