- The
live-interaction
option is back. Once an analysis is running, a link to the remote assistance interface is returned in theanalysis
endpoint.
- remove
export-to-jbxview
parameter - add
url-reputation
switch to the command line interface - add
powershell-logging
parameter - remove
live-interaction
parameter
- Add
joelab_images_capture
endpoint for capturing new images. - Use
python3
interpreter when called as a CLI
- Fix
joelab_images_list
andjoelab_images_reset
functions
- Added
disable-chained-runs
parameter
- Added command line submission type
- Removed
static-only
parameter - Renamed
remote assistance
tolive interaction
- Updated the API documentation.
- Removed the
static-only
parameter.
- Removal of
remote-assistance-view-only
.
- Add submission parameter
priority
for on-premise installations.
- Add parameter
include_shared
tosubmission/list
endpoint.
- Add parameter for choosing the browser.
- Fix Joe Lab file upload.
- Deprecate parameter "anti-evasion-date"
- Add parameter "system-date"
- Joe Lab file upload uses chunked submissions now.
- Improve submission code to upload large samples through chunked upload.
- Add
submission/list
endpoint to CLI and API.
- Fix
joelab network update
CLI command. - Add
joelab pcap
commands to the API and the CLI.
- Add
account info
command to CLI.
- In version 3.7, the CLI did not check the certificates unless
--no-check-certificate
was enabled. - Documentation fix for
Joe.joelab_images_reset
- Implementation of the Joe Lab API
- New dotnet-tracing parameter.
- Renamed
office-files-password
todocument-password
- Help message improvements
- CLI gets new
--no-check-certificate
flag for easier integration in test environments.
Support environmental variables for the server settings. The variables are:
variable | description |
---|---|
JBX_API_KEY |
Sets the api key |
JBX_API_URL |
Sets the api url |
JBX_ACCEPT_TAC=1 |
Accept the terms and conditions (Cloud only) |
These environmental variables work in both the API and CLI interface. The order of precedence is from least to most important:
- variables defined directly in the Python script
- environmental variables
- arguments passed as an argument (API) or parameter (CLI)
Support for the new submission option encrypt-with-password
and for downloading encrypted analyses.
The decryption happens transparently.
- CLI has a new option
--encrypt-with-password
for submissions. - CLI can specify
--password
when downloading resources - The API
JoeSandbox.analysis_download()
has a new argumentpassword
.
Add --ignore-errors
flag to the "analysis download" command.
Add compatibility with urllib3 < 1.25.2 to avoid dependency issues.
The constructor of JoeSandbox
gains a new argument user_agent
. When you develop an integration
with Joe Sandbox, please specify the name of the integration.
Small fix.
Update dependencies to requests 2.22.0 and urllib 1.25.2. This allows uploading files with non-ascii names. Closes issue #10.
Python 3.4 is no longer supported.
Fix the command line for analysis report
and analysis download
.
- Add
JoeSandbox.analysis_list_paged()
. Use this new method for iterating over large numbers of analyses.
We have added "Submission" as a new entity to our object model. Each submission can result in one or more analyses, which is especially relevant for emails and archives. Therefore, submissions are now the main endpoint to communicate with.
jbxapi.py
now uses /api/v2/submission/new
instead of /api/v2/analysis/submit
which results in some breaking changes.
Changes to Python class JoeSandbox
:
Old | New |
---|---|
def submit_sample |
Returns a submission id instead of multiple webids |
def submit_url |
Returns a submission id instead of multiple webids |
def submit_cookbook |
Returns a submission id instead of multiple webids |
def info |
def analysis_info |
def delete |
def analysis_delete |
def list |
def analysis_list |
def search |
def analysis_search |
def download |
def analysis_download |
def systems |
def server_systems |
new | def submission_info |
new | def submission_delete |
def server_keyboard_layouts |
def server_languages_and_locales |
Changes to the Command Line Interface:
Old | New |
---|---|
jbxapi submit |
Returns a submission id instead of multiple webids |
jbxapi info |
jbxapi analysis info |
jbxapi delete |
jbxapi analysis delete |
jbxapi list |
jbxapi analysis list |
jbxapi search |
jbxapi analysis search |
jbxapi download |
jbxapi analysis download |
jbxapi report |
jbxapi analysis report |
jbxapi systems |
jbxapi server systems |
new | jbxapi submission info |
new | jbxapi submission delete |
jbxapi server_keyboard_layouts |
jbxapi server languages_and_locales |
We recommend switching to the new submissions API and CLI.
The script prints API errors to stdout
instead of stderr
. The previous distinction
did not make any sense since humans easily recognize error messages and machines
can simply check the exit code of the script.
- We removed some old, deprecated settings.
- The script sends its version inside the user-agent header to the server.