由于最近在护网，所以打算把去年写的一个小脚本分享出来。方便各位BT在短时间内生成日报，可以省下不少时间来摸鱼，嘿嘿嘿。

这里只需要修改url和Cookie即可，同时幻阵一页最多300条，所以别超了

脚本跑完，会在xls里的表中看到结果如下图(想要更细致的填入日报的话，自己微改一下就好了)

#!/usr/bin/env python
# -*- coding: utf-8 -*-
'''
@File  : huanzhen.py
@Author: YanXia
@Date  : 2022-07-26 20:08
@email  : yx535@qq.com
@link：https://535yx.cn
'''
import requests,json,openpyxl,ipaddress
import urllib3
from urllib3.exceptions import InsecureRequestWarning
urllib3.disable_warnings(InsecureRequestWarning)
url="https://输入你那的幻阵地址/api/event/v1/list?attacker_type=ALL&attacked_proxy=ALL&proxy_ip=ALL&attacked_plugin=-10000&filterip=%5B%5D&count=247&page=1&filterwhite=0&timestamp=1658836612518"
headers = {
'content-type': 'application/x-www-form-urlencoded',
'User-Agent': 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:22.0) Gecko/20100101 Firefox/22.0',
"Cookie":"HZ_JWT=" #填入HZ_JWT的值
}
wb = openpyxl.Workbook()
ws=wb.active
ws.cell(row=1, column=1).value = "日期"
ws.cell(row=1, column=2).value = "攻击时段"
ws.cell(row=1, column=3).value = "系统名称"
ws.cell(row=1, column=4).value = "攻击IP"
ws.cell(row=1, column=5).value = "受害IP"
ws.cell(row=1, column=6).value = "遭受攻击次数"
ws.cell(row=1, column=7).value = "攻击类型"
ws.cell(row=1, column=8).value = "应对措施"
ws.cell(row=1, column=9).value = "所在网络"
ws.cell(row=1, column=10).value = "记录人"
ws.cell(row=1, column=11).value = "分析人"
ws.cell(row=1, column=12).value = "应急人"
r=requests.get(url,headers=headers, verify=False)
a=json.loads(r.text)
ship=a['data']['events']
j=0
print("-----------------------开始记录-----------------------")
count=0
for i in range(220,0,-1) : #要爬取的事件页数
url2 = "https://输入你那的幻阵地址/api/event/v1/actions?event_id=%s&proxy_ip=ALL&attack_method=0&type=ALL&attack_tech=ALL&page=1&count=10&timestamp=1658836768622" %ship[i]['event_id']
r2 = requests.get(url2, headers=headers, verify=False)
b = json.loads(r2.text)
if (b['data']['attacked_proxy']==None  or  ipaddress.ip_address(ship[i]['moresec_id'].strip()).is_private or ship[i]['action_count']<5):
print(1)
if (b['data']['attacked_proxy'] == None or  ship[i]['action_count'] < 5):
print(1)
else:
ship2 = b['data']['attacked_proxy'][0]['proxy_ip']
gjip=b['data']['actions'][0]['attack_ip']
print("攻击时间 " + ship[i]['active_tm'] + " 攻击IP " + gjip + " 受害IP " + ship2 + " 遭受的攻击次数： " + str(ship[i]['action_count']))
count+=ship[i]['action_count']
ws.cell(row=j+2,column=1).value=ship[i]['active_tm'].split(" ")[0]
ws.cell(row=j + 2, column=2).value = ship[i]['active_tm'].split(" ")[1]
ws.cell(row=j+2,column=3).value=ship2
ws.cell(row=j+2,column=4).value=gjip
ws.cell(row=j+2,column=5).value=ship2
ws.cell(row=j+2,column=6).value=ship[i]['action_count']
ws.cell(row=j+2,column=7).value="扫描"
ws.cell(row=j+2,column=8).value="封禁IP"
ws.cell(row=j+2,column=9).value="外网"
ws.cell(row=j+2,column=10).value="YanXia" #记录人
ws.cell(row=j+2,column=11).value="YanXia" #分析人
ws.cell(row=j+2,column=12).value="YanXia" #应急人
j+=1
wb.save('报告1.xls')
print("-----------------------已保存-----------------------")
print(count)