[ShadowTrackr] Refactor connector with configuration and API integration

internal-enrichment/shadowtrackr/.env.sample

@@ -0,0 +1,11 @@
+OPENCTI_URL=http://localhost
+OPENCTI_TOKEN=ChangeMe
+CONNECTOR_ID=ChangeMe
+CONNECTOR_NAME=ShadowTrackr
+CONNECTOR_TYPE=INTERNAL_ENRICHMENT
+CONNECTOR_SCOPE=IPv4-Addr,IPv6-Addr,Indicator
+CONNECTOR_AUTO=true
+CONNECTOR_LOG_LEVEL=error
+SHADOWTRACKR_MAX_TLP=TLP:AMBER
+SHADOWTRACKR_REPLACE_WITH_LOWER_SCORE=true  # lower the score based on the ShadowTrackr false positive estimate
+SHADOWTRACKR_REPLACE_VALID_TO_DATE=true 

internal-enrichment/shadowtrackr/Dockerfile

@@ -1,17 +1,14 @@
 FROM python:3.12-alpine
-ENV CONNECTOR_TYPE=INTERNAL_ENRICHMENT
 
 # Copy the worker
 COPY src /opt/opencti-connector-shadowtrackr
+WORKDIR /opt/opencti-connector-shadowtrackr
 
 # Install Python modules
 # hadolint ignore=DL3003
-RUN apk --no-cache add git build-base libmagic libffi-dev rust cargo openssl-dev && \
-    cd /opt/opencti-connector-shadowtrackr && \
+RUN apk --no-cache add git libmagic && \ 
     pip3 install --no-cache-dir -r requirements.txt && \
-    apk del git build-base rust cargo openssl-dev
+    apk del git
 
 # Expose and entrypoint
-COPY entrypoint.sh /
-RUN chmod +x /entrypoint.sh
-ENTRYPOINT ["/entrypoint.sh"]
+CMD [ "python", "main.py" ]

internal-enrichment/shadowtrackr/README.md

@@ -1,5 +1,13 @@
 # OpenCTI ShadowTrackr Connector
 
+## Status Filigran
+
+| Status            | Date       | Comment |
+|-------------------|------------|---------|
+| Filigran Verified | 2025-12-10 | -       |
+
+----
+
 This internal enrichment connector lowers the score for IP addresses that are 
 false positives, and changes the valid until date for sources
 that are known to change function regularly, like CDNs, Clouds and VPNs. 

internal-enrichment/shadowtrackr/__metadata__/connector_manifest.json

@@ -7,8 +7,8 @@
   "use_cases": [
     "Enrichment & Analysis"
   ],
-  "verified": false,
-  "last_verified_date": null,
+  "verified": true,
+  "last_verified_date": "2025-12-05",
   "playbook_supported": true,
   "max_confidence_level": 50,
   "support_version": ">=6.3.2",

internal-enrichment/shadowtrackr/docker-compose.yml

@@ -10,7 +10,6 @@ services:
       - CONNECTOR_TYPE=INTERNAL_ENRICHMENT
       - CONNECTOR_SCOPE=IPv4-Addr,IPv6-Addr,Indicator
       - CONNECTOR_AUTO=true
-      - CONNECTOR_CONFIDENCE_LEVEL=70 # From 0 (Unknown) to 100 (Fully trusted)
       - CONNECTOR_LOG_LEVEL=error
       - SHADOWTRACKR_MAX_TLP=TLP:AMBER
       - SHADOWTRACKR_REPLACE_WITH_LOWER_SCORE=true  # lower the score based on the ShadowTrackr false positive estimate

internal-enrichment/shadowtrackr/src/config.yml.sample

@@ -2,14 +2,12 @@ opencti:
   url: 'http://localhost:8080'
   token: 'ChangeMe'
 
-
 connector:
   id: 'ChangeMe'
   type: 'INTERNAL_ENRICHMENT'
   name: 'ShadowTrackr'
   scope: 'IPv4-Addr,IPv6-Addr,Indicator'
   auto: true # Enable/disable auto-enrichment of observables
-  confidence_level: 70 # From 0 (Unknown) to 100 (Fully trusted)
   log_level: 'info'
 
 shadowtrackr:

internal-enrichment/shadowtrackr/src/connector/__init__.py

@@ -0,0 +1,6 @@
+"""ShadowTrackr Connector package"""
+
+from .connector import ShadowTrackrConnector
+from .settings import ConnectorSettings
+
+__all__ = ["ShadowTrackrConnector", "ConnectorSettings"]