Added base configuration files

travis
Hannah Ward 2016-11-18 09:28:00 +00:00
parent b96f7c2878
commit 8adccd851f
No known key found for this signature in database
GPG Key ID: 6F3BAD60DE190290
7 changed files with 126 additions and 0 deletions

3
.gitmodules vendored Normal file
View File

@ -0,0 +1,3 @@
[submodule "OpenTAXII"]
path = OpenTAXII
url = https://github.com/EclecticIQ/OpenTAXII.git

1
OpenTAXII Submodule

@ -0,0 +1 @@
Subproject commit ae8514c7afce42cd7a26b1c4d533fbc2116ade3b

11
collections.yaml Normal file
View File

@ -0,0 +1,11 @@
---
- name: collection
available: true
accept_all_content: true
type: DATA_SET
service_ids:
- inbox
- collection_management
- poll

22
config.yaml Normal file
View File

@ -0,0 +1,22 @@
---
domain: "localhost:9000"
support_basic_auth: yes
persistence_api:
class: opentaxii.persistence.sqldb.SQLDatabaseAPI
parameters:
db_connection: mysql://root:root@localhost/taxiipersist
create_tables: yes
auth_api:
class: opentaxii.auth.sqldb.SQLDatabaseAPI
parameters:
db_connection: mysql://root:root@localhost/taxiiauth
create_tables: yes
secret: ILoveTheSecretStringIsIsGreatButNeedsToBeChangedFrienderino
logging:
opentaxii: info
root: info
hooks: misp_taxii_hooks.hooks.opentaxii.hooks

24
misp_taxii_hooks/hooks.py Normal file
View File

@ -0,0 +1,24 @@
#!/usr/bin/env python3
import pymisp
from opentaxii.signals import (
CONTENT_BLOCK_CREATED, INBOX_MESSAGE_CREATED
)
## CONFIG
CONFIG = {
"MISP_URL" : "localhost",
"MISP_API" : "DEADBEEF",
}
MISP = pymisp.PyMISP(
config["MISP_URL"],
config["MISP_API"],
)
def post_stix(manager, content_block, collection_ids, service_id):
print("Content: {}".format(content_block.content))
CONTENT_BLOCK_CREATED.connect(post_stix)

48
services.yaml Normal file
View File

@ -0,0 +1,48 @@
---
- id: inbox
type: inbox
address: /services/inbox
description: Custom Inbox Service Description B
destination_collection_required: yes
accept_all_content: no
authentication_required: yes
supported_content:
- urn:stix.mitre.org:xml:1.1.1
- urn:stix.mitre.org:xml:1.2
protocol_bindings:
- urn:taxii.mitre.org:protocol:http:1.0
- urn:taxii.mitre.org:protocol:https:1.0
- id: discovery
type: discovery
address: /services/discovery
description: Custom Discovery Service description
advertised_services:
- inbox
- discovery
- collection_management
- poll
protocol_bindings:
- urn:taxii.mitre.org:protocol:http:1.0
- urn:taxii.mitre.org:protocol:https:1.0
- id: collection_management
type: collection_management
address: /services/collection-management
description: Custom Collection Management Service description
protocol_bindings:
- urn:taxii.mitre.org:protocol:http:1.0
- urn:taxii.mitre.org:protocol:https:1.0
- id: poll
type: poll
address: /services/poll
description: Custom poll Service description
subscription_required: no
max_result_count: 100
max_result_size: 10
authentication_required: yes
protocol_bindings:
- urn:taxii.mitre.org:protocol:http:1.0

17
setup.py Normal file
View File

@ -0,0 +1,17 @@
#!/usr/bin/env python3
# Setup script for ThreatIntel Conversion
from setuptools import setup
import os
setup(
name="misp_taxii_hooks",
description="A little package just to install hooks to PYTHONPATH",
version="0.1",
author="Hannah Ward",
author_email="hannah.ward2@baesystems.com",
packages=['misp_taxii_hooks'],
install_requires=["pymisp>=2.4.53", "pyaml>=3.11"],
)