MISP-maltego/misp_domain2event.py

#############################################
# MISP API Domain to Event
# 
# Author: Emmanuel Bouillon
# Email:  emmanuel.bouillon.sec@gmail.com
# Date: 24/11/2015
#############################################
import sys
from misp_util import *
from pymisp import PyMISP
import json

attribute2filter = {
    'ip':'ip-src&&ip-dst', 'domain':'domain&&hostname', 
    'hash':'md5&&sha1&&sha256&&malware-sample', 
    'email':'email-src&&email-dst', 'email-subject': 'email-subject'
}

if __name__ == '__main__':
        enValue = sys.argv[1]
        enType = sys.argv[0].split('_')[-1].split('2')[0] #misp_enType2event.py
        mt = MaltegoTransform()
        mt.addUIMessage("[INFO] " + enType + " to MISP Event")
        try:
            retrieveEvents(mt, attribute2filter[enType], enValue)
        except Exception as e:
            mt.addUIMessage("[Error] " + str(e))
        mt.returnOutput()
Added files via upload Init 2016-02-20 16:58:38 +01:00			`#############################################`
			`# MISP API Domain to Event`
			`#`
			`# Author: Emmanuel Bouillon`
			`# Email: emmanuel.bouillon.sec@gmail.com`
			`# Date: 24/11/2015`
			`#############################################`
			`import sys`
			`from misp_util import *`
			`from pymisp import PyMISP`
			`import json`

			`attribute2filter = {`
			`'ip':'ip-src&&ip-dst', 'domain':'domain&&hostname',`
			`'hash':'md5&&sha1&&sha256&&malware-sample',`
			`'email':'email-src&&email-dst', 'email-subject': 'email-subject'`
			`}`

			`if __name__ == '__main__':`
			`enValue = sys.argv[1]`
			`enType = sys.argv[0].split('_')[-1].split('2')[0] #misp_enType2event.py`
			`mt = MaltegoTransform()`
			`mt.addUIMessage("[INFO] " + enType + " to MISP Event")`
			`try:`
			`retrieveEvents(mt, attribute2filter[enType], enValue)`
			`except Exception as e:`
			`mt.addUIMessage("[Error] " + str(e))`
			`mt.returnOutput()`