mirror of https://github.com/MISP/MISP-maltego
chg: minor small fixes
Christophe Vandeplas
parent
d46f817e76
commit
0570789ff5
2
setup.py
2
setup.py
|
|
@ -30,7 +30,7 @@ setup(
|
|||
},
|
||||
python_requires='>=3.5',
|
||||
install_requires=[
|
||||
'canari>=3.3.9,<4',
|
||||
'canari>=3.3.10,<4',
|
||||
'PyMISP'
|
||||
],
|
||||
dependency_links=[
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
from canari.maltego.entities import Netblock, Unknown
|
||||
from canari.maltego.transform import Transform
|
||||
# from canari.framework import EnableDebugWindow
|
||||
from MISP_maltego.transforms.common.util import get_misp_connection, event_to_entity, get_attribute_in_event, attribute_to_entity
|
||||
from MISP_maltego.transforms.common.entities import Unknown
|
||||
|
||||
__author__ = 'Christophe Vandeplas'
|
||||
__copyright__ = 'Copyright 2018, MISP_maltego Project'
|
||||
|
|
@ -46,6 +46,28 @@ class AttributeInMISP(Transform):
|
|||
return response
|
||||
|
||||
|
||||
# placeholder for https://github.com/MISP/MISP-maltego/issues/11
|
||||
# waiting for support of CIDR search through the REST API
|
||||
# @EnableDebugWindow
|
||||
# class NetblockToAttributes(Transform):
|
||||
# display_name = 'to MISP Attributes'
|
||||
# input_type = Netblock
|
||||
|
||||
# def do_transform(self, request, response, config):
|
||||
# maltego_misp_attribute = request.entity
|
||||
# misp = get_misp_connection(config)
|
||||
# import ipaddress
|
||||
# ip_start, ip_end = maltego_misp_attribute.value.split('-')
|
||||
# # FIXME make this work with IPv4 and IPv6
|
||||
# # automagically detect the different CIDRs
|
||||
# cidrs = ipaddress.summarize_address_range(ipaddress.IPv4Address(ip_start), ipaddress.IPv4Address(ip_end))
|
||||
# for cidr in cidrs:
|
||||
# print(str(cidr))
|
||||
# attr_json = misp.search(controller='attributes', values=str(cidr), withAttachments=False)
|
||||
# print(attr_json)
|
||||
# return response
|
||||
|
||||
|
||||
# @EnableDebugWindow
|
||||
class AttributeToEvent(Transform):
|
||||
display_name = 'to MISP Event'
|
||||
|
|
@ -59,6 +81,10 @@ class AttributeToEvent(Transform):
|
|||
return response
|
||||
except Exception:
|
||||
pass
|
||||
# test for Netblock
|
||||
if 'ipv4-range' in request.entity.fields:
|
||||
# placeholder for https://github.com/MISP/MISP-maltego/issues/11
|
||||
pass
|
||||
|
||||
misp = get_misp_connection(config)
|
||||
events_json = misp.search(controller='events', values=maltego_misp_attribute.value, withAttachments=False)
|
||||
|
|
|
|||
|
|
@ -13,16 +13,10 @@ __status__ = 'Development'
|
|||
__all__ = [
|
||||
'MISPEvent',
|
||||
'MISPObject',
|
||||
'MISPGalaxy',
|
||||
'Unknown'
|
||||
'MISPGalaxy'
|
||||
]
|
||||
|
||||
|
||||
class Unknown(Entity):
|
||||
_category_ = 'Unknown'
|
||||
_namespace_ = 'maltego'
|
||||
|
||||
|
||||
class MISPEvent(Entity):
|
||||
_category_ = 'MISP'
|
||||
_namespace_ = 'misp'
|
||||
|
|
@ -54,8 +48,8 @@ class MISPGalaxy(Entity):
|
|||
_category_ = 'MISP'
|
||||
_namespace_ = 'misp'
|
||||
|
||||
uuid = StringEntityField('uuid', display_name='UUID')
|
||||
name = StringEntityField('name', display_name='Name', is_value=True)
|
||||
uuid = StringEntityField('uuid', display_name='UUID', matching_rule=MatchingRule.Loose)
|
||||
name = StringEntityField('name', display_name='Name', is_value=True, matching_rule=MatchingRule.Loose)
|
||||
description = StringEntityField('description', display_name='Description', matching_rule=MatchingRule.Loose)
|
||||
cluster_type = StringEntityField('galaxy_type', display_name='Type', matching_rule=MatchingRule.Loose)
|
||||
cluster_value = StringEntityField('value', display_name='Value', matching_rule=MatchingRule.Loose)
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
from canari.maltego.entities import Hash, Domain, IPv4Address, URL, DNSName, AS, Website, NSRecord, PhoneNumber, EmailAddress, File, Person, Hashtag, Location, Company, Alias, Port, Twitter
|
||||
from MISP_maltego.transforms.common.entities import MISPEvent, MISPObject, MISPGalaxy, Unknown
|
||||
from canari.maltego.entities import Hash, Domain, IPv4Address, URL, DNSName, AS, Website, NSRecord, PhoneNumber, EmailAddress, File, Person, Hashtag, Location, Company, Alias, Port, Twitter, Unknown
|
||||
from MISP_maltego.transforms.common.entities import MISPEvent, MISPObject, MISPGalaxy
|
||||
from canari.maltego.message import UIMessageType, UIMessage, Label, LinkStyle, MaltegoException, Bookmark
|
||||
from pymisp import PyMISP
|
||||
import json
|
||||
|
|
@ -354,14 +354,13 @@ def galaxycluster_to_entity(c, link_label=None):
|
|||
return MISPGalaxy(
|
||||
'{}\n{}'.format(c['type'], c['value']),
|
||||
uuid=c['uuid'],
|
||||
description=c['description'],
|
||||
cluster_type=c['type'],
|
||||
cluster_value=c['value'],
|
||||
description=c.get('description'),
|
||||
cluster_type=c.get('type'),
|
||||
cluster_value=c.get('value'),
|
||||
synonyms=synonyms,
|
||||
tag_name=c['tag_name'],
|
||||
link_label=link_label,
|
||||
icon_url=icon_url,
|
||||
bookmark=Bookmark.Green
|
||||
icon_url=icon_url
|
||||
)
|
||||
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue