mirror of https://github.com/MISP/MISP-maltego
new: [galaxy] reverse relationships
Christophe Vandeplas
parent
3bbf12ccc7
commit
66962b0e82
|
|
@ -1,6 +1,6 @@
|
|||
from canari.maltego.entities import Hash, Domain, IPv4Address, URL, DNSName, AS, Website, NSRecord, PhoneNumber, EmailAddress, File, Person, Hashtag, Location, Company, Alias, Port, Twitter
|
||||
from MISP_maltego.transforms.common.entities import MISPEvent, MISPObject, MISPGalaxy
|
||||
from canari.maltego.message import Label, LinkStyle, MaltegoException, Bookmark
|
||||
from canari.maltego.message import Label, LinkStyle, MaltegoException, Bookmark, LinkDirection
|
||||
from pymisp import PyMISP
|
||||
import json
|
||||
import os
|
||||
|
|
@ -381,7 +381,7 @@ def event_to_entity(e, link_style=LinkStyle.Normal):
|
|||
return MISPEvent(e['Event']['id'], uuid=e['Event']['uuid'], info=e['Event']['info'], link_style=link_style, notes=notes, bookmark=Bookmark.Green)
|
||||
|
||||
|
||||
def galaxycluster_to_entity(c, link_label=None):
|
||||
def galaxycluster_to_entity(c, link_label=None, link_direction=LinkDirection.InputToOutput):
|
||||
if 'meta' in c and 'uuid' in c['meta']:
|
||||
c['uuid'] = c['meta']['uuid'].pop(0)
|
||||
|
||||
|
|
@ -408,11 +408,12 @@ def galaxycluster_to_entity(c, link_label=None):
|
|||
synonyms=synonyms,
|
||||
tag_name=c['tag_name'],
|
||||
link_label=link_label,
|
||||
icon_url=icon_url
|
||||
icon_url=icon_url,
|
||||
link_direction=link_direction
|
||||
)
|
||||
|
||||
|
||||
# FIXME this uses the galaxies from github as the MISP web UI does not fully support the Galaxies in the webui.
|
||||
# LATER this uses the galaxies from github as the MISP web UI does not fully support the Galaxies in the webui.
|
||||
# See https://github.com/MISP/MISP/issues/3801
|
||||
galaxy_archive_url = 'https://github.com/MISP/misp-galaxy/archive/master.zip'
|
||||
local_path_root = os.path.join(tempfile.gettempdir(), 'MISP-maltego')
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@ from canari.maltego.transform import Transform
|
|||
# from canari.framework import EnableDebugWindow
|
||||
from MISP_maltego.transforms.common.entities import MISPEvent, MISPGalaxy
|
||||
from MISP_maltego.transforms.common.util import get_misp_connection, galaxycluster_to_entity, get_galaxy_cluster, get_galaxies_relating, search_galaxy_cluster, mapping_galaxy_icon
|
||||
from canari.maltego.message import UIMessageType, UIMessage
|
||||
from canari.maltego.message import UIMessageType, UIMessage, LinkDirection
|
||||
|
||||
|
||||
__author__ = 'Christophe Vandeplas'
|
||||
|
|
@ -102,6 +102,11 @@ class GalaxyToRelations(Transform):
|
|||
if related_cluster:
|
||||
response += galaxycluster_to_entity(related_cluster, link_label=related['type'])
|
||||
# find objects that are relating to this one
|
||||
# for related in get_galaxies_relating(current_cluster['uuid']):
|
||||
# response += galaxycluster_to_entity(related, link_label="TODO opposite of ".format(related['type'])) # TODO link_label should be opposite
|
||||
for related in get_galaxies_relating(current_cluster['uuid']):
|
||||
related_link_label = ''
|
||||
for rel_in_rel in related['related']:
|
||||
if rel_in_rel['dest-uuid'] == current_cluster['uuid']:
|
||||
related_link_label = rel_in_rel['type']
|
||||
break
|
||||
response += galaxycluster_to_entity(related, link_label=related_link_label, link_direction=LinkDirection.OutputToInput)
|
||||
return response
|
||||
|
|
|
|||
Loading…
Reference in New Issue