32ccad30ec | ||
---|---|---|
ansible | ||
doc | ||
src/MISP_maltego | ||
.canari | ||
.gitignore | ||
.mrbob.ini | ||
Dockerfile | ||
LICENSE | ||
MANIFEST.in | ||
README.md | ||
TRANSFORM_HUB_DISCLAIMER.md | ||
k8s.yaml | ||
publish_to_pip.sh | ||
setup.py |
README.md
Quick start guide
This is a Maltego MISP integration tool allowing you to view (read-only) data from a MISP instance.
It also allows browsing through the MITRE ATT&CK entities.
Currently supported MISP elements are : Event, Attribute, Object (incl relations), Tag, Taxonomy, Galaxy (incl relations).
Once installed you can start by creating a MISPEvent
entity, then load the Machine EventToAll
or the transform EventToAttributes
.
Alternatively initiate a transform on an existing Maltego entity.
The currently supported entities are: AS
, DNSName
, Domain
, EmailAddress
, File
, Hash
, IPv4Address
, NSRecord
, Person
, PhoneNumber
, URL
, Website
Installation and User Guide:
Installation is fairly easy by using pip
, just read the steps in the documentation.
The User Guide gives some example use-cases.
Screenshot
License
This software is licensed under GNU Affero General Public License version 3
- Copyright (C) 2018 Christophe Vandeplas
Note: Before being rewritten from scratch this project was maintained by Emmanuel Bouillon. The code is available in the v1
branch.
The logo is CC-BY-SA and was designed by Françoise Penninckx
The icons in the intelligence-icons folder are from intelligence-icons licensed CC-BY-SA - Françoise Penninckx, Brett Jordan