MISP
/
MISP-maltego
mirror of https://github.com/MISP/MISP-maltego
2
0
Fork 0
Code Issues Releases Wiki Activity
Set of Maltego transforms to inferface with a MISP Threat Sharing instance, and also to explore the whole MITRE ATT&CK dataset.
97 Commits
2 Branches
7 Tags
5 MiB
Python 97.6%
Dockerfile 2.3%
Shell 0.1%
 
 
 
Go to file
Christophe Vandeplas 3e37cdf845 fix: [local] fixes all event to local transforms 2020-01-14 20:33:48 +01:00
ansible new: [install] docker and ansible scripts for remote transform server 2020-01-11 21:55:11 +01:00
doc chg: [doc] clarify remote/local transform 2020-01-14 11:16:51 +01:00
src/MISP_maltego fix: [local] fixes all event to local transforms 2020-01-14 20:33:48 +01:00
.canari redevelopment from scratch using canari3 2018-11-12 13:25:53 +01:00
.gitignore new: [doc] Installation using pip 2019-05-22 10:29:43 +02:00
.mrbob.ini redevelopment from scratch using canari3 2018-11-12 13:25:53 +01:00
Dockerfile fix: [docker] default to pip and not local code 2020-01-11 22:07:38 +01:00
LICENSE redevelopment from scratch using canari3 2018-11-12 13:25:53 +01:00
MANIFEST.in redevelopment from scratch using canari3 2018-11-12 13:25:53 +01:00
README.md Update README.md and screenshot 2019-12-17 21:58:37 +01:00
TRANSFORM_HUB_DISCLAIMER.md new: [install] docker and ansible scripts for remote transform server 2020-01-11 21:55:11 +01:00
publish_to_pip.sh minor cleanups 2019-06-12 13:39:52 +03:00
setup.py fix: [local] fixes all event to local transforms 2020-01-14 20:33:48 +01:00

README.md

Quick start guide

This is a Maltego MISP integration tool allowing you to view (read-only) data from a MISP instance.

It also allows browsing through the MITRE ATT&CK entities.

Currently supported MISP elements are : Event, Attribute, Object (incl relations), Tag, Taxonomy, Galaxy (incl relations).

Once installed you can start by creating a MISPEvent entity, then load the Machine EventToAll or the transform EventToAttributes.

Alternatively initiate a transform on an existing Maltego entity. The currently supported entities are: AS, DNSName, Domain, EmailAddress, File, Hash, IPv4Address, NSRecord, Person, PhoneNumber, URL, Website

Installation and User Guide:

Installation is fairly easy by using pip, just read the steps in the documentation.

The User Guide gives some example use-cases.

Screenshot

Screenshot

ATT&CK

License

This software is licensed under GNU Affero General Public License version 3

  • Copyright (C) 2018 Christophe Vandeplas

Note: Before being rewritten from scratch this project was maintained by Emmanuel Bouillon. The code is available in the v1 branch.

The icons in the intelligence-icons folder are from intelligence-icons licensed CC-BY-SA - Françoise Penninckx, Brett Jordan