MISP
/
MISP-maltego
mirror of https://github.com/MISP/MISP-maltego
2
0
Fork 0
Code Issues Releases Wiki Activity
Set of Maltego transforms to inferface with a MISP Threat Sharing instance, and also to explore the whole MITRE ATT&CK dataset.
28 Commits
2 Branches
7 Tags
5 MiB
Python 97.6%
Dockerfile 2.3%
Shell 0.1%
 
 
 
Go to file
Sebdraven 9d57313bb3 add a tranform to have just tags and galaxy on a Event 2019-03-11 16:46:39 +01:00
doc chg: [doc] 2 new use-cases 2019-02-01 12:18:01 +01:00
src/MISP_maltego add a tranform to have just tags and galaxy on a Event 2019-03-11 16:46:39 +01:00
.canari
.gitignore
.mrbob.ini
LICENSE
MANIFEST.in
README.md chg: [doc] 2 new use-cases 2019-02-01 12:18:01 +01:00
setup.py new: [documentation] Updated documentation 2019-01-31 14:53:21 +01:00

README.md

Quick start guide

This is a Maltego MISP integration tool allowing you to view (read-only) data from a MISP instance.

Currently supported MISP elements are : Event, Attribute, Object (incl relations), Tag, Taxonomy, Galaxy (incl relations).

Once installed you can start by creating a MISPEvent entity, then load the Machine EventToAll or the transform EventToAttributes.

Alternatively initiate a transform on an existing Maltego entity. The currently supported entities are: AS, DNSName, Domain, EmailAddress, File, Hash, IPv4Address, NSRecord, Person, PhoneNumber, URL, Website

Dependencies:

Installation and User Guide:

Installation is fairly easy, just read the steps in the documentation.

The User Guide gives some example use-cases.

Screenshot

Screenshot

ATT&CK

License

This software is licensed under GNU Affero General Public License version 3

  • Copyright (C) 2018 Christophe Vandeplas

Note: Before being rewritten from scratch this project was maintained by Emmanuel Bouillon. The code is available in the v1 branch.

The icons in the fontawesome folder are from https://fontawesome.com/ which are licensed SIL OFL 1.1