From ee8b45a80553979d322a2190e9a34ed445225396 Mon Sep 17 00:00:00 2001 From: GlennHD Date: Mon, 23 Mar 2020 15:46:34 -0500 Subject: [PATCH 1/3] Added Malware Bazaar Added abuse.ch Malware Bazaar --- app/files/feed-metadata/defaults.json | 36 +++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) diff --git a/app/files/feed-metadata/defaults.json b/app/files/feed-metadata/defaults.json index a007ecfdd..1aeb3b6dd 100644 --- a/app/files/feed-metadata/defaults.json +++ b/app/files/feed-metadata/defaults.json @@ -1857,5 +1857,41 @@ "org_id": "0", "hide_tag": false } + }, + { + "Feed": { + "id": "116", + "name": "Malware Bazaar", + "provider": "abuse.ch", + "url": "https:\/\/bazaar.abuse.ch\/export\/txt\/md5\/full\/", + "rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]},\"url_params\":\"\"}", + "enabled": false, + "distribution": "0", + "sharing_group_id": "0", + "tag_id": "615", + "default": false, + "source_format": "csv", + "fixed_event": true, + "delta_merge": false, + "event_id": "0", + "publish": false, + "override_ids": false, + "settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\\\/^#.*\\\/i\"}}", + "input_source": "network", + "delete_local_file": false, + "lookup_visible": true, + "headers": "", + "caching_enabled": false, + "force_to_ids": false, + "cache_timestamp": false + }, + "Tag": { + "id": "615", + "name": "osint:source-type=\"block-or-filter-list\"", + "colour": "#004577", + "exportable": true, + "org_id": "0", + "hide_tag": false } + } ] From 418ef6f7a6f15851fadf53d9857835f71d4b660d Mon Sep 17 00:00:00 2001 From: GlennHD Date: Mon, 23 Mar 2020 15:50:12 -0500 Subject: [PATCH 2/3] Fixed indentation of DigitalSide & Metasploit CVEs Fixed indentation of DigitalSide & Metasploit CVEs to align with others. --- app/files/feed-metadata/defaults.json | 124 +++++++++++++------------- 1 file changed, 62 insertions(+), 62 deletions(-) diff --git a/app/files/feed-metadata/defaults.json b/app/files/feed-metadata/defaults.json index 1aeb3b6dd..0fb6e356f 100644 --- a/app/files/feed-metadata/defaults.json +++ b/app/files/feed-metadata/defaults.json @@ -1795,69 +1795,69 @@ } }, { - "Feed": { - "id": "114", - "name": "DigitalSide Threat-Intel OSINT Feed", - "provider": "osint.digitalside.it", - "url": "https:\/\/osint.digitalside.it\/Threat-Intel\/digitalside-misp-feed\/", - "rules": "", - "enabled": false, - "distribution": "0", - "sharing_group_id": "0", - "tag_id": "0", - "default": false, - "source_format": "misp", - "fixed_event": true, - "delta_merge": false, - "event_id": "0", - "publish": false, - "override_ids": false, - "settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}", - "input_source": "network", - "delete_local_file": false, - "lookup_visible": false, - "headers": "", - "caching_enabled": false, - "force_to_ids": false, - "cache_timestamp": "1568901075" - } - }, - { - "Feed": { - "id": "115", - "name": "Metasploit exploits with CVE assigned", - "provider": "eCrimeLabs", - "url": "https:\/\/feeds.ecrimelabs.net\/data\/metasploit-cve", - "rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}", - "enabled": true, - "distribution": "0", - "sharing_group_id": "0", - "tag_id": "0", - "default": false, - "source_format": "csv", - "fixed_event": true, - "delta_merge": true, - "event_id": "", - "publish": true, - "override_ids": false, - "settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}", - "input_source": "network", - "delete_local_file": false, - "lookup_visible": true, - "headers": "", - "caching_enabled": true, - "force_to_ids": false, - "cache_timestamp": "1571206806" - }, - "Tag": { - "id": "615", - "name": "osint:source-type=\"block-or-filter-list\"", - "colour": "#004577", - "exportable": true, - "org_id": "0", - "hide_tag": false - } + "Feed": { + "id": "114", + "name": "DigitalSide Threat-Intel OSINT Feed", + "provider": "osint.digitalside.it", + "url": "https:\/\/osint.digitalside.it\/Threat-Intel\/digitalside-misp-feed\/", + "rules": "", + "enabled": false, + "distribution": "0", + "sharing_group_id": "0", + "tag_id": "0", + "default": false, + "source_format": "misp", + "fixed_event": true, + "delta_merge": false, + "event_id": "0", + "publish": false, + "override_ids": false, + "settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}", + "input_source": "network", + "delete_local_file": false, + "lookup_visible": false, + "headers": "", + "caching_enabled": false, + "force_to_ids": false, + "cache_timestamp": "1568901075" + } + }, + { + "Feed": { + "id": "115", + "name": "Metasploit exploits with CVE assigned", + "provider": "eCrimeLabs", + "url": "https:\/\/feeds.ecrimelabs.net\/data\/metasploit-cve", + "rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}", + "enabled": true, + "distribution": "0", + "sharing_group_id": "0", + "tag_id": "615", + "default": false, + "source_format": "csv", + "fixed_event": true, + "delta_merge": true, + "event_id": "0", + "publish": true, + "override_ids": false, + "settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}", + "input_source": "network", + "delete_local_file": false, + "lookup_visible": true, + "headers": "", + "caching_enabled": true, + "force_to_ids": false, + "cache_timestamp": "1571206806" }, + "Tag": { + "id": "615", + "name": "osint:source-type=\"block-or-filter-list\"", + "colour": "#004577", + "exportable": true, + "org_id": "0", + "hide_tag": false + } + }, { "Feed": { "id": "116", From c4c0f14224df5afa318fa1bc8a69b575566d4053 Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Tue, 24 Mar 2020 07:21:49 +0100 Subject: [PATCH 3/3] chg: [feeds metadata] fix incorrect timestamp field --- app/files/feed-metadata/defaults.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/app/files/feed-metadata/defaults.json b/app/files/feed-metadata/defaults.json index 0fb6e356f..4965e1da9 100644 --- a/app/files/feed-metadata/defaults.json +++ b/app/files/feed-metadata/defaults.json @@ -1799,7 +1799,7 @@ "id": "114", "name": "DigitalSide Threat-Intel OSINT Feed", "provider": "osint.digitalside.it", - "url": "https:\/\/osint.digitalside.it\/Threat-Intel\/digitalside-misp-feed\/", + "url": "https://osint.digitalside.it/Threat-Intel/digitalside-misp-feed/", "rules": "", "enabled": false, "distribution": "0", @@ -1827,7 +1827,7 @@ "id": "115", "name": "Metasploit exploits with CVE assigned", "provider": "eCrimeLabs", - "url": "https:\/\/feeds.ecrimelabs.net\/data\/metasploit-cve", + "url": "https://feeds.ecrimelabs.net/data/metasploit-cve", "rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}", "enabled": true, "distribution": "0", @@ -1858,12 +1858,12 @@ "hide_tag": false } }, - { + { "Feed": { "id": "116", "name": "Malware Bazaar", "provider": "abuse.ch", - "url": "https:\/\/bazaar.abuse.ch\/export\/txt\/md5\/full\/", + "url": "https://bazaar.abuse.ch/export/txt/md5/full/", "rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]},\"url_params\":\"\"}", "enabled": false, "distribution": "0", @@ -1876,14 +1876,14 @@ "event_id": "0", "publish": false, "override_ids": false, - "settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\\\/^#.*\\\/i\"}}", + "settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\\/^#.*\\/i\"}}", "input_source": "network", "delete_local_file": false, "lookup_visible": true, "headers": "", "caching_enabled": false, "force_to_ids": false, - "cache_timestamp": false + "cache_timestamp": "1571206806" }, "Tag": { "id": "615",