diff --git a/INSTALL/INSTALL.sh b/INSTALL/INSTALL.sh index 3802235bb..86b3437e5 100644 --- a/INSTALL/INSTALL.sh +++ b/INSTALL/INSTALL.sh @@ -988,13 +988,12 @@ genRCLOCAL () { # Run PyMISP tests runTests () { - echo "url = '${MISP_BASEURL}' -key = '${AUTH_KEY}'" |sudo tee ${PATH_TO_MISP}/PyMISP/tests/keys.py + echo "url = \"${MISP_BASEURL}\" +key = \"${AUTH_KEY}\"" |sudo tee ${PATH_TO_MISP}/PyMISP/tests/keys.py sudo chown -R $WWW_USER:$WWW_USER $PATH_TO_MISP/PyMISP/ sudo -H -u $WWW_USER sh -c "cd $PATH_TO_MISP/PyMISP && git submodule foreach git pull origin master" sudo -H -u $WWW_USER ${PATH_TO_MISP}/venv/bin/pip install -e $PATH_TO_MISP/PyMISP/.[fileobjects,neo,openioc,virustotal,pdfexport] - sudo -H -u $WWW_USER git clone https://github.com/viper-framework/viper-test-files.git $PATH_TO_MISP/PyMISP/tests/viper-test-files sudo -H -u $WWW_USER sh -c "cd $PATH_TO_MISP/PyMISP && ${PATH_TO_MISP}/venv/bin/python tests/testlive_comprehensive.py" } diff --git a/INSTALL/INSTALL.sh.sfv b/INSTALL/INSTALL.sh.sfv index d4ee7513a..e578da42c 100644 --- a/INSTALL/INSTALL.sh.sfv +++ b/INSTALL/INSTALL.sh.sfv @@ -1,5 +1,5 @@ -; Generated by RHash v1.3.9 on 2020-03-10 at 18:43.24 +; Generated by RHash v1.3.9 on 2020-03-18 at 13:56.48 ; Written by Kravchenko Aleksey (Akademgorodok) - http://rhash.sf.net/ ; -; 100109 18:43.24 2020-03-10 INSTALL.sh -INSTALL.sh 68CED66FC4D5C4A7F0041BF7DAC60113FAB614E5 5DFCF61AEB56A736930EE8A77959BD90C2F8AD6AD11CD1B09AB60D1E68D18BD0 D03AECC77CF64A90DA971C562EB49C373954151B712966EF6482F6E032F992B568BB8E0C2FF3EAFB300DB7BF768796E4 3981E487FD3C4822F353232ABFB8A017E299702E1E5B1D75A2DC901D6CC8CF356F848CA944FBD04A25E9CA459645FDC5F03D2AA08A31C471F40E8AABEF01A0EF +; 99980 13:56.48 2020-03-18 INSTALL.sh +INSTALL.sh 04A834FCD3BC9DA5282EDE8A3D2C459FBC625E46 FBCA1473FEC26AD5A6C1AE6AE3D9AF11E47E7758F30B160BC047ABE9978F4476 7281B13AA7D6B016152096D35619C2CECC7EC49F8F41CF8A3B8284335D950D35F273FA56FEA63EC5ADB3669038239C61 FA17DF3AA0CBC54D2B48AE14FB296C91C12FC6CF8E3704B8AF1B2CB2CDE9C6FAF591A2E42A38C01C299C62390868E7766EF682A6B3B556BAFC469688E8AED6E7 diff --git a/INSTALL/INSTALL.sh.sha1 b/INSTALL/INSTALL.sh.sha1 index 64518e70c..ec7c207fa 100644 --- a/INSTALL/INSTALL.sh.sha1 +++ b/INSTALL/INSTALL.sh.sha1 @@ -1 +1 @@ -68ced66fc4d5c4a7f0041bf7dac60113fab614e5 INSTALL.sh +04a834fcd3bc9da5282ede8a3d2c459fbc625e46 INSTALL.sh diff --git a/INSTALL/INSTALL.sh.sha256 b/INSTALL/INSTALL.sh.sha256 index a49ca79a4..1f4397bb7 100644 --- a/INSTALL/INSTALL.sh.sha256 +++ b/INSTALL/INSTALL.sh.sha256 @@ -1 +1 @@ -5dfcf61aeb56a736930ee8a77959bd90c2f8ad6ad11cd1b09ab60d1e68d18bd0 INSTALL.sh +fbca1473fec26ad5a6c1ae6ae3d9af11e47e7758f30b160bc047abe9978f4476 INSTALL.sh diff --git a/INSTALL/INSTALL.sh.sha384 b/INSTALL/INSTALL.sh.sha384 index 33edb6640..36c9ec1e1 100644 --- a/INSTALL/INSTALL.sh.sha384 +++ b/INSTALL/INSTALL.sh.sha384 @@ -1 +1 @@ -d03aecc77cf64a90da971c562eb49c373954151b712966ef6482f6e032f992b568bb8e0c2ff3eafb300db7bf768796e4 INSTALL.sh +7281b13aa7d6b016152096d35619c2cecc7ec49f8f41cf8a3b8284335d950d35f273fa56fea63ec5adb3669038239c61 INSTALL.sh diff --git a/INSTALL/INSTALL.sh.sha512 b/INSTALL/INSTALL.sh.sha512 index 107740845..0c79ff282 100644 --- a/INSTALL/INSTALL.sh.sha512 +++ b/INSTALL/INSTALL.sh.sha512 @@ -1 +1 @@ -3981e487fd3c4822f353232abfb8a017e299702e1e5b1d75a2dc901d6cc8cf356f848ca944fbd04a25e9ca459645fdc5f03d2aa08a31c471f40e8aabef01a0ef INSTALL.sh +fa17df3aa0cbc54d2b48ae14fb296c91c12fc6cf8e3704b8af1b2cb2cde9c6faf591a2e42a38c01c299c62390868e7766ef682a6b3b556bafc469688e8aed6e7 INSTALL.sh diff --git a/app/Console/Command/SupportShell.php b/app/Console/Command/SupportShell.php new file mode 100644 index 000000000..46693db05 --- /dev/null +++ b/app/Console/Command/SupportShell.php @@ -0,0 +1,90 @@ +http://download.geonames.org/export/dump/countryInfo.txt + +__fields) { + $this->__setHeaders($lastCommentLine); + } + $line = preg_split("/[\t]/", $line); + $temp = array(); + foreach ($line as $pos => $value) { + $field = $this->__fields[$pos]; + if (in_array($field, $this->__whitelistedFields)) { + $temp[$field] = $value; + } + } + $this->__countries[] = $temp; + } + } + $clusters = array( + 'authors' => array('geonames.org'), + 'category' => 'country', + 'description' => 'Country meta information based on the database provided by geonames.org.', + 'name' => 'Country', + 'source' => 'MISP Project', + 'type' => 'country', + 'uuid' => '84668357-5a8c-4bdd-9f0f-6b50b2aee4c1', + 'version' => empty($this->args[0]) ? 1 : intval($this->args[0]) + ); + foreach ($this->__countries as $country) { + $countryName = $country['Country']; + unset($country['Country']); + $clusters['values'][] = array( + 'description' => $countryName, + 'uuid' => '84668357-5a8c-4bdd-9f0f-6b50b2' . bin2hex($country['ISO3']), + 'value' => strtolower($countryName), + 'meta' => $country + ); + } + $galaxy = array( + 'description' => 'Country meta information based on the database provided by geonames.org.', + 'icon' => 'globe', + 'name' => 'Country', + 'namespace' => 'misp', + 'type' => 'country', + 'uuid' => '84668357-5a8c-4bdd-9f0f-6b50b2aee4c1', + 'version' => empty($this->args[0]) ? 1 : intval($this->args[0]) + ); + file_put_contents('cluster.json', json_encode($clusters, JSON_PRETTY_PRINT)); + file_put_contents('galaxy.json', json_encode($galaxy, JSON_PRETTY_PRINT)); + echo PHP_EOL . PHP_EOL . 'cluster.json and galaxy.json created.' . PHP_EOL . PHP_EOL; + } + + private function __setHeaders($line) + { + $line = substr($line, 1); + $this->__fields = preg_split("/[\t]/", $line); + return true; + } +} diff --git a/app/Controller/DashboardsController.php b/app/Controller/DashboardsController.php index 9aa96ca2a..4636c1f20 100644 --- a/app/Controller/DashboardsController.php +++ b/app/Controller/DashboardsController.php @@ -4,6 +4,7 @@ App::uses('AppController', 'Controller'); class DashboardsController extends AppController { public $components = array('Session', 'RequestHandler'); + public $helpers = array('ScopedCSS'); public function beforeFilter() { diff --git a/app/Controller/UsersController.php b/app/Controller/UsersController.php index 5516c075c..08fbd0677 100644 --- a/app/Controller/UsersController.php +++ b/app/Controller/UsersController.php @@ -723,7 +723,7 @@ class UsersController extends AppController $user = $this->User->find('first', array('conditions' => array('User.id' => $this->User->id), 'recursive' => -1)); $password = isset($this->request->data['User']['password']) ? $this->request->data['User']['password'] : false; $result = $this->User->initiatePasswordReset($user, true, true, $password); - if ($result) { + if ($result && empty(Configure::read('MISP.disable_emailing'))) { $notification_message .= ' User notified of new credentials.'; } } diff --git a/app/Lib/Export/NidsSuricataExport.php b/app/Lib/Export/NidsSuricataExport.php index 6f88b78ff..76631200d 100644 --- a/app/Lib/Export/NidsSuricataExport.php +++ b/app/Lib/Export/NidsSuricataExport.php @@ -109,7 +109,6 @@ class NidsSuricataExport extends NidsExport $data['host'] = ''; } } - switch ($scheme) { case "http": $data['host'] = NidsExport::replaceIllegalChars($data['host']); @@ -126,26 +125,18 @@ class NidsSuricataExport extends NidsExport } else { $content = 'flow:to_server,established; content:"' . $data['host'] . '"; fast_pattern; nocase; http_header; content:"' . $data['path'] . '"; nocase; http_uri;'; } - break; case "https": $data['host'] = NidsExport::replaceIllegalChars($data['host']); $tag = 'tag:session,600,seconds;'; - # IP: classic IP rule for HTTPS - if (filter_var($data['host'], FILTER_VALIDATE_IP)) { - $suricata_protocol = 'tcp'; - $suricata_src_ip = '$HOME_NET'; - $suricata_src_port = 'any'; - $suricata_dst_ip = $data['host']; - $suricata_dst_port = NidsExport::getProtocolPort($scheme, $data['port']); - $content = 'flow:to_server; app-layer-protocol:tls;'; - } - # Domain: rule on https certificate subject - else { - $createRule = false; - } + $suricata_protocol = 'tcp'; + $suricata_src_ip = '$HOME_NET'; + $suricata_src_port = 'any'; + $suricata_dst_ip = $data['host']; + $suricata_dst_port = NidsExport::getProtocolPort($scheme, $data['port']); + $content = 'flow:to_server; app-layer-protocol:tls;'; break; case "ssh": @@ -196,7 +187,6 @@ class NidsSuricataExport extends NidsExport break; } - if ($createRule) { $attribute['value'] = NidsExport::replaceIllegalChars($attribute['value']); // substitute chars not allowed in rule $this->rules[] = sprintf( diff --git a/app/View/Dashboards/widget_loader.ctp b/app/View/Dashboards/widget_loader.ctp index c71696853..103bebd9a 100644 --- a/app/View/Dashboards/widget_loader.ctp +++ b/app/View/Dashboards/widget_loader.ctp @@ -1,6 +1,10 @@ +element('/dashboard/Widgets/' . $config['render']); + $scopedHtml = $this->ScopedCSS->createScopedCSS($widgetHtml); +?>
element('/dashboard/Widgets/' . $config['render']); + echo $scopedHtml['bundle']; ?>
+ + diff --git a/app/View/Elements/serverRuleElements/pull.ctp b/app/View/Elements/serverRuleElements/pull.ctp index 02b045bef..b807138d1 100755 --- a/app/View/Elements/serverRuleElements/pull.ctp +++ b/app/View/Elements/serverRuleElements/pull.ctp @@ -58,7 +58,7 @@

- +
diff --git a/app/View/Events/automation.ctp b/app/View/Events/automation.ctp index 160460e49..ef9d166f5 100644 --- a/app/View/Events/automation.ctp +++ b/app/View/Events/automation.ctp @@ -124,7 +124,7 @@ echo 'Accept: application/json' . PHP_EOL; echo 'Content-type: application/json'; ?> - {"request": {"type":"ip", "eventid":["!51","!62"],"withAttachment":false,"tags":["APT1","!OSINT"],"from":false,"to":"2015-02-15"}}

+ {"request": {"type": "ip", "eventid": ["!51","!62"],"withAttachment": false,"tags": ["APT1","!OSINT"],"from": false,"to": "2015-02-15"}}

XML:

 $line) {
+                if (strlen($line) > 0) {
+                    if ($this->endsWith($line, "{") || $this->endsWith($line, ",")) {
+                        $cssLines[$i] = sprintf("%s %s", $prependSelector, $line);
+                    }
+                }
+            }
+            $cssScopedLines = implode(PHP_EOL, $cssLines);
+            return sprintf("", PHP_EOL, $cssScopedLines, PHP_EOL);
+        }
+
+
+         /**
+         * Replace a declared CSS scoped style and prepend a random CSS data filter to any CSS selector discovered.
+         * Usage: Add the following style tag `";
+            $styleTagIndex = strpos($html, $htmlStyleTag);
+            $closingStyleTagIndex = strpos($html, $styleClosingTag, $styleTagIndex) + strlen($styleClosingTag);
+            if ($styleTagIndex !== false && $closingStyleTagIndex !== false && $closingStyleTagIndex > $styleTagIndex) { // enforced scoped css
+                $seed = rand();
+                $css = substr($html, $styleTagIndex, $closingStyleTagIndex);
+                $html = str_replace($css, "", $html); // remove CSS part
+                $css = str_replace($htmlStyleTag, "", $css); // remove the style node
+                $css = str_replace($styleClosingTag, "", $css); // remove closing style node
+                $scopedCss = $this->preppendScopedId($css, $seed);
+                $scopedHtml = sprintf("
%s
", sprintf("data-scoped=\"%s\" ", $seed), $html);
+                $bundle = sprintf("%s %s", $scopedHtml, $scopedCss);
+            }
+            return array(
+                "bundle" => $bundle,
+                "html" => $scopedHtml,
+                "css" => $scopedCss,
+                "seed" => $seed,
+                "originalHtml" => $originalHtml,
+            );
+        }
+
+    }
diff --git a/app/files/community-metadata/defaults.json b/app/files/community-metadata/defaults.json
index 5a8037477..22dec880e 100644
--- a/app/files/community-metadata/defaults.json
+++ b/app/files/community-metadata/defaults.json
@@ -77,5 +77,20 @@
     "pgp_key": "\r\n\r\n-----BEGIN PGP PUBLIC KEY BLOCK-----\r\n\r\nmQINBF49WD4BEADpDaqhEU1mWlCbqvWWxRLJcBJara4Cg7yGAlabAU/trfw2x0Ob\r\non9Lh6p/CpyTY/CPcJ6fH4IrU18U8wN8RaWxmHLyml0GGKBHcSYNisDu7E4nCC5P\r\nSY8F0OH6yQ9dwX2Os3s6fJNo9ZqC3u9lxzBf0+OzH6cV6x4Olto7slGQAP1922s6\r\nies8M21GhCJ4X+XO1sO9ap1nDlAT/44OvxQuQdYVXy46Letehk3QXo/RU8iVgqDQ\r\n1v/YIaFEibk9/6teeBTe1y77lULUfgl1pd9PnD68+w/WhNUuX+RECmsGH7Snm+kb\r\nL1x+WClQgYDJioVpTA+e4R2KYIBidKfhNw3F2Hcg70wo7Bq6u/i2iM3mtK5kALyb\r\n7jn1MHKpIGUq7vtHCzEa+d9wB1cMPj4HYF7tXIfDdtcl3bTv6IiOsNT6rhpI1+vy\r\nupNXyRplSGRQ6RV1kZ3ACqG8kErEp6L9g2AxCh1S5b4cf79JJvHMkkS60DLPnsF0\r\np8RwZL1JxlNHbQ1UxgWkSHAie2d5FLY8cpTmQwTJ6/z48b68wUS7cvtntvyf6+bq\r\nPKZrUPK4I/ly/tcMlrShx1N+aC5oHGDujuQUmmQjax9Ec2MkLBilBZJd94+avyY3\r\nxZGuI4sfEQurD8cP89/cJOtGNZ24ZVM8NRQVAVEaqDV1r3RzF30XbVdy0QARAQAB\r\ntDVNSVNQIFRocmVhdCBTaGFyaW5nIChlQ3JpbWVMYWJzKSA8bWlzcEBlY3JpbWVs\r\nYWJzLmRrPokCTgQTAQoAOAIbAwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgBYhBMcp\r\nObUHQyZwszqsoacaYbhQMh7/BQJePVjHAAoJEKcaYbhQMh7/4scP/14BEKdF8qse\r\nf0a4v8VrAjLEuiB97p/RI5EYqvdrPT4FqhpLOLrpGM8lBtemspzRiZyPOE9BQjN6\r\nLPhJumzGukolbCLCwF5/pMXwkAIz1vDL01qLRx1nG/OSdAY/US/gpkjhbAK9J4sU\r\nGpqiHqUwGFT7RMiUlRIzhz1xZaTITBK/LbkVnayU9UX3eoEq9q6k3yqp6dhqyM6r\r\nMF5ai0oouWJ0MaoPmjRSR/r9FA6WMAI2Ni8pnWZqJVJVSmwaZJLMFR7JyXTUpNXP\r\nAwrI+T3VEErMDx3bLhF2salZFCWS0HfQN313yhv81Nk9pDSl4JDahhao77gpSjtm\r\nmp7MaFeGaeOnS3CWI8I57/fMn4Fax9dAoHwoaG4cPTZ9mML6yH39eMCx4ik77Ucs\r\nF5vt4MImF5tucQga3P6JiYAzkDyBSzd5gQR0ocWECYnK7fMF9PmdYj6p56XqVwVs\r\nvR+0rDXc6NrqpELf62NHwnCegn9bPTwNOK158m5CHcZ+veuQBitL/6AbjHX8K7cf\r\nbb0iVJQpCskkIRq9oidNOXBDOt2vyrwLoG0RcfKS6uOJWoQakyO1TNCI87oo+fo3\r\nlUfyUqHhDCXX72lBmW2kXIPAPRhpJmVUaAyc3nzYBU5/5xV1xrH0VhXeyw17tj6w\r\nXpSrwosJzIkrJzto2oaJhAqehBPMTO0n\r\n=FHjc\r\n-----END PGP PUBLIC KEY BLOCK-----\r\n",
     "misp_project_vetted": true,
     "scope_of_data_to_be_shared": "Cybersecurity Threat Intelligence including indicators, threat intelligence information, reports, contextual threat actor information or financial fraud information."
+  },
+  {
+    "name": "Cognitive Security Collaborative",
+    "uuid": "1ea46a83-cd51-40f5-a375-104e0acd6729",
+    "org_uuid": "5e2dd31a-3bcc-45e8-ba7e-2ab890d945c8",
+    "org_name": "Cogsec Collab",
+    "description": "The Cognitive Security Collaborative operates as a sharing community dedicated to information operations.",
+    "url": "https://www.cogsec-collab.org",
+    "sector": "undefined",
+    "nationality": "International",
+    "type": "Vetted Information Sharing Community",
+    "email": "misp@cogsec-collab.org",
+    "pgp_key": "\r\n\r\n-----BEGIN PGP PUBLIC KEY BLOCK-----\r\n\r\nmQGNBF55bdcBDAC6+Fcey+0GcUw4iP4j15+/FylnvGa4wl8MRkYR5XryJn+n/O4s\r\nZbNCKpxwUA7lb2prn37lWMX7LswjvoxfmCTKi78UY1YH7Fqg3JG2PsV9Lw7uYnzC\r\nAImyAflzDpewo+eCF1aknvcbcbGkYFwdQ/37UfG/BkwCDQQGrBZ5EtL6CYXXNX/P\r\nX+4vYv23AVuchHvxeyW2dPLL3A6t3Mx8pZQBdN1cGZ1QAtE9IN0Yn2y+rMsNpDG4\r\ncOQ6bRqmue2I8JEB4AsQcufcqx69imBvBERsIZEyGZekLjmiuqDKI9Gti2VKZe/t\r\nxdl++gjplq6OAkdzXDGsMNtwxSk21IBrugAXK6K+4RPiMrPpBh81VGzBe2PRKUwT\r\nAZi06KZdaZudehvzIMLsNP5Aeep4+GXxoZ7Yrka/08SIv7SN5XY4o6xkli658Z+l\r\n8WAj2JiI684D/TK5MlvcBDQk1yKdDI2iC4eTFLkJ2PiDToUDT+vACrcnevstU+c8\r\nrNPFbvbB1DUIIo8AEQEAAbQ5Q29nbml0aXZlIFNlY3VyaXR5IENvbGxhYm9yYXRp\r\ndmUgPG1pc3BAY29nc2VjLWNvbGxhYi5vcmc+iQHUBBMBCAA+FiEEm65FjZ6Jbfp9\r\nCN50hA2Itf18R2cFAl55bdcCGwMFCQlmAYAFCwkIBwIGFQoJCAsCBBYCAwECHgEC\r\nF4AACgkQhA2Itf18R2e/ewv7BuCpmNIR0YOJld8RqrS4g5MV6eKJUuTRYUOxDyw9\r\nvgdpdvM1FgHPZ7pJcsijKQ+S+dL7ADmEbsCLWe1UhcwbnVRxJ0T+1yxRf6ONQA0/\r\ntRLmrcF4j6JCkl01irWRnYxMI1w1ABOQj4/J7BcTCzbYUdnxSuWhcZBqcsYIHf8J\r\nHnfbVd7OIML/80IRZbRXn1ST6OeXK9RpzqO7bnfPGnd506dt8sfHCWRidUSv2max\r\nrsi9xSyXeSKSNPQFVBgYnMVwBVUGIaWTnt7Ly4I8Bs5P9NWUpLYrRgYLMbDzLWaD\r\nxX7qNQjAKkNCx9k7qQN0Ck9YqeUIuJQPq2doGuLKnqjJBXizsXbAFqcKitQz7WV2\r\nPUsN/QUguVyZbhy7oJELlWDiDWxS6EwpU+q0SODHjCFKoUXvWFkk9bz1K4/kLDFO\r\nOdTABp7i65nJst5b3pVXimoTKqW7JRyCUWz3aaaqjWSTPKP2GmQbxOwM86rgmnGX\r\nqq8Ces6LQw6zGw08ubDDotEKuQGNBF55bdcBDACbmsVMV7azLYys6iMXTLVERasT\r\nUnw8FpKADA2uDgQme5o3CjeFtBBkgBNe8zdOEEslggETVmntp4n6woQzOknDHNx/\r\nVMliUaGuIYgmC8hTDTF269fdRTpKMrcwu2aBEUpHpG7Xvz91HIr213FTwU0LLq0g\r\n+DefSlwdcMPJiCUqshLw8q/D3qVg/VYVen5li55RQBBFLgYYNgag3WnSejE41uqz\r\nvt40FZ4C88Pj0I3f+PRtfHHeXTZehUjs3+W4jn1fLWNmbIScmIhwp/Vqh8R7JHf2\r\n69UGgWr4cOaLGh6C2Io+TVJ+Sq7TMt47qB6eO53Vr2nyizXTxjrmAWqjw3OLc8QX\r\nWsjbpTMqUaPisnCpog/3SqnE4Fe2rQYkroQao6dRL3FrmgvnyhLgjUtjk6fAfx1+\r\nH6fQFH/JJGCNefG9AWo41Er3oHGoV0yqlI697uk0QGdx/848hc0gXLrus82bw+BI\r\nx36ycevxkpmfvzC8lew/vLEB7t/jqXH2H9Qqtm0AEQEAAYkBvAQYAQgAJhYhBJuu\r\nRY2eiW36fQjedIQNiLX9fEdnBQJeeW3XAhsMBQkJZgGAAAoJEIQNiLX9fEdnmYsM\r\nAJzX6MCYoGPED1VXMoPXVS9s7V7hv+0Q4SKcoUxqROwA0wb3NwvdnzO/WAQlzIIj\r\ny1Sk9VX8qZkATN7+nti8jfhKnlMVqAXFFg9fMsq68WlTzHiyGm06DnM2DXBvdLRT\r\nwbcm5H4Ly1/bCFww6Spbxo3zScrSCeRrIHHGOHEzr/vhcZavRDpFmdpTCD6ID7oG\r\nw5jR6GdSCpvBT6Lq7M2xe6cVw/A9z5tE3cIf75uikKfch8HFVV2l1B9XLJVpvhqv\r\nYf+kUa7l7VP893yyTyf9G6SSaS77VKlHxn+OQ9AX+wdgSpD5SgVkvRFXejXw8oIZ\r\nBeTNYTvYYgV75ApnvT+hyeirGDCRRiTiuva0ijd71PzTRk+5Ad80rav1Jy864dUt\r\nDcSklY5T+wjJf7kb/3nIE5vqO/3YkJxdDTvZM23T+IZsCvamQ5pyyp+bP3HTAZkr\r\no6oiGFXbv5OF6/wkUG6vQ5w1RCUQVLfrM6Dh675dx/sdI+p0JMt6BlvlRUJSofu0\r\nWw==\r\n=4aXp\r\n-----END PGP PUBLIC KEY BLOCK-----\r\n",
+    "misp_project_vetted": true,
+    "scope_of_data_to_be_shared": "Information Operation Threat Intelligence including disinformation, indicators, threat intelligence information, reports, contextual threat actor information or financial fraud information."
   }
 ]
diff --git a/app/files/feed-metadata/defaults.json b/app/files/feed-metadata/defaults.json
index a007ecfdd..4965e1da9 100644
--- a/app/files/feed-metadata/defaults.json
+++ b/app/files/feed-metadata/defaults.json
@@ -1795,67 +1795,103 @@
     }
   },
   {
-        "Feed": {
-            "id": "114",
-            "name": "DigitalSide Threat-Intel OSINT Feed",
-            "provider": "osint.digitalside.it",
-            "url": "https:\/\/osint.digitalside.it\/Threat-Intel\/digitalside-misp-feed\/",
-            "rules": "",
-            "enabled": false,
-            "distribution": "0",
-            "sharing_group_id": "0",
-            "tag_id": "0",
-            "default": false,
-            "source_format": "misp",
-            "fixed_event": true,
-            "delta_merge": false,
-            "event_id": "0",
-            "publish": false,
-            "override_ids": false,
-            "settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
-            "input_source": "network",
-            "delete_local_file": false,
-            "lookup_visible": false,
-            "headers": "",
-            "caching_enabled": false,
-            "force_to_ids": false,
-            "cache_timestamp": "1568901075"
-        }
-    },
-    {
-        "Feed": {
-            "id": "115",
-            "name": "Metasploit exploits with CVE assigned",
-            "provider": "eCrimeLabs",
-            "url": "https:\/\/feeds.ecrimelabs.net\/data\/metasploit-cve",
-            "rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
-            "enabled": true,
-            "distribution": "0",
-            "sharing_group_id": "0",
-            "tag_id": "0",
-            "default": false,
-            "source_format": "csv",
-            "fixed_event": true,
-            "delta_merge": true,
-            "event_id": "",
-            "publish": true,
-            "override_ids": false,
-            "settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
-            "input_source": "network",
-            "delete_local_file": false,
-            "lookup_visible": true,
-            "headers": "",
-            "caching_enabled": true,
-            "force_to_ids": false,
-            "cache_timestamp": "1571206806"
-        },
-        "Tag": {
-          "id": "615",
-          "name": "osint:source-type=\"block-or-filter-list\"",
-          "colour": "#004577",
-          "exportable": true,
-          "org_id": "0",
-          "hide_tag": false
-        }
+    "Feed": {
+      "id": "114",
+      "name": "DigitalSide Threat-Intel OSINT Feed",
+      "provider": "osint.digitalside.it",
+      "url": "https://osint.digitalside.it/Threat-Intel/digitalside-misp-feed/",
+      "rules": "",
+      "enabled": false,
+      "distribution": "0",
+      "sharing_group_id": "0",
+      "tag_id": "0",
+      "default": false,
+      "source_format": "misp",
+      "fixed_event": true,
+      "delta_merge": false,
+      "event_id": "0",
+      "publish": false,
+      "override_ids": false,
+      "settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
+      "input_source": "network",
+      "delete_local_file": false,
+      "lookup_visible": false,
+      "headers": "",
+      "caching_enabled": false,
+      "force_to_ids": false,
+      "cache_timestamp": "1568901075"
     }
+  },
+  {
+    "Feed": {
+      "id": "115",
+      "name": "Metasploit exploits with CVE assigned",
+      "provider": "eCrimeLabs",
+      "url": "https://feeds.ecrimelabs.net/data/metasploit-cve",
+      "rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
+      "enabled": true,
+      "distribution": "0",
+      "sharing_group_id": "0",
+      "tag_id": "615",
+      "default": false,
+      "source_format": "csv",
+      "fixed_event": true,
+      "delta_merge": true,
+      "event_id": "0",
+      "publish": true,
+      "override_ids": false,
+      "settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
+      "input_source": "network",
+      "delete_local_file": false,
+      "lookup_visible": true,
+      "headers": "",
+      "caching_enabled": true,
+      "force_to_ids": false,
+      "cache_timestamp": "1571206806"
+    },
+    "Tag": {
+      "id": "615",
+      "name": "osint:source-type=\"block-or-filter-list\"",
+      "colour": "#004577",
+      "exportable": true,
+      "org_id": "0",
+      "hide_tag": false
+    }
+  },
+  {
+    "Feed": {
+      "id": "116",
+      "name": "Malware Bazaar",
+      "provider": "abuse.ch",
+      "url": "https://bazaar.abuse.ch/export/txt/md5/full/",
+      "rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]},\"url_params\":\"\"}",
+      "enabled": false,
+      "distribution": "0",
+      "sharing_group_id": "0",
+      "tag_id": "615",
+      "default": false,
+      "source_format": "csv",
+      "fixed_event": true,
+      "delta_merge": false,
+      "event_id": "0",
+      "publish": false,
+      "override_ids": false,
+      "settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\\/^#.*\\/i\"}}",
+      "input_source": "network",
+      "delete_local_file": false,
+      "lookup_visible": true,
+      "headers": "",
+      "caching_enabled": false,
+      "force_to_ids": false,
+      "cache_timestamp": "1571206806"
+    },
+    "Tag": {
+      "id": "615",
+      "name": "osint:source-type=\"block-or-filter-list\"",
+      "colour": "#004577",
+      "exportable": true,
+      "org_id": "0",
+      "hide_tag": false
+    }
+  }
 ]
diff --git a/app/files/misp-galaxy b/app/files/misp-galaxy
index e37f320df..777c3188d 160000
--- a/app/files/misp-galaxy
+++ b/app/files/misp-galaxy
@@ -1 +1 @@
-Subproject commit e37f320df5a6ba4d9c67662a3670b160e9941bcf
+Subproject commit 777c3188db6fd1f04fc81106a6c2eb293bb19d12
diff --git a/app/files/taxonomies b/app/files/taxonomies
index 0edcb08fa..d89d18599 160000
--- a/app/files/taxonomies
+++ b/app/files/taxonomies
@@ -1 +1 @@
-Subproject commit 0edcb08fa618f15b51a2bbf0eae6b89c5f603ded
+Subproject commit d89d185997fd5b9fd47574785141a0ee81383a7e
diff --git a/app/webroot/css/multi-line-chart.css b/app/webroot/css/multi-line-chart.css
new file mode 100644
index 000000000..860b81c02
--- /dev/null
+++ b/app/webroot/css/multi-line-chart.css
@@ -0,0 +1,20 @@
+path {
+    stroke-width: 1;
+    fill: none;
+    stroke-linejoin: round;
+    stroke-linecap: round;
+}
+circle {
+  stroke-width: 1;
+}
+.axis path,
+.axis line {
+  fill: none;
+  stroke: grey;
+  stroke-width: 1;
+  shape-rendering: crispEdges;
+}
+.legend, .label, .hover-text{
+    font-size: x-small;
+    background-color: white;
+}
diff --git a/docs/generic/supportFunctions.md b/docs/generic/supportFunctions.md
index 9ea8719a4..5b480f757 100644
--- a/docs/generic/supportFunctions.md
+++ b/docs/generic/supportFunctions.md
@@ -833,13 +833,12 @@ genRCLOCAL () {
 
 # Run PyMISP tests
 runTests () {
-  echo "url = '${MISP_BASEURL}'
-key = '${AUTH_KEY}'" |sudo tee ${PATH_TO_MISP}/PyMISP/tests/keys.py
+  echo "url = \"${MISP_BASEURL}\"
+key = \"${AUTH_KEY}\"" |sudo tee ${PATH_TO_MISP}/PyMISP/tests/keys.py
   sudo chown -R $WWW_USER:$WWW_USER $PATH_TO_MISP/PyMISP/
 
   sudo -H -u $WWW_USER sh -c "cd $PATH_TO_MISP/PyMISP && git submodule foreach git pull origin master"
   sudo -H -u $WWW_USER ${PATH_TO_MISP}/venv/bin/pip install -e $PATH_TO_MISP/PyMISP/.[fileobjects,neo,openioc,virustotal,pdfexport]
-  sudo -H -u $WWW_USER git clone https://github.com/viper-framework/viper-test-files.git $PATH_TO_MISP/PyMISP/tests/viper-test-files
   sudo -H -u $WWW_USER sh -c "cd $PATH_TO_MISP/PyMISP && ${PATH_TO_MISP}/venv/bin/python tests/testlive_comprehensive.py"
 }