MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity
14,606 Commits
42 Branches
370 Tags
181 MiB
Commit Graph

3397 Commits (6626e5bf2451cffed6ead2a0617f2ca947f4eecb)

Author SHA1 Message Date
iglocska 01734f6d7b
fix: [pull] pull filters fixed 2020-03-26 15:01:07 +01:00
iglocska d7e3674987
new: [audit] Added user monitoring 
- site admins can set the monitoring flag on a user if the feature is enabled on the instance
- monitored users will have all requests logged along with POST bodies

- keep in mind this functionality is quite heavy and intrusive - so use it with care. The idea is that this allows us to track potentially malicious users during an investigation
 2020-03-25 11:49:33 +01:00
mokaddem 83542716e5
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2020-03-09 09:02:55 +01:00
iglocska bebc70a012
chg: [dashboard] show owner email of template to site owners and the owner themselves 2020-03-09 00:14:59 +01:00
iglocska 8d02332b31
new: [dashboard] persistence package 
- export dashboard state
- import dashboard state
- save dashboard state
  - make it available to others on the instance on demand
  - admins can set a default password for users that don't have anything configured yet
  - load another template based on what the community has shared
- added Whoami widget which was an outcome of the ESDC training
- various improvements, new fields for genericElements, etc
 2020-03-08 23:36:27 +01:00
mokaddem 5e15ab1ef1
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2020-03-06 16:38:22 +01:00
mokaddem 31827905ec
fix: [settings] `require_password_confirmation` set to true 
by default
 2020-03-06 15:41:38 +01:00
iglocska 9770555c39
new: [workers] restart all dead workers 2020-03-06 14:56:35 +01:00
mokaddem 4f3ed331f0
chg: Removed unwanted indentation 2020-03-06 10:58:50 +01:00
mokaddem 2061707932
fix: [attribute:validation] Better validation of IPv6-[dst/src] and 
improved display.

fix #5682
 2020-03-06 10:54:06 +01:00
iglocska 218ea0333c
new: [dashboard] added a way to auto reload widgets 
- has to be defined in the code of the widget
 2020-03-04 14:46:01 +01:00
iglocska 52e8924e6f
chg: [dashboard] Allow for the use of subdirectories in /app/Lib/Dashboard/Custom to be able to git clone repos 2020-03-04 11:46:45 +01:00
iglocska 03dc9a8206
fix: [synctool] tests improved 2020-03-02 23:09:47 +01:00
iglocska 7b5374a81d
new: [dashboard] Added server resource module and some fixes 2020-03-02 00:32:26 +01:00
iglocska 750843725f
new: [Dashboard] added hook to check for permissions on module load 
- allows for modules to have role / host org restrictions
 2020-03-01 23:56:40 +01:00
iglocska f6f66e0f31
fix: [dashboard] custom routing fixed 2020-03-01 18:28:52 +01:00
iglocska ab129a12d9
chg: [wip] test 2020-03-01 18:24:12 +01:00
iglocska 0d4df7c98b
new: [Dashboard] system 
- Dashboard
  - modular similar to restSearch
  - build your own widgets
  - use a set of visualisation options (more coming!)
  - full access to internal functions for queries
  - auto discover core and 3rd party widgets
  - rearrange / configure widgets for each user individually
  - rearrange / resize widgets
  - settings can be configured by a site-admin on behalf of others
  - modules have a self-explain mode to guide users
  - caching mechanism for the modules / org

- set homepage / user
- various other fixes
 2020-03-01 18:05:21 +01:00
iglocska 4bfcc3211b
new: [API] object level restSearch added 
still WiP
 2020-02-29 08:57:32 +01:00
Raphaël Vinot 8ef9669973 chg: Make contact reporter gender neutral. 2020-02-28 10:45:56 +01:00
iglocska 46a99470ae
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2020-02-26 15:18:07 +01:00
mokaddem 0831a3804a
chg: [database] Added db entry to re-correlate Attributes 2020-02-26 14:37:09 +01:00
iglocska 9913d194fa
fix: [correlations] fix to an issue where attribute edits could purge correlations 
- bug introduced by a merge gone wrong
- attribute edits that modify fields that do not affect the correlations (such as to_ids, comment, etc) would cause correlations to be purged
 2020-02-26 14:28:29 +01:00
mokaddem 980dbf557e
fix: [decaying:tool] Support strict sql mode while fetching available 
Object type
 2020-02-21 16:33:34 +01:00
mokaddem f94c693aa0
fix: [decaying] Attributes not having a DM associated will be defaulted 
as `not decayed`
 2020-02-21 14:47:52 +01:00
iglocska 363d0cd69a
new: [logging] Log user IPs on login 
- feature is optional and needs to be enabled in the server settings
- on successful login logs the associated user ID for a given IP (30 day retention)
- also logs the IP for the associated user ID (indefinite retention)
- added two command line tools to query
  - Get IPs For User ID: MISP/app/Console/cake Admin UserIP [user_id]
  - Get User ID For User IP: MISP/app/Console/cake Admin IPUser [ip]
 2020-02-20 16:07:10 +01:00
iglocska 0f632236fa
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2020-02-19 16:13:30 +01:00
iglocska 2de0e3a941
fix: [enveloping] Fixed typo and added actual event ID to the message saved 
gremmar meestakes are anoying.
 2020-02-19 16:12:23 +01:00
Andras Iklody 49100f626d
Merge pull request #5654 from coolacid/issue-5653 
fix: Force schema columns lowercase to match expected
 2020-02-19 14:31:44 +01:00
Jason Kendall 1647d927e4 fix: Force schema columns lowercase to match expected 2020-02-19 08:16:32 -05:00
Andras Iklody 42c16351f7
Merge pull request #5647 from coolacid/issue-5598 
Allow forcing tag creation for galaxies
 2020-02-19 09:27:45 +01:00
Jason Kendall 47d0c41a55 Allow forcing tag creation for galaxies 2020-02-18 14:11:54 -05:00
Andras Iklody 6776ea2b26
Merge pull request #5612 from coolacid/issue-5611 
Ensure we only have the last line from the shell command
 2020-02-17 08:39:35 +01:00
Jakub Onderka a730dbca66
chg: [internal] Little bit faster ssdeep saving 2020-02-14 15:16:10 +01:00
iglocska 55385e6ca6
fix: [object] object deduplication fixed 2020-02-10 14:39:58 +01:00
iglocska 8803f47a9e
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2020-02-10 14:33:39 +01:00
iglocska 4ea3612dfc
new: [objects] pass the /breakOnDuplicate:1 flag to the /objects/add endpoint to deduplicate 
- returns an error if the object already exists
  - objects of the same template_uuid are compared
  - non deleted attributes only
  - type + category + value + object_relation tuple is compared
 2020-02-10 14:30:34 +01:00
mokaddem 8e2da13e0e
Merge branch '2.4' into enforce-iso-datetime 2020-02-10 14:18:14 +01:00
iglocska 934c828192
fix: [security] Further fixes to the bruteforce handling 
- resolved a potential failure of the subsystem when the MySQL and the webserver time settings are diverged
  - as reported by Dawid Czarnecki
- several tightenings of the checks to avoid potential foul play
 2020-02-10 11:41:54 +01:00
mokaddem 6e66256f7a
Merge branch '2.4' of github.com:MISP/MISP into pr-5210 2020-02-10 11:09:14 +01:00
iglocska 9400b8bc86
fix: [security] discussion thread ACL issues fixed 
- as reported by Dawid Czarnecki
 2020-02-08 10:34:23 +01:00
iglocska c1a0b3b280
fix: [security] brutefoce protection rules tightened 
- as reported by Dawid Czarnecki
 2020-02-08 09:35:37 +01:00
Jason Kendall e3b1e8c74a Ensure we only have the last line from the shell command 2020-02-07 13:43:11 -05:00
mokaddem 38cdd5477f
chg: [dbSchema] Removed log table from the whitelisted tables 2020-02-07 13:12:07 +01:00
mokaddem 5408bb14f8
fix: [indexes] Added SQL index for tag numerical_value 2020-02-07 12:56:27 +01:00
mokaddem 6e613cc54d
chg: [diagnostic:dbSchema] Added SQL queries to fix issues 2020-02-07 12:52:26 +01:00
Andras Iklody 8738aab6b8
Merge pull request #5601 from JakubOnderka/ssdeep_ext 
chg: [UI] Check if ssdeep PHP extension is installed
 2020-02-06 11:22:12 +01:00
Raphaël Vinot b7cee5bf4c chg: Bump expected PyMISP version 2020-02-06 11:07:05 +01:00
Jakub Onderka e2a8c9ee93 chg: [UI] Check if ssdeep PHP extension is installed 2020-02-06 10:44:38 +01:00
iglocska 3bd30e88c2
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2020-02-04 15:06:31 +01:00