MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity
13,459 Commits
35 Branches
366 Tags
190 MiB
Commit Graph

10522 Commits (745512e71e09580ae533a1e14dfc3026cd9f9cd2)

Author SHA1 Message Date
chrisr3d a8ef1e4f2b
fix: [stix test] Fixed stix2 test file generated with changes on the script and the misp event test file 2019-09-24 00:42:00 +02:00
chrisr3d 043ff65d9c
fix: [stix test] Fixed relationship type between a file and a pe object 2019-09-23 23:04:58 +02:00
Andras Iklody d10495f789
Relaxed defanging rules, fixes #5203 
Removed multiple dot implosion for links/urls
 2019-09-23 14:26:42 +02:00
chrisr3d f1b1042784
fix: [stix2 export] Make Relationship objects happy with relationship types 2019-09-23 12:02:01 +02:00
chrisr3d 25003e13ae Merge branch '2.4' of https://github.com/MISP/MISP into 2.4 2019-09-23 11:27:23 +02:00
chrisr3d 6aa636bece
chg: [stix test] Updated test files with the recent changes on stix 1/2 import/export 2019-09-23 11:26:20 +02:00
Jakub Onderka 2b28d0c39e
fix: [UI] GnuPG diagnostic message 2019-09-23 09:38:15 +02:00
Jakub Onderka 2abe4c5946 chg: [internal] Do not log passwords 2019-09-23 07:49:42 +02:00
Davide Baglieri 85805900af
Added DigitalSide OSINT Feed 
Added DigitalSide OSINT Feed to the list of available OSINT sources.
Here is the home page of the project: https://osint.digitalside.it/

As reported in the project home page the MISP feed cointains a set of Open Source Cyber Threat Intellegence information, monstly based on malware analysis and compromised URLs, IPs and domains. The purpose is to develop new wayes to hunt, analyze, collect and share relevants sets of IoCs to be used by SOC/CSIRT/CERT with minimun effort.

Hope this help the community.
Hope the community will help me to share relevant infos as well.

Regards
 2019-09-21 15:48:50 +02:00
Jakub Onderka 84d100e982 new: [internal] Redis diagnostic 2019-09-21 07:43:35 +02:00
Andras Iklody dfbb94efba
Merge pull request #5169 from JakubOnderka/clean-caches 
fix: [internal] Clear also cake core and model caches
 2019-09-20 18:21:58 +02:00
iglocska 6a74cb4412
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2019-09-20 16:00:18 +02:00
iglocska 13ce0e099a
fix: [UI] Loading of local tags fixed via the UI, fixes #5197 
- over-zealous ACL removed local tags for non sync users
- UI only functionality, no need for the restriction at al
 2019-09-20 15:59:20 +02:00
chrisr3d d39ecab962 Merge branch '2.4' of https://github.com/MISP/MISP into 2.4 2019-09-20 15:35:33 +02:00
chrisr3d 9741a3a305
fix: [diagnostic] Fixed stix python libraries requirements 2019-09-20 15:30:56 +02:00
chrisr3d 39da280c35
fix: [index view] Fixed index table in the case where row_element is not set 2019-09-20 15:19:12 +02:00
Alexandre Dulaunoy 032b0aae59
chg: [misp-galaxy] updated to the latest version 2019-09-20 13:21:35 +02:00
Alexandre Dulaunoy 36452697de
chg: [misp-objects] updated to the latest version 2019-09-20 13:21:11 +02:00
iglocska 4cca9e01f0
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2019-09-20 11:54:46 +02:00
iglocska d68b262e1f
fix: [rest client] Fix overflow in the JSON parsed rest response view 2019-09-20 11:54:24 +02:00
iglocska 1456384f3b
fix: [rest client] Add delete as a valid http method 2019-09-20 11:54:05 +02:00
iglocska c6a1941454
fix: [API] Added DELETE http method to the rest client and fixed the JSON response of the API info 2019-09-20 11:53:28 +02:00
iglocska 0b799a43db
fix: [API] remove weird line breaks from the API descriptions 2019-09-20 11:53:03 +02:00
Alexandre Dulaunoy fef5a2306f
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2019-09-20 11:16:56 +02:00
Alexandre Dulaunoy 4f9c1a944a
chg: [feeds] ensuring that format is following feed format standard 2019-09-20 11:13:53 +02:00
chrisr3d c4538e0a45 Merge branch '2.4' of https://github.com/MISP/MISP into 2.4 2019-09-20 09:46:13 +02:00
chrisr3d 950e3db485
fix: [diagnostic] Updated expected stix2 library version 2019-09-20 09:45:11 +02:00
Alexandre Dulaunoy 65f6667fb4
chg: [feeds] all IPsum feeds added including the different levels 
Thanks to @stamparm for the idea during the Cyber Exchange program
 2019-09-19 16:08:48 +02:00
iglocska 15893c0a91
fix: [ui] pass static_tags_only to the feed view 2019-09-19 15:36:18 +02:00
iglocska 9b2916a4c0
fix: [community access requests] fixed serveral issues, fixes #5194 
- added missing view to preview the request
- don't throw errors when possible, instead show what should have been sent
 2019-09-19 15:14:51 +02:00
Andras Iklody f5e4c4f1bf
Merge pull request #5187 from challs/refactor-appController 
Refactor app controller
 2019-09-19 11:37:56 +02:00
Andreas Rammhold 624476a1f9 chg: [AppController] move debugMode setup code to a function so it can be reused 
There were already two places in AppComponent that implemented the same
functionality. It makes sense to move this to a common function so it
can also be used from Controllers that do not inherit the full
beforeFilter functionality.

Since `__preAuthException` is private and only called from the
beforeFilter method after the variable has been setup we can remove
the explicit init from there.
 2019-09-18 15:57:28 +02:00
Andreas Rammhold 96311ef480 chg: [AppController] move the database connection setup to a dedicated function on the AppComponent 
This removes a bit of clutter from the already large beforeFilter
method and allows other views to resuse the logic without having to
duplicate it.
 2019-09-18 15:57:28 +02:00
Andreas Rammhold 013b3ac619 chg: [AppController] move the `baseurl` configuration into a helper method 
This makes the beforeFilter function a bit smaller while keeping all the
functionality. It will also help with reusing the setup logic in views
that can not execute all of AppComponent::beforeFilter, like the
LinOTPAuth plugin.
 2019-09-18 15:57:28 +02:00
Andreas Rammhold 3cbc36af4e chg: [AppController] move loading and initialisation of Auth plugins to reuseable method 
For some authentication workflows it might be desireable to execute the
exact same code without having to call the entire beforeFilter method
from the base class. That way you do not have to work around all the
edge cases without having to reinvent the same code in multiple
locations.
 2019-09-18 15:57:28 +02:00
Andreas Rammhold 9edffd01ba chg: [AppController] move login redirects to dedicated functions 
This makes it easier to modify the login redirect behaviour in a unified
way. For now this just uses the default Auth loginAction while setting
the `admin` attribute to `false`. Thus application behaviour should be
unchanged.
 2019-09-18 15:57:28 +02:00
iglocska 71d8436cbc
fix: [UI] If a server add with a newly created external organisation fails, set the external organisation as the currently selected option after the validation fail redirect, fixes #5182 2019-09-18 14:37:42 +02:00
iglocska a1c486313a
fix: [sync] Single event fetch via the side menu would trigger a full pull 2019-09-18 13:24:25 +02:00
chrisr3d b3ded21b39
fix: [import modules] Avoiding issues with empty module parameter 2019-09-17 16:02:41 +02:00
iglocska 9b9d352fe8
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2019-09-17 12:40:54 +02:00
iglocska 71a0fd350b
fix: [UI] Annoying race condition fixed causing redirects to the login, fixes #5172 2019-09-17 12:40:22 +02:00
Jakub Onderka 0924de0440 fix: [internal] Clear also cake core and model caches 2019-09-16 19:41:27 +02:00
chrisr3d 65121816d5 Merge branch '2.4' of https://github.com/MISP/MISP into 2.4 2019-09-16 17:46:45 +02:00
chrisr3d 27c23844a6
fix: [stix2 import] Fixed Galaxy description parsing 2019-09-16 17:45:07 +02:00
chrisr3d b314228c71
fix: [stix2 import] Fixed vulnerability object import 
- Better vulnerability object attributes parsing
- Including mapping dict for direct call of the
  parsing function depending on the STIX object
  type (indicator, observable or vulnerability)
 2019-09-16 17:42:06 +02:00
chrisr3d b461496629
chg: [stix2 export] Better vulnerability object parsing 2019-09-16 16:49:11 +02:00
iglocska 73ceb63ca5
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2019-09-16 14:34:09 +02:00
iglocska 518c83362c
chg: [version] bump 2019-09-16 13:55:16 +02:00
Alexandre Dulaunoy cc1e60b149
chg: [warning-lists] updated to the latest version 2019-09-16 13:53:10 +02:00
Alexandre Dulaunoy 493576dd6c
chg: [misp-galaxy] updated to the latest version 2019-09-16 13:52:41 +02:00
Alexandre Dulaunoy da4bca001e
chg: [misp-objects] updated to the latest one 2019-09-16 13:52:19 +02:00
Alexandre Dulaunoy 0a13d56b8f
chg: [taxonomies] updated to the latest version 2019-09-16 13:51:45 +02:00
chrisr3d 5f2f51ed21 Merge branch '2.4' of https://github.com/MISP/MISP into 2.4 2019-09-16 09:38:09 +02:00
iglocska e11490494e
fix: [internal] Added a code branch to check if saddarray is available - if yes, use it 
- for the warninglist model's cacheWarninglistEntries function
 2019-09-16 09:28:43 +02:00
chrisr3d 839321af0e
fix: [stix2] Fixed custom objects parsing when an attribute is multiple 
- Avoids loss of attributes that are multiple,
  during the export, by returning them in a list
- Supporting import of of custom values that are
  in a list, as single multiple attributes
 2019-09-16 09:25:56 +02:00
Andras Iklody d656c2b318
Merge pull request #5097 from JakubOnderka/patch-18 
chg: [feed] Break loop when match is found
 2019-09-16 09:15:37 +02:00
Jakub Onderka 95c78416c7 fix: [UI] Allow to skip pagination in IndexTable 2019-09-15 18:15:56 +02:00
Andras Iklody 3e3318c419
fix: [internal] warninglist missing Redis::sAddArray() fixed 2019-09-15 11:15:34 +02:00
chrisr3d 1c9283f846 Merge branch '2.4' of https://github.com/MISP/MISP into 2.4 2019-09-13 18:19:38 +02:00
chrisr3d 36b40a4185
new: [stix2 export] Parsing relationships between objects 
- Which includes of course relationships between
  objects and objects, and the ones between
  objects and attributes
 2019-09-13 18:15:28 +02:00
chrisr3d d6aabd049c
fix: [stix2 export] Avoids passing variable already contained in another variable passed at the same time 2019-09-13 18:13:03 +02:00
chrisr3d 432879f405
fix: [stix2 export] Removed some useless processing 2019-09-13 16:26:55 +02:00
iglocska b6ba80e26e
fix: [prio] changePriority function responses fixed 2019-09-13 15:50:06 +02:00
iglocska 5002e536ff
chg: [API] /events/view now accepts the deleted parameter via posted parameters too 2019-09-13 15:34:12 +02:00
iglocska 4d0d538ba0
fix: [API] hard delete passable via different methods to /attributes/delete than just ordered URL parameters 2019-09-13 15:18:39 +02:00
iglocska 0f4613ebd3
fix: [internal] Fix post check for attribute delete function via the API 2019-09-13 15:13:09 +02:00
iglocska 626e190afb
fix: [server prio] Don't block the reordering even when the requested move is invalid 
- helps with fixing misaligned server lists
 2019-09-13 15:03:24 +02:00
iglocska b31ea8c18f
fix: [server prio] reprioritise should be more lenient if there's a messed up priority order as the starting point 
- should still return false for the rearranging, but should re-set the priority list based on the current positions
 2019-09-13 14:53:36 +02:00
iglocska 76b1b05a9e
fix: [UI] Attribute search sort by date fixed 2019-09-13 13:51:17 +02:00
iglocska 0a1165dead
fix: [ACL] priority change for servers tied into the ACL 2019-09-13 13:22:23 +02:00
iglocska 7db73b1ee5
fix: [server prio] Automatically put new servers to lowest prio instead of highest 2019-09-13 13:21:46 +02:00
iglocska 850159627a
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2019-09-13 11:51:05 +02:00
iglocska ffc9147018
new: [sync] Added sync priority system to prioritise the order of instances to push to 2019-09-13 11:49:12 +02:00
iglocska b004cf0290
fix: [UI] removed obsolete logo preview tool from org add/edit 2019-09-13 10:53:43 +02:00
iglocska 3240a6cac4
new: [CLI] Added cleanup tool to purge all events related to a feed 
- Simply run /var/www/MISP/app/Console/cake Admin purgeFeedEvents [user_id] [feed_id]
- works for CSV/Freetext feeds
 2019-09-13 10:48:43 +02:00
mokaddem 7023f11e26
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2019-09-13 09:24:29 +02:00
mokaddem 83ec51ac7c
chg: [decaying:simulation] Disabled sorting on score (will be 
implemented in the next `decaying` version)
 2019-09-13 09:23:07 +02:00
mokaddem d78d407f9b
fix: [decaying:base_score] Create temporary false tags when they are defined in their taxonomy but not created yet 2019-09-13 09:11:05 +02:00
mokaddem 449a95c77a
fix: [decaying:base_score] Single taxonomy appear in the correct namespace 2019-09-13 08:20:20 +02:00
mokaddem 4e5f800a3b
fix: [decaying:base_score] Round base_score config up to 4 digits. 2019-09-13 08:19:48 +02:00
mokaddem e2a0d55348
fix: [decaying] `.json` view in `decaying/view` 2019-09-13 08:17:44 +02:00
Alexandre Dulaunoy 8a9e8667da
Merge pull request #5098 from JakubOnderka/patch-19 
fix: [UI] Fix typo in community view
 2019-09-13 06:41:06 +02:00
mokaddem 3402318fa8
fix: [decaying:import] Force somes fields to be present while importing 
a decaying model
 2019-09-12 18:52:00 +02:00
chrisr3d c0aec75a09 Merge branch '2.4' of https://github.com/MISP/MISP into 2.4 2019-09-12 17:13:19 +02:00
chrisr3d fbb25bad6f
new: [restSearch] restSearch module for ATT&CK Sightings 
- Returning ATTA&CK Sightings in json format for
  events and attributes with mitre-attack-pattern
  galaxies attached
- For further details on the ATT&CK Sightings,
  please visit https://attack.mitre.org/resources/sightings/
- Also thanks to @johnwunder for the clarification
  on the output format
 2019-09-12 17:03:35 +02:00
mokaddem df9fd36518
fix: [decaying] fixed `const` error 2019-09-12 16:33:19 +02:00
mokaddem 1b133062e6
chg: [decaying] Changed `name` column type from `text` to `varchar(255)` 2019-09-12 14:44:09 +02:00
mokaddem ead4f46cf4
fix: [decaying] Correctly add database indexes 2019-09-12 14:28:49 +02:00
mokaddem 813d222bf4
chg: [decaying] Added log entry if formula cannot be loaded 2019-09-12 14:10:17 +02:00
mokaddem cfafc2e51f
Merge branch '2.4' of github.com:MISP/MISP into decaying 2019-09-12 13:35:35 +02:00
mokaddem 917b374921
chg: [decaying:(en|dis)able] Converted empty form with built-in cakephp 
`postLink`
 2019-09-12 13:31:23 +02:00
mokaddem 9b7f997443
chg: [decaying] Improve UI when multiple eventTags get overriden by 
attributeTag
 2019-09-12 13:26:26 +02:00
mokaddem 5322527c65
fix: [decaying:simulation] Make sure every sightings have a rounded 
timestamp
 2019-09-12 12:54:38 +02:00
mokaddem fbad1aaff3
chg: [decaying:simulation] Swapped round to floor when rounding 
sightings timestamp
 2019-09-12 11:49:50 +02:00
mokaddem 1a5ab3e79e
fix: [decaying] typo 4 2019-09-12 11:46:12 +02:00
mokaddem 09742c253f
fix: [decaying] typo 3 2019-09-12 11:43:43 +02:00
mokaddem 377e748771
fix: [event] typo 2 2019-09-12 11:40:23 +02:00
mokaddem b2c1a71bc9
fix: [event] typo 2019-09-12 11:38:51 +02:00
mokaddem 54e13a89c3
chg: [decaying:model] Seventh batch of fix from the PR review - WiP (not tested) 2019-09-12 11:35:44 +02:00
mokaddem ad4055cb73
chg: [decaying:model] Sixth batch of fix from the PR review - WiP (not tested) 2019-09-12 11:30:59 +02:00