MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity
19,436 Commits
33 Branches
364 Tags
186 MiB
Commit Graph

944 Commits (a61caa3a6a541e6f9761ae99c033c7457050bc0b)

Author SHA1 Message Date
iglocska a71aafdeb5
fix: [security] Always capture attribute sharing groups 
- via object edits it was omitted, leading to a possible misassociation of sharing groups by using the local ID of a referenced SG

- as reported by Jeroen Pinoy
 2021-06-07 14:44:36 +02:00
mokaddem 25cb3942d7
fix: [attribute:first_seen/last_seen] First seen value can be equal to the last_seen value. 
Fix #7404
 2021-05-11 11:23:36 +02:00
mokaddem 7be6575e9b
fix: [attributes] Enforce FS to be before LS (also for ShadowAttributes & Objects) 2021-05-06 15:03:06 +02:00
Jakub Onderka ad1b373766 new: [log] Audit log 2021-05-03 13:44:44 +02:00
iglocska 823a870ca0
Merge branch 'develop' of github.com:MISP/MISP into develop 2021-04-25 17:54:53 +02:00
iglocska 15fc60ebbf
new: [Correlations] refactor / rework 
- moved to own controller and model
- refactored several long incomprehensible functions

- extracted reused tasks from functions and made them reusable
- added a way to correlate individual values as opposed to attributes

- Added top correlations index
 2021-04-25 17:36:29 +02:00
iglocska e711fcc7c5
chg: [internal] fetchEventIds refactored 
- the stupid ordered params were driving me nuts
 2021-04-21 09:09:29 +02:00
iglocska c150dbfe6e
Merge branch '2.4' into develop 2021-04-08 11:12:05 +02:00
Luciano Righetti c8286a10f5 fix: remove call to private method, call __alterAttributeCount() from Attribute::restore() method. 2021-04-06 14:33:43 +02:00
Jakub Onderka 81a6454c94
Merge pull request #7187 from JakubOnderka/related-attributes 
chg: [internal] Move fetching related attributes to one place
 2021-04-03 17:53:10 +02:00
Jeroen Pinoy d8415342b0
chg: [attributes/restSearch] add clarifying comments 2021-03-30 14:22:46 -07:00
mokaddem 934d43db59
fix: [attribute:restSearch] `includeCorrelations` Do not longer returns 
soft-deleted attributes
 2021-03-29 10:37:27 +02:00
Alexandre Dulaunoy a227db40eb
fix: [attribute] typo in place-port-of-original-embarkation fixed 2021-03-25 13:45:50 +01:00
mokaddem 71e8dc9641
fix: [attributes:restSearch] pop attribute timestamp filtering condition 
This avoid the condition to propagates to the event level.
Fix #7096
 2021-03-24 14:42:09 +01:00
Tom King 045595968c fix: [API] Fixes crash when a new indicator in existing event has a sighting 2021-03-15 16:53:01 +00:00
Jakub Onderka 0d4c86086d chg: [internal] Move fetching related attributes to one place 2021-03-10 15:52:34 +01:00
iglocska b08befbf26
Merge branch '2.4' into develop 2021-03-03 00:07:02 +01:00
adammchugh aed61504c8
Inclusion of full-name under person 
Proposing the inclusion of full-name under person to allow for better capture and correlation of full names of identified persons in events. Particularly where there are multiple identities within an event which may create confusion with multiple first-name and last-name entries.
 2021-02-22 22:06:59 +10:30
Alexandre Dulaunoy c473019e67
Merge branch '2.4' into develop 2021-02-19 22:28:35 +01:00
Alexandre Dulaunoy 80ec77eec2
new: [type] new dkim and dkim-signature attribute type 2021-02-19 18:18:07 +01:00
Tom King 053ab340b0 Merge branch '2.4' into feature/attribute_sightings 2021-02-11 16:33:54 +00:00
Tom King 626443af47 chg: Use a more suitable Sighting creation function as recommended, grab the Org ID from the user if present 2021-02-11 16:31:51 +00:00
iglocska 83e9580b97
fix: [bro] export fixed 
- invalid group by statement removed
 2021-02-08 23:15:34 +01:00
iglocska b87c80cd3b
fix: [zmq/kafka] attribute edits should include non exportable attributes 2021-02-08 16:59:57 +01:00
Jakub Onderka 5a12d1ebf0
Merge pull request #6964 from JakubOnderka/attribute-validation-order 
fix: [internal] First check if attribute value is valid composite
 2021-02-04 11:50:21 +01:00
Jakub Onderka be88afaba8 fix: [internal] First check if attribute value is valid composite, then run other checks 2021-02-04 11:31:38 +01:00
iglocska 122e9c8cc6
Merge branch 'develop' of github.com:MISP/MISP into develop 2021-02-03 08:49:39 +01:00
iglocska f889ba91c9
Merge branch '2.4' into develop 2021-02-03 08:49:23 +01:00
Jakub Onderka b4fe070ff7 fix: [internal] Capturing sightings for attributes 2021-02-02 23:11:27 +01:00
Tom King 07b79aee78 chg: Add in ability to update sightings against each attribute from a POSTed MISP Event 2021-02-01 14:10:39 +00:00
Jakub Onderka 49c8176473 chg: [internal] Optimise correlation exclusion 2021-01-29 16:02:24 +01:00
mokaddem dab00a9569
fix: [shadowAttributes:viewPicture] Allows shadow attribute's pictures to be displayed 2021-01-25 15:26:53 +01:00
Jakub Onderka b3eac486ca chg: [internal] Remove unnecessary Attribute::defaultCategories array 2021-01-10 20:28:30 +01:00
Jakub Onderka 20aa97f486 fix: [internal] Remove unused method isOwnedByOrg 2021-01-09 23:06:50 +01:00
Jakub Onderka 2218546944 chg: [internal] Generate type definitions just when required 2021-01-09 23:06:50 +01:00
Jakub Onderka f910d8538b
Merge pull request #6809 from JakubOnderka/optimise-sightings-saving 
chg: [internal] Optimise sightings saving
 2021-01-09 13:23:36 +01:00
iglocska b8823b86e2
new: [correlation] added system to exclude certain values from the correlation engine 
- simply add values at /exclude_correlations
- new values coming in will not correlate if they trip over the values listed there
- to remove existing correlations run the cleaner tool on the above endpoint

- values can be 1:1 matches, or substring searches (denoted with a leading, ending, or both '%')
  - https://www.google.com/%  will match anything starting with https://www.google.com/
  - %google.com% will match anything that contains google.com
 2021-01-07 09:31:38 +01:00
Jakub Onderka 432fb10509 chg: [optimisation] Faster fetching attributes with tags 2021-01-02 15:23:59 +01:00
Jakub Onderka 2bbe36c0ed chg: [internal] Optimise sightings saving 2021-01-01 15:45:05 +01:00
Alexandre Dulaunoy ad4431f156
Merge branch '2.4' into develop 2020-12-27 17:05:19 +01:00
Alexandre Dulaunoy 80871f7b52
new: [type] favicon-mmh3 is the murmur3 hash of a favicon as used in Shodan. 2020-12-24 11:56:58 +01:00
Jakub Onderka 9bc52c18fe chg: [internal] Use find('column') on more places 2020-12-23 13:45:57 +01:00
Jakub Onderka 4d4b306b60 new: [internal] New model method find('column') 2020-12-23 10:42:05 +01:00
Jakub Onderka 1a184ebbb5 new: [internal] Allow to output directly TmpFileTool 2020-12-21 21:02:37 +01:00
Andras Iklody 953f044481
chg: [vhash] removed validation altogether 
- vhash is like a box of chocolates, you never know what you're going to get.
 2020-11-25 21:53:56 +01:00
Alexandre Dulaunoy f980494d73
chg: [attribute] new process-state type 2020-11-24 12:19:05 +01:00
Kory Kyzar 9d0eff5f2a new: [datamodels] added jarm-fingerprint type 2020-11-23 14:03:36 -06:00
mokaddem 89f307bd07 Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0 2020-11-18 09:22:40 +01:00
mokaddem ffa0ab54f9
fix: [attribute:fetch_attributes] Respect group_by request 2020-11-17 12:08:46 +01:00
mokaddem f0bc398e60
Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0 2020-11-16 14:59:17 +01:00