MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity
Page: Hackathon
Pages
3rd party modules AddNewAttributes AuthenticationProject Categories & Types changes CheckList CommitMessageBestPractices Contributing to MISP Project CortexIntegration Critical aspects or features DeploymentTools EnhancedSighting Frequently Asked Questions Hackathon Hardening Home Max and min value for first_seen last_seen NewAttributes Notes: MISP STIX2 Planned features and functionalities Presentations about MISP or mentioning MISP Project dependencies Proxy RedisAllocation ReleaseCheckList Rename default branches master to main STIX2.0 to STIX2.1 changes Sharing guidelines TaxonomiesResearch Use cases UserInterface
18 Hackathon
Steve Clement edited this page 2021-10-14 22:20:53 +09:00
Table of Contents

MISP Hackathon(s)

It's a great opportunity to meet the team in a friendly atmosphere and work on your favourite information sharing software in order to improve it and make an even better tool.

Current upcoming hackathon

Historical Information Hackathon

(4th) MISP Hackathon 2018 - 7th - 9th August

The Open Source Security Software Hackathon is back. Fourth edition - 7-9 August 2018

Practical details

An Etherpad is available during the event to track the tasks and work during the hackathon.

If you physically come at the hackathon

If you are physically present please register (Luxembourg).

For more information about the summer hackathon.

Physical location:

CIRCL - Computer Incident Response Center Luxembourg
16 Boulevard d'Avranches
1160 Luxembourg
Luxembourg

If you are remotely participating to the hackathon

If you are remotely participating to the hackathon, you won't need to register. You can join us on the Etherpad session available during the event to track down the tasks, works and open ideas.

Hackathon topics

MISP

  • Taking a look at the open issues and pick one or more to work on.
  • Review current open issues.
  • Converting TIQ-test into Python and review this can be integrated in the feed system.
  • Improve the automation scripts vagrant or packer to include other open-source software (like viper.li).
  • Improve the modules interface to support MISP objects.
  • Improve the new ssdeep correlation to support other fuzzy hashing algorithms like TLSH or other.
  • Add translation to the MISP UI (check the current PO files).
  • Review the STIX 1.1/2.0 export and import. Find OSINT STIX samples to test the current mapping and ensure it's consistent in MISP.
  • CSS cleanup
  • Javascript library cleanup
  • UI refactor / move to Bootstrap 4
  • Additional dashboard widgets for the built in dashboard
  • Testing all the feeds / adding / removing

misp-taxonomies

  • Contribute a new taxonomy in the misp-taxonomies.
  • Improve the mapping of taxonomies especially in the model of kill-chain or cyber-threat-framework. Check slide 8 on the cyber-threat-framework for the potential mapping.
  • Improve an existing taxonomy.
  • Create a tool to edit or update easily MISP taxonomies.
  • Visualize existing taxonomies and/or usage statistics (cf. MISP API to get statistics).
  • Update documentation about taxonomies and good practises.
  • Create a tool to export MISP json taxonomy to JSON-LD grammar format. A specific machine tag format might be needed in JSON-LD to support generic machine tags format.
  • Make article or blog post on how to use the taxonomies efficiently (e.g. using OSINT reports as example).

misp-galaxy

  • Add more threat actors in threat-actors.json or tools used by adversaries in tools.json
  • Add more adversary models or other models that could be used.
  • Review the existing misp-galaxy clusters.

misp-objects

  • Add more misp-objects.
  • Add misp-objects for Android malware and binaries (based on LIEF export).
  • Add objects to support new models of information sharing (e.g. cars information, smart-card, RFID information, passports, physical security, telemetry, ...).

misp-warninglists

  • Review the existing warninglists.
  • Add new warninglists.
  • Generate false-positive automatically from empty files with just headers (libmagic?).

misp-modules

  • Expand existing modules.
  • LDAP modules expansion.
  • Improve documentation.
  • Extend misp-modules services with authentication to provide remotely accessible services to other MISPs.

misp-book and documentation

  • Fix the misp-book for version 2.4 including screen-shots.
  • Including a specific section about the MISP JSON format.
  • Improving the MISP project website.

misp-rfc

  • Creating a new Internet-Draft for the current MISP modules communication protocol.
  • Creating a new Internet-Draft and JSON Schema for the ZMQ format of MISP pub-sub.
  • Review existing Internet-Draft for errors.
  • Creating a new Internet-Draft for the MISP digital signature (based on the current PyMISP implementation).

PyMISP

  • Automatic generation of Markdown report (then pdf) from MISP JSON files (like the OSINT feed) to human-browseable information,

misp-workbench - data-processing - ssdc

  • Integration in environment
  • Documentation
  • Use-cases
  • Provide redis export from MISP
  • Deciding on how to handle the samples

(1st) MISP Hackathon 2016 - 4th August

The 4th August 2016, a MISP hackathon will take place in Luxembourg (at the local hackerspace) and also remotely. It's a great opportunity to meet the team in a friendly atmosphere and work on your favourite information sharing software in order to improve it and make an even better tool.

(2nd) MISP Hackathon 2016 - 7th December

The Wed, December 7, 2016, a MISP hackathon (2nd MISP hackathon) will take place in Zurich (at SWITCH-CERT) and also remotely. It's a great opportunity to meet the team in a friendly atmosphere and work on your favourite information sharing software in order to improve it and make an even better tool.

The Open Source Security Software Hackathon is back. Third edition - 26 March 2018

The hack.lu team organizes the third Open Source Security Software Hackathon conference on Monday 26 March 2018. MISP team will be there. Registration and information there. The hackathon will be local and remote. Local in Luxembourg and Japan and also remote.