MISP
/
PyMISP
mirror of https://github.com/MISP/PyMISP
2
0
Fork 0
Code Issues Releases Wiki Activity
2,473 Commits
17 Branches
158 Tags
85 MiB
Commit Graph

280 Commits (744)

Author SHA1 Message Date
chrisr3d cc9395db99
fix: typo 2018-02-19 09:16:27 +01:00
Tobias Mainka 443acd9a47 add attributes within objects as well, for tagging via value/id/uuid 2018-02-16 18:35:45 +01:00
chrisr3d e359f22575
new: Method to return an object by uuid 2018-02-16 09:47:07 +01:00
Raphaël Vinot 837372cf3e fix: Allow to pass value, UUID, or ID to a sighting. 2018-01-25 16:24:24 +01:00
Louis LCE 7b6276fbf8 Add warning when failing to import dependencies 2018-01-24 15:21:08 +01:00
Raphaël Vinot c151ad497b chg: Use defaultdict when possible 2018-01-22 10:33:34 +01:00
Raphaël Vinot aff57876bc chg: Raise an exception when distribution is sharing group, but the ID is missing. 2018-01-16 12:15:30 +01:00
Raphaël Vinot b733ddbdb0 chg: Improve Object Attribute editing 2018-01-12 16:15:09 +01:00
Raphaël Vinot 8d9a5af8d3 chg: Allow to pass a directory with custom object templates 2018-01-12 00:38:15 +01:00
Tobias Mainka 716fd2723c added misp object templates path argument 2018-01-11 12:39:19 +01:00
Raphaël Vinot 6c21728e04 chg: Cleanup from last commit 2018-01-08 12:09:48 +01:00
Raphaël Vinot c41281030b chg: Move MISPTag to Abstract MISP. 2018-01-08 11:59:32 +01:00
Raphaël Vinot a01e7f5e27 fix: edited method works as expected, add tests. 2018-01-05 19:17:25 +01:00
Raphaël Vinot 4a95a54501 fix: disable_correlation from template not properly used 2018-01-05 11:34:08 +01:00
Raphaël Vinot 95bef91588
Merge pull request #164 from MISP/refactor 
chg: Multiple changes
 2018-01-04 16:50:59 +01:00
Raphaël Vinot bb1aac5720 chg: Multiple changes 
* Fix timestamp dump (properly enforce UTC)
* Properly handle proposals
* Add many getter/setter
* Add dedicated test cases for MISPEvent and other objects
 2018-01-04 16:43:19 +01:00
Raphaël Vinot b9718c3fd3 fix: Don't remove the distribution and sharing_group_id from default_attributes_parameters 2018-01-04 12:23:32 +01:00
Raphaël Vinot 4b67605367 chg: Allow do pass a category in default_attributes_parameters for object 
fix #166
 2018-01-04 10:58:31 +01:00
Raphaël Vinot 4362c41f00 chg: Default for sharing_group_id is 0 2018-01-04 10:27:30 +01:00
Arcuri Davide 94cd2fd52e _default_attributes_parameters - if set - is a dict 
Manage distribution and sharing_group_id as dict key like the other fields.
-- Not sure about default
 2018-01-04 08:53:43 +01:00
Raphaël Vinot b183d3fd17 fix: the sharing_group_id isn't required. 2018-01-03 18:00:30 +01:00
Raphaël Vinot c68b69b422 fix: Last commit was broken... 2017-12-29 16:44:50 +01:00
Raphaël Vinot 6b81e5ddba fix: Properly set Tag to attributes within objects 2017-12-29 14:42:49 +01:00
Raphaël Vinot 0ff2120511 fix: Add method to add tags to objects 
Fix #160
 2017-12-27 14:43:53 +01:00
Raphaël Vinot 4708786959 chg: Add MISPSighting class. 2017-12-26 17:13:57 +01:00
Raphaël Vinot a497613a85 chg: Update documentation, cleanup 2017-12-22 14:49:14 +01:00
Raphaël Vinot efb6ca974c fix: Properly use the edited flag 2017-12-21 18:46:28 +01:00
Raphaël Vinot b745fce446 chg: Validate attributes in attributes.setter 2017-12-21 09:46:09 +01:00
Raphaël Vinot 749acd70b5 fix: Add setter for Attribute in MISPEvent 2017-12-21 09:38:41 +01:00
Raphaël Vinot 9c4e98f025 fix: Forgotten calls to master class. 2017-12-20 16:59:52 +01:00
Raphaël Vinot f3b8029bb3 fix: properly call datetime.datetime.utcfromtimestamp 2017-12-20 14:33:44 +01:00
Raphaël Vinot de412edaee Merge branch 'master' of https://github.com/cvandeplas/PyMISP into cvandeplas-master 2017-12-20 14:25:00 +01:00
Raphaël Vinot 994afea0bd fix: Fix python2.7 support. 2017-12-20 14:21:32 +01:00
Christophe Vandeplas 2fb4170152 Merge remote-tracking branch 'MISP/master' 2017-12-20 13:29:36 +01:00
Christophe Vandeplas 582fd28702 fix MISPObject missing distribution and sharing_group_id 
- fix MISPObject missing distribution concept
- fix language typo paramaters => parameters
 2017-12-20 13:29:05 +01:00
Raphaël Vinot 78c156bb6f new: (hopefully) Cleverer handling of timestamps in the objects 
& some cleanup
 2017-12-20 12:43:31 +01:00
Raphaël Vinot e90d28af9d chg: Add get_attribute_tag method at MISPEvent level 
Also add a MISPTag class for consistency.
 2017-12-20 10:53:46 +01:00
Raphaël Vinot 74640af4ae fix: Initialize default class parameters. 
Fix #155
 2017-12-19 17:10:52 +01:00
Raphaël Vinot 892ebbf077 chg: Add __repr__ methods (fix last commit) 2017-12-15 17:34:54 +01:00
Raphaël Vinot 56c74f1f50 chg: Add __repr__ methods 2017-12-14 16:12:54 +01:00
Raphaël Vinot d19a10ddcc chg: Make the library easier to use 2017-12-13 15:45:02 +01:00
Raphaël Vinot 44831b1fdb chg: Add new objects: MISPUser and MISPOrganisation 2017-11-17 16:51:46 +01:00
Raphaël Vinot bfe9867b2e chg: Add a generic MISP object generator 2017-11-15 17:37:17 +01:00
Raphaël Vinot f54a029e2a new: Proper debug system 
Make it easy to investigate the json blobs sent to the server.
 2017-11-08 17:33:55 -08:00
Raphaël Vinot 134df0cafb chg: Properly use python logging module. 2017-11-07 18:10:04 -08:00
Raphaël Vinot 0e123af546 fix: Let load unknown object relations in known templates 
This isn't recommended, but happens very often.
 2017-11-02 09:57:53 -07:00
Raphaël Vinot 75d96b2d7a fix: Allow to load non-malware ZIP files in MISP Event 
Prior to his patch, any zip file loaded by MISP Event was unpacked and
processed as an excrypted malware from MISP.
 2017-11-02 09:26:05 -07:00
Raphaël Vinot 7ece6b7fbc fix: Properly set the distribution at event level 
fix #120
 2017-10-28 17:09:11 -04:00
Raphaël Vinot 14bc9e4b19 fix: Properly pop the distribution key. 2017-10-26 12:05:51 -04:00
Raphaël Vinot 85669abbcb chg: Do not raise an exception when the object template is unknown. 
+ bump misp-object
 2017-10-24 08:52:00 -04:00
Raphaël Vinot a63d53094f fix: Fix typos and logic mistakes in mispevent. 2017-10-22 12:17:48 -04:00
Raphaël Vinot 6d2576be0a fix: Allow again to tag/delete unsaved attributes 2017-09-26 10:52:38 +01:00
cgi1 7ad02eb68c Similar to #114 on attribute level 
`add_attribute_tag(tag,attribute_identifier)` fails if attribute does not have any tag in before.
 2017-09-25 13:43:25 +02:00
cgi1 4fee9b0c85 Fixing #114 2017-09-25 10:01:23 +02:00
infosec-intern f08f744cc2 Formatted "Unknown MISP object" error message 
When a user tries to add an object with a name that doesn't exist, the error thrown was missing its format string
This ended up looking like
pymisp.exceptions.UnknownMISPObjectTemplate: {} is unknown in the MISP object directory.
Here's a patch that adds self.name to the format string
 2017-09-22 11:43:20 -06:00
Raphaël Vinot 6eb807381d Properly initialize a new malware sample 2017-09-18 15:37:55 +01:00
Raphaël Vinot b1989f16f2 Merge branch 'objects' 2017-09-18 11:43:48 +01:00
Raphaël Vinot 6dfaa78722 Allow to get the list of known types out of MISPEvent again 2017-09-14 14:34:53 +02:00
Raphaël Vinot b3c15da967 Merge branch 'objects' of github.com:MISP/PyMISP into objects 2017-09-12 16:55:29 +02:00
Raphaël Vinot da2b28a927 Use MISPAbstract as a master class everywhere. 
This is probably breaking everything.... ¯\_(ツ)_/¯
 2017-09-12 16:46:06 +02:00
iglocska b337e77070 changed source => object / destination => referenced 2017-09-07 16:09:45 +02:00
iglocska c15b82c45a Changed two fields in object references 
- source_uuid => object_uuid
- destination_uuid => referenced_uuid
 2017-09-07 14:01:13 +02:00
Raphaël Vinot b74e558f75 Some more refactoring 2017-08-31 10:40:18 +02:00
Raphaël Vinot 74037cb6fa Some more refactoring and cleanup 2017-08-30 12:47:32 +02:00
Raphaël Vinot 2bc0745fbf Refactoring in order to load objects 2017-08-28 19:16:20 +02:00
edhoedt bd6deba55e Fixing undefined ressources_path 2017-08-24 17:09:19 +02:00
Raphaël Vinot e567ddc877 Update function names in mispevent 2017-08-24 17:09:16 +02:00
Raphaël Vinot 314f7eaed1 Re-enable python < 3.5 support. 2017-08-23 16:55:32 +02:00
Raphaël Vinot 77845bd813 Update file/pe/pe-sections objects creator. 2017-08-23 15:37:04 +02:00
Raphaël Vinot 3c443095e8 Exact match on the value when adding tag. 2017-08-22 10:07:34 +02:00
Raphaël Vinot 622a5701ee Fix typo in variable name. 2017-07-27 17:14:49 +02:00
Raphaël Vinot 0c86d489b6 Merge pull request #99 from edhoedt/patch-1 
Fixing undefined ressources_path
 2017-07-27 16:02:27 +02:00
Raphaël Vinot 0db710a586 Allow to load the event_id in MISPAttrbute 2017-07-27 15:42:56 +02:00
edhoedt b4dea5173f Fixing undefined ressources_path 2017-07-27 14:54:02 +02:00
Raphaël Vinot 41b5672360 Doesn't require describe_types in MISPAttribute's constructor. 2017-07-26 11:28:50 +02:00
Raphaël Vinot 1d6c63c54c Doesn't require describe_types in MISPAttribute's constructor. 2017-07-26 10:10:12 +02:00
Sebastian Wagner 5a85788c5d
Fix shebangs and executable permissions 
Files containing a shebang should be executable (examples/*.py)
Non-executable files should not contain a shebang (pymisp/...)

spotted with rpmlint
 2017-07-24 13:27:28 +02:00
Raphaël Vinot 9fc631cc85 Simplfy MISPEvent.add_attribute 2017-07-12 11:25:41 +02:00
Raphaël Vinot 481c8e4790 Revert "Simplfy MISPEvent.add_attribute" 
This reverts commit f64f42ac71.
 2017-07-12 11:24:21 +02:00
Raphaël Vinot f64f42ac71 Simplfy MISPEvent.add_attribute 2017-07-12 11:08:58 +02:00
Hannah Ward 64f1edd5b4
fix: If array passed to add_attrib, add each individually 2017-06-16 12:25:27 +01:00
Alexandre Dulaunoy b73435949f Typo fixed 
Paris is not the center of the world as the idiot of the World village
would said.
 2017-06-02 09:12:00 +02:00
Raphaël Vinot bcb3b8cdfb Update validation 
* Allow strict validation
* Add workaround to avoid all JSON dumps from MISP <=2.4.70 to fail
 2017-04-09 00:02:02 +02:00
Nick Driver d9bef7d65e extended the Windows fix to lines 168 and 471 2017-03-15 09:03:02 -04:00
Nick Driver 4aa0df9d1f publish_timestamp Windows 7 Fix 
On Windows 7 datetime.datetime.fromtimestamp(int(0)) returns a date before 1970, which causes the script to crash. This fixes the bug.
 2017-03-14 11:07:31 -04:00
Raphaël Vinot a7e66ca5db Allow to pass None to to_ids, default to sane default 2017-03-14 15:58:54 +01:00
Raphaël Vinot c875fde6ea Merge branch 'master' of github.com:MISP/PyMISP 2017-03-12 23:05:25 +01:00
Raphaël Vinot 638ad3d4b7 Update types, allow 0 as attribute value 2017-03-12 23:05:13 +01:00
Hannah Ward b3376183c0
fix: Entrypt isn't a word! 
fixes #59
 2017-03-09 16:36:30 +00:00
Raphaël Vinot 8175a0ecf0 Security fix: do not try to load any valid path as a MISP Event. 
The MISP Event loader was trying to open any string passed as parameter
if is an existing filepath. Anything that isn't a valid MISP event would
raise an exception, but I can see it used for malicous purposes.

load_file is will do the same, but the user can decide if it is safe to
use.
 2017-02-27 11:28:12 +01:00
Richard van den Berg ef69016e4a Allow 'Your organisation only' distribution for attributes 2017-02-21 11:07:57 +01:00
Raphaël Vinot 6b5f347423 Merge branch 'master' of github.com:MISP/PyMISP 2017-02-07 14:03:22 +01:00
Raphaël Vinot b66e1258a7 Fix error message 2017-02-07 14:03:10 +01:00
Hannah Ward 98a008e67a
fix: Don't auto-publish events 2017-02-06 11:06:37 +00:00
Raphaël Vinot 2b9663cdf4 Bug fixes 
* Improve version checking
* Fix attribute update
 2017-01-27 11:58:00 +01:00
Raphaël Vinot 48e1211ed8 Allow to add a tag to a MISPEvent and MISPAttribute 2017-01-26 14:36:01 +01:00
Raphaël Vinot b26c021b0e Fix typo 2017-01-19 19:07:24 -05:00
Raphaël Vinot 2bcc4163ad Add support for attribute level tagging 2017-01-17 18:20:24 -05:00
Raphaël Vinot 351ad53c97 Merge branch 'master' of git://github.com/cgi1/PyMISP into cgi1-master 2017-01-16 14:43:07 -05:00
Raphaël Vinot 748136f3f1 Allow to update an event by UUID, syntax fixes. 2017-01-16 14:41:32 -05:00
Hannah Ward 78cef06963
new: Added ability to disable correlation on attributes 2017-01-16 09:52:35 +00:00
cgi 60c02cb5e9 + separate function change_sharing_group using update_event 2017-01-09 16:19:20 +01:00
Raphaël Vinot b2752bd8d5 Load RelatedEvent as MISPEvent. 
Fix #76
 2017-01-06 16:24:39 -05:00
Raphaël Vinot 585ca9cd08 Allow to mark an attribute as deleted in a MISPEvent 
Related to #33
 2017-01-02 16:53:23 +01:00
Raphaël Vinot d4489d9c34 Fix sharing group distribution level. 
Fix https://github.com/MISP/MISP/issues/1761
 2016-12-14 15:17:33 +01:00
Raphaël Vinot 0f2206a700 Add basic support for Galaxy 2016-12-09 17:35:50 +01:00
Raphaël Vinot 81faa507f4 Add support for data field (malware-sample) 2016-12-07 19:27:12 +01:00
Raphaël Vinot f96c1b5748 Reorganize json dumps 2016-12-03 18:37:13 +01:00
Raphaël Vinot d75d02b5eb Fix merge conflict, make pep8 happy. 2016-12-03 17:29:41 +01:00
morallo c40eaf935f Fixed synthax error 2016-12-02 17:51:43 +01:00
morallo a6a851f38d Solved warnings in tests when run under Python3 2016-12-02 16:53:45 +01:00
Nicolas Bareil e44e33fe90 capitalizeformat() does not exist on Python2 and fix category variables 2016-12-01 10:48:33 +01:00
Raphaël Vinot f62cf9f3d9 More granularity in the verification 2016-11-21 10:44:03 +01:00
Raphaël Vinot d2e4e73abb Allow to pass a passphrase as parameter for signing. 2016-11-18 18:01:57 +01:00
Raphaël Vinot b8a391d263 Avoid error if pyme3 isn't installed 2016-11-17 17:30:23 +01:00
Raphaël Vinot 419897aba0 Bump recommended python3 version 2016-11-17 17:29:54 +01:00
Raphaël Vinot 35a4dd52bc Add signing support for MISP events 2016-11-17 17:07:29 +01:00
Raphaël Vinot 6c5289d495 Initial version of the OpenIOC loader 2016-10-29 15:27:48 -04:00
Raphaël Vinot 81e3ce37af Fix forgotten import 2016-10-27 17:04:23 -04:00
Raphaël Vinot d48f248176 Fix Python2 - Python3 support 2016-10-27 15:58:58 -04:00
Raphaël Vinot 0a63285efb Fix Python2 support 2016-10-19 19:00:09 +02:00
Raphaël Vinot 49433cdc3a Print a warning in case python2 is used. 2016-10-19 18:52:49 +02:00
Déborah Servili 9cc55341f0 fix date formatting in mispevent.py + some PEP8 cleaning 2016-10-12 15:40:49 +02:00
Raphaël Vinot ed2be78f4e Avoid validation issue if attribute_count is none 2016-10-11 17:45:38 +02:00
Raphaël Vinot 8817674dd0 Do not dump an empty list of attrbutes. 2016-10-10 12:23:03 +02:00
Raphaël Vinot 5ee23d46c0 Make sure all integers are string in the dumped json 2016-09-30 16:06:41 +02:00
Raphaël Vinot dcd76ec5c4 Fix python 2.7 support, add missing test file 2016-09-28 18:50:05 +02:00
Raphaël Vinot 6482a21834 More cleanup 2016-09-28 18:20:37 +02:00
Raphaël Vinot e035922949 Getting closed to a full support of a misp event as a Python Object 2016-09-27 19:47:22 +02:00
Raphaël Vinot cf257493f7 First batch of changes, will be squashed 2016-09-26 00:26:09 +02:00