MISP
/
PyMISP
mirror of https://github.com/MISP/PyMISP
2
0
Fork 0
Code Issues Releases Wiki Activity
1,089 Commits
13 Branches
164 Tags
92 MiB
Commit Graph

633 Commits (09aa74229a13d1019c12b4ad82cc73cdca4f484a)

Author SHA1 Message Date
Raphaël Vinot dfac2e2a05 Merge branch 'add-objects-template-file-path' of https://github.com/neok0/PyMISP into neok0-add-objects-template-file-path 2018-01-11 22:33:11 +01:00
Raphaël Vinot e17349cba2 chg: Remove old warning. 2018-01-11 14:07:31 +01:00
Tobias Mainka 716fd2723c added misp object templates path argument 2018-01-11 12:39:19 +01:00
Raphaël Vinot fc879c531c Merge branch 'master' of github.com:MISP/PyMISP 2018-01-10 23:39:43 +01:00
Raphaël Vinot baa617aae4 fix: Download old samples was broken. 2018-01-10 23:39:27 +01:00
Raphaël Vinot bfc476ecfc chg: Bump version 2018-01-10 10:44:37 +01:00
Raphaël Vinot a78c5cc25c chg: Bump misp-objects 2018-01-10 10:39:36 +01:00
Raphaël Vinot 6c21728e04 chg: Cleanup from last commit 2018-01-08 12:09:48 +01:00
Raphaël Vinot c41281030b chg: Move MISPTag to Abstract MISP. 2018-01-08 11:59:32 +01:00
Raphaël Vinot 96f75cba8a chg: Bump misp-objects 2018-01-05 19:24:29 +01:00
Raphaël Vinot a01e7f5e27 fix: edited method works as expected, add tests. 2018-01-05 19:17:25 +01:00
Raphaël Vinot 4a95a54501 fix: disable_correlation from template not properly used 2018-01-05 11:34:08 +01:00
Raphaël Vinot 131986cf36 chg: Bump misp-objects 2018-01-04 17:28:30 +01:00
Raphaël Vinot 95bef91588
Merge pull request #164 from MISP/refactor 
chg: Multiple changes
 2018-01-04 16:50:59 +01:00
Raphaël Vinot bb1aac5720 chg: Multiple changes 
* Fix timestamp dump (properly enforce UTC)
* Properly handle proposals
* Add many getter/setter
* Add dedicated test cases for MISPEvent and other objects
 2018-01-04 16:43:19 +01:00
Raphaël Vinot 2c3c6d39ff
Merge pull request #162 from AninaAntonie/patch-1 
fix: set_sightings
 2018-01-04 14:44:35 +01:00
Raphaël Vinot b9718c3fd3 fix: Don't remove the distribution and sharing_group_id from default_attributes_parameters 2018-01-04 12:23:32 +01:00
Raphaël Vinot 4b67605367 chg: Allow do pass a category in default_attributes_parameters for object 
fix #166
 2018-01-04 10:58:31 +01:00
Raphaël Vinot 4362c41f00 chg: Default for sharing_group_id is 0 2018-01-04 10:27:30 +01:00
Arcuri Davide 94cd2fd52e _default_attributes_parameters - if set - is a dict 
Manage distribution and sharing_group_id as dict key like the other fields.
-- Not sure about default
 2018-01-04 08:53:43 +01:00
Raphaël Vinot b183d3fd17 fix: the sharing_group_id isn't required. 2018-01-03 18:00:30 +01:00
Raphaël Vinot c68b69b422 fix: Last commit was broken... 2017-12-29 16:44:50 +01:00
Raphaël Vinot 6b81e5ddba fix: Properly set Tag to attributes within objects 2017-12-29 14:42:49 +01:00
AninaAntonie 72597c1b8a
set_sightings 
Maybe I didn't use it correctly but the method set_sightings didn't work for me. It's working now but I'm not sure whether sending a request for every sighting in the list is the best solution.
 2017-12-28 10:17:57 +01:00
Raphaël Vinot 0ff2120511 fix: Add method to add tags to objects 
Fix #160
 2017-12-27 14:43:53 +01:00
Raphaël Vinot 8013e90e40 fix: Typo in set_sightings 
Fix #161
 2017-12-27 14:25:12 +01:00
Raphaël Vinot 4708786959 chg: Add MISPSighting class. 2017-12-26 17:13:57 +01:00
Raphaël Vinot adfecc7975 chg: Bump misp-objects 2017-12-22 17:39:01 +01:00
Raphaël Vinot a02e777a99 chg: Version bump 2017-12-22 17:37:54 +01:00
Raphaël Vinot e8e13f3218 chg: Update documentation 2017-12-22 17:22:07 +01:00
Raphaël Vinot a497613a85 chg: Update documentation, cleanup 2017-12-22 14:49:14 +01:00
Raphaël Vinot efb6ca974c fix: Properly use the edited flag 2017-12-21 18:46:28 +01:00
Raphaël Vinot 9e9bad731d new: Add last field to get_csv 2017-12-21 17:25:12 +01:00
Raphaël Vinot ae644bdbf5 chg: Bump describeTypes.json 2017-12-21 16:27:40 +01:00
Raphaël Vinot b745fce446 chg: Validate attributes in attributes.setter 2017-12-21 09:46:09 +01:00
Raphaël Vinot 749acd70b5 fix: Add setter for Attribute in MISPEvent 2017-12-21 09:38:41 +01:00
Raphaël Vinot 9c4e98f025 fix: Forgotten calls to master class. 2017-12-20 16:59:52 +01:00
Raphaël Vinot f3b8029bb3 fix: properly call datetime.datetime.utcfromtimestamp 2017-12-20 14:33:44 +01:00
Raphaël Vinot 4a1d43c7e2 fix: Fix typo 2017-12-20 14:27:31 +01:00
Raphaël Vinot de412edaee Merge branch 'master' of https://github.com/cvandeplas/PyMISP into cvandeplas-master 2017-12-20 14:25:00 +01:00
Raphaël Vinot 994afea0bd fix: Fix python2.7 support. 2017-12-20 14:21:32 +01:00
Christophe Vandeplas 2fb4170152 Merge remote-tracking branch 'MISP/master' 2017-12-20 13:29:36 +01:00
Christophe Vandeplas 582fd28702 fix MISPObject missing distribution and sharing_group_id 
- fix MISPObject missing distribution concept
- fix language typo paramaters => parameters
 2017-12-20 13:29:05 +01:00
Raphaël Vinot 78c156bb6f new: (hopefully) Cleverer handling of timestamps in the objects 
& some cleanup
 2017-12-20 12:43:31 +01:00
Raphaël Vinot e90d28af9d chg: Add get_attribute_tag method at MISPEvent level 
Also add a MISPTag class for consistency.
 2017-12-20 10:53:46 +01:00
Raphaël Vinot 74640af4ae fix: Initialize default class parameters. 
Fix #155
 2017-12-19 17:10:52 +01:00
Raphaël Vinot 0fa7785f7e chg: Bump misp-objects 2017-12-19 10:28:49 +01:00
Raphaël Vinot 6884289156 chg: Bump describeTypes 2017-12-18 13:56:44 +01:00
Raphaël Vinot 892ebbf077 chg: Add __repr__ methods (fix last commit) 2017-12-15 17:34:54 +01:00
Raphaël Vinot 56c74f1f50 chg: Add __repr__ methods 2017-12-14 16:12:54 +01:00
Raphaël Vinot 19a50a7ba7 chg: Use new format for filtering. 2017-12-14 11:06:52 +01:00
Raphaël Vinot 78d9673e24 chg: Bump misp-objects 2017-12-13 18:01:42 +01:00
Raphaël Vinot f15341d1cf chg: Bump describeTypes 2017-12-13 18:00:35 +01:00
Raphaël Vinot 68afcf1c38 chg: Bump misp-objects 2017-12-13 17:12:35 +01:00
Raphaël Vinot f02f889077 chg: Bump version 2017-12-13 17:09:46 +01:00
Raphaël Vinot 6db31b397a new: Add methods to get taxonomy(ies) 
Thanks to @truckydev
 2017-12-13 16:43:21 +01:00
Raphaël Vinot fe00b0b712
Merge pull request #151 from MISP/refactor 
chg: Make the library easier to use
 2017-12-13 15:58:56 +01:00
Raphaël Vinot 6c4e2b2861
Merge pull request #150 from sdrees/first-friendly-contribution-enhance-coverage 
First friendly contribution enhance coverage
 2017-12-13 15:47:43 +01:00
Raphaël Vinot d19a10ddcc chg: Make the library easier to use 2017-12-13 15:45:02 +01:00
Raphaël Vinot 5cbcc09d7d new: Add method to get all the events modified in an interval 2017-12-11 15:01:25 +01:00
Stefan Hagen (Individual) 207e1f195e Merge branch 'master' of https://github.com/MISP/PyMISP into first-friendly-contribution-enhance-coverage 2017-12-11 14:04:04 +01:00
Raphaël Vinot 9f8f15fb2b Merge branch 'get_last_modified_event' of https://github.com/truckydev/PyMISP into truckydev-get_last_modified_event 2017-12-11 14:03:37 +01:00
Stefan Hagen (Individual) e7f395a92c enhance coverage and fix en passant with focus on api 2017-12-11 14:00:43 +01:00
Raphaël Vinot 7946e2ef83 fix: Disable pseudofile support in py2, skip tests. 2017-12-09 13:35:44 +01:00
Raphaël Vinot 52e079fea2 chg: Allow to pass a pseudofile to LIEF 2017-12-09 13:12:04 +01:00
Raphaël Vinot ab3a6bb404 chg: Bump misp-objects 2017-12-09 11:52:26 +01:00
StrayLightning 748be6a093 Improve the exception message for a server 500+ response with no response content 2017-12-05 18:04:11 +00:00
StrayLightning 8a8b0c113d Check for zero-length 500 response from the server and produce a suitable error message 
In experimenting with PyMISP I am triggering problems on the server I
am using.  Occasionally the server will return a 500 response with a
message indicating an internal error, but more often than not it returns
a 500 response with no contents, and _check_response falls over itself,
generating hard-to-fathom exception from the json internals.

This commit hardens _check_response by detecting zero-length responses
and raising a suitable exception.

Also fix a missing bracket in one of the subsequent exception strings.
 2017-12-05 17:44:15 +00:00
Raphaël Vinot 1d190cdf50
Merge pull request #146 from c-goes/lief_integrity_exception 
Make FileObject creation work if lief parsing fails
 2017-12-04 18:57:52 +01:00
Raphaël Vinot 42c5cc5e37 chg: allow to pass a proxy to query VT 2017-12-04 18:43:44 +01:00
c-goes b514600965 Make FileObject creation work if lief parsing fails 2017-12-04 17:52:13 +01:00
Raphaël Vinot 5d0cc16e75 Merge branch 'master' of github.com:MISP/PyMISP 2017-12-04 14:12:18 +01:00
Raphaël Vinot 2ec1f20bc6 chg: Bump misp-objects 2017-12-04 14:11:45 +01:00
Raphaël Vinot 5e931ffde7
Merge pull request #144 from c-goes/objects_delete 
allow deletion of objects and object references
 2017-12-02 21:36:44 +01:00
Raphaël Vinot 119169d4eb chg: Bump version to 2.4.83 2017-12-01 17:55:58 +01:00
Raphaël Vinot be65733d73 chg: Do not get the event from the server before publishing if PyMISP.publish gets an ID 2017-12-01 16:47:06 +01:00
Raphaël Vinot f4439ae970 chg: Add live tests for recommended pymisp version and describeTypes up-to-date 2017-12-01 16:15:46 +01:00
Raphaël Vinot 9a2b82a2ae chg: Add a way to check if the ACL is up-to-date 2017-12-01 14:35:19 +01:00
Raphaël Vinot eb5cf6c06c chg: Add validators for describeTypes on the live instance 2017-12-01 14:02:04 +01:00
Raphaël Vinot 9c7923fe0a new: Add get CSV method. 2017-12-01 12:01:42 +01:00
Raphaël Vinot 2e46f00055 fix: Bump describeTypes.json 
Add testing
 2017-12-01 10:36:09 +01:00
Tristan METAYER 60f3111f47 - Correction for 'last' param. 
'last' gives the latest events that have been published
- add get_events_last_modified()
this function returns the modified events based on timestamp
 2017-11-29 16:46:41 +01:00
Raphaël Vinot 0875ad4a5f chg: Add example file to push OpenIOC file to MISP 
chg: Add some imports in the tool's init file
 2017-11-28 11:54:08 +01:00
c-goes 4416fe30b1 allow deletion of objects and object references 2017-11-23 17:51:04 +01:00
Raphaël Vinot d4b8df380f chg: Bump misp-objects 2017-11-23 10:17:36 +01:00
3c7 069023e802 Adding multiple named attributes require a single POST request now 2017-11-22 14:57:11 +01:00
c-goes 2e5fcf4e31 fixed typo 2017-11-20 15:11:30 +01:00
Steve Clement 89a5558014 - Remove CIRCL reference from README.md 
- Updated 2 bad indentations where epydoc was Warning
 2017-11-19 10:02:03 +01:00
Raphaël Vinot 44831b1fdb chg: Add new objects: MISPUser and MISPOrganisation 2017-11-17 16:51:46 +01:00
Raphaël Vinot bfe9867b2e chg: Add a generic MISP object generator 2017-11-15 17:37:17 +01:00
Raphaël Vinot b1262a0c96 chg: Add fast publish method 
Fix #86
 2017-11-10 15:42:07 -08:00
Raphaël Vinot 55b4064a57 chg: Improve documentation 
Fix #121
 2017-11-10 14:56:53 -08:00
Raphaël Vinot 31e98c6e5d chg: Bump PyMISP version 2017-11-09 13:49:09 -08:00
Raphaël Vinot 5d414cb8e9 chg: Bump misp-objects 2017-11-09 13:45:31 -08:00
Raphaël Vinot f54a029e2a new: Proper debug system 
Make it easy to investigate the json blobs sent to the server.
 2017-11-08 17:33:55 -08:00
Raphaël Vinot 4512a4eaca chg: small improvments in the logging system 2017-11-07 19:10:54 -08:00
Raphaël Vinot f1a88f460e fix: Typo loger -> logger 2017-11-07 18:19:57 -08:00
Raphaël Vinot 134df0cafb chg: Properly use python logging module. 2017-11-07 18:10:04 -08:00
Raphaël Vinot 0e123af546 fix: Let load unknown object relations in known templates 
This isn't recommended, but happens very often.
 2017-11-02 09:57:53 -07:00
Raphaël Vinot 75d96b2d7a fix: Allow to load non-malware ZIP files in MISP Event 
Prior to his patch, any zip file loaded by MISP Event was unpacked and
processed as an excrypted malware from MISP.
 2017-11-02 09:26:05 -07:00
Raphaël Vinot e5a7153284 fix: Properly pass the distribution when uploading a sample 
Fix: https://github.com/MISP/PyMISP/issues/129
 2017-11-01 17:26:58 -07:00
Raphaël Vinot 4b53b399d0 fix: Properly upload a sample in an existing event. 
Fix https://github.com/MISP/PyMISP/issues/123
 2017-11-01 17:15:49 -07:00
Raphaël Vinot 7ece6b7fbc fix: Properly set the distribution at event level 
fix #120
 2017-10-28 17:09:11 -04:00
Raphaël Vinot 30da658292 chg: Remove warning if PyMISP is too new 2017-10-28 16:57:03 -04:00
Raphaël Vinot 14bc9e4b19 fix: Properly pop the distribution key. 2017-10-26 12:05:51 -04:00
Raphaël Vinot 78eb6e3080 fix: Update dependencies for VT generator. 2017-10-25 15:00:00 -04:00
Thomas Gardner e2d690d0ef added vtreportobject and vt_to_misp example 2017-10-25 09:48:18 -04:00
Raphaël Vinot 23f82e68cd chg: version bump 2017-10-24 09:07:57 -04:00
Raphaël Vinot 7686020f95 chg: Bump version 2017-10-24 08:54:38 -04:00
Raphaël Vinot 85669abbcb chg: Do not raise an exception when the object template is unknown. 
+ bump misp-object
 2017-10-24 08:52:00 -04:00
Raphaël Vinot cb166a6295 chg: Bump misp-objects 2017-10-23 11:53:21 -04:00
Raphaël Vinot 4c4cd23983 chg: Allow to hard delete an attribute by ID. 2017-10-22 14:02:47 -04:00
Raphaël Vinot a63d53094f fix: Fix typos and logic mistakes in mispevent. 2017-10-22 12:17:48 -04:00
Raphaël Vinot 45684cfd5f chg: Update comments 2017-10-21 20:22:38 +02:00
Andras Iklody cae7f635ea Update openioc.py 2017-10-18 16:27:54 +02:00
Raphaël Vinot c49008a636 fix: Missing default category 
Fix #119
 2017-10-18 08:36:19 +02:00
Raphaël Vinot c5f8cc88a2 chg: Bump misp-objects and describeTypes 2017-10-18 08:30:35 +02:00
tssbo82 8032e5f06d Added **kwargs to add_named_attribute call in add_attachment 2017-10-09 15:54:20 -04:00
Raphaël Vinot 9beb2da1b1 up: bump version 2017-10-09 16:14:17 +02:00
Raphaël Vinot 474db01d8e up: Bump misp-objects 2017-10-09 16:13:41 +02:00
Raphaël Vinot 182a70b02f up: Version bump 2017-10-04 10:06:37 +02:00
Raphaël Vinot b298f8de6e up: Bump misp-objects & describeTypes 2017-10-04 10:03:42 +02:00
Raphaël Vinot 3e73ae826f Fix: create file object 
Was broken in case the file was neither PE/ELF/Mach-O
 2017-09-27 16:05:06 +02:00
Raphaël Vinot 6d2576be0a fix: Allow again to tag/delete unsaved attributes 2017-09-26 10:52:38 +01:00
cgi1 7ad02eb68c Similar to #114 on attribute level 
`add_attribute_tag(tag,attribute_identifier)` fails if attribute does not have any tag in before.
 2017-09-25 13:43:25 +02:00
cgi1 4fee9b0c85 Fixing #114 2017-09-25 10:01:23 +02:00
infosec-intern f08f744cc2 Formatted "Unknown MISP object" error message 
When a user tries to add an object with a name that doesn't exist, the error thrown was missing its format string
This ended up looking like
pymisp.exceptions.UnknownMISPObjectTemplate: {} is unknown in the MISP object directory.
Here's a patch that adds self.name to the format string
 2017-09-22 11:43:20 -06:00
Raphaël Vinot d3d34d5953 update: make make_binary_objects more flexible 
fix: use proper exception handlers
 2017-09-20 11:44:55 +01:00
Raphaël Vinot 8c3f2e5ff8 fix: import the openioc converter from tool again 2017-09-20 11:24:51 +01:00
Raphaël Vinot 6eb807381d Properly initialize a new malware sample 2017-09-18 15:37:55 +01:00
Raphaël Vinot b1989f16f2 Merge branch 'objects' 2017-09-18 11:43:48 +01:00
Raphaël Vinot 9abaed0499 Bump misp object 2017-09-18 11:37:09 +01:00
Raphaël Vinot 6dfaa78722 Allow to get the list of known types out of MISPEvent again 2017-09-14 14:34:53 +02:00
Raphaël Vinot b3c15da967 Merge branch 'objects' of github.com:MISP/PyMISP into objects 2017-09-12 16:55:29 +02:00
Raphaël Vinot da2b28a927 Use MISPAbstract as a master class everywhere. 
This is probably breaking everything.... ¯\_(ツ)_/¯
 2017-09-12 16:46:06 +02:00
iglocska b337e77070 changed source => object / destination => referenced 2017-09-07 16:09:45 +02:00
Raphaël Vinot 2a5f3346e4 Bump miso-objects 2017-09-07 14:30:05 +02:00
iglocska c15b82c45a Changed two fields in object references 
- source_uuid => object_uuid
- destination_uuid => referenced_uuid
 2017-09-07 14:01:13 +02:00
Raphaël Vinot b74e558f75 Some more refactoring 2017-08-31 10:40:18 +02:00
Raphaël Vinot 74037cb6fa Some more refactoring and cleanup 2017-08-30 12:47:32 +02:00
Raphaël Vinot 69ede74ce7 Update object definitions 2017-08-29 18:38:28 +02:00
Raphaël Vinot 8452e16dbd Update PE generator 2017-08-29 10:25:45 +02:00
Raphaël Vinot 2bc0745fbf Refactoring in order to load objects 2017-08-28 19:16:20 +02:00
Raphaël Vinot 44f32bc443 Add support for multiple entries of the same type in an object 2017-08-27 18:12:42 +02:00
Raphaël Vinot ed441d6356 Remove some python versions from travis 2017-08-25 18:35:53 +02:00
Raphaël Vinot a5531990ae Do not try to run code requiring lief 2017-08-25 17:41:58 +02:00
Raphaël Vinot 9ff3739753 Remove ImportError 2017-08-25 17:37:35 +02:00
Raphaël Vinot f06bfd310b Do not fail if pymisp is not installed 2017-08-25 16:38:12 +02:00
Raphaël Vinot 44008d1c0c Add support for ELF and MachO objects 2017-08-25 15:57:12 +02:00
Raphaël Vinot bfa5b67c1d Version bump 2017-08-25 14:25:51 +02:00