MISP
/
PyMISP
mirror of https://github.com/MISP/PyMISP
2
0
Fork 0
Code Issues Releases Wiki Activity
1,162 Commits
13 Branches
176 Tags
95 MiB
Commit Graph

676 Commits (2607111b1901d5b2468d3f5f6bee09edf3b654cf)

Author SHA1 Message Date
Raphaël Vinot 8ebb963adf new: add preliminary fail2ban object 2018-03-26 12:07:40 +02:00
Raphaël Vinot 6fd7db2ec0 chg: Bump version 2018-03-23 10:05:27 +01:00
Raphaël Vinot 98a6e070ab chg: Bump misp-objects 2018-03-22 15:19:21 +01:00
Raphaël Vinot 5c6314c45c new: Add email object generator 2018-03-18 23:21:29 +01:00
Sami Mokaddem 3faec3c00d fix: AbstractMISP.from_dict() do not accept positional argument 2018-03-15 12:04:23 +01:00
Richard van den Berg 079048545c Point to right anchor for client side certificates 2018-02-26 17:04:38 +01:00
ANSSI-BSO-D 9087768b1d
add search on sighting 
added the possibility to search sightings : 
Here some example : 
```python
print(misp.sighting_list(424242))
```
The answer will give a sighting list corresponding to the attribute 424242.
```python
print(misp.sighting_list(element_id=42, org_id=2, scope=event))
```
The return will be a sighting list of event 42 with a filter for organisation 2.
 2018-02-21 15:12:26 +01:00
Raphaël Vinot 62fb26fafd
Merge pull request #189 from neok0/master 
add attributes within objects as well, for tagging via value/id/uuid
 2018-02-19 11:49:50 +01:00
chrisr3d cc9395db99
fix: typo 2018-02-19 09:16:27 +01:00
Tobias Mainka 443acd9a47 add attributes within objects as well, for tagging via value/id/uuid 2018-02-16 18:35:45 +01:00
chrisr3d e359f22575
new: Method to return an object by uuid 2018-02-16 09:47:07 +01:00
Raphaël Vinot 0a42660311 chg: version bump 2018-02-13 11:29:08 +01:00
Raphaël Vinot b330a3106f chg: Bump misp-objects 2018-02-13 11:26:17 +01:00
Raphaël Vinot cd6b596574 new: APIs to manage sharing groups 
Fix #185
 2018-02-13 11:25:05 +01:00
Raphaël Vinot 3e8e588846 new: returnMetaAttributes flag for freeTextImport API 
Fix #188
 2018-02-13 10:50:51 +01:00
Raphaël Vinot 14c2f2780b chg: Bump describeTypes (add mime) 2018-02-08 11:19:10 +01:00
Raphaël Vinot d9fb66690e chg: Bump misp-objects 2018-02-06 12:06:17 +01:00
Raphaël Vinot 9349e04e19 chg: Bump describeType 2018-02-05 16:51:15 +01:00
Raphaël Vinot a1d4b338fc chg: Bump describeType 2018-02-02 15:29:10 +01:00
Raphaël Vinot 05bbfac658 fix: Encode string in _encode_file_to_upload 2018-01-29 10:30:37 +01:00
Raphaël Vinot f9063ad588 chg: Version bump 2018-01-28 20:55:43 +01:00
Raphaël Vinot 825fa5361b chg: Bump misp-object & describeTypes 2018-01-26 20:27:56 +01:00
Raphaël Vinot e937c3ae81 new: Add bindings for Galaxies and Taxonimies 2018-01-26 17:02:47 +01:00
Raphaël Vinot 250190e8a8 new: Add bindings to PyMISPWarninglists 2018-01-25 17:56:30 +01:00
Raphaël Vinot 837372cf3e fix: Allow to pass value, UUID, or ID to a sighting. 2018-01-25 16:24:24 +01:00
Raphaël Vinot 076393d55e add: Allow to fetch warninglists 
Fix #180
 2018-01-25 16:02:58 +01:00
Louis LCE 7b6276fbf8 Add warning when failing to import dependencies 2018-01-24 15:21:08 +01:00
Raphaël Vinot e2bb66d01c chg: Cleanup new sbsignature generator 2018-01-23 11:07:36 +01:00
Raphaël Vinot cb4d464526 chg: Bump misp-objects 2018-01-23 11:06:44 +01:00
garanews db235899bf sb-signature library 
Created sb-signature library with relative example for testing.
Thanks @dadokkio
 2018-01-23 10:35:21 +01:00
Raphaël Vinot 8026d0fa42 fix: Do not use basicConfig in __init__ 
Fix #170
 2018-01-22 16:42:47 +01:00
Raphaël Vinot af52c1c83e Merge branch 'master' of github.com:MISP/PyMISP 2018-01-22 10:33:49 +01:00
Raphaël Vinot c151ad497b chg: Use defaultdict when possible 2018-01-22 10:33:34 +01:00
Kory Kyzar 914ac84194 Linting 2018-01-19 15:44:10 -06:00
Kory Kyzar c797f4dfc4 Bug fix 2018-01-19 13:46:04 -06:00
Kory Kyzar 788a7842fa Change in add_attachment. Allow explicit attachment naming 2018-01-19 13:27:49 -06:00
Armīns Palms 9158985f3f Change in new_tag function. Added attributie 'hide_tag' 2018-01-19 16:57:40 +02:00
Armīns Palms aaf18fa3c8 Change the comment of attribute 2018-01-18 15:17:52 +02:00
Raphaël Vinot aff57876bc chg: Raise an exception when distribution is sharing group, but the ID is missing. 2018-01-16 12:15:30 +01:00
Raphaël Vinot c862800df2 fix: add_hashes was broken 
Fix #174
 2018-01-12 18:47:50 +01:00
Raphaël Vinot cb4f4d2443 chg: Bump misp-objects 2018-01-12 16:15:38 +01:00
Raphaël Vinot b733ddbdb0 chg: Improve Object Attribute editing 2018-01-12 16:15:09 +01:00
Raphaël Vinot 8d9a5af8d3 chg: Allow to pass a directory with custom object templates 2018-01-12 00:38:15 +01:00
Raphaël Vinot dfac2e2a05 Merge branch 'add-objects-template-file-path' of https://github.com/neok0/PyMISP into neok0-add-objects-template-file-path 2018-01-11 22:33:11 +01:00
Raphaël Vinot e17349cba2 chg: Remove old warning. 2018-01-11 14:07:31 +01:00
Tobias Mainka 716fd2723c added misp object templates path argument 2018-01-11 12:39:19 +01:00
Raphaël Vinot fc879c531c Merge branch 'master' of github.com:MISP/PyMISP 2018-01-10 23:39:43 +01:00
Raphaël Vinot baa617aae4 fix: Download old samples was broken. 2018-01-10 23:39:27 +01:00
Raphaël Vinot bfc476ecfc chg: Bump version 2018-01-10 10:44:37 +01:00
Raphaël Vinot a78c5cc25c chg: Bump misp-objects 2018-01-10 10:39:36 +01:00
Raphaël Vinot 6c21728e04 chg: Cleanup from last commit 2018-01-08 12:09:48 +01:00
Raphaël Vinot c41281030b chg: Move MISPTag to Abstract MISP. 2018-01-08 11:59:32 +01:00
Raphaël Vinot 96f75cba8a chg: Bump misp-objects 2018-01-05 19:24:29 +01:00
Raphaël Vinot a01e7f5e27 fix: edited method works as expected, add tests. 2018-01-05 19:17:25 +01:00
Raphaël Vinot 4a95a54501 fix: disable_correlation from template not properly used 2018-01-05 11:34:08 +01:00
Raphaël Vinot 131986cf36 chg: Bump misp-objects 2018-01-04 17:28:30 +01:00
Raphaël Vinot 95bef91588
Merge pull request #164 from MISP/refactor 
chg: Multiple changes
 2018-01-04 16:50:59 +01:00
Raphaël Vinot bb1aac5720 chg: Multiple changes 
* Fix timestamp dump (properly enforce UTC)
* Properly handle proposals
* Add many getter/setter
* Add dedicated test cases for MISPEvent and other objects
 2018-01-04 16:43:19 +01:00
Raphaël Vinot 2c3c6d39ff
Merge pull request #162 from AninaAntonie/patch-1 
fix: set_sightings
 2018-01-04 14:44:35 +01:00
Raphaël Vinot b9718c3fd3 fix: Don't remove the distribution and sharing_group_id from default_attributes_parameters 2018-01-04 12:23:32 +01:00
Raphaël Vinot 4b67605367 chg: Allow do pass a category in default_attributes_parameters for object 
fix #166
 2018-01-04 10:58:31 +01:00
Raphaël Vinot 4362c41f00 chg: Default for sharing_group_id is 0 2018-01-04 10:27:30 +01:00
Arcuri Davide 94cd2fd52e _default_attributes_parameters - if set - is a dict 
Manage distribution and sharing_group_id as dict key like the other fields.
-- Not sure about default
 2018-01-04 08:53:43 +01:00
Raphaël Vinot b183d3fd17 fix: the sharing_group_id isn't required. 2018-01-03 18:00:30 +01:00
Raphaël Vinot c68b69b422 fix: Last commit was broken... 2017-12-29 16:44:50 +01:00
Raphaël Vinot 6b81e5ddba fix: Properly set Tag to attributes within objects 2017-12-29 14:42:49 +01:00
AninaAntonie 72597c1b8a
set_sightings 
Maybe I didn't use it correctly but the method set_sightings didn't work for me. It's working now but I'm not sure whether sending a request for every sighting in the list is the best solution.
 2017-12-28 10:17:57 +01:00
Raphaël Vinot 0ff2120511 fix: Add method to add tags to objects 
Fix #160
 2017-12-27 14:43:53 +01:00
Raphaël Vinot 8013e90e40 fix: Typo in set_sightings 
Fix #161
 2017-12-27 14:25:12 +01:00
Raphaël Vinot 4708786959 chg: Add MISPSighting class. 2017-12-26 17:13:57 +01:00
Raphaël Vinot adfecc7975 chg: Bump misp-objects 2017-12-22 17:39:01 +01:00
Raphaël Vinot a02e777a99 chg: Version bump 2017-12-22 17:37:54 +01:00
Raphaël Vinot e8e13f3218 chg: Update documentation 2017-12-22 17:22:07 +01:00
Raphaël Vinot a497613a85 chg: Update documentation, cleanup 2017-12-22 14:49:14 +01:00
Raphaël Vinot efb6ca974c fix: Properly use the edited flag 2017-12-21 18:46:28 +01:00
Raphaël Vinot 9e9bad731d new: Add last field to get_csv 2017-12-21 17:25:12 +01:00
Raphaël Vinot ae644bdbf5 chg: Bump describeTypes.json 2017-12-21 16:27:40 +01:00
Raphaël Vinot b745fce446 chg: Validate attributes in attributes.setter 2017-12-21 09:46:09 +01:00
Raphaël Vinot 749acd70b5 fix: Add setter for Attribute in MISPEvent 2017-12-21 09:38:41 +01:00
Raphaël Vinot 9c4e98f025 fix: Forgotten calls to master class. 2017-12-20 16:59:52 +01:00
Raphaël Vinot f3b8029bb3 fix: properly call datetime.datetime.utcfromtimestamp 2017-12-20 14:33:44 +01:00
Raphaël Vinot 4a1d43c7e2 fix: Fix typo 2017-12-20 14:27:31 +01:00
Raphaël Vinot de412edaee Merge branch 'master' of https://github.com/cvandeplas/PyMISP into cvandeplas-master 2017-12-20 14:25:00 +01:00
Raphaël Vinot 994afea0bd fix: Fix python2.7 support. 2017-12-20 14:21:32 +01:00
Christophe Vandeplas 2fb4170152 Merge remote-tracking branch 'MISP/master' 2017-12-20 13:29:36 +01:00
Christophe Vandeplas 582fd28702 fix MISPObject missing distribution and sharing_group_id 
- fix MISPObject missing distribution concept
- fix language typo paramaters => parameters
 2017-12-20 13:29:05 +01:00
Raphaël Vinot 78c156bb6f new: (hopefully) Cleverer handling of timestamps in the objects 
& some cleanup
 2017-12-20 12:43:31 +01:00
Raphaël Vinot e90d28af9d chg: Add get_attribute_tag method at MISPEvent level 
Also add a MISPTag class for consistency.
 2017-12-20 10:53:46 +01:00
Raphaël Vinot 74640af4ae fix: Initialize default class parameters. 
Fix #155
 2017-12-19 17:10:52 +01:00
Raphaël Vinot 0fa7785f7e chg: Bump misp-objects 2017-12-19 10:28:49 +01:00
Raphaël Vinot 6884289156 chg: Bump describeTypes 2017-12-18 13:56:44 +01:00
Raphaël Vinot 892ebbf077 chg: Add __repr__ methods (fix last commit) 2017-12-15 17:34:54 +01:00
Raphaël Vinot 56c74f1f50 chg: Add __repr__ methods 2017-12-14 16:12:54 +01:00
Raphaël Vinot 19a50a7ba7 chg: Use new format for filtering. 2017-12-14 11:06:52 +01:00
Raphaël Vinot 78d9673e24 chg: Bump misp-objects 2017-12-13 18:01:42 +01:00
Raphaël Vinot f15341d1cf chg: Bump describeTypes 2017-12-13 18:00:35 +01:00
Raphaël Vinot 68afcf1c38 chg: Bump misp-objects 2017-12-13 17:12:35 +01:00
Raphaël Vinot f02f889077 chg: Bump version 2017-12-13 17:09:46 +01:00
Raphaël Vinot 6db31b397a new: Add methods to get taxonomy(ies) 
Thanks to @truckydev
 2017-12-13 16:43:21 +01:00
Raphaël Vinot fe00b0b712
Merge pull request #151 from MISP/refactor 
chg: Make the library easier to use
 2017-12-13 15:58:56 +01:00
Raphaël Vinot 6c4e2b2861
Merge pull request #150 from sdrees/first-friendly-contribution-enhance-coverage 
First friendly contribution enhance coverage
 2017-12-13 15:47:43 +01:00
Raphaël Vinot d19a10ddcc chg: Make the library easier to use 2017-12-13 15:45:02 +01:00
Raphaël Vinot 5cbcc09d7d new: Add method to get all the events modified in an interval 2017-12-11 15:01:25 +01:00
Stefan Hagen (Individual) 207e1f195e Merge branch 'master' of https://github.com/MISP/PyMISP into first-friendly-contribution-enhance-coverage 2017-12-11 14:04:04 +01:00
Raphaël Vinot 9f8f15fb2b Merge branch 'get_last_modified_event' of https://github.com/truckydev/PyMISP into truckydev-get_last_modified_event 2017-12-11 14:03:37 +01:00
Stefan Hagen (Individual) e7f395a92c enhance coverage and fix en passant with focus on api 2017-12-11 14:00:43 +01:00
Raphaël Vinot 7946e2ef83 fix: Disable pseudofile support in py2, skip tests. 2017-12-09 13:35:44 +01:00
Raphaël Vinot 52e079fea2 chg: Allow to pass a pseudofile to LIEF 2017-12-09 13:12:04 +01:00
Raphaël Vinot ab3a6bb404 chg: Bump misp-objects 2017-12-09 11:52:26 +01:00
StrayLightning 748be6a093 Improve the exception message for a server 500+ response with no response content 2017-12-05 18:04:11 +00:00
StrayLightning 8a8b0c113d Check for zero-length 500 response from the server and produce a suitable error message 
In experimenting with PyMISP I am triggering problems on the server I
am using.  Occasionally the server will return a 500 response with a
message indicating an internal error, but more often than not it returns
a 500 response with no contents, and _check_response falls over itself,
generating hard-to-fathom exception from the json internals.

This commit hardens _check_response by detecting zero-length responses
and raising a suitable exception.

Also fix a missing bracket in one of the subsequent exception strings.
 2017-12-05 17:44:15 +00:00
Raphaël Vinot 1d190cdf50
Merge pull request #146 from c-goes/lief_integrity_exception 
Make FileObject creation work if lief parsing fails
 2017-12-04 18:57:52 +01:00
Raphaël Vinot 42c5cc5e37 chg: allow to pass a proxy to query VT 2017-12-04 18:43:44 +01:00
c-goes b514600965 Make FileObject creation work if lief parsing fails 2017-12-04 17:52:13 +01:00
Raphaël Vinot 5d0cc16e75 Merge branch 'master' of github.com:MISP/PyMISP 2017-12-04 14:12:18 +01:00
Raphaël Vinot 2ec1f20bc6 chg: Bump misp-objects 2017-12-04 14:11:45 +01:00
Raphaël Vinot 5e931ffde7
Merge pull request #144 from c-goes/objects_delete 
allow deletion of objects and object references
 2017-12-02 21:36:44 +01:00
Raphaël Vinot 119169d4eb chg: Bump version to 2.4.83 2017-12-01 17:55:58 +01:00
Raphaël Vinot be65733d73 chg: Do not get the event from the server before publishing if PyMISP.publish gets an ID 2017-12-01 16:47:06 +01:00
Raphaël Vinot f4439ae970 chg: Add live tests for recommended pymisp version and describeTypes up-to-date 2017-12-01 16:15:46 +01:00
Raphaël Vinot 9a2b82a2ae chg: Add a way to check if the ACL is up-to-date 2017-12-01 14:35:19 +01:00
Raphaël Vinot eb5cf6c06c chg: Add validators for describeTypes on the live instance 2017-12-01 14:02:04 +01:00
Raphaël Vinot 9c7923fe0a new: Add get CSV method. 2017-12-01 12:01:42 +01:00
Raphaël Vinot 2e46f00055 fix: Bump describeTypes.json 
Add testing
 2017-12-01 10:36:09 +01:00
Tristan METAYER 60f3111f47 - Correction for 'last' param. 
'last' gives the latest events that have been published
- add get_events_last_modified()
this function returns the modified events based on timestamp
 2017-11-29 16:46:41 +01:00
Raphaël Vinot 0875ad4a5f chg: Add example file to push OpenIOC file to MISP 
chg: Add some imports in the tool's init file
 2017-11-28 11:54:08 +01:00
c-goes 4416fe30b1 allow deletion of objects and object references 2017-11-23 17:51:04 +01:00
Raphaël Vinot d4b8df380f chg: Bump misp-objects 2017-11-23 10:17:36 +01:00
3c7 069023e802 Adding multiple named attributes require a single POST request now 2017-11-22 14:57:11 +01:00
c-goes 2e5fcf4e31 fixed typo 2017-11-20 15:11:30 +01:00
Steve Clement 89a5558014 - Remove CIRCL reference from README.md 
- Updated 2 bad indentations where epydoc was Warning
 2017-11-19 10:02:03 +01:00
Raphaël Vinot 44831b1fdb chg: Add new objects: MISPUser and MISPOrganisation 2017-11-17 16:51:46 +01:00
Raphaël Vinot bfe9867b2e chg: Add a generic MISP object generator 2017-11-15 17:37:17 +01:00
Raphaël Vinot b1262a0c96 chg: Add fast publish method 
Fix #86
 2017-11-10 15:42:07 -08:00
Raphaël Vinot 55b4064a57 chg: Improve documentation 
Fix #121
 2017-11-10 14:56:53 -08:00
Raphaël Vinot 31e98c6e5d chg: Bump PyMISP version 2017-11-09 13:49:09 -08:00
Raphaël Vinot 5d414cb8e9 chg: Bump misp-objects 2017-11-09 13:45:31 -08:00
Raphaël Vinot f54a029e2a new: Proper debug system 
Make it easy to investigate the json blobs sent to the server.
 2017-11-08 17:33:55 -08:00
Raphaël Vinot 4512a4eaca chg: small improvments in the logging system 2017-11-07 19:10:54 -08:00
Raphaël Vinot f1a88f460e fix: Typo loger -> logger 2017-11-07 18:19:57 -08:00
Raphaël Vinot 134df0cafb chg: Properly use python logging module. 2017-11-07 18:10:04 -08:00
Raphaël Vinot 0e123af546 fix: Let load unknown object relations in known templates 
This isn't recommended, but happens very often.
 2017-11-02 09:57:53 -07:00
Raphaël Vinot 75d96b2d7a fix: Allow to load non-malware ZIP files in MISP Event 
Prior to his patch, any zip file loaded by MISP Event was unpacked and
processed as an excrypted malware from MISP.
 2017-11-02 09:26:05 -07:00
Raphaël Vinot e5a7153284 fix: Properly pass the distribution when uploading a sample 
Fix: https://github.com/MISP/PyMISP/issues/129
 2017-11-01 17:26:58 -07:00
Raphaël Vinot 4b53b399d0 fix: Properly upload a sample in an existing event. 
Fix https://github.com/MISP/PyMISP/issues/123
 2017-11-01 17:15:49 -07:00
Raphaël Vinot 7ece6b7fbc fix: Properly set the distribution at event level 
fix #120
 2017-10-28 17:09:11 -04:00
Raphaël Vinot 30da658292 chg: Remove warning if PyMISP is too new 2017-10-28 16:57:03 -04:00
Raphaël Vinot 14bc9e4b19 fix: Properly pop the distribution key. 2017-10-26 12:05:51 -04:00
Raphaël Vinot 78eb6e3080 fix: Update dependencies for VT generator. 2017-10-25 15:00:00 -04:00
Thomas Gardner e2d690d0ef added vtreportobject and vt_to_misp example 2017-10-25 09:48:18 -04:00