Alexandre Dulaunoy
1d83f38725
chg: [data] misp-objects updated
2020-10-13 22:57:38 +02:00
Alexandre Dulaunoy
85c2600bd7
new: [attribute type] telfhash added
2020-10-13 22:34:24 +02:00
Alexandre Dulaunoy
77e7111c29
chg: [type] new type added
2020-10-01 15:08:45 +02:00
garanews
cd785aab09
fix typo
...
fix typo
2020-10-01 13:45:29 +02:00
Raphaël Vinot
516e7472bb
chg: Bump deps, objects
2020-09-29 11:17:16 +02:00
Raphaël Vinot
c39328f30a
fix: Do not modify default_attributes_parameters in MISPObject
2020-09-15 17:01:56 +02:00
Lott, Christopher (cl778h)
f1de0fb794
chg: add docstrings and extend conf.py for RTD
...
Add minimal docstrings to public methods so ReadTheDocs will display them.
Add autodoc mock import for lief so RTD can generate HTML for tools.
This fixes issue #626
2020-09-15 10:40:21 -04:00
Raphaël Vinot
18474a2144
chg: Add comments to ELF, PE, and MachO object generators.
2020-09-15 12:39:59 +02:00
Raphaël Vinot
50e5f156bd
chg: Improve error message, add comments, rename whitelist->allowedlist
2020-09-15 12:31:22 +02:00
Raphaël Vinot
9c48079d88
new: Method to get the new version of the templates
2020-09-10 15:26:34 +02:00
Raphaël Vinot
e3815a41f1
fix: Make flake8 happy
2020-09-09 15:41:42 +02:00
Raphaël Vinot
cab202e1da
Merge pull request #624 from seamustuohy/fix-badly-encoded-emails
...
Attempt to decode utf-8-sig encoded emails.
2020-09-09 15:02:18 +02:00
seamus tuohy
07137209e2
Attempt to decode utf-8-sig encoded emails.
...
eml files downloaded from Windows Online security on some Windows 11
systems are automatically encoded in UTF with a byte order mark (BOM)
at the front of the file. This will cause the email parser to fail.
This is a somewhat isolated problem. It only will affects a small
subset of Windows users who download and re-upload eml files. But,
this small subset of users is the target user-base for the MISP
email module: low expertiese users who wish to quickly share
high-value indicators on an ad-hoc basis.
While this fix could be tacked onto the MISP email module instead of
here, I beleive that this fix is more appropriate in the PyMISP object
code. As the "email" object parser this object should be built to
parse all manner of emails that it may encounter. This includes common
malformations such as this one and, even horrors such as, the .msg
format. This commit adds a generically named "attempt_decoding"
function which can be expanded to address all manner of sins that
are encountered in the future.
2020-09-09 07:45:07 -04:00
Raphaël Vinot
49aede3947
chg: Bump version
2020-09-08 12:43:25 +02:00
Raphaël Vinot
07fed2fbb4
chg: Bump objects
2020-09-08 11:18:40 +02:00
Raphaël Vinot
7cc868bc8d
Merge branch 'main' of github.com:MISP/PyMISP into main
2020-09-08 10:55:32 +02:00
Raphaël Vinot
cd93d6b868
chg: Bump objects
2020-09-08 10:55:20 +02:00
Alexandre Dulaunoy
c7edf4e33a
chg: [describeTypes] updated
2020-09-04 16:33:11 +02:00
Alexandre Dulaunoy
5598351a8b
chg: [describeTypes] updated
2020-09-04 16:00:41 +02:00
Raphaël Vinot
3cbd906520
chg: Bump objects
2020-09-02 15:06:59 +02:00
Raphaël Vinot
918f841087
chg: Rename blacklist -> blocklist
2020-09-01 19:29:12 +02:00
Alexandre Dulaunoy
92c5d11f47
new: [describeTypes] sha3 added
2020-08-24 10:38:25 +02:00
Raphaël Vinot
29af8645f7
chg: Bump version
2020-08-20 13:01:00 +02:00
Raphaël Vinot
f52ee0e0e7
chg: Bump objects
2020-08-20 12:44:35 +02:00
Raphaël Vinot
6e4bf35bda
chg: Bump types
2020-08-20 12:22:12 +02:00
deku
dd6922fd3a
Exclude section correlation .rsrc and zero-filled
2020-08-14 11:13:53 -04:00
Raphaël Vinot
be8c94e6e7
chg: Cleanup blocklist methods
2020-08-04 12:20:21 +02:00
Raphaël Vinot
2bbf888ca7
new: Blacklist methods
2020-08-03 15:59:54 +02:00
Raphaël Vinot
83273b6ce8
new: Add list of missing calls
2020-07-30 16:48:37 +02:00
Paal Braathen
ff62f1c19c
Linting/Add missing whitespace
2020-07-28 20:05:42 +02:00
Raphaël Vinot
706e553f5d
Merge pull request #607 from paalbra/remove-unnecessary-logic
...
Remove explicit loglevel checking
2020-07-28 12:42:44 +02:00
Paal Braathen
e8d34ea337
Remove explicit loglevel checking
2020-07-28 11:18:43 +02:00
Paal Braathen
96881f216b
Remove explicit traceback printing
2020-07-28 11:03:59 +02:00
Raphaël Vinot
b2e8cffd0b
fix: Add STIX XML output for the search
...
Use stix-xml as return_format.
Fix #600 https://github.com/MISP/MISP/issues/5618
2020-07-17 14:19:15 +02:00
louis
b6322c0d0c
chg: Make get_object return a not standalone object
2020-06-30 13:07:38 +02:00
louis
f8589061cb
chg: Remove standalone default value from MISPObject children c'tor
...
MISPObject.__init__ sets standalone=True by default, so there is no
need to do it in its child classes.
2020-06-30 12:40:08 +02:00
louis
67d2e47b3b
chg: Make MISPObject standalone by default
...
standalone defaults to True in MISPObject.__init__, and is set to False
when the object is added to an event.
2020-06-30 12:36:19 +02:00
louis
86f758e5b4
new: Add MISPObject.standalone property
...
Setting MISPObject.standalone updates MISPObject._standalone and
add/removes "ObjectReference" from AbstractMISP.__not_jsonable using
update_not_jsonable/_remove_from_not_jsonable.
2020-06-29 18:55:07 +02:00
louis
aa1c95f344
chg: Add MISPObject._standalone type
2020-06-29 18:38:27 +02:00
louis
0bbfac6143
new: Add AbstractMISP._remove_from_not_jsonable
2020-06-29 18:35:37 +02:00
Raphaël Vinot
fc101aa790
chg: Bump version
2020-06-22 14:31:02 +02:00
Raphaël Vinot
3177d05c5d
chg: Bump objects
2020-06-21 21:46:16 +02:00
Raphaël Vinot
f94e247771
chg: Bump version
2020-06-19 15:33:23 +02:00
Raphaël Vinot
ef91d3d966
chg: Bump misp-objects
2020-06-19 15:32:41 +02:00
Raphaël Vinot
578801e50d
fix: Keep deleted key in MISPObject and MISPObjectAttribute
2020-06-19 14:12:03 +02:00
Raphaël Vinot
c8d66365c5
chg: Update comments for search
2020-06-19 11:32:02 +02:00
Raphaël Vinot
16cbb93867
chg: Rename master -> main
2020-06-16 14:58:38 +02:00
Raphaël Vinot
bbfe9d5b1f
chg: Bump version
2020-06-16 14:22:22 +02:00
Raphaël Vinot
b1fad98ab2
chg: Bump misp-objects
2020-06-16 14:20:45 +02:00
Troy Ross
17ebfe86ab
Previously file object was reporting the libmagic description of a file
...
instead of the mimetype. According to [MISP DataModels](https://www.misp-project.org/datamodels/#types )
```
mime-type: A media type (also MIME type and content type) is a two-part identifier for file formats and format contents transmitted on the Internet
```
more precisely defined in [RFC2045](https://tools.ietf.org/html/rfc2045 ) and others.
The description returned by libmagic is more useful than the generic mime-type,
but I did not find a place to put the description in the current data model.
2020-06-14 10:48:29 -06:00
Raphaël Vinot
23d732e398
chg: Remove extra parameter in change_user_password
2020-06-02 10:08:17 +02:00
Raphaël Vinot
1e9eed198e
fix: Do not fail if the attribute value is not a string
2020-05-29 01:23:34 +02:00
Raphaël Vinot
74a5d04bda
fix: Properly strip value in MISPObject.add_attribute, take 2
...
Fix #546
2020-05-29 01:02:02 +02:00
Raphaël Vinot
524aa13641
fix: Properly strip value in MISPObject.add_attribute
...
Fix #546
2020-05-29 00:56:32 +02:00
Raphaël Vinot
5d97d7ee0c
new: Add helper and test case for GitVulnFinderObject
2020-05-26 15:37:24 +02:00
Raphaël Vinot
fb03cc1361
new: Add git-commit-id type
2020-05-26 14:45:59 +02:00
Raphaël Vinot
06eb92f912
fix: Deleted is not always required in the feed export
2020-05-26 11:36:53 +02:00
Raphaël Vinot
526321c8b4
new: Add deleted in field export
...
Fix #586
2020-05-26 10:56:46 +02:00
Raphaël Vinot
3e26d3c807
fix: Make mypy happy
2020-05-21 23:03:04 +02:00
Christophe Vandeplas
515a47a591
fix: fixes bug in timeout change
2020-05-21 22:01:26 +02:00
Christophe Vandeplas
f3b3f4c13c
fix: fixes bug in timeout change
2020-05-21 21:52:42 +02:00
Christophe Vandeplas
12f8fd8530
fix: fixes bug in timeout change
2020-05-21 21:49:25 +02:00
Christophe Vandeplas
fa639d8aa9
fix: fixes bug in timeout change
2020-05-21 21:46:24 +02:00
Christophe Vandeplas
e74a0a4269
fix: fixes bug in timeout change
...
hail to Rafiot
2020-05-21 21:30:28 +02:00
Christophe Vandeplas
d09852fa4b
fix: fixes bug in timeout change
2020-05-21 20:59:28 +02:00
Christophe Vandeplas
d745d5b226
fix: fixes bug in timeout change
2020-05-21 20:44:42 +02:00
Christophe Vandeplas
50ee8d9a66
new: Timeout for connection/request, fixes #584
2020-05-21 20:31:19 +02:00
Raphaël Vinot
e7166345b8
chg: Bump version
2020-05-18 12:34:09 +02:00
Raphaël Vinot
1d45ce8eb7
chg: Bump misp-object
2020-05-18 12:32:27 +02:00
Raphaël Vinot
7178d3a8a0
fix: settings is not required in MISPFeed
2020-05-15 11:44:13 +02:00
Raphaël Vinot
901afb32d9
chg: Strip empty parameters in build_complex_query
...
Fix #577
2020-05-14 13:10:01 +02:00
Raphaël Vinot
18c1460376
chg: Simplify delete_attribute
2020-05-14 12:43:10 +02:00
Raphaël Vinot
034a4e7d8e
Merge branch 'master' of github.com:MISP/PyMISP
2020-05-14 12:41:25 +02:00
Raphaël Vinot
73693ac5f9
fix: Properly skip timestamp in __iter__ when needed
2020-05-14 12:41:19 +02:00
Bernhard E. Reiter
da0373a615
Update docstring in api.py
...
* remove typo in ssl parameter docstring.
* Add hint that other certs (which are not in the default CAs, but also are not self signed in a strict sense) can also use the CA_BUNDLE function of the ssl parameter.
2020-05-14 09:42:24 +02:00
Raphaël Vinot
b214c7d4c1
chg: Add comment in microblog object
2020-05-12 22:34:25 +02:00
Raphaël Vinot
5df58406ef
fix: Catch exception when liblua-5.3 is not present
...
Related: https://github.com/MISP/misp-modules/issues/398
2020-05-12 13:21:05 +02:00
Raphaël Vinot
35257e538d
fix: Make flake8 happy
2020-05-12 11:34:38 +02:00
Raphaël Vinot
14d278fff2
fix: Properly load feeds, fix undefined variable
2020-05-12 11:24:47 +02:00
Raphaël Vinot
dcd1db8883
fix: make flake8 happy
2020-05-11 15:40:20 +02:00
VVX7
fff0caa330
chg: [dev] clean up how keys are accessed in self._parameters
2020-05-08 19:54:12 -04:00
VVX7
759e9196de
chg: [dev] use isinstance() type check.
2020-05-08 19:31:19 -04:00
VVX7
395d6aabac
chg: [dev] fix abstract generator import. add logger.
2020-05-08 19:27:42 -04:00
VVX7
de994fd944
chg: [dev] change type() == list
2020-05-08 16:32:29 -04:00
VVX7
0eb209c7df
new: [dev] add microblog object tool
2020-05-08 16:10:09 -04:00
Raphaël Vinot
1d106d1a20
fix: remove extra print
2020-05-07 15:55:45 +02:00
Raphaël Vinot
c098981a40
new: Very simple test case for rest search on objects
2020-05-07 13:59:45 +02:00
Raphaël Vinot
4a060b3c07
new: Self registration, object level search (initial)
2020-05-07 12:17:31 +02:00
Raphaël Vinot
e020bac5f6
chg: Bump misp-objects
2020-05-05 11:05:50 +02:00
Raphaël Vinot
8980c2da3b
fix: Typo, add test for extended event
2020-05-04 10:19:55 +02:00
VVX7
a76a85b616
chg: [dev] add extend_event() test. chg typo in get_event()
2020-05-03 20:58:33 -04:00
Raphaël Vinot
3ac8c5916b
chg: Bump CHANGELOG
2020-04-30 10:23:31 +02:00
Raphaël Vinot
029aa8df79
chg: Bump objects, deps
2020-04-30 10:20:21 +02:00
Raphaël Vinot
ed2a95fbdd
new: Extended option on get event
...
Related to #567
2020-04-28 11:17:27 +02:00
mokaddem
f965e579d7
fix: [abstract] Forces file to be read with utf8 encoding
2020-04-24 11:33:32 +02:00
DocArmoryTech
4ee4db16fe
Fixed __query_virustotal return type
...
__query_virustotal returned a Response object and not the json expected; modified so that report_json is returned instead of report.
2020-04-06 10:46:15 +01:00
Raphaël Vinot
92e884f15d
chg: Bump version
2020-03-30 09:39:57 +02:00
Raphaël Vinot
a64c79e960
chg: Bump misp-objects
2020-03-30 09:35:11 +02:00
Raphaël Vinot
b5b40ae2c5
fix: Strip every string in AbstractMISP
...
fix #546
2020-03-24 14:34:29 +01:00
Raphaël Vinot
2a9c79a1e9
fix: Incorrect expectation of attribute value to be a str - take 2
...
Related #553
2020-03-13 12:02:11 +01:00
Raphaël Vinot
8cf3887d54
fix: Incorrect expectation of attribute value to be a str
...
Fix #553
2020-03-13 11:02:51 +01:00
Raphaël Vinot
1b4c74642d
chg: Bump version
2020-03-10 14:10:38 +01:00
Raphaël Vinot
4fba2b05ad
chg: Bump misp-objects
2020-03-10 10:27:52 +01:00
Raphaël Vinot
eff7146b3c
chg: JSON files are UTF8
...
Bump dev deps, update comment
2020-03-02 17:33:41 +01:00
Raphaël Vinot
67442dd503
new: Add import script for dxy data
2020-03-02 00:13:53 +01:00
Raphaël Vinot
68a2352afd
chg: Bump misp-objects
2020-02-29 01:38:46 +01:00
Raphaël Vinot
0a696d8c14
chg: Bump misp-objects
2020-02-26 14:52:41 +01:00
Raphaël Vinot
ffffbef69a
chg: Bump misp-objects
2020-02-26 14:50:26 +01:00
Raphaël Vinot
92afc4a2a0
chg: Bump version
2020-02-26 14:39:58 +01:00
Raphaël Vinot
21a0c74443
chg: Bump misp-objects
2020-02-26 14:39:13 +01:00
Raphaël Vinot
8d6e69ce65
fix: mypy, more typing
2020-02-24 17:09:42 +01:00
Raphaël Vinot
94c2a644af
fix: do not skip data in add_attribute methods
2020-02-24 14:13:10 +01:00
Raphaël Vinot
35377399e8
new: Add uuid by default in MISPEvent, add F/L seen in feed output.
2020-02-21 14:12:36 +01:00
Tom King
b08d26d762
chg: Remove SG search for search() func as this doesn't support SG searching, but the index does
2020-02-13 16:35:11 +00:00
Tom King
394b7a545e
Merge remote-tracking branch 'upstream/master' into feature/tagdelete_searchsg
2020-02-13 16:27:24 +00:00
Tom King
415e06f375
fix: merge SG params to allow search
2020-02-13 16:20:14 +00:00
Raphaël Vinot
55d1faac90
chg: Bump objects
2020-02-07 13:16:40 +01:00
Raphaël Vinot
0f72460d1a
chg: Bump version
2020-02-07 13:15:18 +01:00
Raphaël Vinot
11353f8ae2
fix: Make lief optional again
...
fix #538
2020-02-07 11:51:48 +01:00
Raphaël Vinot
70dca1d408
fix: Bump objects
2020-02-06 10:58:40 +01:00
Raphaël Vinot
f14963a656
chg: Bump version
2020-02-06 10:42:38 +01:00
Raphaël Vinot
8d58a50b9a
chg: Bump objects
2020-02-06 10:30:16 +01:00
Raphaël Vinot
732908a1d3
fix: Remove debugging
2020-02-05 17:29:40 +01:00
Raphaël Vinot
a1e96731b2
Merge branch 'master' of github.com:MISP/PyMISP
2020-02-05 13:11:56 +01:00
Raphaël Vinot
fe80924d60
chg: str to int, properly load SharingGroup
...
Fix #535
2020-02-05 13:08:17 +01:00
mokaddem
52774769ac
fix: [*-seen] Consider that `-` can also be in the date component while
...
parsing
2020-01-31 12:26:50 +01:00
Raphaël Vinot
3bfa202bfb
new: Add decay score in search query
2020-01-30 14:05:02 +01:00
Raphaël Vinot
4e586d0de5
chg: Bump deps, add pep8 test
2020-01-30 11:44:13 +01:00
Raphaël Vinot
cbce2cfbfe
chg: Bump objects
2020-01-30 11:40:07 +01:00
Raphaël Vinot
864d294294
chg: Support dict in tag/untag
2020-01-30 11:07:49 +01:00
Raphaël Vinot
98e1feefa1
fix: Syntax and typos
2020-01-28 14:12:39 +01:00
Raphaël Vinot
f43266fcf2
chg: Normalize to_datetime conversion
2020-01-27 20:14:14 +01:00
Raphaël Vinot
32445973bd
new: Support for first_seen/last_seen
...
Cleaner import of datetime
2020-01-27 19:07:52 +01:00
Raphaël Vinot
97d960883c
chg: Trustar example uses objects
2020-01-24 13:17:48 +01:00
Raphaël Vinot
2ab47e191a
fix: Bugs introduced by last commit
2020-01-23 11:03:23 +01:00
Raphaël Vinot
b0e95fd5af
chg: Refactorize typing, validate
2020-01-23 10:27:40 +01:00
Raphaël Vinot
c24cbbe141
chg: Bump version
2020-01-17 14:59:47 +01:00
Raphaël Vinot
9743c37fc8
chg: Bump misp-objects
2020-01-17 14:55:15 +01:00
AaronK
c0d375473a
Update api.py
...
minor typo, can;t help it noticing those. sorry,
2020-01-15 17:26:08 +01:00
Raphaël Vinot
aa17663b58
chg: Add more typing information
2020-01-03 15:42:15 +01:00
Raphaël Vinot
2e064563c3
chg: Add typing markup
2020-01-02 15:55:00 +01:00
Raphaël Vinot
6427ce3c84
chg: Bump misp-objects
2020-01-01 03:33:06 +01:00
Raphaël Vinot
6d4ae575e9
Merge branch 'master' into python3.6
2019-12-30 16:49:37 +01:00
Raphaël Vinot
3a858c1fc7
Merge branch 'master' into python3.6
2019-12-30 16:48:46 +01:00
Alexandre Dulaunoy
2d5e729025
new: [attribute type] kusto-query attribute type
...
Kusto query is the query language for the Kusto services in Azure used
to search large dataset. It's used in Windows Defender ATP Hunting-Queries
and also Azure Sentinel (Cloud-native SIEM).
2019-12-28 15:30:39 +01:00
Alexandre Dulaunoy
5493881d52
Merge branch 'master' of https://github.com/cudeso/PyMISP into cudeso-master
2019-12-27 17:33:06 +01:00
Raphaël Vinot
70510f5aa8
chg: Bump misp-objects
2019-12-26 17:13:59 +01:00
Koen Van Impe
acae958947
Sync
2019-12-23 21:21:45 +01:00
Raphaël Vinot
24a8f90ea8
new: Remove python < 3.6 support.
2019-12-18 14:45:14 +01:00
Raphaël Vinot
a8d1285be2
chg: Version bump
2019-12-17 10:45:55 +01:00