Johannes Bader
cb3b655463
fix: Correct FileObject import
...
The FileObject import has been moved outside the try-except-block
related to lief, as the import is needed regardless whether lief
is available or not.
2024-02-27 16:38:19 +01:00
Raphaël Vinot
e6cb8552c5
fix: Properly get body from message, without headers
2024-02-12 11:41:08 +01:00
Raphaël Vinot
b5b4a5ef52
fix: More fixes to support responses from MISP
2024-02-01 17:24:24 +01:00
Raphaël Vinot
8fb34a2892
fix: Import FileObject as needed.
2024-02-01 14:56:57 +01:00
Raphaël Vinot
1da0d5adc1
chg: Add more strict typing, not done yet.
2024-02-01 14:40:12 +01:00
Raphaël Vinot
9853f23683
chg: Add a bunch more typing.
2024-01-31 15:20:31 +01:00
Raphaël Vinot
ca0fb8dc99
chg: Use typing info of lief
2024-01-31 12:59:49 +01:00
Raphaël Vinot
298e2f9035
chg: First batch of changes for strict typing
2024-01-30 12:51:23 +01:00
Raphaël Vinot
3a74ca8704
chg: Update typing to please lief
2024-01-22 13:45:25 +01:00
Raphaël Vinot
0562c63cec
chg: Initial changes to use new annotations
2024-01-17 13:28:51 +01:00
Raphaël Vinot
2dcb5f1efa
fix: Update calls to getStringStream to the public method
2023-11-17 13:21:18 +01:00
Raphaël Vinot
5b0b4c65e2
fix: Allow object-relation names with uppercase characters defined in the templates
2023-10-04 11:46:49 +02:00
Raphaël Vinot
dc315f3f5c
fix: Push code changes related to deps upgrade...
2023-07-31 11:59:00 +02:00
Raphaël Vinot
ec170103cb
fix: Extra print breaking the CI on MISP side
2023-05-12 16:06:26 +02:00
Raphaël Vinot
5f698a1247
fix: properly use lief on a file
2023-05-12 11:58:38 +02:00
Raphaël Vinot
0ac719fd7c
chg: Remove old setup files, bump deps.
2023-05-11 17:48:01 +02:00
Raphaël Vinot
75435df663
fix: Update lief code to v0.13
2023-04-19 11:47:41 +03:00
CarlosLoureiro
b4331c9761
Update reportlab_generator.py
2023-03-26 11:12:45 +02:00
Raphaël Vinot
070472fd9a
chg: Bump deps
2023-03-08 14:24:47 +02:00
Raphaël Vinot
5e9433206e
fix: Remove reference to old pydeep
...
Fix #914
2023-02-06 20:43:47 +01:00
Raphaël Vinot
024283ba01
new: Add relationship_type in Tag entries for feeds
2023-01-13 20:49:53 +01:00
Raphaël Vinot
fc7f273f76
fix: issue with EMailObject
2022-11-09 13:44:36 +01:00
Raphaël Vinot
fd05292d7c
chg: Bump mypy
2022-11-09 13:29:06 +01:00
Raphaël Vinot
b251d70164
fix: Properly convert MSG to EML
2022-07-21 16:31:03 +02:00
Raphaël Vinot
3882ade918
chg: Bump deps
2022-07-21 11:18:00 +02:00
Raphaël Vinot
63d402b358
chg: Make mypy happy
2022-06-16 13:15:27 +02:00
malvidin
cfded6e8bb
Fix multiple_space warning
2022-06-16 09:44:25 +02:00
malvidin
2b98616982
Option to include more URLObject attributes
...
Add publicsuffixlist faup for URLObject Windows support
URLObject with PSLFaup prefers IP to host/domain
2022-06-16 09:38:39 +02:00
Sami Tainio
25fb7b5a28
chg: Removed a whitespace
2021-11-01 13:41:51 +02:00
Sami Tainio
8772c1fa5e
new: Add Blind Carbon Copy (bcc) headers
2021-11-01 13:35:39 +02:00
Raphaël Vinot
a16aa03872
chg: Keep strict and generate attributes when needed
2021-10-28 16:29:27 -04:00
Thomas Dupuy
c82dd6848f
chg: Unified constructors
2021-10-27 14:27:38 -04:00
Raphaël Vinot
54d38df6dc
fix: message_from_bytes really dislikes newline at the beginning of a mail
2021-09-30 11:16:03 +02:00
Sami Tainio
f6c8e2ad0d
Remove unicode to ascii parts
2021-09-28 16:42:15 +03:00
Sami Tainio
2fb354a938
Fix #787 and add Unicode to ASCII function
...
Fix #787
- Uses regex to pick up the hostnames/domains from the "Received: from" headers.
Unicode to ASCII function
- Spam messages more often than not contain junk text as unicode characters in the headers. The "from" and "subject" headers being the most common ones. Before this change the script would error on such emails or sometimes replace the unicode characters with questionmarks "?".
- Function takes argument as an input and then encodes it in ascii while ignoring any malformed data. It then returns an ASCII string without the unicode characters.
- Currently implemented for "from" and "subject" handling.
2021-09-28 14:50:17 +03:00
Raphaël Vinot
d44847b63a
fix: skip IPs in Received header
...
Related: #787
2021-09-27 10:27:14 +02:00
Raphaël Vinot
9fc4d90454
new: Add few keys to email object creator
...
Fix #787
2021-09-23 17:10:27 +02:00
iglocska
95f20939f2
Revert "chg: Remove legacy stix converter."
...
This reverts commit 94ce4a367b
.
- breaks misp-stix converter, reverting it for now, let's find a way to deprecate this without outright removing it
2021-06-23 12:19:04 +02:00
Raphaël Vinot
3252361b3c
fix: Skip nameless sections in ELF
...
Related: #678
2021-03-16 17:56:06 +01:00
Raphaël Vinot
2734224958
chg: Raise exception on missing template in CSVLoader
...
Related: #714
2021-03-05 19:33:27 +01:00
Raphaël Vinot
94ce4a367b
chg: Remove legacy stix converter.
2021-03-01 15:10:56 +01:00
Raphaël Vinot
d0a050263e
fix: Do not add the serial-number twice.
...
Related: #678
2021-02-16 18:34:58 +01:00
Raphaël Vinot
4730452ce0
fix: Skip PE section if name is none AND size is 0.
...
Related: #678
2021-02-15 16:11:18 +01:00
Raphaël Vinot
78ead2f49e
chg: Disable correlation on malware-sample for FileObject
2021-02-01 12:17:28 +01:00
Raphaël Vinot
c41a2f1549
chg: Remove critical warning if lief is not installed
...
Fix https://github.com/MISP/MISP/issues/6908
2021-01-26 13:14:03 +01:00
Raphaël Vinot
c5c1d84bcf
fix: Better warning if lief is outdated.
2021-01-21 11:55:30 +01:00
Raphaël Vinot
76c4f92c17
chg: Use lief 0.11.0, generate authenticode entries
2021-01-19 15:44:58 +01:00
Raphaël Vinot
de6125a623
fix: Do not fail if extract_msg is missing
2021-01-11 14:57:22 +01:00
Raphaël Vinot
fa95c9d84f
fix: Properly decode the body depending on the encoding of the email
...
Fix #671
2021-01-11 14:15:34 +01:00
Raphaël Vinot
c50bbd5d1c
chg: Add controller argument to get_csv script
2021-01-11 11:49:12 +01:00