Commit Graph

221 Commits (48b96d5a5e93bbcb5234e443885e20269441aed4)

Author SHA1 Message Date
Johannes Bader cb3b655463 fix: Correct FileObject import
The FileObject import has been moved outside the try-except-block
related to lief, as the import is needed regardless whether lief
is available or not.
2024-02-27 16:38:19 +01:00
Raphaël Vinot e6cb8552c5 fix: Properly get body from message, without headers 2024-02-12 11:41:08 +01:00
Raphaël Vinot b5b4a5ef52 fix: More fixes to support responses from MISP 2024-02-01 17:24:24 +01:00
Raphaël Vinot 8fb34a2892 fix: Import FileObject as needed. 2024-02-01 14:56:57 +01:00
Raphaël Vinot 1da0d5adc1 chg: Add more strict typing, not done yet. 2024-02-01 14:40:12 +01:00
Raphaël Vinot 9853f23683 chg: Add a bunch more typing. 2024-01-31 15:20:31 +01:00
Raphaël Vinot ca0fb8dc99 chg: Use typing info of lief 2024-01-31 12:59:49 +01:00
Raphaël Vinot 298e2f9035 chg: First batch of changes for strict typing 2024-01-30 12:51:23 +01:00
Raphaël Vinot 3a74ca8704 chg: Update typing to please lief 2024-01-22 13:45:25 +01:00
Raphaël Vinot 0562c63cec chg: Initial changes to use new annotations 2024-01-17 13:28:51 +01:00
Raphaël Vinot 2dcb5f1efa fix: Update calls to getStringStream to the public method 2023-11-17 13:21:18 +01:00
Raphaël Vinot 5b0b4c65e2 fix: Allow object-relation names with uppercase characters defined in the templates 2023-10-04 11:46:49 +02:00
Raphaël Vinot dc315f3f5c fix: Push code changes related to deps upgrade... 2023-07-31 11:59:00 +02:00
Raphaël Vinot ec170103cb fix: Extra print breaking the CI on MISP side 2023-05-12 16:06:26 +02:00
Raphaël Vinot 5f698a1247 fix: properly use lief on a file 2023-05-12 11:58:38 +02:00
Raphaël Vinot 0ac719fd7c chg: Remove old setup files, bump deps. 2023-05-11 17:48:01 +02:00
Raphaël Vinot 75435df663 fix: Update lief code to v0.13 2023-04-19 11:47:41 +03:00
CarlosLoureiro b4331c9761
Update reportlab_generator.py 2023-03-26 11:12:45 +02:00
Raphaël Vinot 070472fd9a chg: Bump deps 2023-03-08 14:24:47 +02:00
Raphaël Vinot 5e9433206e fix: Remove reference to old pydeep
Fix #914
2023-02-06 20:43:47 +01:00
Raphaël Vinot 024283ba01 new: Add relationship_type in Tag entries for feeds 2023-01-13 20:49:53 +01:00
Raphaël Vinot fc7f273f76 fix: issue with EMailObject 2022-11-09 13:44:36 +01:00
Raphaël Vinot fd05292d7c chg: Bump mypy 2022-11-09 13:29:06 +01:00
Raphaël Vinot b251d70164 fix: Properly convert MSG to EML 2022-07-21 16:31:03 +02:00
Raphaël Vinot 3882ade918 chg: Bump deps 2022-07-21 11:18:00 +02:00
Raphaël Vinot 63d402b358 chg: Make mypy happy 2022-06-16 13:15:27 +02:00
malvidin cfded6e8bb Fix multiple_space warning 2022-06-16 09:44:25 +02:00
malvidin 2b98616982 Option to include more URLObject attributes
Add publicsuffixlist faup for URLObject Windows support
URLObject with PSLFaup prefers IP to host/domain
2022-06-16 09:38:39 +02:00
Sami Tainio 25fb7b5a28
chg: Removed a whitespace 2021-11-01 13:41:51 +02:00
Sami Tainio 8772c1fa5e
new: Add Blind Carbon Copy (bcc) headers 2021-11-01 13:35:39 +02:00
Raphaël Vinot a16aa03872 chg: Keep strict and generate attributes when needed 2021-10-28 16:29:27 -04:00
Thomas Dupuy c82dd6848f chg: Unified constructors 2021-10-27 14:27:38 -04:00
Raphaël Vinot 54d38df6dc fix: message_from_bytes really dislikes newline at the beginning of a mail 2021-09-30 11:16:03 +02:00
Sami Tainio f6c8e2ad0d
Remove unicode to ascii parts 2021-09-28 16:42:15 +03:00
Sami Tainio 2fb354a938
Fix #787 and add Unicode to ASCII function
Fix #787
- Uses regex to pick up the hostnames/domains from the "Received: from" headers.

Unicode to ASCII function
- Spam messages more often than not contain junk text as unicode characters in the headers. The "from" and "subject" headers being the most common ones. Before this change the script would error on such emails or sometimes replace the unicode characters with questionmarks "?".
- Function takes argument as an input and then encodes it in ascii while ignoring any malformed data. It then returns an ASCII string without the unicode characters.
- Currently implemented for "from" and "subject" handling.
2021-09-28 14:50:17 +03:00
Raphaël Vinot d44847b63a fix: skip IPs in Received header
Related:  #787
2021-09-27 10:27:14 +02:00
Raphaël Vinot 9fc4d90454 new: Add few keys to email object creator
Fix #787
2021-09-23 17:10:27 +02:00
iglocska 95f20939f2
Revert "chg: Remove legacy stix converter."
This reverts commit 94ce4a367b.

- breaks misp-stix converter, reverting it for now, let's find a way to deprecate this without outright removing it
2021-06-23 12:19:04 +02:00
Raphaël Vinot 3252361b3c fix: Skip nameless sections in ELF
Related: #678
2021-03-16 17:56:06 +01:00
Raphaël Vinot 2734224958 chg: Raise exception on missing template in CSVLoader
Related: #714
2021-03-05 19:33:27 +01:00
Raphaël Vinot 94ce4a367b chg: Remove legacy stix converter. 2021-03-01 15:10:56 +01:00
Raphaël Vinot d0a050263e fix: Do not add the serial-number twice.
Related: #678
2021-02-16 18:34:58 +01:00
Raphaël Vinot 4730452ce0 fix: Skip PE section if name is none AND size is 0.
Related: #678
2021-02-15 16:11:18 +01:00
Raphaël Vinot 78ead2f49e chg: Disable correlation on malware-sample for FileObject 2021-02-01 12:17:28 +01:00
Raphaël Vinot c41a2f1549 chg: Remove critical warning if lief is not installed
Fix https://github.com/MISP/MISP/issues/6908
2021-01-26 13:14:03 +01:00
Raphaël Vinot c5c1d84bcf fix: Better warning if lief is outdated. 2021-01-21 11:55:30 +01:00
Raphaël Vinot 76c4f92c17 chg: Use lief 0.11.0, generate authenticode entries 2021-01-19 15:44:58 +01:00
Raphaël Vinot de6125a623 fix: Do not fail if extract_msg is missing 2021-01-11 14:57:22 +01:00
Raphaël Vinot fa95c9d84f fix: Properly decode the body depending on the encoding of the email
Fix #671
2021-01-11 14:15:34 +01:00
Raphaël Vinot c50bbd5d1c chg: Add controller argument to get_csv script 2021-01-11 11:49:12 +01:00