Raphaël Vinot
202519b0ac
Merge pull request #518 from goodlandsecurity/trustar-integration
...
Trustar integration
2020-01-24 11:39:38 +01:00
Raphaël Vinot
b0e95fd5af
chg: Refactorize typing, validate
2020-01-23 10:27:40 +01:00
turtlefac3
d41e0d9b30
fixed trailing lines
2020-01-17 13:51:53 -06:00
turtlefac3
42ddaaf10d
fixed trailing lines
2020-01-17 13:50:50 -06:00
turtlefac3
d7cbbc707e
custom integration written in python to scrape Proofpoint VAP API for metrics of top Very Attacked Persons and create MISP events
2020-01-17 13:44:10 -06:00
th3jiv3r
ded30d42e0
scrape trustar intel platform reports and create misp events
2020-01-15 13:19:43 -06:00
th3jiv3r
2b1cc6e616
configuration for trustar integration
2020-01-15 13:17:57 -06:00
Raphaël Vinot
33f3fe4c77
Merge pull request #514 from goodlandsecurity/proofpoint-tap-integration
...
Proofpoint tap integration
2020-01-15 16:43:38 +01:00
AaronK
a5ac29a68b
Update README.md
...
minor typo
2020-01-15 16:30:07 +01:00
th3jiv3r
6000364d56
fixed TODO, added quarantineFolder/quarantineRule from messagesBlocked, added some error handling to prevent empty attributes from trying to be added
2020-01-14 14:34:52 -06:00
th3jiv3r
7dfb2003ab
scrape proofpoint tap api for messages blocked/delivered & clicks blocked/permitted and create misp events
2020-01-13 14:49:09 -06:00
th3jiv3r
c439b50766
add variable for proofpoint tap api auth
2020-01-13 14:47:59 -06:00
Raphaël Vinot
2e7215bbec
fix: Add missing variable in dummy creator
2020-01-13 11:51:58 +01:00
Raphaël Vinot
5d58c4f249
chg: Upate dummy events creator
2020-01-13 11:39:20 +01:00
Raphaël Vinot
12766afd0c
fix: et2misp was python2 only
2020-01-03 15:42:41 +01:00
Raphaël Vinot
0f59cf1ba5
Merge pull request #511 from AndreC10002/patch-1
...
Define the number of entries to output
2020-01-03 13:19:49 +01:00
AndreC10002
cd659614ed
Update generate.py
2020-01-02 14:03:52 -05:00
AndreC10002
196869ce71
Define the number of entries to output
...
Allow for defining in the settings.py file the number of entries to output
2020-01-02 14:01:07 -05:00
Alexandre Dulaunoy
5493881d52
Merge branch 'master' of https://github.com/cudeso/PyMISP into cudeso-master
2019-12-27 17:33:06 +01:00
Koen Van Impe
ca2049e9ae
Cleanup of code and 'quick-n-dirty' sanitizing of tags
2019-12-27 16:19:51 +01:00
Raphaël Vinot
4e50f58a74
fix: Feed generator was broken
...
Fix #506
2019-12-24 00:16:10 +01:00
Raphaël Vinot
85b9c92313
fix: Event without hashable attribute
...
Related #506
2019-12-23 21:32:21 +01:00
Raphaël Vinot
062aa30c0e
fix: Make sure the publish timestamp is bumped on update
2019-12-11 22:54:54 +01:00
Raphaël Vinot
5ce8b0a1c9
chg: Fix typo
2019-12-10 17:28:00 +01:00
Raphaël Vinot
056cab15a0
chg: Move scrippsco2 feed generator to a sub directory
2019-12-10 16:39:24 +01:00
Raphaël Vinot
260d730b5a
new: Script to generate the metadata of a feed out of a directory
2019-11-22 17:43:08 +01:00
Raphaël Vinot
6098cd869f
chg: Make the feed generator more generic
2019-11-22 17:36:24 +01:00
Raphaël Vinot
5ebaca3b52
chg: Use New version of PyMISP in the feed generator
2019-11-20 12:50:28 +01:00
Jean-Louis Huynen
36ad91cb64
fix: [examples] typo uuid.
...
give me a hoodie.
2019-10-30 15:47:10 +01:00
wotschel
97109f5e3c
Added example for checking sync servers
2019-10-30 10:50:50 +01:00
Raphaël Vinot
d55a5f90de
Merge pull request #480 from cudeso/master
...
Include to_ids and replace newlines in title
2019-10-16 15:36:57 +02:00
Koen Van Impe
4b08b9baa4
Include to_ids and replace newlines in title
2019-10-16 00:19:12 +02:00
Raphaël Vinot
02659a5782
chg: Add support for rapidjson, refactoring and code cleanup.
2019-10-09 16:07:40 +02:00
Koen Van Impe
5b7eeaa8ab
Code cleanup
2019-09-26 20:50:53 +02:00
Koen Van Impe
0e68071ef2
Update type and code cleanup
2019-09-26 20:46:31 +02:00
Koen Van Impe
edaae39bc8
List all the sightings - show_sightings.py
2019-09-26 20:31:05 +02:00
Koen Van Impe
c8e9aa47d5
Disable to_ids based on false positive sightings reporting
2019-09-24 20:59:46 +02:00
Campbell McKenzie
0fad4d9640
Make client_certs out of the box friendly
2019-09-12 12:42:22 +10:00
Raphaël Vinot
9df636cd37
chg: Update upload malware/attachment example script
...
Fix #447
Make data at attibute level more generic with getter/setter methods
2019-09-04 13:59:25 +02:00
Koen Van Impe
f063457261
Include date_from & date_to in subject and report content
2019-08-16 15:11:43 +02:00
Koen Van Impe
c149886a88
Allow statistics date_from date_to
...
- date_from + date_to
- move misp object creation after argument parser
2019-08-16 14:55:59 +02:00
Koen Van Impe
3d2930db12
Allow to supply mail options as arguments on command line
2019-08-14 08:46:11 +02:00
Maxime Thiebaut
e912b3ff93
Fix stats_report example to use ExpandedPyMISP
...
The stats_report example relied on deprecated functions making it crash.
This has been fixed by upgrading to ExpandedPyMISP. Further checks have
been introduced to ensure used dictionnary keys do exist as the example
also crashed on clean MISP instances due to empty responses.
2019-08-12 13:44:10 +02:00
kovacsbalu
f3cb8c89a6
Remove unused line
2019-07-25 08:08:17 +02:00
kovacsbalu
98610fbafc
Fix tag help text
...
Minor pycodestyle
2019-07-25 07:55:25 +02:00
Raphaël Vinot
b5226a959c
fix: Rename filename
2019-07-23 16:47:32 +02:00
Raphaël Vinot
03a7de794a
new: [example] Script to load datasets from Scripps CO2
2019-07-23 16:46:28 +02:00
Raphaël Vinot
1dce91af8f
chg: [examples] pythonify properly when needed
2019-07-22 12:41:27 +02:00
Raphaël Vinot
7bd130b506
chg: [tests] Toggle pythonify in create_massive_dummy_events
2019-07-22 12:32:03 +02:00
github-pba
969a9618cc
Fix for issue 420
2019-07-18 08:45:55 +02:00
Raphaël Vinot
e357ec91e9
Merge branch 'master' of github.com:MISP/PyMISP
2019-07-17 16:47:19 +02:00
Raphaël Vinot
6a48faab73
chg: Bump examples to python3
2019-07-17 16:46:47 +02:00
Raphaël Vinot
c9d58dad8a
chg: Deprecate everything in PyMISP
2019-07-17 11:44:55 +02:00
Koen Van Impe
71b72f8026
Create statistical reports for MISP
...
PyMISP script to run every x-days to get an overview of new
events/attributes ; MISP-Galaxies ; MITRE ; Tags
Output of report is on screen or sent via e-mail ; all stats attached
as CSV
2019-07-13 00:06:37 +02:00
Raphaël Vinot
e0fac90310
new: Allow to pass delimiter & quotechar to the CSV loader
2019-07-02 11:55:51 +02:00
Alexandre Dulaunoy
3e70a90b0d
chg: [last] You can now paginate over multiple results in the last example command
...
You can do stuff like this:
python3 last.py -l 48h -m 10 -p 2 | jq .[].Event.info
which means the last 10 events on second page which are between a
time range of 0 and 48 hours.
2019-06-24 15:55:01 +02:00
Steve Clement
b871ea2bf0
new: [example] Added edit_organisation examples.
2019-06-17 10:36:49 +09:00
Steve Clement
54a2e8657a
fix: [perms] Added try/except for various permission conditions, also create the output dir if not exist
...
fix: [try/except] Catch Ctrl-c keyboard interrupt
fix: [style] isort imports
2019-06-03 14:06:19 +09:00
Koen Van Impe
c6d4d21025
Sync sightings between MISP servers
...
Sync sightings between MISP servers
Sync from multiple clients to one authoritative MISP instance.
To be run from cron
(blog docu coming)
2019-05-29 17:00:13 +02:00
iglocska
4bd9180951
fix: [feed generator] Added missing fields
2019-05-22 16:30:36 +02:00
Raphaël Vinot
3b56b218b5
new: Object generator for ssh authorized_keys files.
2019-05-20 16:40:47 +02:00
Jeroen Pinoy
309b767864
Added includeWarninglistHits as a possible filter for the event level restsearch.
2019-05-12 01:08:21 +02:00
Koen Van Impe
d016571336
Use misp_verifycert flag
2019-05-06 18:01:29 +02:00
Koen Van Impe
38a2903fc9
Take 'to_ids' setting in account and PEP8 checks
...
- Include check if 'to_ids' is included in the data returned from the
import module
- PEP8 checks
2019-05-06 17:31:52 +02:00
Koen Van Impe
0f49b27794
Automation script that links vmray_submit and vmray_import
...
Import finished VMRay tasks ; add attributes to event
Makes use of the 'incomplete' workflow taxonomy
Needs to be put in a cronjob to run in the background
2019-05-01 22:48:07 +02:00
Raphaël Vinot
e5a42b812f
new: Add CSV loader
...
Fix #376
2019-04-03 16:28:31 +02:00
Raphaël Vinot
1e060f669f
new: Helper to create MISP Objects for regcheck.org.uk
2019-04-02 17:13:07 +02:00
Raphaël Vinot
b9d865b756
fix: Use new API in get_csv.py
...
Fix #314
2019-01-03 11:48:53 +01:00
Raphaël Vinot
4c9e6d0ec8
fix: Create massive event using ExpandedPyMISP
2018-12-26 18:28:33 +01:00
Alexandre Dulaunoy
10ccd637d9
chg: [test] set a default distribution for massive event creation
2018-12-24 20:46:26 +01:00
garanews
35b6fc3cb5
fix for last pymisp version
2018-12-04 16:08:00 +00:00
Raphaël Vinot
444a9f5755
Merge branch 'master' into sightingAPI
2018-10-31 16:42:30 +01:00
Christophe Vandeplas
60575d4cf6
fix: readme update + python3 + pep8
...
align python path to readme specifying python3
2018-10-28 13:01:26 +01:00
Sami Mokaddem
26b601e63b
new: [example] Added sighting rest search example
2018-10-23 18:46:15 +02:00
juju4
bcb963da64
align examples on custom usage of misp_verifycert
2018-10-14 13:26:03 -04:00
Sami Mokaddem
7195a19a3e
fix: prevent checking length on a integer
2018-10-12 14:04:54 +02:00
Sami Mokaddem
186ad41381
new: [freedFromRedis] try to create an object/attribute out of the incoming data even if not added with the helper
2018-10-11 10:17:23 +02:00
Deborah Servili
515857c37c
Fix print
2018-08-30 12:09:55 +02:00
Alexandre Dulaunoy
d13f6fb0c0
fix: [search.py] more example of query type added
2018-08-23 10:02:00 +02:00
Christophe Vandeplas
9999801904
yara_dump - fixed private rules causing issues
2018-07-19 12:31:05 +02:00
Raphaël Vinot
e568a0cf00
fix: Typo in the *feed methods
2018-04-26 14:43:21 +02:00
Andras Iklody
78d2ac5778
Added missing field to feed generator
2018-04-23 09:12:31 +02:00
Sami Mokaddem
24964989b3
typo
2018-03-30 08:30:11 +02:00
Sami Mokaddem
b2d8ce83ce
Changed shebang to python3
2018-03-30 08:15:09 +02:00
Raphaël Vinot
f937e844dd
chg: Make object helpers more generic, cleanup.
2018-03-27 14:57:12 +02:00
Raphaël Vinot
8125b073a1
chg: Update fail2ban helper & example
2018-03-27 10:29:57 +02:00
Raphaël Vinot
fbe3687833
Merge pull request #212 from aparriel/fix_add_named_attribute_regression
...
Fix add named attribute regression
2018-03-27 10:00:49 +02:00
Philippe Langlois
1b9c70028f
Example of specifying special attribute type in your search: here yara attribute
2018-03-26 18:17:10 +02:00
user
1503508c16
Fix add_named_attribute regression, update add_named_attribute.py example
2018-03-26 17:37:02 +02:00
Raphaël Vinot
0c3d7ca480
fix: typo
2018-03-26 17:10:31 +02:00
Raphaël Vinot
9e44ec6616
fix: Properly create fail2ban object
2018-03-26 17:03:16 +02:00
Raphaël Vinot
22c874e479
fix: Add Info field to the event
2018-03-26 13:58:33 +02:00
Raphaël Vinot
8ebb963adf
new: add preliminary fail2ban object
2018-03-26 12:07:40 +02:00
Raphaël Vinot
5c6314c45c
new: Add email object generator
2018-03-18 23:21:29 +01:00
Sami Mokaddem
fdd9833cd0
Update README.md
...
Replaced WHAT by Description
2018-03-13 17:26:55 +01:00
Sami Mokaddem
cd85238b29
Update README.md
...
Added example of flush operation
2018-03-13 17:24:19 +01:00
Alexandre Dulaunoy
ba98c71abc
Merge pull request #204 from mokaddem/redis-feed-generator
...
Realtime feed generator
2018-03-12 17:07:57 +01:00
Sami Mokaddem
6553519e3b
Added more examples
2018-03-12 16:55:21 +01:00
Sami Mokaddem
364d685e0c
Added usage in README
2018-03-12 16:40:06 +01:00
Sami Mokaddem
91262662c4
Added MISPItemToRedis and updated readme accordingly
2018-03-12 16:13:34 +01:00