Commit Graph

350 Commits (8f747c0f9e74655af938feb3febc6e3199ee82cf)

Author SHA1 Message Date
Alexandre Dulaunoy abb284d56d
Update settings.default.py - tags not tag
tags is now an array
2023-05-19 10:12:42 +02:00
Raphaël Vinot 65313880cf fix: Properly handle missing parameter in CSV importer
Fix #931
2023-02-20 14:28:01 +01:00
Julien Mongenet 2eef5968f9
Creation fo "add_attributes_from_csv.py"
The file aims to ingest a formated CSV file containing attributes for MISP ingestion.
2022-10-10 22:32:24 +02:00
Sami Mokaddem 2418373c1f
new: [example:copyTagsFromAttributesToEvent] Added script to copy tags from attributes to the event level 2022-04-26 08:43:39 +02:00
Félix Herrenschmidt 15a3c67235
Create add_filetype_object_from_csv.py 2022-02-03 16:56:50 +01:00
Alexandre Dulaunoy 02bc129341
chg: [feeds] FIPS: when MD5 hashes are generated for fast-lookup it's not for security.
hashlib provides an option to tell if the hash is used for security or
not. By default, it's set to True. For the feed cache generation, it's
not. Then usedforsecurity=False

Ref: https://csrc.nist.gov/csrc/media/publications/fips/140/2/final/documents/fips1402annexa.pdf
2022-01-27 15:20:57 +01:00
deku c8d633f15b Add feed option for local tag exclusion #817 2022-01-19 21:30:30 +00:00
Christophe Vandeplas 79f4107b7f fix: [feed-generator] fix missing except type 2021-11-29 16:16:54 +01:00
Christophe Vandeplas a9970d3078 chg: [feed-generator] support for distribution and sharing groups 2021-11-29 15:54:34 +01:00
Alexandre Dulaunoy 72fb17c350
Merge pull request #806 from MISP/feature-feedgenerator-exclude-malwares
Feature feedgenerator exclude malwares
2021-11-17 15:08:41 +01:00
Sami Mokaddem 57de6de139
chg: [feed-generator] Make the feature to exlude attribute type more generic 2021-11-17 12:38:25 +01:00
Sami Mokaddem 820eb77cff
fix: [feed-generator] Revert back the event initial search to use the index endpoint instead of RestSearch
Relying on RestSearch was offering more flexibility than index in terms of filtering options,
however, it might introduce a significant overhead potentially leading to timeout.
2021-11-17 12:35:26 +01:00
Sami Mokaddem 93cff2e50e
chg: [feed-generator] Added exclude malware samples option 2021-11-05 11:37:10 +01:00
Steve Clement 823553e389
Merge remote-tracking branch 'upstream/main' into main 2021-10-01 13:56:03 +09:00
Steve Clement 601d708c72
chg: [py] Typo 2021-10-01 13:55:16 +09:00
Raphaël Vinot 3072dac568 fix: name is passed to super 2021-09-22 11:47:14 +02:00
Raphaël Vinot 309eb3e8ab fix: Do not create empty manifest, json load dislikes it. 2021-09-22 10:14:56 +02:00
Raphaël Vinot 7379d82734 fix: Initial round of cleanup on redis feed generator 2021-09-22 10:10:51 +02:00
Steve Clement bb921533fa
chg: [doc] Minor fixes, note and typo 2021-09-22 15:53:07 +09:00
Raphaël Vinot fa536ee41e fix: revert rename, fix mypy 2021-06-21 11:39:08 -07:00
Raphaël Vinot 481284dc12 chg: Update mypy, change accordingly 2021-06-21 11:20:41 -07:00
Silvian I 650c87a534 Fix misp API response content parsing 2021-05-27 11:31:16 +02:00
Raphaël Vinot 9e3c75c48c fix: remove search_all example, use search instead. 2021-05-11 07:25:33 -07:00
Nick 9edd1e7529 Removed unused import 2021-02-18 11:33:34 -05:00
Nick 05d4da46a5 supress ssl warnings 2021-02-17 15:10:21 -05:00
Nick 60ba858527 re-added error checking for defaults 2021-02-17 15:06:25 -05:00
Nick 5ee18d433f deleted all references to org as it's unneeded 2021-02-17 15:01:13 -05:00
Nick 1b55d265b8 re-added brackets 2021-02-17 14:58:54 -05:00
Nick a6dde5e4e1 Multiple updates to proofpoint example
- Added additionally necessary keys to keys.py.example
- Added error check for unset keys
- Used built-in HTTP Basic Auth for requests instead of manually-created header
- Removed setting of orgc as that's pulled from the MISP key being used
-
2021-02-17 14:57:59 -05:00
Nick f5a9d5924d removed cast of str to str 2021-02-17 12:09:01 -05:00
Nick 694c4b72ee Added check for invalid creds
Without the added check, the script will error out on line 29 since the key doesn't exist in the dict.  This at least gives a reason.
2021-02-17 12:07:11 -05:00
Raphaël Vinot 4962e5c1b2 chg: Add authenticode support in generate_file_objects 2021-01-19 16:18:28 +01:00
Raphaël Vinot 76c4f92c17 chg: Use lief 0.11.0, generate authenticode entries 2021-01-19 15:44:58 +01:00
Raphaël Vinot c50bbd5d1c chg: Add controller argument to get_csv script 2021-01-11 11:49:12 +01:00
Raphaël Vinot bbc68f4f2d
Merge pull request #664 from kuselfu/main
update vmray_automation
2020-11-30 14:40:13 +01:00
Jens Thom 0b9781b4da update `vmray_automation` to stay compatible with the changes made to `vmray_import` MISP modules 2020-11-30 12:11:44 +01:00
Raphaël Vinot 8f0f75720b chg: Add path to CSV sample files
Related: #502
2020-11-24 11:28:36 +01:00
Alexandre Dulaunoy ff7ed7a838
new: [add_gitlab_user] new gitlab user fetch script to MISP object
usage: add_gitlab_user.py [-h] -e EVENT [-f] -u USERNAME [-l LINK]

Fetch GitLab user details and add it in object in MISP

optional arguments:
  -h, --help            show this help message and exit
  -e EVENT, --event EVENT
                        Event ID to update
  -f, --force-template-update
  -u USERNAME, --username USERNAME
                        GitLab username to add
  -l LINK, --link LINK  Url to access the GitLab instance, Default is
                        www.gitlab.com.
2020-10-07 12:41:03 +02:00
garanews d5209776c7
fix PyMISP repo URL
MISP/PyMISP vs  CIRCL/PyMISP
2020-10-05 17:14:25 +02:00
garanews cd785aab09 fix typo
fix typo
2020-10-01 13:45:29 +02:00
Alexandre Dulaunoy 0e0424fa30
chg: [add_github_user] add ssh keys of the user in the MISP object 2020-09-17 10:36:54 +02:00
Alexandre Dulaunoy 156d5564e8
chg: [add_github_user] more fields added from the GitHub API 2020-09-17 07:40:13 +02:00
Alexandre Dulaunoy 13995e1eca
chg: [add_github_user] add following to the MISP object 2020-09-16 21:40:34 +02:00
Raphaël Vinot 3fccd106a0 chg: Pass a list to add_attributes 2020-09-16 21:08:02 +02:00
Raphaël Vinot 808e8132f2 chg: Use MISPObject instead of GenericObjectGenerator 2020-09-16 20:58:57 +02:00
Alexandre Dulaunoy b9ee5c69bb
new: [example] add_github_user example - WiP
usage: add_github_user.py [-h] -e EVENT [-f] -u USERNAME

Fetch GitHub user details and add it in object in MISP

optional arguments:
  -h, --help            show this help message and exit
  -e EVENT, --event EVENT
                        Event ID to update
  -f, --force-template-update
  -u USERNAME, --username USERNAME
                        GitHub username to add
2020-09-16 17:36:37 +02:00
Raphaël Vinot 781161f82c fix: Wrong call to pymisp.search_index 2020-09-15 16:56:21 +02:00
Raphaël Vinot 0639c1773d chg: Remove outdated example
Fix #611
2020-07-30 11:47:34 +02:00
Raphaël Vinot 945752ea32 fix: Example using deprecated calls
fix #602
2020-07-22 12:18:35 +02:00
Raphaël Vinot 6cd0c70679 fix: dummy event example
Fix #598
2020-07-16 11:30:47 +02:00