Commit Graph

347 Commits (c5fcfbad701e5c1ebed0ea9f9ff9eb8e8b926117)

Author SHA1 Message Date
Raphaël Vinot 12e05fd0ce chg: Remove old suricata script, keep reference to old code. 2020-04-02 14:04:39 +02:00
Raphaël Vinot c6656a1a2e chg: Add option to aggregare by country 2020-03-24 13:25:41 +01:00
Raphaël Vinot a9ad33e8e3 Merge branch 'master' of github.com:MISP/PyMISP 2020-03-20 09:54:09 +01:00
Raphaël Vinot c0b2369922 chg: [CSSE COVID] Publish the event immediately. 2020-03-20 09:53:40 +01:00
Sebastian Wagner 240b1e1617
dos2unix examples/stats_report.py 2020-03-17 15:45:07 +01:00
Koen Van Impe b4e17a8d02 Cytomic Orion API access 2020-03-11 14:34:13 +01:00
Koen Van Impe 3b38de3455 Add organisations from CSV 2020-03-11 14:17:05 +01:00
Koen Van Impe 65e4e3b4ec Minor updates to vmray_automation for travis 2020-03-11 14:07:44 +01:00
Koen Van Impe 6616561e96 VMRay Automation with ExpandedPyMISP 2020-03-11 14:00:34 +01:00
Raphaël Vinot 67442dd503 new: Add import script for dxy data 2020-03-02 00:13:53 +01:00
Raphaël Vinot 2cb90bc826 chg: Add tag, set distribution, add file and source (CSSE importer) 2020-02-29 02:10:20 +01:00
Raphaël Vinot a57b8aeeb4 new: csse covid19 daily report importer 2020-02-29 01:33:03 +01:00
Raphaël Vinot 43838d3034 new: Admin script to setup a sync server 2020-02-20 15:39:19 +01:00
Raphaël Vinot 337d9a6306 chg: More flexible when an event is in a weird state. 2020-02-05 13:28:11 +01:00
Manabu Niseki 2c491b237a chore: delete old examples
Delete examples which use deprecated/deleted methods
2020-01-30 07:35:30 +09:00
Raphaël Vinot 97d960883c chg: Trustar example uses objects 2020-01-24 13:17:48 +01:00
Raphaël Vinot 202519b0ac
Merge pull request #518 from goodlandsecurity/trustar-integration
Trustar integration
2020-01-24 11:39:38 +01:00
Raphaël Vinot b0e95fd5af chg: Refactorize typing, validate 2020-01-23 10:27:40 +01:00
turtlefac3 d41e0d9b30 fixed trailing lines 2020-01-17 13:51:53 -06:00
turtlefac3 42ddaaf10d fixed trailing lines 2020-01-17 13:50:50 -06:00
turtlefac3 d7cbbc707e custom integration written in python to scrape Proofpoint VAP API for metrics of top Very Attacked Persons and create MISP events 2020-01-17 13:44:10 -06:00
th3jiv3r ded30d42e0 scrape trustar intel platform reports and create misp events 2020-01-15 13:19:43 -06:00
th3jiv3r 2b1cc6e616 configuration for trustar integration 2020-01-15 13:17:57 -06:00
Raphaël Vinot 33f3fe4c77
Merge pull request #514 from goodlandsecurity/proofpoint-tap-integration
Proofpoint tap integration
2020-01-15 16:43:38 +01:00
AaronK a5ac29a68b
Update README.md
minor typo
2020-01-15 16:30:07 +01:00
th3jiv3r 6000364d56 fixed TODO, added quarantineFolder/quarantineRule from messagesBlocked, added some error handling to prevent empty attributes from trying to be added 2020-01-14 14:34:52 -06:00
th3jiv3r 7dfb2003ab scrape proofpoint tap api for messages blocked/delivered & clicks blocked/permitted and create misp events 2020-01-13 14:49:09 -06:00
th3jiv3r c439b50766 add variable for proofpoint tap api auth 2020-01-13 14:47:59 -06:00
Raphaël Vinot 2e7215bbec fix: Add missing variable in dummy creator 2020-01-13 11:51:58 +01:00
Raphaël Vinot 5d58c4f249 chg: Upate dummy events creator 2020-01-13 11:39:20 +01:00
Raphaël Vinot 12766afd0c fix: et2misp was python2 only 2020-01-03 15:42:41 +01:00
Raphaël Vinot 0f59cf1ba5
Merge pull request #511 from AndreC10002/patch-1
Define the number of entries to output
2020-01-03 13:19:49 +01:00
AndreC10002 cd659614ed
Update generate.py 2020-01-02 14:03:52 -05:00
AndreC10002 196869ce71
Define the number of entries to output
Allow for defining in the settings.py file the number of entries to output
2020-01-02 14:01:07 -05:00
Alexandre Dulaunoy 5493881d52
Merge branch 'master' of https://github.com/cudeso/PyMISP into cudeso-master 2019-12-27 17:33:06 +01:00
Koen Van Impe ca2049e9ae Cleanup of code and 'quick-n-dirty' sanitizing of tags 2019-12-27 16:19:51 +01:00
Raphaël Vinot 4e50f58a74 fix: Feed generator was broken
Fix #506
2019-12-24 00:16:10 +01:00
Raphaël Vinot 85b9c92313 fix: Event without hashable attribute
Related #506
2019-12-23 21:32:21 +01:00
Raphaël Vinot 062aa30c0e fix: Make sure the publish timestamp is bumped on update 2019-12-11 22:54:54 +01:00
Raphaël Vinot 5ce8b0a1c9 chg: Fix typo 2019-12-10 17:28:00 +01:00
Raphaël Vinot 056cab15a0 chg: Move scrippsco2 feed generator to a sub directory 2019-12-10 16:39:24 +01:00
Raphaël Vinot 260d730b5a new: Script to generate the metadata of a feed out of a directory 2019-11-22 17:43:08 +01:00
Raphaël Vinot 6098cd869f chg: Make the feed generator more generic 2019-11-22 17:36:24 +01:00
Raphaël Vinot 5ebaca3b52 chg: Use New version of PyMISP in the feed generator 2019-11-20 12:50:28 +01:00
Jean-Louis Huynen 36ad91cb64
fix: [examples] typo uuid.
give me a hoodie.
2019-10-30 15:47:10 +01:00
wotschel 97109f5e3c Added example for checking sync servers 2019-10-30 10:50:50 +01:00
Raphaël Vinot d55a5f90de
Merge pull request #480 from cudeso/master
Include to_ids and replace newlines in title
2019-10-16 15:36:57 +02:00
Koen Van Impe 4b08b9baa4 Include to_ids and replace newlines in title 2019-10-16 00:19:12 +02:00
Raphaël Vinot 02659a5782 chg: Add support for rapidjson, refactoring and code cleanup. 2019-10-09 16:07:40 +02:00
Koen Van Impe 5b7eeaa8ab Code cleanup 2019-09-26 20:50:53 +02:00
Koen Van Impe 0e68071ef2 Update type and code cleanup 2019-09-26 20:46:31 +02:00
Koen Van Impe edaae39bc8 List all the sightings - show_sightings.py 2019-09-26 20:31:05 +02:00
Koen Van Impe c8e9aa47d5 Disable to_ids based on false positive sightings reporting 2019-09-24 20:59:46 +02:00
Campbell McKenzie 0fad4d9640 Make client_certs out of the box friendly 2019-09-12 12:42:22 +10:00
Raphaël Vinot 9df636cd37 chg: Update upload malware/attachment example script
Fix #447

Make data at attibute level more generic with getter/setter methods
2019-09-04 13:59:25 +02:00
Koen Van Impe f063457261 Include date_from & date_to in subject and report content 2019-08-16 15:11:43 +02:00
Koen Van Impe c149886a88 Allow statistics date_from date_to
- date_from + date_to
- move misp object creation after argument parser
2019-08-16 14:55:59 +02:00
Koen Van Impe 3d2930db12 Allow to supply mail options as arguments on command line 2019-08-14 08:46:11 +02:00
Maxime Thiebaut e912b3ff93 Fix stats_report example to use ExpandedPyMISP
The stats_report example relied on deprecated functions making it crash.
This has been fixed by upgrading to ExpandedPyMISP. Further checks have
been introduced to ensure used dictionnary keys do exist as the example
also crashed on clean MISP instances due to empty responses.
2019-08-12 13:44:10 +02:00
kovacsbalu f3cb8c89a6 Remove unused line 2019-07-25 08:08:17 +02:00
kovacsbalu 98610fbafc Fix tag help text
Minor pycodestyle
2019-07-25 07:55:25 +02:00
Raphaël Vinot b5226a959c fix: Rename filename 2019-07-23 16:47:32 +02:00
Raphaël Vinot 03a7de794a new: [example] Script to load datasets from Scripps CO2 2019-07-23 16:46:28 +02:00
Raphaël Vinot 1dce91af8f chg: [examples] pythonify properly when needed 2019-07-22 12:41:27 +02:00
Raphaël Vinot 7bd130b506 chg: [tests] Toggle pythonify in create_massive_dummy_events 2019-07-22 12:32:03 +02:00
github-pba 969a9618cc Fix for issue 420 2019-07-18 08:45:55 +02:00
Raphaël Vinot e357ec91e9 Merge branch 'master' of github.com:MISP/PyMISP 2019-07-17 16:47:19 +02:00
Raphaël Vinot 6a48faab73 chg: Bump examples to python3 2019-07-17 16:46:47 +02:00
Raphaël Vinot c9d58dad8a chg: Deprecate everything in PyMISP 2019-07-17 11:44:55 +02:00
Koen Van Impe 71b72f8026 Create statistical reports for MISP
PyMISP script to run every x-days to get an overview of new
events/attributes ; MISP-Galaxies ; MITRE ; Tags

Output of report is on screen or sent via e-mail ; all stats attached
as CSV
2019-07-13 00:06:37 +02:00
Raphaël Vinot e0fac90310 new: Allow to pass delimiter & quotechar to the CSV loader 2019-07-02 11:55:51 +02:00
Alexandre Dulaunoy 3e70a90b0d
chg: [last] You can now paginate over multiple results in the last example command
You can do stuff like this:

python3 last.py  -l 48h  -m 10 -p 2  | jq .[].Event.info

which means the last 10 events on second page which are between a
time range of 0 and 48 hours.
2019-06-24 15:55:01 +02:00
Steve Clement b871ea2bf0
new: [example] Added edit_organisation examples. 2019-06-17 10:36:49 +09:00
Steve Clement 54a2e8657a
fix: [perms] Added try/except for various permission conditions, also create the output dir if not exist
fix: [try/except] Catch Ctrl-c keyboard interrupt
fix: [style] isort imports
2019-06-03 14:06:19 +09:00
Koen Van Impe c6d4d21025 Sync sightings between MISP servers
Sync sightings between MISP servers
Sync from multiple clients to one authoritative MISP instance.
To be run from cron
(blog docu coming)
2019-05-29 17:00:13 +02:00
iglocska 4bd9180951
fix: [feed generator] Added missing fields 2019-05-22 16:30:36 +02:00
Raphaël Vinot 3b56b218b5 new: Object generator for ssh authorized_keys files. 2019-05-20 16:40:47 +02:00
Jeroen Pinoy 309b767864 Added includeWarninglistHits as a possible filter for the event level restsearch. 2019-05-12 01:08:21 +02:00
Koen Van Impe d016571336 Use misp_verifycert flag 2019-05-06 18:01:29 +02:00
Koen Van Impe 38a2903fc9 Take 'to_ids' setting in account and PEP8 checks
- Include check if 'to_ids' is included in the data returned from the
import module
- PEP8 checks
2019-05-06 17:31:52 +02:00
Koen Van Impe 0f49b27794 Automation script that links vmray_submit and vmray_import
Import finished VMRay tasks ; add attributes to event
Makes use of the 'incomplete' workflow taxonomy
Needs to be put in a cronjob to run in the background
2019-05-01 22:48:07 +02:00
Raphaël Vinot e5a42b812f new: Add CSV loader
Fix #376
2019-04-03 16:28:31 +02:00
Raphaël Vinot 1e060f669f new: Helper to create MISP Objects for regcheck.org.uk 2019-04-02 17:13:07 +02:00
Raphaël Vinot b9d865b756 fix: Use new API in get_csv.py
Fix #314
2019-01-03 11:48:53 +01:00
Raphaël Vinot 4c9e6d0ec8 fix: Create massive event using ExpandedPyMISP 2018-12-26 18:28:33 +01:00
Alexandre Dulaunoy 10ccd637d9
chg: [test] set a default distribution for massive event creation 2018-12-24 20:46:26 +01:00
garanews 35b6fc3cb5
fix for last pymisp version 2018-12-04 16:08:00 +00:00
Raphaël Vinot 444a9f5755 Merge branch 'master' into sightingAPI 2018-10-31 16:42:30 +01:00
Christophe Vandeplas 60575d4cf6 fix: readme update + python3 + pep8
align python path to readme specifying python3
2018-10-28 13:01:26 +01:00
Sami Mokaddem 26b601e63b new: [example] Added sighting rest search example 2018-10-23 18:46:15 +02:00
juju4 bcb963da64 align examples on custom usage of misp_verifycert 2018-10-14 13:26:03 -04:00
Sami Mokaddem 7195a19a3e fix: prevent checking length on a integer 2018-10-12 14:04:54 +02:00
Sami Mokaddem 186ad41381 new: [freedFromRedis] try to create an object/attribute out of the incoming data even if not added with the helper 2018-10-11 10:17:23 +02:00
Deborah Servili 515857c37c
Fix print 2018-08-30 12:09:55 +02:00
Alexandre Dulaunoy d13f6fb0c0
fix: [search.py] more example of query type added 2018-08-23 10:02:00 +02:00
Christophe Vandeplas 9999801904 yara_dump - fixed private rules causing issues 2018-07-19 12:31:05 +02:00
Raphaël Vinot e568a0cf00 fix: Typo in the *feed methods 2018-04-26 14:43:21 +02:00
Andras Iklody 78d2ac5778
Added missing field to feed generator 2018-04-23 09:12:31 +02:00
Sami Mokaddem 24964989b3 typo 2018-03-30 08:30:11 +02:00
Sami Mokaddem b2d8ce83ce Changed shebang to python3 2018-03-30 08:15:09 +02:00