Commit Graph

309 Commits (ccae32ae716c143bea09954e860238e193bc78c6)

Author SHA1 Message Date
Raphaël Vinot 056cab15a0 chg: Move scrippsco2 feed generator to a sub directory 2019-12-10 16:39:24 +01:00
Raphaël Vinot 0d354b2032 fix: Update tests. 2019-11-29 16:33:17 +01:00
Raphaël Vinot 446649992f fix: Raise PyMISPError instead of Exception 2019-11-27 17:08:15 +01:00
Raphaël Vinot 78c9f4f605 chg: Few more improvements on the feed export 2019-11-25 16:35:56 +01:00
Raphaël Vinot 6098cd869f chg: Make the feed generator more generic 2019-11-22 17:36:24 +01:00
Raphaël Vinot 61867a8257 fix: improve stability of feed output 2019-11-20 12:49:42 +01:00
Raphaël Vinot 8d92a77c92 fix: Do not unitialize the uuid in MISPEvent 2019-11-20 10:52:27 +01:00
Raphaël Vinot b1818b1751 new: Add to_feed export to MISPEvent 2019-11-19 15:53:58 +01:00
Raphaël Vinot 2da35829b1 chg: Allow to sort and indent the json output for objects 2019-11-18 18:04:02 +01:00
Raphaël Vinot 880fb300ea chg: Use default category from template
Fix #477
2019-10-18 14:44:57 +02:00
Raphaël Vinot fef328d395 fix: Python <3.4 should work again....
Fix #482
2019-10-18 11:56:09 +02:00
Raphaël Vinot c509b22beb new: Add support for UserSettings 2019-10-16 17:22:19 +02:00
Raphaël Vinot cc204475ff chg: Test if json exists in cached method 2019-10-10 18:33:55 +02:00
Raphaël Vinot 6cc7730d24 chg: Decode datetime without dateutils if possible 2019-10-10 18:27:47 +02:00
Raphaël Vinot 7c42a5f748 fix: Python2 SyntaxError... 2019-10-10 08:58:06 +02:00
Raphaël Vinot 02659a5782 chg: Add support for rapidjson, refactoring and code cleanup. 2019-10-09 16:07:40 +02:00
Raphaël Vinot 898bc96ea6 chg: Cleanups 2019-10-08 16:06:28 +02:00
Raphaël Vinot 3bb220c94b chg: Cleanups and improvements 2019-10-08 08:15:56 +02:00
Raphaël Vinot f9118f8c85 Merge branch 'mback2k-template-cache' into perf 2019-10-07 03:53:50 -06:00
Raphaël Vinot 6303c6c6a9 Merge branch 'template-cache' of https://github.com/mback2k/PyMISP into mback2k-template-cache 2019-10-06 13:08:39 -06:00
Raphaël Vinot bae942d2ec fix: Cache object templates at AbstractMISP level
Related #468 and  #471
2019-10-03 13:54:43 -07:00
Raphaël Vinot 6c1f988b13 fix: Cache describeTypes at AbstractMISP level. 2019-10-03 13:23:00 -07:00
Marc Hoersken e05c7d9b4f Cache JSON definitions in memory LFU cache provided by cachetools
- Path and modified time of JSON file are used as the cache key
- Global state is hidden away inside a root-class for re-use
- Maximum size is 150 considering the number of JSON definitions

During my tests the memory usage of the test suites was halved.
2019-10-03 19:30:57 +02:00
Raphaël Vinot 7912df8f37 fix: Python 2.7 support
I want a cookie.
2019-09-04 14:35:02 +02:00
Raphaël Vinot 9df636cd37 chg: Update upload malware/attachment example script
Fix #447

Make data at attibute level more generic with getter/setter methods
2019-09-04 13:59:25 +02:00
Raphaël Vinot 7402e1b3b6 new: Initial support for communities 2019-08-29 18:08:53 +02:00
Raphaël Vinot cebdc2ef3f fix: Automatically skip empty string in add_attribute at object level
Fix #439

Re-enable test cases.
2019-08-28 14:46:02 +02:00
Raphaël Vinot 0b7314c474 new: Delegate Event
And more test cases
2019-08-26 16:24:48 +02:00
Raphaël Vinot e95948bcf6 chg: Better handling of sightings. 2019-08-20 15:34:21 +02:00
Raphaël Vinot 96576af02b new: Helpers & testcases for syncing 2019-08-09 17:58:55 +02:00
Raphaël Vinot 7a5945a5ce fix: Properly __repr__ MISPUser 2019-08-07 18:20:38 +02:00
Raphaël Vinot 5286462361 chg: Code cleanup 2019-08-06 14:23:32 +02:00
Raphaël Vinot d160edce57 fix: Inconsistency in MISPEvent, reenable tests 2019-08-03 00:54:08 +02:00
Raphaël Vinot 66ccc7d082 new: [Search] Add a few new options in rest search 2019-08-02 17:08:25 +02:00
Raphaël Vinot 1b85f73d89 chg: [tests] Add new test cases 2019-08-01 13:19:21 +02:00
Raphaël Vinot 0957399799 new: Allow to change the template on an object on-the-fly
Related: #425
2019-07-25 14:53:30 +02:00
Raphaël Vinot 5a3e3def97 new: get_objects_by_name in MISPEvent
new: Convert datetime objects to python datetime.
2019-07-23 16:37:26 +02:00
Raphaël Vinot a40e383b18 fix: [objects] Allow the value of an attribute to be 0 2019-07-22 00:42:44 +02:00
Raphaël Vinot 4ade9b8130 fix: Python < 3.6 support 2019-07-18 14:16:18 +02:00
Raphaël Vinot 9d0be8d3f0 new: Add option to locally expand malware samples with LIEF 2019-07-18 14:05:08 +02:00
Raphaël Vinot c9d58dad8a chg: Deprecate everything in PyMISP 2019-07-17 11:44:55 +02:00
Tom King ffcc7e0631 new: Introduce ability to create a sharing group 2019-06-19 10:25:34 +01:00
Raphaël Vinot b67d2e024c chg: Allow to pass an AbstractMISP to add_reference
Fix #379
2019-04-16 11:41:43 +02:00
Raphaël Vinot 633f75db24 new: Improve python3.6+ lib 2019-04-11 23:13:15 +02:00
Raphaël Vinot 52402c2acf new: add_attributes method in MISPObject (for multiple attributes) 2019-04-09 17:54:12 +02:00
Raphaël Vinot 1de4c9d0b9 new: Test cases for CSV loader, add cleaner methods in ExpandedPyMISP 2019-04-03 17:46:52 +02:00
Raphaël Vinot f53690f406 chg: Orders of tests in make_bool 2019-03-20 10:44:12 +01:00
Raphaël Vinot 9f4cd243aa fix: Improper handling of to_ids passed as integer in MISPEvent
Fix #364
2019-03-15 10:53:00 +01:00
Falconieri 57eccfe7dc add: exportpdf tool working 2019-02-22 10:18:44 +01:00
Raphaël Vinot fe91d06b91 chg: Remove dependency on six 2019-02-06 11:31:05 +01:00
Raphaël Vinot 1a381a0e3b fix: Wrong variable name in MISPEvent 2019-01-22 14:59:55 +01:00
Raphaël Vinot 4fef159a82 new: Add support for unix timestamp in set_date
fix #302
2019-01-22 13:42:18 +01:00
Raphaël Vinot a8dea20570 fix: Attempt to fix memory footprint in MISPAttribute
Related: #304
2019-01-22 13:25:29 +01:00
Raphaël Vinot ee86f6fa44 fix: The wrong class name was used when there is an error at Event creation. 2019-01-14 10:11:58 +01:00
Raphaël Vinot b72aa536aa chg: More flexibility when loading an object from python dict 2018-12-19 11:44:42 +01:00
Raphaël Vinot a09915d850 chg: Remove compat for MISP 2.4.52, cleanup. 2018-12-18 11:04:36 +01:00
Raphaël Vinot 573e4a426c chg: Add test cases for default distribution levels 2018-11-29 17:27:58 +01:00
Raphaël Vinot de118795ce fix: properly handle errors on event creation/update 2018-11-28 17:34:38 +01:00
Raphaël Vinot 0770a15659 new: search_index in ExpandedPyMISP, cleanup, update jupyter 2018-11-22 14:29:07 +01:00
Raphaël Vinot 9a6761e817 add: Add __eq__ to AbstractMISP
Allow to discard duplicate tags.
2018-09-23 17:39:24 -04:00
Raphaël Vinot e56f70b722 new: Add lots of test cases, find lots of bugs 2018-09-18 21:58:20 -07:00
Raphaël Vinot 8b8459ce53 fix: normalizing the outputs 2018-08-28 17:30:07 -04:00
Raphaël Vinot f4c0b92305 fix: jerry rig support for old python 2018-08-28 16:30:34 -04:00
Raphaël Vinot 2c03fb96c2 new: [test] Attribute modification 2018-08-17 15:09:17 +02:00
Raphaël Vinot 739ab41896 new: More test cases, bug fixes 2018-08-10 19:04:02 +02:00
Raphaël Vinot fcb83f7318 new: Reworking the REST API (WiP) 2018-08-09 18:12:05 +02:00
Raphaël Vinot 785423558b fix: Py3.5 compat, take 2 2018-08-08 11:24:07 +02:00
Raphaël Vinot 44344913f8 fix: Py3.5 compat 2018-08-08 11:19:24 +02:00
Raphaël Vinot 3b42497967 fix: Opening the json blobs as bytes was buggy 2018-08-08 10:18:51 +02:00
Raphaël Vinot e2ddb48f18 chg: Open all json files as bytes before loading in json 2018-08-07 16:52:50 +02:00
Raphaël Vinot 644337e615 fix: Improve error message in case the object template is unknown. 2018-07-05 18:06:58 +02:00
Raphaël Vinot 8c81145dc0 new: return the new object in `add_object` 2018-06-25 16:53:21 +08:00
Raphaël Vinot 2be90774c1 new: Load Org and Orgc as MISPOrganisation
Related to #239
2018-06-15 11:41:37 +02:00
Raphaël Vinot 457758b350 fix: Test cases & attributes automatically getting an UUID 2018-05-03 21:36:40 +02:00
Raphaël Vinot ab54c85509 new: Properly implement the Email object creator 2018-05-03 20:51:04 +02:00
Raphaël Vinot c89d70140d new: Add more feed management methods
Fix #221
2018-04-25 11:06:07 +02:00
Raphaël Vinot f937e844dd chg: Make object helpers more generic, cleanup. 2018-03-27 14:57:12 +02:00
Raphaël Vinot 9e44ec6616 fix: Properly create fail2ban object 2018-03-26 17:03:16 +02:00
Raphaël Vinot 62fb26fafd
Merge pull request #189 from neok0/master
add attributes within objects as well, for tagging via value/id/uuid
2018-02-19 11:49:50 +01:00
chrisr3d cc9395db99
fix: typo 2018-02-19 09:16:27 +01:00
Tobias Mainka 443acd9a47 add attributes within objects as well, for tagging via value/id/uuid 2018-02-16 18:35:45 +01:00
chrisr3d e359f22575
new: Method to return an object by uuid 2018-02-16 09:47:07 +01:00
Raphaël Vinot 837372cf3e fix: Allow to pass value, UUID, or ID to a sighting. 2018-01-25 16:24:24 +01:00
Louis LCE 7b6276fbf8 Add warning when failing to import dependencies 2018-01-24 15:21:08 +01:00
Raphaël Vinot c151ad497b chg: Use defaultdict when possible 2018-01-22 10:33:34 +01:00
Raphaël Vinot aff57876bc chg: Raise an exception when distribution is sharing group, but the ID is missing. 2018-01-16 12:15:30 +01:00
Raphaël Vinot b733ddbdb0 chg: Improve Object Attribute editing 2018-01-12 16:15:09 +01:00
Raphaël Vinot 8d9a5af8d3 chg: Allow to pass a directory with custom object templates 2018-01-12 00:38:15 +01:00
Tobias Mainka 716fd2723c added misp object templates path argument 2018-01-11 12:39:19 +01:00
Raphaël Vinot 6c21728e04 chg: Cleanup from last commit 2018-01-08 12:09:48 +01:00
Raphaël Vinot c41281030b chg: Move MISPTag to Abstract MISP. 2018-01-08 11:59:32 +01:00
Raphaël Vinot a01e7f5e27 fix: edited method works as expected, add tests. 2018-01-05 19:17:25 +01:00
Raphaël Vinot 4a95a54501 fix: disable_correlation from template not properly used 2018-01-05 11:34:08 +01:00
Raphaël Vinot 95bef91588
Merge pull request #164 from MISP/refactor
chg: Multiple changes
2018-01-04 16:50:59 +01:00
Raphaël Vinot bb1aac5720 chg: Multiple changes
* Fix timestamp dump (properly enforce UTC)
* Properly handle proposals
* Add many getter/setter
* Add dedicated test cases for MISPEvent and other objects
2018-01-04 16:43:19 +01:00
Raphaël Vinot b9718c3fd3 fix: Don't remove the distribution and sharing_group_id from default_attributes_parameters 2018-01-04 12:23:32 +01:00
Raphaël Vinot 4b67605367 chg: Allow do pass a category in default_attributes_parameters for object
fix #166
2018-01-04 10:58:31 +01:00
Raphaël Vinot 4362c41f00 chg: Default for sharing_group_id is 0 2018-01-04 10:27:30 +01:00
Arcuri Davide 94cd2fd52e _default_attributes_parameters - if set - is a dict
Manage distribution and sharing_group_id as dict key like the other fields.
-- Not sure about default
2018-01-04 08:53:43 +01:00
Raphaël Vinot b183d3fd17 fix: the sharing_group_id isn't required. 2018-01-03 18:00:30 +01:00
Raphaël Vinot c68b69b422 fix: Last commit was broken... 2017-12-29 16:44:50 +01:00
Raphaël Vinot 6b81e5ddba fix: Properly set Tag to attributes within objects 2017-12-29 14:42:49 +01:00
Raphaël Vinot 0ff2120511 fix: Add method to add tags to objects
Fix #160
2017-12-27 14:43:53 +01:00
Raphaël Vinot 4708786959 chg: Add MISPSighting class. 2017-12-26 17:13:57 +01:00
Raphaël Vinot a497613a85 chg: Update documentation, cleanup 2017-12-22 14:49:14 +01:00
Raphaël Vinot efb6ca974c fix: Properly use the edited flag 2017-12-21 18:46:28 +01:00
Raphaël Vinot b745fce446 chg: Validate attributes in attributes.setter 2017-12-21 09:46:09 +01:00
Raphaël Vinot 749acd70b5 fix: Add setter for Attribute in MISPEvent 2017-12-21 09:38:41 +01:00
Raphaël Vinot 9c4e98f025 fix: Forgotten calls to master class. 2017-12-20 16:59:52 +01:00
Raphaël Vinot f3b8029bb3 fix: properly call datetime.datetime.utcfromtimestamp 2017-12-20 14:33:44 +01:00
Raphaël Vinot de412edaee Merge branch 'master' of https://github.com/cvandeplas/PyMISP into cvandeplas-master 2017-12-20 14:25:00 +01:00
Raphaël Vinot 994afea0bd fix: Fix python2.7 support. 2017-12-20 14:21:32 +01:00
Christophe Vandeplas 2fb4170152 Merge remote-tracking branch 'MISP/master' 2017-12-20 13:29:36 +01:00
Christophe Vandeplas 582fd28702 fix MISPObject missing distribution and sharing_group_id
- fix MISPObject missing distribution concept
- fix language typo paramaters => parameters
2017-12-20 13:29:05 +01:00
Raphaël Vinot 78c156bb6f new: (hopefully) Cleverer handling of timestamps in the objects
& some cleanup
2017-12-20 12:43:31 +01:00
Raphaël Vinot e90d28af9d chg: Add get_attribute_tag method at MISPEvent level
Also add a MISPTag class for consistency.
2017-12-20 10:53:46 +01:00
Raphaël Vinot 74640af4ae fix: Initialize default class parameters.
Fix #155
2017-12-19 17:10:52 +01:00
Raphaël Vinot 892ebbf077 chg: Add __repr__ methods (fix last commit) 2017-12-15 17:34:54 +01:00
Raphaël Vinot 56c74f1f50 chg: Add __repr__ methods 2017-12-14 16:12:54 +01:00
Raphaël Vinot d19a10ddcc chg: Make the library easier to use 2017-12-13 15:45:02 +01:00
Raphaël Vinot 44831b1fdb chg: Add new objects: MISPUser and MISPOrganisation 2017-11-17 16:51:46 +01:00
Raphaël Vinot bfe9867b2e chg: Add a generic MISP object generator 2017-11-15 17:37:17 +01:00
Raphaël Vinot f54a029e2a new: Proper debug system
Make it easy to investigate the json blobs sent to the server.
2017-11-08 17:33:55 -08:00
Raphaël Vinot 134df0cafb chg: Properly use python logging module. 2017-11-07 18:10:04 -08:00
Raphaël Vinot 0e123af546 fix: Let load unknown object relations in known templates
This isn't recommended, but happens very often.
2017-11-02 09:57:53 -07:00
Raphaël Vinot 75d96b2d7a fix: Allow to load non-malware ZIP files in MISP Event
Prior to his patch, any zip file loaded by MISP Event was unpacked and
processed as an excrypted malware from MISP.
2017-11-02 09:26:05 -07:00
Raphaël Vinot 7ece6b7fbc fix: Properly set the distribution at event level
fix #120
2017-10-28 17:09:11 -04:00
Raphaël Vinot 14bc9e4b19 fix: Properly pop the distribution key. 2017-10-26 12:05:51 -04:00
Raphaël Vinot 85669abbcb chg: Do not raise an exception when the object template is unknown.
+ bump misp-object
2017-10-24 08:52:00 -04:00
Raphaël Vinot a63d53094f fix: Fix typos and logic mistakes in mispevent. 2017-10-22 12:17:48 -04:00
Raphaël Vinot 6d2576be0a fix: Allow again to tag/delete unsaved attributes 2017-09-26 10:52:38 +01:00
cgi1 7ad02eb68c Similar to #114 on attribute level
`add_attribute_tag(tag,attribute_identifier)` fails if attribute does not have any tag in before.
2017-09-25 13:43:25 +02:00
cgi1 4fee9b0c85 Fixing #114 2017-09-25 10:01:23 +02:00
infosec-intern f08f744cc2 Formatted "Unknown MISP object" error message
When a user tries to add an object with a name that doesn't exist, the error thrown was missing its format string
This ended up looking like
pymisp.exceptions.UnknownMISPObjectTemplate: {} is unknown in the MISP object directory.
Here's a patch that adds self.name to the format string
2017-09-22 11:43:20 -06:00
Raphaël Vinot 6eb807381d Properly initialize a new malware sample 2017-09-18 15:37:55 +01:00
Raphaël Vinot b1989f16f2 Merge branch 'objects' 2017-09-18 11:43:48 +01:00
Raphaël Vinot 6dfaa78722 Allow to get the list of known types out of MISPEvent again 2017-09-14 14:34:53 +02:00
Raphaël Vinot b3c15da967 Merge branch 'objects' of github.com:MISP/PyMISP into objects 2017-09-12 16:55:29 +02:00
Raphaël Vinot da2b28a927 Use MISPAbstract as a master class everywhere.
This is probably breaking everything.... ¯\_(ツ)_/¯
2017-09-12 16:46:06 +02:00
iglocska b337e77070 changed source => object / destination => referenced 2017-09-07 16:09:45 +02:00
iglocska c15b82c45a Changed two fields in object references
- source_uuid => object_uuid
- destination_uuid => referenced_uuid
2017-09-07 14:01:13 +02:00
Raphaël Vinot b74e558f75 Some more refactoring 2017-08-31 10:40:18 +02:00
Raphaël Vinot 74037cb6fa Some more refactoring and cleanup 2017-08-30 12:47:32 +02:00
Raphaël Vinot 2bc0745fbf Refactoring in order to load objects 2017-08-28 19:16:20 +02:00
edhoedt bd6deba55e Fixing undefined ressources_path 2017-08-24 17:09:19 +02:00
Raphaël Vinot e567ddc877 Update function names in mispevent 2017-08-24 17:09:16 +02:00
Raphaël Vinot 314f7eaed1 Re-enable python < 3.5 support. 2017-08-23 16:55:32 +02:00
Raphaël Vinot 77845bd813 Update file/pe/pe-sections objects creator. 2017-08-23 15:37:04 +02:00
Raphaël Vinot 3c443095e8 Exact match on the value when adding tag. 2017-08-22 10:07:34 +02:00
Raphaël Vinot 622a5701ee Fix typo in variable name. 2017-07-27 17:14:49 +02:00