MISP
/
PyMISP
mirror of https://github.com/MISP/PyMISP
2
0
Fork 0
Code Issues Releases Wiki Activity
2,106 Commits
13 Branches
166 Tags
93 MiB
Commit Graph

2106 Commits (cce228564b776b67ee0ffc4c2f57fd17304634df)

Author SHA1 Message Date
Raphaël Vinot cce228564b chg: Bump build system to poetry 1.1 2020-10-09 12:54:09 +02:00
Raphaël Vinot c9491ae0f1 Merge branch 'main' of github.com:MISP/PyMISP into main 2020-09-29 11:26:00 +02:00
Raphaël Vinot 516e7472bb chg: Bump deps, objects 2020-09-29 11:17:16 +02:00
Raphaël Vinot bdd8fe6782 chg: Add test for delete=True in get_event 2020-09-29 11:10:39 +02:00
Alexandre Dulaunoy 0e0424fa30
chg: [add_github_user] add ssh keys of the user in the MISP object 2020-09-17 10:36:54 +02:00
Alexandre Dulaunoy e40b14e897
Merge branch 'main' of github.com:MISP/PyMISP into main 2020-09-17 08:05:08 +02:00
Alexandre Dulaunoy 156d5564e8
chg: [add_github_user] more fields added from the GitHub API 2020-09-17 07:40:13 +02:00
Raphaël Vinot 0467a967b4 Merge branch 'main' of github.com:MISP/PyMISP into main 2020-09-16 23:27:40 +02:00
Raphaël Vinot ae24aad6d8 chg: Bump dependencies 2020-09-16 23:27:12 +02:00
Alexandre Dulaunoy 13995e1eca
chg: [add_github_user] add following to the MISP object 2020-09-16 21:40:34 +02:00
Raphaël Vinot 3fccd106a0 chg: Pass a list to add_attributes 2020-09-16 21:08:02 +02:00
Raphaël Vinot 808e8132f2 chg: Use MISPObject instead of GenericObjectGenerator 2020-09-16 20:58:57 +02:00
Alexandre Dulaunoy b9ee5c69bb
new: [example] add_github_user example - WiP 
usage: add_github_user.py [-h] -e EVENT [-f] -u USERNAME

Fetch GitHub user details and add it in object in MISP

optional arguments:
  -h, --help            show this help message and exit
  -e EVENT, --event EVENT
                        Event ID to update
  -f, --force-template-update
  -u USERNAME, --username USERNAME
                        GitHub username to add
 2020-09-16 17:36:37 +02:00
Alexandre Dulaunoy ba1e394d24
chg: [doc] add a reference to the license 2020-09-16 15:07:38 +02:00
Raphaël Vinot 2e2cdbeb7e fix: Test on macosx 
Fix #630
 2020-09-16 12:07:58 +02:00
Raphaël Vinot c39328f30a fix: Do not modify default_attributes_parameters in MISPObject 2020-09-15 17:01:56 +02:00
Raphaël Vinot 781161f82c fix: Wrong call to pymisp.search_index 2020-09-15 16:56:21 +02:00
Raphaël Vinot cf3d7e5e0f
Merge pull request #629 from chrisinmtown/fix-api-doc-params 
Fix api doc params
 2020-09-15 16:53:50 +02:00
Lott, Christopher (cl778h) f1de0fb794 chg: add docstrings and extend conf.py for RTD 
Add minimal docstrings to public methods so ReadTheDocs will display them.
Add autodoc mock import for lief so RTD can generate HTML for tools.

This fixes issue #626
 2020-09-15 10:40:21 -04:00
Chris Lott 315195a629
Merge pull request #1 from MISP/main 
Pull
 2020-09-15 10:22:47 -04:00
Raphaël Vinot d3db7fe52a chg: Remove PyMISPExpanded from the docs 2020-09-15 12:41:49 +02:00
Raphaël Vinot 18474a2144 chg: Add comments to ELF, PE, and MachO object generators. 2020-09-15 12:39:59 +02:00
Raphaël Vinot 50e5f156bd chg: Improve error message, add comments, rename whitelist->allowedlist 2020-09-15 12:31:22 +02:00
Raphaël Vinot 73b56a61da fix: few outdated calls in the tutorial 2020-09-11 11:09:14 +02:00
Raphaël Vinot 9c48079d88 new: Method to get the new version of the templates 2020-09-10 15:26:34 +02:00
Raphaël Vinot e3815a41f1 fix: Make flake8 happy 2020-09-09 15:41:42 +02:00
Raphaël Vinot cab202e1da
Merge pull request #624 from seamustuohy/fix-badly-encoded-emails 
Attempt to decode utf-8-sig encoded emails.
 2020-09-09 15:02:18 +02:00
seamus tuohy 07137209e2 Attempt to decode utf-8-sig encoded emails. 
eml files downloaded from Windows Online security on some Windows 11
systems are automatically encoded in UTF with a byte order mark (BOM)
at the front of the file. This will cause the email parser to fail.

This is a somewhat isolated problem. It only will affects a small
subset of Windows users who download and re-upload eml files. But,
this small subset of users is the target user-base for the MISP
email module: low expertiese users who wish to quickly share
high-value indicators on an ad-hoc basis.

While this fix could be tacked onto the MISP email module instead of
here, I beleive that this fix is more appropriate in the PyMISP object
code. As the "email" object parser this object should be built to
parse all manner of emails that it may encounter. This includes common
malformations such as this one and, even horrors such as, the .msg
format. This commit adds a generically named "attempt_decoding"
function which can be expanded to address all manner of sins that
are encountered in the future.
 2020-09-09 07:45:07 -04:00
Raphaël Vinot 0220f25f98 chg: Bump changelog 2020-09-08 12:45:29 +02:00
Raphaël Vinot 49aede3947 chg: Bump version 2020-09-08 12:43:25 +02:00
Raphaël Vinot 07fed2fbb4 chg: Bump objects 2020-09-08 11:18:40 +02:00
Raphaël Vinot 7cc868bc8d Merge branch 'main' of github.com:MISP/PyMISP into main 2020-09-08 10:55:32 +02:00
Raphaël Vinot cd93d6b868 chg: Bump objects 2020-09-08 10:55:20 +02:00
Raphaël Vinot f2a9a7c241 chg: Bump dependencies 2020-09-08 10:54:48 +02:00
Alexandre Dulaunoy c7edf4e33a
chg: [describeTypes] updated 2020-09-04 16:33:11 +02:00
Alexandre Dulaunoy 5598351a8b
chg: [describeTypes] updated 2020-09-04 16:00:41 +02:00
Raphaël Vinot f1a91d0872 chg: Bump file template version 2020-09-02 15:34:45 +02:00
Raphaël Vinot 9f6f95be0e new: [test] Validate tag removal 2020-09-02 15:11:18 +02:00
Raphaël Vinot 3cbd906520 chg: Bump objects 2020-09-02 15:06:59 +02:00
Raphaël Vinot 918f841087 chg: Rename blacklist -> blocklist 2020-09-01 19:29:12 +02:00
Raphaël Vinot e0e1a7fdf4 chg: Bump dependencies 2020-08-31 13:30:59 +02:00
Alexandre Dulaunoy 92c5d11f47
new: [describeTypes] sha3 added 2020-08-24 10:38:25 +02:00
Raphaël Vinot 3b63999785 chg: Bump changelog 2020-08-20 13:02:38 +02:00
Raphaël Vinot 29af8645f7 chg: Bump version 2020-08-20 13:01:00 +02:00
Raphaël Vinot 53f9979b48 fix: Bump file template version 2020-08-20 12:52:08 +02:00
Raphaël Vinot 39d1b1ff18 chg: Bump dependencies 2020-08-20 12:44:58 +02:00
Raphaël Vinot f52ee0e0e7 chg: Bump objects 2020-08-20 12:44:35 +02:00
Raphaël Vinot 6e4bf35bda chg: Bump types 2020-08-20 12:22:12 +02:00
Raphaël Vinot 123eda7629
Merge pull request #617 from imidoriya/main 
Exclude section correlation .rsrc and zero-filled
 2020-08-18 11:55:46 +02:00
deku dd6922fd3a Exclude section correlation .rsrc and zero-filled 2020-08-14 11:13:53 -04:00