Raphaël Vinot
0562c63cec
chg: Initial changes to use new annotations
2024-01-17 13:28:51 +01:00
Raphaël Vinot
2dcb5f1efa
fix: Update calls to getStringStream to the public method
2023-11-17 13:21:18 +01:00
Raphaël Vinot
5b0b4c65e2
fix: Allow object-relation names with uppercase characters defined in the templates
2023-10-04 11:46:49 +02:00
Raphaël Vinot
dc315f3f5c
fix: Push code changes related to deps upgrade...
2023-07-31 11:59:00 +02:00
Raphaël Vinot
ec170103cb
fix: Extra print breaking the CI on MISP side
2023-05-12 16:06:26 +02:00
Raphaël Vinot
5f698a1247
fix: properly use lief on a file
2023-05-12 11:58:38 +02:00
Raphaël Vinot
0ac719fd7c
chg: Remove old setup files, bump deps.
2023-05-11 17:48:01 +02:00
Raphaël Vinot
75435df663
fix: Update lief code to v0.13
2023-04-19 11:47:41 +03:00
CarlosLoureiro
b4331c9761
Update reportlab_generator.py
2023-03-26 11:12:45 +02:00
Raphaël Vinot
070472fd9a
chg: Bump deps
2023-03-08 14:24:47 +02:00
Raphaël Vinot
5e9433206e
fix: Remove reference to old pydeep
...
Fix #914
2023-02-06 20:43:47 +01:00
Raphaël Vinot
024283ba01
new: Add relationship_type in Tag entries for feeds
2023-01-13 20:49:53 +01:00
Raphaël Vinot
fc7f273f76
fix: issue with EMailObject
2022-11-09 13:44:36 +01:00
Raphaël Vinot
fd05292d7c
chg: Bump mypy
2022-11-09 13:29:06 +01:00
Raphaël Vinot
b251d70164
fix: Properly convert MSG to EML
2022-07-21 16:31:03 +02:00
Raphaël Vinot
3882ade918
chg: Bump deps
2022-07-21 11:18:00 +02:00
Raphaël Vinot
63d402b358
chg: Make mypy happy
2022-06-16 13:15:27 +02:00
malvidin
cfded6e8bb
Fix multiple_space warning
2022-06-16 09:44:25 +02:00
malvidin
2b98616982
Option to include more URLObject attributes
...
Add publicsuffixlist faup for URLObject Windows support
URLObject with PSLFaup prefers IP to host/domain
2022-06-16 09:38:39 +02:00
Sami Tainio
25fb7b5a28
chg: Removed a whitespace
2021-11-01 13:41:51 +02:00
Sami Tainio
8772c1fa5e
new: Add Blind Carbon Copy (bcc) headers
2021-11-01 13:35:39 +02:00
Raphaël Vinot
a16aa03872
chg: Keep strict and generate attributes when needed
2021-10-28 16:29:27 -04:00
Thomas Dupuy
c82dd6848f
chg: Unified constructors
2021-10-27 14:27:38 -04:00
Raphaël Vinot
54d38df6dc
fix: message_from_bytes really dislikes newline at the beginning of a mail
2021-09-30 11:16:03 +02:00
Sami Tainio
f6c8e2ad0d
Remove unicode to ascii parts
2021-09-28 16:42:15 +03:00
Sami Tainio
2fb354a938
Fix #787 and add Unicode to ASCII function
...
Fix #787
- Uses regex to pick up the hostnames/domains from the "Received: from" headers.
Unicode to ASCII function
- Spam messages more often than not contain junk text as unicode characters in the headers. The "from" and "subject" headers being the most common ones. Before this change the script would error on such emails or sometimes replace the unicode characters with questionmarks "?".
- Function takes argument as an input and then encodes it in ascii while ignoring any malformed data. It then returns an ASCII string without the unicode characters.
- Currently implemented for "from" and "subject" handling.
2021-09-28 14:50:17 +03:00
Raphaël Vinot
d44847b63a
fix: skip IPs in Received header
...
Related: #787
2021-09-27 10:27:14 +02:00
Raphaël Vinot
9fc4d90454
new: Add few keys to email object creator
...
Fix #787
2021-09-23 17:10:27 +02:00
iglocska
95f20939f2
Revert "chg: Remove legacy stix converter."
...
This reverts commit 94ce4a367b
.
- breaks misp-stix converter, reverting it for now, let's find a way to deprecate this without outright removing it
2021-06-23 12:19:04 +02:00
Raphaël Vinot
3252361b3c
fix: Skip nameless sections in ELF
...
Related: #678
2021-03-16 17:56:06 +01:00
Raphaël Vinot
2734224958
chg: Raise exception on missing template in CSVLoader
...
Related: #714
2021-03-05 19:33:27 +01:00
Raphaël Vinot
94ce4a367b
chg: Remove legacy stix converter.
2021-03-01 15:10:56 +01:00
Raphaël Vinot
d0a050263e
fix: Do not add the serial-number twice.
...
Related: #678
2021-02-16 18:34:58 +01:00
Raphaël Vinot
4730452ce0
fix: Skip PE section if name is none AND size is 0.
...
Related: #678
2021-02-15 16:11:18 +01:00
Raphaël Vinot
78ead2f49e
chg: Disable correlation on malware-sample for FileObject
2021-02-01 12:17:28 +01:00
Raphaël Vinot
c41a2f1549
chg: Remove critical warning if lief is not installed
...
Fix https://github.com/MISP/MISP/issues/6908
2021-01-26 13:14:03 +01:00
Raphaël Vinot
c5c1d84bcf
fix: Better warning if lief is outdated.
2021-01-21 11:55:30 +01:00
Raphaël Vinot
76c4f92c17
chg: Use lief 0.11.0, generate authenticode entries
2021-01-19 15:44:58 +01:00
Raphaël Vinot
de6125a623
fix: Do not fail if extract_msg is missing
2021-01-11 14:57:22 +01:00
Raphaël Vinot
fa95c9d84f
fix: Properly decode the body depending on the encoding of the email
...
Fix #671
2021-01-11 14:15:34 +01:00
Raphaël Vinot
c50bbd5d1c
chg: Add controller argument to get_csv script
2021-01-11 11:49:12 +01:00
seamus tuohy
87c02da0d7
Updated emailobject.
...
Email object no longer requires extra php libraries for install.
Tests have been expanded to improve coverage.
RTF encapsulated HTML and Plain Text will now be de-encapsulated.
The raw MSG binary will now be included in the extracted email object.
2020-12-28 13:47:21 -05:00
nighttardis
2a4b215026
adding check if "from" is in the "received" header row
2020-11-30 18:45:53 -06:00
Raphaël Vinot
9046b08a3c
fix: Do not fail on PyMISP import when mail-parser is not present
2020-11-24 14:56:29 +01:00
Raphaël Vinot
71fe62b466
fix: Make mail-parser really optional
2020-11-24 12:18:35 +01:00
Raphaël Vinot
9fed66eb2b
chg: Make mail-parser an optional dependency
2020-11-24 11:17:23 +01:00
Raphaël Vinot
b55370cdad
chg: Improve error handling for Outlook emails
...
Related: #631
2020-11-19 11:38:35 +01:00
Jakub Onderka
9fd3d8a3e3
fix: [emailobject] Correctly parse multiple addresses
2020-10-24 17:24:18 +02:00
Jakub Onderka
055ef16e41
new: Test parsing just email header
2020-10-24 17:24:18 +02:00
Jakub Onderka
5e0ad0a47f
new: Test parsing outlook message format
2020-10-24 17:24:18 +02:00