MISP
/
PyMISP
mirror of https://github.com/MISP/PyMISP
2
0
Fork 0
Code Issues Releases Wiki Activity
2,821 Commits
13 Branches
166 Tags
93 MiB
Commit Graph

1451 Commits (f0a20cd8ad4d083da88f636231c25bdf779480e0)

Author SHA1 Message Date
Raphaël Vinot ec4172dfba
Merge pull request #795 from tomking2/feature/sharing_group_improvements 
Improve sharing groups, new get_sharing_group and return sharing group orgs
 2021-10-14 14:51:11 +02:00
Raphaël Vinot e84d5a11f3
Merge pull request #794 from tomking2/feature/org_user_search 
chg: Add ability to search against orgs and users by freetext search (both) or organisation (users)
 2021-10-14 14:46:34 +02:00
Jakub Onderka 5064107093
Merge pull request #783 from JakubOnderka/fixes-149 
Changes for upcoming MISP 2.4.150
 2021-10-08 16:38:50 +02:00
Raphaël Vinot e07321bfa9 fix: Missing import in __init__ 
Fix #796
 2021-10-08 15:43:16 +02:00
Tom King a56e344a21 fix: Fix final nosetest 2021-10-04 11:56:13 +01:00
Tom King b3dee88fab fix: Fix nosetests 2021-10-04 11:52:35 +01:00
Tom King c120db02b8 chg: Improve sharing groups, bring back organsations included and ability to get specific SG 2021-10-04 11:41:36 +01:00
Tom King 43d8cdff4a chg: Add ability to search against orgs and users by freetext search (both) or organisation (users) 2021-10-04 11:39:43 +01:00
Raphaël Vinot 21dd71bf4b chg: Bump misp-objects 2021-09-30 11:16:03 +02:00
Raphaël Vinot 54d38df6dc fix: message_from_bytes really dislikes newline at the beginning of a mail 2021-09-30 11:16:03 +02:00
Sami Tainio f6c8e2ad0d
Remove unicode to ascii parts 2021-09-28 16:42:15 +03:00
Sami Tainio 2fb354a938
Fix #787 and add Unicode to ASCII function 
Fix #787
- Uses regex to pick up the hostnames/domains from the "Received: from" headers.

Unicode to ASCII function
- Spam messages more often than not contain junk text as unicode characters in the headers. The "from" and "subject" headers being the most common ones. Before this change the script would error on such emails or sometimes replace the unicode characters with questionmarks "?".
- Function takes argument as an input and then encodes it in ascii while ignoring any malformed data. It then returns an ASCII string without the unicode characters.
- Currently implemented for "from" and "subject" handling.
 2021-09-28 14:50:17 +03:00
Raphaël Vinot d44847b63a fix: skip IPs in Received header 
Related:  #787
 2021-09-27 10:27:14 +02:00
Alexandre Dulaunoy 28b016ace1
Merge branch 'main' of github.com:MISP/PyMISP into main 2021-09-24 15:39:56 +02:00
Alexandre Dulaunoy bf8c8711ab
chg: [misp-objects] updated to the latest version 2021-09-24 15:39:35 +02:00
Raphaël Vinot 9fc4d90454 new: Add few keys to email object creator 
Fix #787
 2021-09-23 17:10:27 +02:00
Alexandre Dulaunoy 06d034947d
chg: [misp-objects] updated to the latest version 2021-09-15 13:31:30 +02:00
Raphaël Vinot 253730759a fix: Upload of STIX document with non-ascii characters 
Due to: https://github.com/psf/requests/issues/5560

TL;DR: a variable of type str passed to data in a POST request will be
silently re-encoded to ISO-8859-1, making MISP barf on the other side.
 2021-09-09 16:58:27 +02:00
Raphaël Vinot 0bdfb3892d chg: Bump live tests 2021-09-07 14:26:22 +02:00
Jakub Onderka e227cd970b fix: [types] Update types to use `filename-pattern` type 2021-08-31 16:57:54 +02:00
Alexandre Dulaunoy 90e988cf48
chg: [misp-objects] updated to the latest version 2021-08-27 11:02:30 +02:00
Christophe Vandeplas d82a50efb7 chg: [types] updated types/categories mapping 2021-08-20 08:42:00 +02:00
Raphaël Vinot 6f7157cf26 chg: Bump objects template 2021-08-05 11:34:20 +02:00
Raphaël Vinot fc9e7ca59b chg: Bump version 2021-08-05 11:32:28 +02:00
Raphaël Vinot 3dd88a1418 fix: Typo in key name 2021-08-05 11:14:04 +02:00
Jakub Onderka 76ce8d8c38 new: Save one REST call when initialize PyMISP class 2021-08-05 11:11:06 +02:00
Jakub Onderka 7ccf4c15d2 chg: Do not load schema for event when not necessary 2021-08-05 11:10:33 +02:00
iglocska 9ea5ec8b1f Revert "chg: Remove legacy stix converter." 
This reverts commit 94ce4a367b.

- breaks misp-stix converter, reverting it for now, let's find a way to deprecate this without outright removing it
 2021-08-05 11:10:33 +02:00
Jakub Onderka 1746138eb3 chg: `get_taxonomy` supports namespace 2021-08-05 11:10:33 +02:00
Jakub Onderka 2ecfc24c14 new: Method `organisation_exists` 2021-08-05 11:10:33 +02:00
Jakub Onderka 7dab091c85 new: Method `sharing_group_exists` 2021-08-05 11:10:31 +02:00
Jakub Onderka 88d0b4ac93 new: Method `update_sharing_group` 2021-08-05 11:09:33 +02:00
Jakub Onderka 270d16cd4c new: `to_dict` method supports `json_format` parameter 2021-06-29 13:28:24 +02:00
Raphaël Vinot 481284dc12 chg: Update mypy, change accordingly 2021-06-21 11:20:41 -07:00
Raphaël Vinot 436181e5bb fix: properly handle the case MISP is in a sub redirect 
Fix #757
 2021-06-17 19:48:15 -07:00
Raphaël Vinot fcb4d41d63 new: Exclude decayed attributes in search 
Fix #753
 2021-06-08 10:09:14 -07:00
Raphaël Vinot c14d599d15 chg: Bump version 2021-06-07 07:36:33 -07:00
Raphaël Vinot dd007ce6a7 chg: Bump object templates 2021-06-07 07:35:37 -07:00
Raphaël Vinot 107561e574 chg: bump version, deps 2021-05-13 22:53:12 -07:00
Raphaël Vinot db1ffe7be6 new: method to get the raw object template 2021-05-11 12:30:00 -07:00
Raphaël Vinot 286712d0e1 fix: first-seen and last-seen on attributes and objects were not checked for sanity 2021-05-11 07:28:54 -07:00
Raphaël Vinot 2f1cf24eaa chg: Bump objects templates 2021-05-11 07:28:00 -07:00
Raphaël Vinot 18300f8aed chg: Bump version 2021-04-26 10:52:56 +02:00
Raphaël Vinot 18049212a5 new: Support for correlation exclusion list 
Fix #732
 2021-04-22 10:47:58 +02:00
Raphaël Vinot b471633acb fix: Enable/disable feeds 2021-04-20 15:36:11 +02:00
Raphaël Vinot cc1af2573f chg: Bump objects templates 2021-04-19 23:12:27 +02:00
Raphaël Vinot 95e31bd2e3 chg: Add comment for controller attribute in search 2021-04-06 20:05:10 +02:00
Raphaël Vinot f0b2a2b943 fix bump version, deps, templates 2021-04-02 16:35:22 +02:00
Raphaël Vinot 5cc994e253 chg: get_uuid_or_id_from_abstract_misp accepts dict 2021-03-30 14:31:31 +02:00
Raphaël Vinot c68ee576b3 fix: use get_uuid_or_id_from_abstract_misp in tag methods 
Fix #725
 2021-03-30 14:23:32 +02:00
Raphaël Vinot 51edb8ab33 chg: Remove references to ExpandedPyMISP 
Fix #721
 2021-03-16 18:32:50 +01:00
Raphaël Vinot 00ba313eae chg: Follow best practices and remove the logging handler. 
Fixes: #717
Reference: https://docs.python.org/3/howto/logging.html#configuring-logging-for-a-library
Documentation: https://docs.python.org/3/howto/logging.html
 2021-03-16 18:28:04 +01:00
Raphaël Vinot 3252361b3c fix: Skip nameless sections in ELF 
Related: #678
 2021-03-16 17:56:06 +01:00
Raphaël Vinot 31608b1480 chg: strip NULL string from value 
https://github.com/MISP/PyMISP/issues/678
 2021-03-15 14:09:50 +01:00
Raphaël Vinot aee6945e95 fix: enable taxonomy failed if global pythonify is on 2021-03-09 16:35:00 +01:00
Raphaël Vinot 2734224958 chg: Raise exception on missing template in CSVLoader 
Related: #714
 2021-03-05 19:33:27 +01:00
Raphaël Vinot b5b2f7015b chg: Bump templates 2021-03-05 18:18:03 +01:00
Raphaël Vinot 2397732b03 chg: re-bump objects 2021-03-05 15:59:23 +01:00
Raphaël Vinot 100eeec77a chg: Bump object templates 2021-03-05 15:51:04 +01:00
Raphaël Vinot a0bda8736a chg: Add test case, fix mypy 2021-03-05 12:11:00 +01:00
Raphaël Vinot 59946a6a6d chg: take simple_value as value in MISPObject.add_attribute 2021-03-05 11:58:58 +01:00
Raphaël Vinot bbd341539a fix: properly pass content-type 2021-03-05 11:42:24 +01:00
Raphaël Vinot 0697f1470b fix: Re-enable support for uploading STIX 1 documents 
Fix #711
 2021-03-04 12:35:52 +01:00
Raphaël Vinot 36369f779a chg: Bump version 2021-03-03 10:39:21 +01:00
Alexandre Dulaunoy 3c141e1fdb
Merge branch 'main' of github.com:MISP/PyMISP into main 2021-03-03 09:46:53 +01:00
Alexandre Dulaunoy 4b3e93089f
chg: [describetypes] updated 2021-03-03 09:46:27 +01:00
Raphaël Vinot fe87d4293b chg: Bump object templates 2021-03-03 09:44:09 +01:00
Raphaël Vinot 4a2367ec96 fix: Make mypy happy in python 3.6 and 3.7 2021-03-02 12:37:35 +01:00
Raphaël Vinot 9f7282e8f4 fix: cosmetic changes, fix mypy 2021-03-02 12:21:59 +01:00
Raphaël Vinot d3bdb46587 chg: Bump objects templates 2021-03-02 12:21:17 +01:00
Raphaël Vinot 3067b818ff Merge branch 'tomking2-feature/misp-galaxy-2' into main 2021-03-02 11:50:43 +01:00
Raphaël Vinot 8137389452 chg: Bump tests for galaxy cluster 2021-03-02 11:49:31 +01:00
Raphaël Vinot 94ce4a367b chg: Remove legacy stix converter. 2021-03-01 15:10:56 +01:00
Raphaël Vinot 1533da3558 chg: Improve Pydoc on search method's timestamp parameter 
Fix #708
 2021-02-27 14:53:15 +01:00
Raphaël Vinot 2e05a1b24f new: soft delete object in MISPEvent 
Fix #706
 2021-02-27 14:53:15 +01:00
Raphaël Vinot 28fed5c778 fix: support text search again 
Fix #705
 2021-02-27 14:53:15 +01:00
Alexandre Dulaunoy 125961a670 chg: [data] describeTypes updated 2021-02-27 14:53:15 +01:00
Raphaël Vinot e183dbc577 fix: Do not add the serial-number twice. 
Related: #678
 2021-02-27 14:53:15 +01:00
Raphaël Vinot b9f7bd9dc1 chg: Add deprecation warning for Python < 3.8 2021-02-27 14:53:15 +01:00
Raphaël Vinot 1b675bb512 fix: Skip PE section if name is none AND size is 0. 
Related: #678
 2021-02-27 14:53:15 +01:00
Raphaël Vinot 59bb0a7bb6 fix: urllib3.__version__ may not have a patch number 
fix https://github.com/MISP/PyMISP/issues/698
 2021-02-27 14:53:15 +01:00
Raphaël Vinot d71b0945e2 chg: Improve Pydoc on search method's timestamp parameter 
Fix #708
 2021-02-26 17:57:39 +01:00
Raphaël Vinot d01c17abf8 new: soft delete object in MISPEvent 
Fix #706
 2021-02-26 17:55:13 +01:00
Raphaël Vinot cdcbe9bf32 fix: support text search again 
Fix #705
 2021-02-26 17:13:20 +01:00
Alexandre Dulaunoy 2ceb38c741
chg: [data] describeTypes updated 2021-02-20 17:28:50 +01:00
Raphaël Vinot d0a050263e fix: Do not add the serial-number twice. 
Related: #678
 2021-02-16 18:34:58 +01:00
Raphaël Vinot 3d3e9abc1d chg: Add deprecation warning for Python < 3.8 2021-02-15 16:12:44 +01:00
Raphaël Vinot 4730452ce0 fix: Skip PE section if name is none AND size is 0. 
Related: #678
 2021-02-15 16:11:18 +01:00
Raphaël Vinot e52263b75a fix: urllib3.__version__ may not have a patch number 
fix https://github.com/MISP/PyMISP/issues/698
 2021-02-15 12:00:10 +01:00
Tom King 5445479960 chg: Don't parse the meta key into cluster elements on a MISPEvent, but allow users to manually perform this action 2021-02-08 11:52:08 +00:00
Tom King a94b81ae72 Merge remote-tracking branch 'upstream/main' into feature/misp-galaxy-2 2021-02-08 11:50:38 +00:00
Raphaël Vinot 37449226f9 chg: Bump version 2021-02-08 11:59:49 +01:00
Raphaël Vinot 3125af9065 chg: Bump version 2021-02-04 19:42:24 +01:00
Raphaël Vinot 39d7f0e57a chg: Bump objects 2021-02-04 19:41:44 +01:00
Raphaël Vinot 6c9234846f chg: add kw_params to tags 2021-02-04 19:41:26 +01:00
Raphaël Vinot 9e2b748b02 chg: Bump objects 2021-02-02 15:26:08 +01:00
Raphaël Vinot f675e20961 chg: Bump version 2021-02-02 11:43:47 +01:00
Raphaël Vinot c91033eb8d chg: Bump objects 2021-02-02 11:40:01 +01:00
Raphaël Vinot 05bb34623f chg: Bump version 2021-02-01 14:25:57 +01:00
Raphaël Vinot 4cf1e9afc3 fix: flake error 2021-02-01 14:16:55 +01:00
Raphaël Vinot 7e4c15ee4d chg: Make mypy happy 2021-02-01 13:45:53 +01:00
Raphaël Vinot 3494e38987 chg: Make clear that to_json returns str 2021-02-01 13:43:39 +01:00
Raphaël Vinot f6b943cb9a chg: Disable correlation on malware-sample for FileObject 2021-02-01 13:43:39 +01:00
Raphaël Vinot c59f18606c chg: Bump objects templates 2021-02-01 13:43:39 +01:00
Tom King 6d11164acf chg: Add in delete function for a MISP Object 2021-02-01 13:43:39 +01:00
Raphaël Vinot c5218c1ce2 chg: Fix return of delete_event_report 2021-02-01 13:43:24 +01:00
Raphaël Vinot 78402394e5 chg: Remove critical warning if lief is not installed 
Fix https://github.com/MISP/MISP/issues/6908
 2021-02-01 13:43:01 +01:00
Raphaël Vinot 47382d01c0 fix: Better warning if lief is outdated. 2021-02-01 13:43:01 +01:00
Tom King a8169a42c0 chg: Allow response of delete to be pythonify, add in nosetest 2021-02-01 13:23:19 +01:00
Tom King c949c09225 chg: Add ability to get event reports from the Event ID 2021-02-01 13:23:19 +01:00
Tom King 7e7f463d77 fix: Call the AbstractMISP.from_dict at the end of the function to ensure the edited flag remains false 2021-02-01 13:23:19 +01:00
Tom King f71c250402 new: Add in ability to create/update/delete MISP Event Reports 2021-02-01 13:21:03 +01:00
Raphaël Vinot fa4fdb13f7 new: hard delete flag for objects 
Related: https://github.com/MISP/PyMISP/issues/666
 2021-02-01 13:21:03 +01:00
Raphaël Vinot 25053b2286 chg: Remove critical warning if lief is not installed 
Fix https://github.com/MISP/MISP/issues/6908
 2021-02-01 13:21:03 +01:00
Raphaël Vinot 48d8165263 chg: Bump version 2021-02-01 13:21:03 +01:00
Raphaël Vinot 696a13e3fc fix: Better warning if lief is outdated. 2021-02-01 13:21:03 +01:00
Raphaël Vinot 5886a29351 new: Fail if a duplicate object is added to an event. 2021-02-01 13:21:03 +01:00
Raphaël Vinot 644492ace1 chg: Improve docstring for get_event 
fix #686
 2021-02-01 13:21:03 +01:00
Raphaël Vinot fc43d7ba60 chg: Bump version 2021-02-01 13:21:03 +01:00
Raphaël Vinot ae1bdda67c chg: Show size when the json is not loadable. 2021-02-01 13:21:03 +01:00
Raphaël Vinot 5bdaf47175 chg: Use lief 0.11.0, generate authenticode entries 2021-02-01 13:21:03 +01:00
Raphaël Vinot a619fdfeca chg: Bump objects 2021-02-01 13:21:03 +01:00
Raphaël Vinot d29a28ba6e chg: Bump deps, objects templates 2021-02-01 13:21:03 +01:00
Tom King 7d4cfc40b7 chg: Add in nosetests for MISP Galaxy functions, check default key as a dict attribute not MISPAbstract attribute 2021-01-30 15:34:29 +00:00
Tom King 96636639c4 chg: Add in more Galaxy 2.0 functions and code cleanup 2021-01-30 13:56:40 +00:00
Tom King eb28f01f01 Merge remote-tracking branch 'upstream/main' into feature/misp-galaxy-2 2021-01-29 10:56:27 +00:00
Raphaël Vinot 03ebbbedce chg: Fix return of delete_event_report 2021-01-28 14:48:23 +01:00
Raphaël Vinot 86a5d3acc7 new: hard delete flag for objects 
Related: https://github.com/MISP/PyMISP/issues/666
 2021-01-28 14:45:36 +01:00
Raphaël Vinot 281a7f0d23 chg: Remove critical warning if lief is not installed 
Fix https://github.com/MISP/MISP/issues/6908
 2021-01-28 14:45:36 +01:00
Raphaël Vinot d7b80decf7 chg: Bump version 2021-01-28 14:45:36 +01:00
Raphaël Vinot cff25c7f57 fix: Better warning if lief is outdated. 2021-01-28 14:45:36 +01:00
Raphaël Vinot e916b332f8 new: Fail if a duplicate object is added to an event. 2021-01-28 14:45:36 +01:00
Raphaël Vinot d21e43bc59 chg: Improve docstring for get_event 
fix #686
 2021-01-28 14:45:36 +01:00
Raphaël Vinot c67da842d3 chg: Bump version 2021-01-28 14:45:36 +01:00
Raphaël Vinot 6f0c942800 chg: Show size when the json is not loadable. 2021-01-28 14:45:36 +01:00
Raphaël Vinot 8c09a5bbc9 chg: Use lief 0.11.0, generate authenticode entries 2021-01-28 14:45:36 +01:00
Raphaël Vinot c195b7cc61 chg: Bump objects 2021-01-28 14:45:36 +01:00
Raphaël Vinot 961fb77de1 chg: Bump deps, objects templates 2021-01-28 14:45:36 +01:00
Tom King cc102675bb chg: Add in add_cluster function and ability to search clusters within a galaxy 2021-01-25 13:18:12 +00:00
Tom King cff7e7b285 new: Add in ability to add a new cluster relation 2021-01-16 16:11:41 +00:00
Tom King 164791e980 new: MISP Galaxy 2.0 capability 2021-01-16 15:56:30 +00:00
Jakub Onderka 361d8d0944 new: Support brotli compression 2021-01-15 20:19:19 +01:00
Tom King 07f00a68f1 chg: Allow response of delete to be pythonify, add in nosetest 2021-01-15 15:26:41 +00:00
Tom King 120f3917e3 chg: Add ability to get event reports from the Event ID 2021-01-15 09:42:08 +00:00
Tom King e6cb4ff9ee fix: Call the AbstractMISP.from_dict at the end of the function to ensure the edited flag remains false 2021-01-14 18:58:35 +00:00
Tom King 12c29e6a06 new: Add in ability to create/update/delete MISP Event Reports 2021-01-14 16:45:25 +00:00
Raphaël Vinot de6125a623 fix: Do not fail if extract_msg is missing 2021-01-11 14:57:22 +01:00
Raphaël Vinot fa95c9d84f fix: Properly decode the body depending on the encoding of the email 
Fix #671
 2021-01-11 14:15:34 +01:00
Raphaël Vinot c50bbd5d1c chg: Add controller argument to get_csv script 2021-01-11 11:49:12 +01:00
seamus tuohy 87c02da0d7 Updated emailobject. 
Email object no longer requires extra php libraries for install.
Tests have been expanded to improve coverage.
RTF encapsulated HTML and Plain Text will now be de-encapsulated.
The raw MSG binary will now be included in the extracted email object.
 2020-12-28 13:47:21 -05:00