Commit Graph

300 Commits (f8589061cbaee2f4957169a0b455f6bb3747a98d)

Author SHA1 Message Date
Koen Van Impe 4b08b9baa4 Include to_ids and replace newlines in title 2019-10-16 00:19:12 +02:00
Raphaël Vinot 02659a5782 chg: Add support for rapidjson, refactoring and code cleanup. 2019-10-09 16:07:40 +02:00
Koen Van Impe 5b7eeaa8ab Code cleanup 2019-09-26 20:50:53 +02:00
Koen Van Impe 0e68071ef2 Update type and code cleanup 2019-09-26 20:46:31 +02:00
Koen Van Impe edaae39bc8 List all the sightings - show_sightings.py 2019-09-26 20:31:05 +02:00
Koen Van Impe c8e9aa47d5 Disable to_ids based on false positive sightings reporting 2019-09-24 20:59:46 +02:00
Campbell McKenzie 0fad4d9640 Make client_certs out of the box friendly 2019-09-12 12:42:22 +10:00
Raphaël Vinot 9df636cd37 chg: Update upload malware/attachment example script
Fix #447

Make data at attibute level more generic with getter/setter methods
2019-09-04 13:59:25 +02:00
Koen Van Impe f063457261 Include date_from & date_to in subject and report content 2019-08-16 15:11:43 +02:00
Koen Van Impe c149886a88 Allow statistics date_from date_to
- date_from + date_to
- move misp object creation after argument parser
2019-08-16 14:55:59 +02:00
Koen Van Impe 3d2930db12 Allow to supply mail options as arguments on command line 2019-08-14 08:46:11 +02:00
Maxime Thiebaut e912b3ff93 Fix stats_report example to use ExpandedPyMISP
The stats_report example relied on deprecated functions making it crash.
This has been fixed by upgrading to ExpandedPyMISP. Further checks have
been introduced to ensure used dictionnary keys do exist as the example
also crashed on clean MISP instances due to empty responses.
2019-08-12 13:44:10 +02:00
kovacsbalu f3cb8c89a6 Remove unused line 2019-07-25 08:08:17 +02:00
kovacsbalu 98610fbafc Fix tag help text
Minor pycodestyle
2019-07-25 07:55:25 +02:00
Raphaël Vinot b5226a959c fix: Rename filename 2019-07-23 16:47:32 +02:00
Raphaël Vinot 03a7de794a new: [example] Script to load datasets from Scripps CO2 2019-07-23 16:46:28 +02:00
Raphaël Vinot 1dce91af8f chg: [examples] pythonify properly when needed 2019-07-22 12:41:27 +02:00
Raphaël Vinot 7bd130b506 chg: [tests] Toggle pythonify in create_massive_dummy_events 2019-07-22 12:32:03 +02:00
github-pba 969a9618cc Fix for issue 420 2019-07-18 08:45:55 +02:00
Raphaël Vinot e357ec91e9 Merge branch 'master' of github.com:MISP/PyMISP 2019-07-17 16:47:19 +02:00
Raphaël Vinot 6a48faab73 chg: Bump examples to python3 2019-07-17 16:46:47 +02:00
Raphaël Vinot c9d58dad8a chg: Deprecate everything in PyMISP 2019-07-17 11:44:55 +02:00
Koen Van Impe 71b72f8026 Create statistical reports for MISP
PyMISP script to run every x-days to get an overview of new
events/attributes ; MISP-Galaxies ; MITRE ; Tags

Output of report is on screen or sent via e-mail ; all stats attached
as CSV
2019-07-13 00:06:37 +02:00
Raphaël Vinot e0fac90310 new: Allow to pass delimiter & quotechar to the CSV loader 2019-07-02 11:55:51 +02:00
Alexandre Dulaunoy 3e70a90b0d
chg: [last] You can now paginate over multiple results in the last example command
You can do stuff like this:

python3 last.py  -l 48h  -m 10 -p 2  | jq .[].Event.info

which means the last 10 events on second page which are between a
time range of 0 and 48 hours.
2019-06-24 15:55:01 +02:00
Steve Clement b871ea2bf0
new: [example] Added edit_organisation examples. 2019-06-17 10:36:49 +09:00
Steve Clement 54a2e8657a
fix: [perms] Added try/except for various permission conditions, also create the output dir if not exist
fix: [try/except] Catch Ctrl-c keyboard interrupt
fix: [style] isort imports
2019-06-03 14:06:19 +09:00
Koen Van Impe c6d4d21025 Sync sightings between MISP servers
Sync sightings between MISP servers
Sync from multiple clients to one authoritative MISP instance.
To be run from cron
(blog docu coming)
2019-05-29 17:00:13 +02:00
iglocska 4bd9180951
fix: [feed generator] Added missing fields 2019-05-22 16:30:36 +02:00
Raphaël Vinot 3b56b218b5 new: Object generator for ssh authorized_keys files. 2019-05-20 16:40:47 +02:00
Jeroen Pinoy 309b767864 Added includeWarninglistHits as a possible filter for the event level restsearch. 2019-05-12 01:08:21 +02:00
Koen Van Impe d016571336 Use misp_verifycert flag 2019-05-06 18:01:29 +02:00
Koen Van Impe 38a2903fc9 Take 'to_ids' setting in account and PEP8 checks
- Include check if 'to_ids' is included in the data returned from the
import module
- PEP8 checks
2019-05-06 17:31:52 +02:00
Koen Van Impe 0f49b27794 Automation script that links vmray_submit and vmray_import
Import finished VMRay tasks ; add attributes to event
Makes use of the 'incomplete' workflow taxonomy
Needs to be put in a cronjob to run in the background
2019-05-01 22:48:07 +02:00
Raphaël Vinot e5a42b812f new: Add CSV loader
Fix #376
2019-04-03 16:28:31 +02:00
Raphaël Vinot 1e060f669f new: Helper to create MISP Objects for regcheck.org.uk 2019-04-02 17:13:07 +02:00
Raphaël Vinot b9d865b756 fix: Use new API in get_csv.py
Fix #314
2019-01-03 11:48:53 +01:00
Raphaël Vinot 4c9e6d0ec8 fix: Create massive event using ExpandedPyMISP 2018-12-26 18:28:33 +01:00
Alexandre Dulaunoy 10ccd637d9
chg: [test] set a default distribution for massive event creation 2018-12-24 20:46:26 +01:00
garanews 35b6fc3cb5
fix for last pymisp version 2018-12-04 16:08:00 +00:00
Raphaël Vinot 444a9f5755 Merge branch 'master' into sightingAPI 2018-10-31 16:42:30 +01:00
Christophe Vandeplas 60575d4cf6 fix: readme update + python3 + pep8
align python path to readme specifying python3
2018-10-28 13:01:26 +01:00
Sami Mokaddem 26b601e63b new: [example] Added sighting rest search example 2018-10-23 18:46:15 +02:00
juju4 bcb963da64 align examples on custom usage of misp_verifycert 2018-10-14 13:26:03 -04:00
Sami Mokaddem 7195a19a3e fix: prevent checking length on a integer 2018-10-12 14:04:54 +02:00
Sami Mokaddem 186ad41381 new: [freedFromRedis] try to create an object/attribute out of the incoming data even if not added with the helper 2018-10-11 10:17:23 +02:00
Deborah Servili 515857c37c
Fix print 2018-08-30 12:09:55 +02:00
Alexandre Dulaunoy d13f6fb0c0
fix: [search.py] more example of query type added 2018-08-23 10:02:00 +02:00
Christophe Vandeplas 9999801904 yara_dump - fixed private rules causing issues 2018-07-19 12:31:05 +02:00
Raphaël Vinot e568a0cf00 fix: Typo in the *feed methods 2018-04-26 14:43:21 +02:00
Andras Iklody 78d2ac5778
Added missing field to feed generator 2018-04-23 09:12:31 +02:00
Sami Mokaddem 24964989b3 typo 2018-03-30 08:30:11 +02:00
Sami Mokaddem b2d8ce83ce Changed shebang to python3 2018-03-30 08:15:09 +02:00
Raphaël Vinot f937e844dd chg: Make object helpers more generic, cleanup. 2018-03-27 14:57:12 +02:00
Raphaël Vinot 8125b073a1 chg: Update fail2ban helper & example 2018-03-27 10:29:57 +02:00
Raphaël Vinot fbe3687833
Merge pull request #212 from aparriel/fix_add_named_attribute_regression
Fix add named attribute regression
2018-03-27 10:00:49 +02:00
Philippe Langlois 1b9c70028f Example of specifying special attribute type in your search: here yara attribute 2018-03-26 18:17:10 +02:00
user 1503508c16 Fix add_named_attribute regression, update add_named_attribute.py example 2018-03-26 17:37:02 +02:00
Raphaël Vinot 0c3d7ca480 fix: typo 2018-03-26 17:10:31 +02:00
Raphaël Vinot 9e44ec6616 fix: Properly create fail2ban object 2018-03-26 17:03:16 +02:00
Raphaël Vinot 22c874e479 fix: Add Info field to the event 2018-03-26 13:58:33 +02:00
Raphaël Vinot 8ebb963adf new: add preliminary fail2ban object 2018-03-26 12:07:40 +02:00
Raphaël Vinot 5c6314c45c new: Add email object generator 2018-03-18 23:21:29 +01:00
Sami Mokaddem fdd9833cd0
Update README.md
Replaced WHAT by Description
2018-03-13 17:26:55 +01:00
Sami Mokaddem cd85238b29
Update README.md
Added example of flush operation
2018-03-13 17:24:19 +01:00
Alexandre Dulaunoy ba98c71abc
Merge pull request #204 from mokaddem/redis-feed-generator
Realtime feed generator
2018-03-12 17:07:57 +01:00
Sami Mokaddem 6553519e3b Added more examples 2018-03-12 16:55:21 +01:00
Sami Mokaddem 364d685e0c Added usage in README 2018-03-12 16:40:06 +01:00
Sami Mokaddem 91262662c4 Added MISPItemToRedis and updated readme accordingly 2018-03-12 16:13:34 +01:00
Sami Mokaddem 39fc05aad9 Updated readme 2 2018-03-12 15:41:02 +01:00
Sami Mokaddem 80517aaf41 Updated readme 2018-03-12 15:34:12 +01:00
Sami Mokaddem 38c22ba954 Moved object constructor into their own folder 2018-03-12 15:22:58 +01:00
Sami Mokaddem d898bb3857 feature: Added support of MISP object constructor instead of the generic_generator 2018-03-12 15:17:25 +01:00
Sami Mokaddem 81d3532877 Added brief object description 2018-03-12 10:25:25 +01:00
Sami Mokaddem aa3f3b85f0 removed unused function 2018-03-12 10:19:05 +01:00
weslambert 58dd9878de
fix typo(s) 2018-03-10 08:04:18 -05:00
Sami Mokaddem e1a9fe1d85 Generator handles file flushing itself 2018-03-09 17:06:00 +01:00
Sami Mokaddem f6828c4394 Added description of generator object 2018-03-09 15:51:26 +01:00
Sami Mokaddem 828aa8e6e3 Updated README 2018-03-09 15:39:19 +01:00
Sami Mokaddem fdaa4c790c Creation of the generator object which permit to easily add attributes
and objects to daily events, stored as a MISP feed.
Plus, script fromredis which pops queue element in redis to put them in
the feed
2018-03-09 15:31:13 +01:00
Sami Mokaddem 61ce67cd1c Added install script 2018-03-08 17:39:14 +01:00
Sami Mokaddem c04a3709f9 Added support of MISP Object 2018-03-08 17:33:39 +01:00
Sami Mokaddem 22efb64f14 Overhall seems to work, need testing 2018-03-08 14:19:28 +01:00
Sami Mokaddem 188c452a39 Init draft of redis to feed 2018-03-08 12:01:35 +01:00
Raphaël Vinot 7195c6580a
Merge pull request #197 from RichieB2B/misp2cef
Add misp2cef example
2018-02-26 17:26:54 +01:00
Richard van den Berg 7dd2f54196 Add misp2cef example 2018-02-26 16:51:14 +01:00
Richard van den Berg a04388f99a Use from_dict 2018-02-26 11:25:14 +01:00
Raphaël Vinot 6a3b05fd25 fix: do not try to upload objects in case make_binary_objects fails
Fix #192
2018-02-23 11:17:54 +01:00
Koen Van Impe b6eb65c77f Prevent unpublished events to be included in feed
Change default proposed config
2018-02-06 21:41:03 +01:00
Raphaël Vinot e937c3ae81 new: Add bindings for Galaxies and Taxonimies 2018-01-26 17:02:47 +01:00
Raphaël Vinot 250190e8a8 new: Add bindings to PyMISPWarninglists 2018-01-25 17:56:30 +01:00
Raphaël Vinot e2bb66d01c chg: Cleanup new sbsignature generator 2018-01-23 11:07:36 +01:00
garanews db235899bf sb-signature library
Created sb-signature library with relative example for testing.
Thanks @dadokkio
2018-01-23 10:35:21 +01:00
Andras Iklody 89e900671c
Update settings.default.py 2018-01-11 11:58:50 +01:00
Eric Jaw 66ccf54c12 fix: Typo in error output text description 2017-12-06 11:07:36 -05:00
Raphaël Vinot 9c7923fe0a new: Add get CSV method. 2017-12-01 12:01:42 +01:00
Raphaël Vinot 0875ad4a5f chg: Add example file to push OpenIOC file to MISP
chg: Add some imports in the tool's init file
2017-11-28 11:54:08 +01:00
Raphaël Vinot bfe9867b2e chg: Add a generic MISP object generator 2017-11-15 17:37:17 +01:00
Raphaël Vinot 0f21a561b0 chg: Allow to add multiple attribute of the same type 2017-11-15 09:41:20 +01:00
iglocska 195cd6d7fc Rework of the feed generator
- use objects, attribute tags and object references correctly
- generate quickhashlist for fast lookups / future MISP caching mechanism
- saner structure (herp-a-derp)
2017-11-04 14:18:15 +01:00