2.7 KiB
		
	
	
	
	
			
		
		
	
	Explanation
This folder contains scripts made to create dummy events in order to test MISP instances.
- dummy is a containing text only file used as uploaded attachement.
- create_dummy_event.py will create a given number of events (default: 1)with a randomly generated domain|ip attribute as well as a copy of dummy file.
- create_massive_dummy_events.py will create a given number of events (default: 1) with a given number of randomly generated attributes(default: 3000).
Tools description
- 
randomStringGenerator: generate a random string of a given size, characters used to build the string can be chosen, default are characters from string.ascii_lowercase and string.digits 
- 
randomIpGenerator: generate a random ip 
- 
floodtxt: add a generated string as attribute of the given event. The added attributes can be of the following category/type: - Internal reference/comment
- Internal reference/text
- Internal reference/other
- Payload delivery/email-subject
- Artifact dropped/mutex
- Artifact dropped/filename
 
- 
floodip: add a generated ip as attribute of the given event. The added attributes can be of the following category/type: - Network activity/ip-src
- Network activity/ip.dst
 
- 
flooddomain: add a generated domain-like string as attribute of the given event. The added attributes can be of the following category/type: - Network activity/hostname
- Network activity/domain
 
- 
flooddomainip: add a generated domain|ip-like string as attribute of the given event. The added attribute is of the following category/type: - Network activity/domain|ip
 
- 
floodemail: add a generated email-like string as attribute of the given event. The added attributes can be of the following category/type: - Payload delivery/email-src
- Payload delivery/email-dst
 
- 
floodattachmentent: add a dummy file as attribute of the given event. The added attribute is of the following category/type: - Payload delivery/attachment
 
- 
create_dummy_event: create a dummy event named "dummy event" with these caracteristics: - Distribution: Your organisation only
- Analysis: Initial
- Threat Level: Undefined
- Number of Attributes: 2
- Attribute:
- category/type: Network activity/domain|ip
- value: Randomly generated
 
- Attribute:
-category/type: Payload delivery/attachment
- value: 'dummy' file
 
 
- 
create_massive_dummy_events: create a dummy event named "massive dummy event" with these caracteristics: - Distribution: Your organisation only
- Analysis: Initial
- Threat Level: Undefined
- Number of Attributes: Given as argument
- Attribute:
- category/type: Randomly chosen
- value: Randomly generated or dummy file