diff --git a/404.html b/404.html
index 93387ec..efe5e4a 100644
--- a/404.html
+++ b/404.html
@@ -15,7 +15,7 @@
-
+
diff --git a/contribute/index.html b/contribute/index.html
index ade9345..ee03e47 100644
--- a/contribute/index.html
+++ b/contribute/index.html
@@ -21,7 +21,7 @@
-
+
diff --git a/expansion/index.html b/expansion/index.html
index f8a0231..278c013 100644
--- a/expansion/index.html
+++ b/expansion/index.html
@@ -21,7 +21,7 @@
-
+
diff --git a/export_mod/index.html b/export_mod/index.html
index f69eed4..d31ebe6 100644
--- a/export_mod/index.html
+++ b/export_mod/index.html
@@ -21,7 +21,7 @@
-
+
diff --git a/import_mod/index.html b/import_mod/index.html
index ece565c..acf2f38 100644
--- a/import_mod/index.html
+++ b/import_mod/index.html
@@ -21,7 +21,7 @@
-
+
diff --git a/index.html b/index.html
index eca0784..94be5fd 100644
--- a/index.html
+++ b/index.html
@@ -19,7 +19,7 @@
-
+
@@ -551,7 +551,7 @@
Home
-
+
MISP modules are autonomous modules that can be used for expansion and other services in MISP .
The modules are written in Python 3 following a simple API interface. The objective is to ease the extensions of MISP functionalities
@@ -561,93 +561,93 @@ without modifying core components. The API is available via a simple REST API wh
Existing MISP modules
Expansion modules
-Backscatter.io - a hover and expansion module to expand an IP address with mass-scanning observations.
-BGP Ranking - a hover and expansion module to expand an AS number with the ASN description, its history, and position in BGP Ranking.
-BTC scam check - An expansion hover module to instantly check if a BTC address has been abused.
-BTC transactions - An expansion hover module to get a blockchain balance and the transactions from a BTC address in MISP.
-CIRCL Passive DNS - a hover and expansion module to expand hostname and IP addresses with passive DNS information.
-CIRCL Passive SSL - a hover and expansion module to expand IP addresses with the X.509 certificate seen.
-countrycode - a hover module to tell you what country a URL belongs to.
-CrowdStrike Falcon - an expansion module to expand using CrowdStrike Falcon Intel Indicator API.
-CVE - a hover module to give more information about a vulnerability (CVE).
-CVE advanced - An expansion module to query the CIRCL CVE search API for more information about a vulnerability (CVE).
-Cuckoo submit - A hover module to submit malware sample, url, attachment, domain to Cuckoo Sandbox.
-DBL Spamhaus - a hover module to check Spamhaus DBL for a domain name.
-DNS - a simple module to resolve MISP attributes like hostname and domain to expand IP addresses attributes.
-docx-enrich - an enrichment module to get text out of Word document into MISP (using free-text parser).
-DomainTools - a hover and expansion module to get information from DomainTools whois.
-EUPI - a hover and expansion module to get information about an URL from the Phishing Initiative project .
+Backscatter.io - a hover and expansion module to expand an IP address with mass-scanning observations.
+BGP Ranking - a hover and expansion module to expand an AS number with the ASN description, its history, and position in BGP Ranking.
+BTC scam check - An expansion hover module to instantly check if a BTC address has been abused.
+BTC transactions - An expansion hover module to get a blockchain balance and the transactions from a BTC address in MISP.
+CIRCL Passive DNS - a hover and expansion module to expand hostname and IP addresses with passive DNS information.
+CIRCL Passive SSL - a hover and expansion module to expand IP addresses with the X.509 certificate seen.
+countrycode - a hover module to tell you what country a URL belongs to.
+CrowdStrike Falcon - an expansion module to expand using CrowdStrike Falcon Intel Indicator API.
+CVE - a hover module to give more information about a vulnerability (CVE).
+CVE advanced - An expansion module to query the CIRCL CVE search API for more information about a vulnerability (CVE).
+Cuckoo submit - A hover module to submit malware sample, url, attachment, domain to Cuckoo Sandbox.
+DBL Spamhaus - a hover module to check Spamhaus DBL for a domain name.
+DNS - a simple module to resolve MISP attributes like hostname and domain to expand IP addresses attributes.
+docx-enrich - an enrichment module to get text out of Word document into MISP (using free-text parser).
+DomainTools - a hover and expansion module to get information from DomainTools whois.
+EUPI - a hover and expansion module to get information about an URL from the Phishing Initiative project .
EQL - an expansion module to generate event query language (EQL) from an attribute. Event Query Language
-Farsight DNSDB Passive DNS - a hover and expansion module to expand hostname and IP addresses with passive DNS information.
-GeoIP - a hover and expansion module to get GeoIP information from geolite/maxmind.
-Greynoise - a hover to get information from greynoise.
-hashdd - a hover module to check file hashes against hashdd.com including NSLR dataset.
-hibp - a hover module to lookup against Have I Been Pwned?
-intel471 - an expansion module to get info from Intel471 .
-IPASN - a hover and expansion to get the BGP ASN of an IP address.
-iprep - an expansion module to get IP reputation from packetmail.net.
-Joe Sandbox submit - Submit files and URLs to Joe Sandbox.
-Joe Sandbox query - Query Joe Sandbox with the link of an analysis and get the parsed data.
-macaddress.io - a hover module to retrieve vendor details and other information regarding a given MAC address or an OUI from MAC address Vendor Lookup . See integration tutorial here .
-macvendors - a hover module to retrieve mac vendor information.
-ocr-enrich - an enrichment module to get OCRized data from images into MISP.
-ods-enrich - an enrichment module to get text out of OpenOffice spreadsheet document into MISP (using free-text parser).
-odt-enrich - an enrichment module to get text out of OpenOffice document into MISP (using free-text parser).
-onyphe - a modules to process queries on Onyphe.
-onyphe_full - a modules to process full queries on Onyphe.
-OTX - an expansion module for OTX .
-passivetotal - a passivetotal module that queries a number of different PassiveTotal datasets.
-pdf-enrich - an enrichment module to extract text from PDF into MISP (using free-text parser).
-pptx-enrich - an enrichment module to get text out of PowerPoint document into MISP (using free-text parser).
-qrcode - a module decode QR code, barcode and similar codes from an image and enrich with the decoded values.
-rbl - a module to get RBL (Real-Time Blackhost List) values from an attribute.
-reversedns - Simple Reverse DNS expansion service to resolve reverse DNS from MISP attributes.
-securitytrails - an expansion module for securitytrails .
-shodan - a minimal shodan expansion module.
-Sigma queries - Experimental expansion module querying a sigma rule to convert it into all the available SIEM signatures.
-Sigma syntax validator - Sigma syntax validator.
-sourcecache - a module to cache a specific link from a MISP instance.
-STIX2 pattern syntax validator - a module to check a STIX2 pattern syntax.
-ThreatCrowd - an expansion module for ThreatCrowd .
-threatminer - an expansion module to expand from ThreatMiner .
-urlhaus - Query urlhaus to get additional data about a domain, hash, hostname, ip or url.
-urlscan - an expansion module to query urlscan.io .
-virustotal - an expansion module to query the VirusTotal API with a high request rate limit required. (More details about the API: here )
-virustotal_public - an expansion module to query the VirusTotal API with a public key and a low request rate limit. (More details about the API: here )
-VMray - a module to submit a sample to VMray.
-VulnDB - a module to query VulnDB .
-Vulners - an expansion module to expand information about CVEs using Vulners API.
-whois - a module to query a local instance of uwhois .
-wikidata - a wikidata expansion module.
-xforce - an IBM X-Force Exchange expansion module.
-xlsx-enrich - an enrichment module to get text out of an Excel document into MISP (using free-text parser).
-YARA query - a module to create YARA rules from single hash attributes.
-YARA syntax validator - YARA syntax validator.
+Farsight DNSDB Passive DNS - a hover and expansion module to expand hostname and IP addresses with passive DNS information.
+GeoIP - a hover and expansion module to get GeoIP information from geolite/maxmind.
+Greynoise - a hover to get information from greynoise.
+hashdd - a hover module to check file hashes against hashdd.com including NSLR dataset.
+hibp - a hover module to lookup against Have I Been Pwned?
+intel471 - an expansion module to get info from Intel471 .
+IPASN - a hover and expansion to get the BGP ASN of an IP address.
+iprep - an expansion module to get IP reputation from packetmail.net.
+Joe Sandbox submit - Submit files and URLs to Joe Sandbox.
+Joe Sandbox query - Query Joe Sandbox with the link of an analysis and get the parsed data.
+macaddress.io - a hover module to retrieve vendor details and other information regarding a given MAC address or an OUI from MAC address Vendor Lookup . See integration tutorial here .
+macvendors - a hover module to retrieve mac vendor information.
+ocr-enrich - an enrichment module to get OCRized data from images into MISP.
+ods-enrich - an enrichment module to get text out of OpenOffice spreadsheet document into MISP (using free-text parser).
+odt-enrich - an enrichment module to get text out of OpenOffice document into MISP (using free-text parser).
+onyphe - a modules to process queries on Onyphe.
+onyphe_full - a modules to process full queries on Onyphe.
+OTX - an expansion module for OTX .
+passivetotal - a passivetotal module that queries a number of different PassiveTotal datasets.
+pdf-enrich - an enrichment module to extract text from PDF into MISP (using free-text parser).
+pptx-enrich - an enrichment module to get text out of PowerPoint document into MISP (using free-text parser).
+qrcode - a module decode QR code, barcode and similar codes from an image and enrich with the decoded values.
+rbl - a module to get RBL (Real-Time Blackhost List) values from an attribute.
+reversedns - Simple Reverse DNS expansion service to resolve reverse DNS from MISP attributes.
+securitytrails - an expansion module for securitytrails .
+shodan - a minimal shodan expansion module.
+Sigma queries - Experimental expansion module querying a sigma rule to convert it into all the available SIEM signatures.
+Sigma syntax validator - Sigma syntax validator.
+sourcecache - a module to cache a specific link from a MISP instance.
+STIX2 pattern syntax validator - a module to check a STIX2 pattern syntax.
+ThreatCrowd - an expansion module for ThreatCrowd .
+threatminer - an expansion module to expand from ThreatMiner .
+urlhaus - Query urlhaus to get additional data about a domain, hash, hostname, ip or url.
+urlscan - an expansion module to query urlscan.io .
+virustotal - an expansion module to query the VirusTotal API with a high request rate limit required. (More details about the API: here )
+virustotal_public - an expansion module to query the VirusTotal API with a public key and a low request rate limit. (More details about the API: here )
+VMray - a module to submit a sample to VMray.
+VulnDB - a module to query VulnDB .
+Vulners - an expansion module to expand information about CVEs using Vulners API.
+whois - a module to query a local instance of uwhois .
+wikidata - a wikidata expansion module.
+xforce - an IBM X-Force Exchange expansion module.
+xlsx-enrich - an enrichment module to get text out of an Excel document into MISP (using free-text parser).
+YARA query - a module to create YARA rules from single hash attributes.
+YARA syntax validator - YARA syntax validator.
Export modules
Import modules
-CSV import Customizable CSV import module.
-Cuckoo JSON Cuckoo JSON import.
-Email Import Email import module for MISP to import basic metadata.
-GoAML import Module to import GoAML XML format.
-Joe Sandbox import Parse data from a Joe Sandbox json report.
-OCR Optical Character Recognition (OCR) module for MISP to import attributes from images, scan or faxes.
-OpenIOC OpenIOC import based on PyMISP library.
-ThreatAnalyzer - An import module to process ThreatAnalyzer archive.zip/analysis.json sandbox exports.
-VMRay - An import module to process VMRay export.
+CSV import Customizable CSV import module.
+Cuckoo JSON Cuckoo JSON import.
+Email Import Email import module for MISP to import basic metadata.
+GoAML import Module to import GoAML XML format.
+Joe Sandbox import Parse data from a Joe Sandbox json report.
+OCR Optical Character Recognition (OCR) module for MISP to import attributes from images, scan or faxes.
+OpenIOC OpenIOC import based on PyMISP library.
+ThreatAnalyzer - An import module to process ThreatAnalyzer archive.zip/analysis.json sandbox exports.
+VMRay - An import module to process VMRay export.
How to contribute your own module?
Fork the project, add your module, test it and make a pull-request. Modules can be also private as you can add a module in your own MISP installation.
diff --git a/install/index.html b/install/index.html
index 53e3d5f..c7e2441 100644
--- a/install/index.html
+++ b/install/index.html
@@ -21,7 +21,7 @@
-
+
diff --git a/license/index.html b/license/index.html
index bcedb86..a03ec68 100644
--- a/license/index.html
+++ b/license/index.html
@@ -19,7 +19,7 @@
-
+
diff --git a/sitemap.xml.gz b/sitemap.xml.gz
index 44219ca..c123362 100644
Binary files a/sitemap.xml.gz and b/sitemap.xml.gz differ