From 41115f55190b61ebec195a832e256407521a69f6 Mon Sep 17 00:00:00 2001 From: Usama015 Date: Wed, 14 Jun 2023 11:34:31 +0500 Subject: [PATCH] updated README.md file for expansion module. --- documentation/README.md | 30 ++++++++++++++++++++++++++++++ documentation/mkdocs/expansion.md | 30 ++++++++++++++++++++++++++++++ 2 files changed, 60 insertions(+) diff --git a/documentation/README.md b/documentation/README.md index 244791f7..2bb48598 100644 --- a/documentation/README.md +++ b/documentation/README.md @@ -1847,6 +1847,36 @@ Module to query a local instance of uwhois (https://github.com/rafiot/uwhoisd). ----- +#### [whoisfreaks](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/whoisfreaks.py) + + + +An expansion module for https://whoisfreaks.com/ that will provide an enriched analysis of the provided domain, including WHOIS and DNS information +- **features**: +>The module takes a domain as input and queries the Whoisfreaks API with it. +> +>Some parsing operations are then processed on the result of the query to extract as much information as possible. +> +>After this we map the extracted data to MISP attributes. +- **input**: +>A domain whose Data is required +- **output**: +>MISP attributes resulting from the query on Whoisfreaks API, included in the following list: +>- domain +>- dns-soa-email +>- whois-registrant-email +>- whois-registrant-phone +>- whois-registrant-name +>- whois-registrar +>- whois-creation-date +>- domain +- **references**: +>https://whoisfreaks.com/ +- **requirements**: +>An access to the Whoisfreaks API_KEY + +----- + #### [wiki](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/wiki.py) diff --git a/documentation/mkdocs/expansion.md b/documentation/mkdocs/expansion.md index aad226bb..37da1295 100644 --- a/documentation/mkdocs/expansion.md +++ b/documentation/mkdocs/expansion.md @@ -1844,6 +1844,36 @@ Module to query a local instance of uwhois (https://github.com/rafiot/uwhoisd). ----- +#### [whoisfreaks](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/whoisfreaks.py) + + + +An expansion module for https://whoisfreaks.com/ that will provide an enriched analysis of the provided domain, including WHOIS and DNS information +- **features**: +>The module takes a domain as input and queries the Whoisfreaks API with it. +> +>Some parsing operations are then processed on the result of the query to extract as much information as possible. +> +>After this we map the extracted data to MISP attributes. +- **input**: +>A domain whose Data is required +- **output**: +>MISP attributes resulting from the query on Whoisfreaks API, included in the following list: +>- domain +>- dns-soa-email +>- whois-registrant-email +>- whois-registrant-phone +>- whois-registrant-name +>- whois-registrar +>- whois-creation-date +>- domain +- **references**: +>https://whoisfreaks.com/ +- **requirements**: +>An access to the Whoisfreaks API_KEY + +----- + #### [wiki](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/wiki.py)