mirror of https://github.com/MISP/misp-modules
add: Added documentation for expansion modules
parent
782ef9f2e3
commit
6acf9573e4
|
@ -0,0 +1,4 @@
|
||||||
|
{
|
||||||
|
"description": "Query an ASN description history service (https://github.com/CIRCL/ASN-Description-History.git).",
|
||||||
|
"requirements": ["asnhistory"]
|
||||||
|
}
|
|
@ -0,0 +1,4 @@
|
||||||
|
{
|
||||||
|
"description": "Module to access CIRCL Passive DNS.",
|
||||||
|
"logo": "logos/passivedns.png"
|
||||||
|
}
|
|
@ -0,0 +1,4 @@
|
||||||
|
{
|
||||||
|
"description": "Modules to access CIRCL Passive SSL.",
|
||||||
|
"logo": "logos/passivessl.png"
|
||||||
|
}
|
|
@ -0,0 +1,3 @@
|
||||||
|
{
|
||||||
|
"description": "Module to expand country codes."
|
||||||
|
}
|
|
@ -0,0 +1,4 @@
|
||||||
|
{
|
||||||
|
"description": "Module to query Crowdstrike Falcon.",
|
||||||
|
"logo": "logos/crowdstrike.png"
|
||||||
|
}
|
|
@ -0,0 +1,3 @@
|
||||||
|
{
|
||||||
|
"description": "An expansion hover module to expand information about CVE id."
|
||||||
|
}
|
|
@ -0,0 +1,4 @@
|
||||||
|
{
|
||||||
|
"description": "Module to check Spamhaus DBL for a domain name.",
|
||||||
|
"logo": "logos/spamhaus.jpg"
|
||||||
|
}
|
|
@ -0,0 +1,3 @@
|
||||||
|
{
|
||||||
|
"description": "A simple DNS expansion service to resolve IP address from MISP attributes."
|
||||||
|
}
|
|
@ -0,0 +1,4 @@
|
||||||
|
{
|
||||||
|
"description": "DomainTools MISP expansion module.",
|
||||||
|
"logo": "logos/domaintools.png"
|
||||||
|
}
|
|
@ -0,0 +1,4 @@
|
||||||
|
{
|
||||||
|
"description": "A module to query the Phishing Initiative service (https://phishing-initiative.lu).",
|
||||||
|
"logo": "logos/eupi.png"
|
||||||
|
}
|
|
@ -0,0 +1,4 @@
|
||||||
|
{
|
||||||
|
"description": "Module to access Farsight DNSDB Passive DNS.",
|
||||||
|
"logo": "logos/farsight.png"
|
||||||
|
}
|
|
@ -0,0 +1,3 @@
|
||||||
|
{
|
||||||
|
"description": "Module to query a local copy of Maxminds Geolite database."
|
||||||
|
}
|
|
@ -0,0 +1,3 @@
|
||||||
|
{
|
||||||
|
"description": "Module to access intelmqs eventdb."
|
||||||
|
}
|
|
@ -0,0 +1,3 @@
|
||||||
|
{
|
||||||
|
"description": "Module to query an IP ASN history service (https://github.com/CIRCL/IP-ASN-history.git)."
|
||||||
|
}
|
|
@ -0,0 +1,3 @@
|
||||||
|
{
|
||||||
|
"description": "Module to query IPRep data for IP addresses."
|
||||||
|
}
|
|
@ -0,0 +1,4 @@
|
||||||
|
{
|
||||||
|
"description": "Module to process a query on Onyphe.",
|
||||||
|
"logo": "logos/onyphe.jpg"
|
||||||
|
}
|
|
@ -0,0 +1,4 @@
|
||||||
|
{
|
||||||
|
"description": "Module to process a full query on Onyphe.",
|
||||||
|
"logo": "logos/onyphe.jpg"
|
||||||
|
}
|
|
@ -0,0 +1,4 @@
|
||||||
|
{
|
||||||
|
"description": "Module to get information from AlienVault OTX.",
|
||||||
|
"logo": "logos/otx.png"
|
||||||
|
}
|
|
@ -0,0 +1,4 @@
|
||||||
|
{
|
||||||
|
"description": "The PassiveTotal MISP expansion module brings the datasets derived from Internet scanning directly into your MISP instance. This module supports passive DNS, historic SSL, WHOIS, and host attributes. In order to use the module, you must have a valid PassiveTotal account username and API key. Registration is free and can be done by visiting https://www.passivetotal.org/register",
|
||||||
|
"logo": "logos/passivetotal.png"
|
||||||
|
}
|
|
@ -0,0 +1,4 @@
|
||||||
|
{
|
||||||
|
"description": "Module to check an IPv4 address against known RBLs.",
|
||||||
|
"requirements": ["dnspython3"]
|
||||||
|
}
|
|
@ -0,0 +1,3 @@
|
||||||
|
{
|
||||||
|
"description": "Simple Reverse DNS expansion service to resolve reverse DNS from MISP attributes."
|
||||||
|
}
|
|
@ -0,0 +1,4 @@
|
||||||
|
{
|
||||||
|
"description": "Module to query on Shodan.",
|
||||||
|
"logo": "logos/shodan.png"
|
||||||
|
}
|
|
@ -0,0 +1,3 @@
|
||||||
|
{
|
||||||
|
"description": "Module to cache web pages of analysis reports, OSINT sources. The module returns a link of the cached page."
|
||||||
|
}
|
|
@ -0,0 +1,4 @@
|
||||||
|
{
|
||||||
|
"description": "Module to get information from ThreatCrowd.",
|
||||||
|
"logo": "logos/threatcrowd.png"
|
||||||
|
}
|
|
@ -0,0 +1,4 @@
|
||||||
|
{
|
||||||
|
"description": "Module to get information from ThreatMiner.",
|
||||||
|
"logo": "logos/threatminer.png"
|
||||||
|
}
|
|
@ -0,0 +1,4 @@
|
||||||
|
{
|
||||||
|
"description": "Module to get information from virustotal.",
|
||||||
|
"logo": "logos/virustotal.png"
|
||||||
|
}
|
|
@ -0,0 +1,4 @@
|
||||||
|
{
|
||||||
|
"description": "Module to submit a sample to VMRay.",
|
||||||
|
"logo": "logos/vmray.png"
|
||||||
|
}
|
|
@ -0,0 +1,4 @@
|
||||||
|
{
|
||||||
|
"description": "Module to query VulnDB (RiskBasedSecurity.com).",
|
||||||
|
"logo": "logos/vulndb.png"
|
||||||
|
}
|
|
@ -0,0 +1,4 @@
|
||||||
|
{
|
||||||
|
"description": "Module to query a local instance of uwhois (https://github.com/rafiot/uwhoisd).",
|
||||||
|
"requirements": ["uwhois"]
|
||||||
|
}
|
|
@ -0,0 +1,4 @@
|
||||||
|
{
|
||||||
|
"description": "An expansion hover module to extract information from Wikidata to have additional information about particular term for analysis.",
|
||||||
|
"logo": "logos/wikidata.png"
|
||||||
|
}
|
|
@ -0,0 +1,4 @@
|
||||||
|
{
|
||||||
|
"description": "An expansion module for IBM X-Force Exchange.",
|
||||||
|
"logo": "logos/xforce.png"
|
||||||
|
}
|
|
@ -0,0 +1,4 @@
|
||||||
|
{
|
||||||
|
"description": "An expansion hover module to perform a syntax check on if yara rules are valid or not.",
|
||||||
|
"logo": "logos/yara.png"
|
||||||
|
}
|
Loading…
Reference in New Issue