add: Added documentation for expansion modules

pull/233/head
chrisr3d 2018-09-13 18:18:05 +02:00
parent 782ef9f2e3
commit 6acf9573e4
No known key found for this signature in database
GPG Key ID: 6BBED1B63A6D639F
32 changed files with 119 additions and 0 deletions

View File

@ -0,0 +1,4 @@
{
"description": "Query an ASN description history service (https://github.com/CIRCL/ASN-Description-History.git).",
"requirements": ["asnhistory"]
}

View File

@ -0,0 +1,4 @@
{
"description": "Module to access CIRCL Passive DNS.",
"logo": "logos/passivedns.png"
}

View File

@ -0,0 +1,4 @@
{
"description": "Modules to access CIRCL Passive SSL.",
"logo": "logos/passivessl.png"
}

View File

@ -0,0 +1,3 @@
{
"description": "Module to expand country codes."
}

View File

@ -0,0 +1,4 @@
{
"description": "Module to query Crowdstrike Falcon.",
"logo": "logos/crowdstrike.png"
}

3
doc/expansion/cve.json Normal file
View File

@ -0,0 +1,3 @@
{
"description": "An expansion hover module to expand information about CVE id."
}

View File

@ -0,0 +1,4 @@
{
"description": "Module to check Spamhaus DBL for a domain name.",
"logo": "logos/spamhaus.jpg"
}

3
doc/expansion/dns.json Normal file
View File

@ -0,0 +1,3 @@
{
"description": "A simple DNS expansion service to resolve IP address from MISP attributes."
}

View File

@ -0,0 +1,4 @@
{
"description": "DomainTools MISP expansion module.",
"logo": "logos/domaintools.png"
}

4
doc/expansion/eupi.json Normal file
View File

@ -0,0 +1,4 @@
{
"description": "A module to query the Phishing Initiative service (https://phishing-initiative.lu).",
"logo": "logos/eupi.png"
}

View File

@ -0,0 +1,4 @@
{
"description": "Module to access Farsight DNSDB Passive DNS.",
"logo": "logos/farsight.png"
}

View File

@ -0,0 +1,3 @@
{
"description": "Module to query a local copy of Maxminds Geolite database."
}

View File

@ -0,0 +1,3 @@
{
"description": "Module to access intelmqs eventdb."
}

3
doc/expansion/ipasn.json Normal file
View File

@ -0,0 +1,3 @@
{
"description": "Module to query an IP ASN history service (https://github.com/CIRCL/IP-ASN-history.git)."
}

3
doc/expansion/iprep.json Normal file
View File

@ -0,0 +1,3 @@
{
"description": "Module to query IPRep data for IP addresses."
}

View File

@ -0,0 +1,4 @@
{
"description": "Module to process a query on Onyphe.",
"logo": "logos/onyphe.jpg"
}

View File

@ -0,0 +1,4 @@
{
"description": "Module to process a full query on Onyphe.",
"logo": "logos/onyphe.jpg"
}

4
doc/expansion/otx.json Normal file
View File

@ -0,0 +1,4 @@
{
"description": "Module to get information from AlienVault OTX.",
"logo": "logos/otx.png"
}

View File

@ -0,0 +1,4 @@
{
"description": "The PassiveTotal MISP expansion module brings the datasets derived from Internet scanning directly into your MISP instance. This module supports passive DNS, historic SSL, WHOIS, and host attributes. In order to use the module, you must have a valid PassiveTotal account username and API key. Registration is free and can be done by visiting https://www.passivetotal.org/register",
"logo": "logos/passivetotal.png"
}

4
doc/expansion/rbl.json Normal file
View File

@ -0,0 +1,4 @@
{
"description": "Module to check an IPv4 address against known RBLs.",
"requirements": ["dnspython3"]
}

View File

@ -0,0 +1,3 @@
{
"description": "Simple Reverse DNS expansion service to resolve reverse DNS from MISP attributes."
}

View File

@ -0,0 +1,4 @@
{
"description": "Module to query on Shodan.",
"logo": "logos/shodan.png"
}

View File

@ -0,0 +1,3 @@
{
"description": "Module to cache web pages of analysis reports, OSINT sources. The module returns a link of the cached page."
}

View File

@ -0,0 +1,4 @@
{
"description": "Module to get information from ThreatCrowd.",
"logo": "logos/threatcrowd.png"
}

View File

@ -0,0 +1,4 @@
{
"description": "Module to get information from ThreatMiner.",
"logo": "logos/threatminer.png"
}

View File

@ -0,0 +1,4 @@
{
"description": "Module to get information from virustotal.",
"logo": "logos/virustotal.png"
}

View File

@ -0,0 +1,4 @@
{
"description": "Module to submit a sample to VMRay.",
"logo": "logos/vmray.png"
}

View File

@ -0,0 +1,4 @@
{
"description": "Module to query VulnDB (RiskBasedSecurity.com).",
"logo": "logos/vulndb.png"
}

4
doc/expansion/whois.json Normal file
View File

@ -0,0 +1,4 @@
{
"description": "Module to query a local instance of uwhois (https://github.com/rafiot/uwhoisd).",
"requirements": ["uwhois"]
}

4
doc/expansion/wiki.json Normal file
View File

@ -0,0 +1,4 @@
{
"description": "An expansion hover module to extract information from Wikidata to have additional information about particular term for analysis.",
"logo": "logos/wikidata.png"
}

View File

@ -0,0 +1,4 @@
{
"description": "An expansion module for IBM X-Force Exchange.",
"logo": "logos/xforce.png"
}

View File

@ -0,0 +1,4 @@
{
"description": "An expansion hover module to perform a syntax check on if yara rules are valid or not.",
"logo": "logos/yara.png"
}