mirror of https://github.com/MISP/misp-modules
Deployed 4711dcb with MkDocs version: 1.6.0
parent
9b6fa9e9d2
commit
6dd34a3e8f
|
|
@ -1114,15 +1114,6 @@
|
|||
</span>
|
||||
</a>
|
||||
|
||||
</li>
|
||||
|
||||
<li class="md-nav__item">
|
||||
<a href="#vysion" class="md-nav__link">
|
||||
<span class="md-ellipsis">
|
||||
vysion
|
||||
</span>
|
||||
</a>
|
||||
|
||||
</li>
|
||||
|
||||
<li class="md-nav__item">
|
||||
|
|
@ -2208,15 +2199,6 @@
|
|||
</span>
|
||||
</a>
|
||||
|
||||
</li>
|
||||
|
||||
<li class="md-nav__item">
|
||||
<a href="#vysion" class="md-nav__link">
|
||||
<span class="md-ellipsis">
|
||||
vysion
|
||||
</span>
|
||||
</a>
|
||||
|
||||
</li>
|
||||
|
||||
<li class="md-nav__item">
|
||||
|
|
@ -3959,7 +3941,7 @@ A domain, hash (md5, sha1, sha256 or sha512), hostname or IP address attribute.
|
|||
MISP attributes and objects resulting from the parsing of the VirusTotal report concerning the input attribute.
|
||||
- <strong>references</strong>:
|
||||
- <a href="https://www.virustotal.com/">https://www.virustotal.com/</a>
|
||||
- <a href="https://developers.virustotal.com/reference">https://developers.virustotal.com/reference</a>
|
||||
- <a href="https://docs.virustotal.com/reference/overview">https://docs.virustotal.com/reference/overview</a>
|
||||
- <strong>requirements</strong>:
|
||||
An access to the VirusTotal API (apikey), with a high request rate limit.</p>
|
||||
</blockquote>
|
||||
|
|
@ -3979,7 +3961,7 @@ A domain, hostname, ip, url or hash (md5, sha1, sha256 or sha512) attribute.
|
|||
MISP attributes and objects resulting from the parsing of the VirusTotal report concerning the input attribute.
|
||||
- <strong>references</strong>:
|
||||
- <a href="https://www.virustotal.com">https://www.virustotal.com</a>
|
||||
- <a href="https://developers.virustotal.com/reference">https://developers.virustotal.com/reference</a>
|
||||
- <a href="https://docs.virustotal.com/reference/overview">https://docs.virustotal.com/reference/overview</a>
|
||||
- <strong>requirements</strong>:
|
||||
An access to the VirusTotal API (apikey)</p>
|
||||
</blockquote>
|
||||
|
|
@ -4058,25 +4040,6 @@ Text giving additional information about the CVE in input.
|
|||
- An access to the Vulners API</p>
|
||||
</blockquote>
|
||||
<hr />
|
||||
<h4 id="vysion"><a href="https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/vysion.py">vysion</a><a class="headerlink" href="#vysion" title="Permanent link">¶</a></h4>
|
||||
<p><img src=../logos/vysion.png height=60></p>
|
||||
<p>Module to enrich the information by making use of the Vysion API.
|
||||
- <strong>features</strong>:</p>
|
||||
<blockquote>
|
||||
<p>This module gets correlated information from our dark web intelligence database. With this you will get several objects containing information related to, for example, an organization victim of a ransomware attack.
|
||||
- <strong>input</strong>:
|
||||
MISP Attribute which include: company(target-org), country, info.
|
||||
- <strong>output</strong>:
|
||||
MISP objects containing title, link to our webapp and TOR, i2p or clearnet URLs.
|
||||
- <strong>references</strong>:
|
||||
- <a href="https://vysion.ai/">https://vysion.ai/</a>
|
||||
- <a href="https://developers.vysion.ai/">https://developers.vysion.ai/</a>
|
||||
- <a href="https://github.com/ByronLabs/vysion-cti/tree/main">https://github.com/ByronLabs/vysion-cti/tree/main</a>
|
||||
- <strong>requirements</strong>:
|
||||
- Vysion python library
|
||||
- Vysion API Key</p>
|
||||
</blockquote>
|
||||
<hr />
|
||||
<h4 id="whois"><a href="https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/whois.py">whois</a><a class="headerlink" href="#whois" title="Permanent link">¶</a></h4>
|
||||
<p>Module to query a local instance of uwhois (<a href="https://github.com/rafiot/uwhoisd">https://github.com/rafiot/uwhoisd</a>).
|
||||
- <strong>features</strong>:</p>
|
||||
|
|
|
|||
|
|
@ -645,7 +645,6 @@ without modifying core components. The API is available via a simple REST API wh
|
|||
<li><a href="misp_modules/modules/expansion/eql.py">EQL</a> - an expansion module to generate event query language (EQL) from an attribute. <a href="https://eql.readthedocs.io/en/latest/">Event Query Language</a></li>
|
||||
<li><a href="https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/farsight_passivedns.py">Farsight DNSDB Passive DNS</a> - a hover and expansion module to expand hostname and IP addresses with passive DNS information.</li>
|
||||
<li><a href="https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/geoip_country.py">GeoIP</a> - a hover and expansion module to get GeoIP information from geolite/maxmind.</li>
|
||||
<li>[Google Threat Intelligence] (<a href="https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/google_threat_intelligence.py">https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/google_threat_intelligence.py</a>) - An expansion module to have the observable's threat score assessed by Google Threat Intelligence.</li>
|
||||
<li><a href="https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/greynoise.py">Greynoise</a> - a hover to get information from greynoise.</li>
|
||||
<li><a href="https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/hashdd.py">hashdd</a> - a hover module to check file hashes against <a href="http://www.hashdd.com">hashdd.com</a> including NSLR dataset.</li>
|
||||
<li><a href="https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/hibp.py">hibp</a> - a hover module to lookup against Have I Been Pwned?</li>
|
||||
|
|
|
|||
Loading…
Reference in New Issue