Deployed 260a521 with MkDocs version: 1.0.4

expansion/index.html

@@ -799,6 +799,13 @@
     vmray_submit
   </a>
   
+</li>
+      
+        <li class="md-nav__item">
+  <a href="#vmware_nsx" title="vmware_nsx" class="md-nav__link">
+    vmware_nsx
+  </a>
+  
 </li>
       
         <li class="md-nav__item">
@@ -1498,6 +1505,13 @@
     vmray_submit
   </a>
   
+</li>
+      
+        <li class="md-nav__item">
+  <a href="#vmware_nsx" title="vmware_nsx" class="md-nav__link">
+    vmware_nsx
+  </a>
+  
 </li>
       
         <li class="md-nav__item">
@@ -2286,6 +2300,7 @@ jbxapi: Joe Sandbox API python3 library</p>
 <hr />
 <h4 id="lastline_query"><a href="https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/lastline_query.py">lastline_query</a><a class="headerlink" href="#lastline_query" title="Permanent link">&para;</a></h4>
 <p><img src=../logos/lastline.png height=60></p>
+<p>Deprecation notice: this module will be deprecated by December 2021, please use vmware_nsx module.</p>
 <p>Query Lastline with an analysis link and parse the report into MISP attributes and objects.
 The analysis link can also be retrieved from the output of the <a href="https://github.com/MISP/misp-modules/tree/master/misp_modules/modules/expansion/lastline_submit.py">lastline_submit</a> expansion module.
 - <strong>features</strong>:</p>
@@ -2303,6 +2318,7 @@ MISP attributes and objects parsed from the analysis report.
 <hr />
 <h4 id="lastline_submit"><a href="https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/lastline_submit.py">lastline_submit</a><a class="headerlink" href="#lastline_submit" title="Permanent link">&para;</a></h4>
 <p><img src=../logos/lastline.png height=60></p>
+<p>Deprecation notice: this module will be deprecated by December 2021, please use vmware_nsx module.</p>
 <p>Module to submit a file or URL to Lastline.
 - <strong>features</strong>:</p>
 <blockquote>
@@ -2992,6 +3008,23 @@ MISP attributes mapped from the result of the query on VMRay API, included in th
 An access to the VMRay API (apikey &amp; url)</p>
 </blockquote>
 <hr />
+<h4 id="vmware_nsx"><a href="https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/vmware_nsx.py">vmware_nsx</a><a class="headerlink" href="#vmware_nsx" title="Permanent link">&para;</a></h4>
+<p><img src=../logos/vmware_nsx.png height=60></p>
+<p>Module to enrich a file or URL with VMware NSX Defender.
+- <strong>features</strong>:</p>
+<blockquote>
+<p>This module takes an IoC such as file hash, file attachment, malware-sample or url as input to query VMware NSX Defender.</p>
+<p>The IoC is then enriched with data from VMware NSX Defender.
+- <strong>input</strong>:
+File hash, attachment or URL to be enriched with VMware NSX Defender.
+- <strong>output</strong>:
+Objects and tags generated by VMware NSX Defender.
+- <strong>references</strong>:
+<a href="https://www.vmware.com">https://www.vmware.com</a>
+- <strong>requirements</strong>:
+The module requires a VMware NSX Defender Analysis <code>api_token</code> and <code>key</code>.</p>
+</blockquote>
+<hr />
 <h4 id="vulndb"><a href="https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/vulndb.py">vulndb</a><a class="headerlink" href="#vulndb" title="Permanent link">&para;</a></h4>
 <p><img src=../logos/vulndb.png height=60></p>
 <p>Module to query VulnDB (RiskBasedSecurity.com).

import_mod/index.html

@@ -91,7 +91,7 @@
     <input class="md-toggle" data-md-toggle="search" type="checkbox" id="__search" autocomplete="off">
     <label class="md-overlay" data-md-component="overlay" for="__drawer"></label>
     
-      <a href="#csvimport" tabindex="1" class="md-skip">
+      <a href="#cof2misp" tabindex="1" class="md-skip">
         Skip to content
       </a>
     
@@ -307,6 +307,13 @@
     <label class="md-nav__title" for="__toc">Table of contents</label>
     <ul class="md-nav__list" data-md-scrollfix>
       
+        <li class="md-nav__item">
+  <a href="#cof2misp" title="cof2misp" class="md-nav__link">
+    cof2misp
+  </a>
+  
+</li>
+      
         <li class="md-nav__item">
   <a href="#csvimport" title="csvimport" class="md-nav__link">
     csvimport
@@ -478,6 +485,13 @@
     <label class="md-nav__title" for="__toc">Table of contents</label>
     <ul class="md-nav__list" data-md-scrollfix>
       
+        <li class="md-nav__item">
+  <a href="#cof2misp" title="cof2misp" class="md-nav__link">
+    cof2misp
+  </a>
+  
+</li>
+      
         <li class="md-nav__item">
   <a href="#csvimport" title="csvimport" class="md-nav__link">
     csvimport
@@ -574,7 +588,22 @@
                 
                   <h1>Import Modules</h1>
                 
-                <h4 id="csvimport"><a href="https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/import_mod/csvimport.py">csvimport</a><a class="headerlink" href="#csvimport" title="Permanent link">&para;</a></h4>
+                <h4 id="cof2misp"><a href="https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/import_mod/cof2misp.py">cof2misp</a><a class="headerlink" href="#cof2misp" title="Permanent link">&para;</a></h4>
+<p>Passive DNS Common Output Format (COF) MISP importer
+- <strong>features</strong>:</p>
+<blockquote>
+<p>Takes as input a valid COF file or the output of the dnsdbflex utility and creates MISP objects for the input.
+- <strong>input</strong>:
+Passive DNS output in Common Output Format (COF)
+- <strong>output</strong>:
+MISP objects
+- <strong>references</strong>:
+<a href="https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-08.html">https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-08.html</a>
+- <strong>requirements</strong>:
+PyMISP</p>
+</blockquote>
+<hr />
+<h4 id="csvimport"><a href="https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/import_mod/csvimport.py">csvimport</a><a class="headerlink" href="#csvimport" title="Permanent link">&para;</a></h4>
 <p>Module to import MISP attributes from a csv file.
 - <strong>features</strong>:</p>
 <blockquote>
@@ -653,6 +682,7 @@ MISP attributes &amp; objects parsed from the analysis report.
 <hr />
 <h4 id="lastline_import"><a href="https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/import_mod/lastline_import.py">lastline_import</a><a class="headerlink" href="#lastline_import" title="Permanent link">&para;</a></h4>
 <p><img src=../logos/lastline.png height=60></p>
+<p>Deprecation notice: this module will be deprecated by December 2021, please use vmware_nsx module.</p>
 <p>Module to import and parse reports from Lastline analysis links.
 - <strong>features</strong>:</p>
 <blockquote>

sitemap.xml

@@ -2,37 +2,37 @@
 <urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
     <url>
      <loc>https://www.misp-project.org/</loc>
-     <lastmod>2021-04-22</lastmod>
+     <lastmod>2021-07-29</lastmod>
      <changefreq>daily</changefreq>
     </url>
     <url>
      <loc>https://www.misp-project.org/expansion/</loc>
-     <lastmod>2021-04-22</lastmod>
+     <lastmod>2021-07-29</lastmod>
      <changefreq>daily</changefreq>
     </url>
     <url>
      <loc>https://www.misp-project.org/export_mod/</loc>
-     <lastmod>2021-04-22</lastmod>
+     <lastmod>2021-07-29</lastmod>
      <changefreq>daily</changefreq>
     </url>
     <url>
      <loc>https://www.misp-project.org/import_mod/</loc>
-     <lastmod>2021-04-22</lastmod>
+     <lastmod>2021-07-29</lastmod>
      <changefreq>daily</changefreq>
     </url>
     <url>
      <loc>https://www.misp-project.org/install/</loc>
-     <lastmod>2021-04-22</lastmod>
+     <lastmod>2021-07-29</lastmod>
      <changefreq>daily</changefreq>
     </url>
     <url>
      <loc>https://www.misp-project.org/contribute/</loc>
-     <lastmod>2021-04-22</lastmod>
+     <lastmod>2021-07-29</lastmod>
      <changefreq>daily</changefreq>
     </url>
     <url>
      <loc>https://www.misp-project.org/license/</loc>
-     <lastmod>2021-04-22</lastmod>
+     <lastmod>2021-07-29</lastmod>
      <changefreq>daily</changefreq>
     </url>
 </urlset>