mirror of https://github.com/MISP/misp-modules
Deployed 260a521
with MkDocs version: 1.0.4
parent
a699415bf5
commit
850cabf009
|
@ -799,6 +799,13 @@
|
||||||
vmray_submit
|
vmray_submit
|
||||||
</a>
|
</a>
|
||||||
|
|
||||||
|
</li>
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="#vmware_nsx" title="vmware_nsx" class="md-nav__link">
|
||||||
|
vmware_nsx
|
||||||
|
</a>
|
||||||
|
|
||||||
</li>
|
</li>
|
||||||
|
|
||||||
<li class="md-nav__item">
|
<li class="md-nav__item">
|
||||||
|
@ -1498,6 +1505,13 @@
|
||||||
vmray_submit
|
vmray_submit
|
||||||
</a>
|
</a>
|
||||||
|
|
||||||
|
</li>
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="#vmware_nsx" title="vmware_nsx" class="md-nav__link">
|
||||||
|
vmware_nsx
|
||||||
|
</a>
|
||||||
|
|
||||||
</li>
|
</li>
|
||||||
|
|
||||||
<li class="md-nav__item">
|
<li class="md-nav__item">
|
||||||
|
@ -2286,6 +2300,7 @@ jbxapi: Joe Sandbox API python3 library</p>
|
||||||
<hr />
|
<hr />
|
||||||
<h4 id="lastline_query"><a href="https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/lastline_query.py">lastline_query</a><a class="headerlink" href="#lastline_query" title="Permanent link">¶</a></h4>
|
<h4 id="lastline_query"><a href="https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/lastline_query.py">lastline_query</a><a class="headerlink" href="#lastline_query" title="Permanent link">¶</a></h4>
|
||||||
<p><img src=../logos/lastline.png height=60></p>
|
<p><img src=../logos/lastline.png height=60></p>
|
||||||
|
<p>Deprecation notice: this module will be deprecated by December 2021, please use vmware_nsx module.</p>
|
||||||
<p>Query Lastline with an analysis link and parse the report into MISP attributes and objects.
|
<p>Query Lastline with an analysis link and parse the report into MISP attributes and objects.
|
||||||
The analysis link can also be retrieved from the output of the <a href="https://github.com/MISP/misp-modules/tree/master/misp_modules/modules/expansion/lastline_submit.py">lastline_submit</a> expansion module.
|
The analysis link can also be retrieved from the output of the <a href="https://github.com/MISP/misp-modules/tree/master/misp_modules/modules/expansion/lastline_submit.py">lastline_submit</a> expansion module.
|
||||||
- <strong>features</strong>:</p>
|
- <strong>features</strong>:</p>
|
||||||
|
@ -2303,6 +2318,7 @@ MISP attributes and objects parsed from the analysis report.
|
||||||
<hr />
|
<hr />
|
||||||
<h4 id="lastline_submit"><a href="https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/lastline_submit.py">lastline_submit</a><a class="headerlink" href="#lastline_submit" title="Permanent link">¶</a></h4>
|
<h4 id="lastline_submit"><a href="https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/lastline_submit.py">lastline_submit</a><a class="headerlink" href="#lastline_submit" title="Permanent link">¶</a></h4>
|
||||||
<p><img src=../logos/lastline.png height=60></p>
|
<p><img src=../logos/lastline.png height=60></p>
|
||||||
|
<p>Deprecation notice: this module will be deprecated by December 2021, please use vmware_nsx module.</p>
|
||||||
<p>Module to submit a file or URL to Lastline.
|
<p>Module to submit a file or URL to Lastline.
|
||||||
- <strong>features</strong>:</p>
|
- <strong>features</strong>:</p>
|
||||||
<blockquote>
|
<blockquote>
|
||||||
|
@ -2992,6 +3008,23 @@ MISP attributes mapped from the result of the query on VMRay API, included in th
|
||||||
An access to the VMRay API (apikey & url)</p>
|
An access to the VMRay API (apikey & url)</p>
|
||||||
</blockquote>
|
</blockquote>
|
||||||
<hr />
|
<hr />
|
||||||
|
<h4 id="vmware_nsx"><a href="https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/vmware_nsx.py">vmware_nsx</a><a class="headerlink" href="#vmware_nsx" title="Permanent link">¶</a></h4>
|
||||||
|
<p><img src=../logos/vmware_nsx.png height=60></p>
|
||||||
|
<p>Module to enrich a file or URL with VMware NSX Defender.
|
||||||
|
- <strong>features</strong>:</p>
|
||||||
|
<blockquote>
|
||||||
|
<p>This module takes an IoC such as file hash, file attachment, malware-sample or url as input to query VMware NSX Defender.</p>
|
||||||
|
<p>The IoC is then enriched with data from VMware NSX Defender.
|
||||||
|
- <strong>input</strong>:
|
||||||
|
File hash, attachment or URL to be enriched with VMware NSX Defender.
|
||||||
|
- <strong>output</strong>:
|
||||||
|
Objects and tags generated by VMware NSX Defender.
|
||||||
|
- <strong>references</strong>:
|
||||||
|
<a href="https://www.vmware.com">https://www.vmware.com</a>
|
||||||
|
- <strong>requirements</strong>:
|
||||||
|
The module requires a VMware NSX Defender Analysis <code>api_token</code> and <code>key</code>.</p>
|
||||||
|
</blockquote>
|
||||||
|
<hr />
|
||||||
<h4 id="vulndb"><a href="https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/vulndb.py">vulndb</a><a class="headerlink" href="#vulndb" title="Permanent link">¶</a></h4>
|
<h4 id="vulndb"><a href="https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/vulndb.py">vulndb</a><a class="headerlink" href="#vulndb" title="Permanent link">¶</a></h4>
|
||||||
<p><img src=../logos/vulndb.png height=60></p>
|
<p><img src=../logos/vulndb.png height=60></p>
|
||||||
<p>Module to query VulnDB (RiskBasedSecurity.com).
|
<p>Module to query VulnDB (RiskBasedSecurity.com).
|
||||||
|
|
Binary file not shown.
After Width: | Height: | Size: 52 KiB |
Binary file not shown.
After Width: | Height: | Size: 52 KiB |
|
@ -91,7 +91,7 @@
|
||||||
<input class="md-toggle" data-md-toggle="search" type="checkbox" id="__search" autocomplete="off">
|
<input class="md-toggle" data-md-toggle="search" type="checkbox" id="__search" autocomplete="off">
|
||||||
<label class="md-overlay" data-md-component="overlay" for="__drawer"></label>
|
<label class="md-overlay" data-md-component="overlay" for="__drawer"></label>
|
||||||
|
|
||||||
<a href="#csvimport" tabindex="1" class="md-skip">
|
<a href="#cof2misp" tabindex="1" class="md-skip">
|
||||||
Skip to content
|
Skip to content
|
||||||
</a>
|
</a>
|
||||||
|
|
||||||
|
@ -307,6 +307,13 @@
|
||||||
<label class="md-nav__title" for="__toc">Table of contents</label>
|
<label class="md-nav__title" for="__toc">Table of contents</label>
|
||||||
<ul class="md-nav__list" data-md-scrollfix>
|
<ul class="md-nav__list" data-md-scrollfix>
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="#cof2misp" title="cof2misp" class="md-nav__link">
|
||||||
|
cof2misp
|
||||||
|
</a>
|
||||||
|
|
||||||
|
</li>
|
||||||
|
|
||||||
<li class="md-nav__item">
|
<li class="md-nav__item">
|
||||||
<a href="#csvimport" title="csvimport" class="md-nav__link">
|
<a href="#csvimport" title="csvimport" class="md-nav__link">
|
||||||
csvimport
|
csvimport
|
||||||
|
@ -478,6 +485,13 @@
|
||||||
<label class="md-nav__title" for="__toc">Table of contents</label>
|
<label class="md-nav__title" for="__toc">Table of contents</label>
|
||||||
<ul class="md-nav__list" data-md-scrollfix>
|
<ul class="md-nav__list" data-md-scrollfix>
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="#cof2misp" title="cof2misp" class="md-nav__link">
|
||||||
|
cof2misp
|
||||||
|
</a>
|
||||||
|
|
||||||
|
</li>
|
||||||
|
|
||||||
<li class="md-nav__item">
|
<li class="md-nav__item">
|
||||||
<a href="#csvimport" title="csvimport" class="md-nav__link">
|
<a href="#csvimport" title="csvimport" class="md-nav__link">
|
||||||
csvimport
|
csvimport
|
||||||
|
@ -574,6 +588,21 @@
|
||||||
|
|
||||||
<h1>Import Modules</h1>
|
<h1>Import Modules</h1>
|
||||||
|
|
||||||
|
<h4 id="cof2misp"><a href="https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/import_mod/cof2misp.py">cof2misp</a><a class="headerlink" href="#cof2misp" title="Permanent link">¶</a></h4>
|
||||||
|
<p>Passive DNS Common Output Format (COF) MISP importer
|
||||||
|
- <strong>features</strong>:</p>
|
||||||
|
<blockquote>
|
||||||
|
<p>Takes as input a valid COF file or the output of the dnsdbflex utility and creates MISP objects for the input.
|
||||||
|
- <strong>input</strong>:
|
||||||
|
Passive DNS output in Common Output Format (COF)
|
||||||
|
- <strong>output</strong>:
|
||||||
|
MISP objects
|
||||||
|
- <strong>references</strong>:
|
||||||
|
<a href="https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-08.html">https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-08.html</a>
|
||||||
|
- <strong>requirements</strong>:
|
||||||
|
PyMISP</p>
|
||||||
|
</blockquote>
|
||||||
|
<hr />
|
||||||
<h4 id="csvimport"><a href="https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/import_mod/csvimport.py">csvimport</a><a class="headerlink" href="#csvimport" title="Permanent link">¶</a></h4>
|
<h4 id="csvimport"><a href="https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/import_mod/csvimport.py">csvimport</a><a class="headerlink" href="#csvimport" title="Permanent link">¶</a></h4>
|
||||||
<p>Module to import MISP attributes from a csv file.
|
<p>Module to import MISP attributes from a csv file.
|
||||||
- <strong>features</strong>:</p>
|
- <strong>features</strong>:</p>
|
||||||
|
@ -653,6 +682,7 @@ MISP attributes & objects parsed from the analysis report.
|
||||||
<hr />
|
<hr />
|
||||||
<h4 id="lastline_import"><a href="https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/import_mod/lastline_import.py">lastline_import</a><a class="headerlink" href="#lastline_import" title="Permanent link">¶</a></h4>
|
<h4 id="lastline_import"><a href="https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/import_mod/lastline_import.py">lastline_import</a><a class="headerlink" href="#lastline_import" title="Permanent link">¶</a></h4>
|
||||||
<p><img src=../logos/lastline.png height=60></p>
|
<p><img src=../logos/lastline.png height=60></p>
|
||||||
|
<p>Deprecation notice: this module will be deprecated by December 2021, please use vmware_nsx module.</p>
|
||||||
<p>Module to import and parse reports from Lastline analysis links.
|
<p>Module to import and parse reports from Lastline analysis links.
|
||||||
- <strong>features</strong>:</p>
|
- <strong>features</strong>:</p>
|
||||||
<blockquote>
|
<blockquote>
|
||||||
|
|
Binary file not shown.
After Width: | Height: | Size: 52 KiB |
Binary file not shown.
After Width: | Height: | Size: 52 KiB |
File diff suppressed because one or more lines are too long
14
sitemap.xml
14
sitemap.xml
|
@ -2,37 +2,37 @@
|
||||||
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
|
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
|
||||||
<url>
|
<url>
|
||||||
<loc>https://www.misp-project.org/</loc>
|
<loc>https://www.misp-project.org/</loc>
|
||||||
<lastmod>2021-04-22</lastmod>
|
<lastmod>2021-07-29</lastmod>
|
||||||
<changefreq>daily</changefreq>
|
<changefreq>daily</changefreq>
|
||||||
</url>
|
</url>
|
||||||
<url>
|
<url>
|
||||||
<loc>https://www.misp-project.org/expansion/</loc>
|
<loc>https://www.misp-project.org/expansion/</loc>
|
||||||
<lastmod>2021-04-22</lastmod>
|
<lastmod>2021-07-29</lastmod>
|
||||||
<changefreq>daily</changefreq>
|
<changefreq>daily</changefreq>
|
||||||
</url>
|
</url>
|
||||||
<url>
|
<url>
|
||||||
<loc>https://www.misp-project.org/export_mod/</loc>
|
<loc>https://www.misp-project.org/export_mod/</loc>
|
||||||
<lastmod>2021-04-22</lastmod>
|
<lastmod>2021-07-29</lastmod>
|
||||||
<changefreq>daily</changefreq>
|
<changefreq>daily</changefreq>
|
||||||
</url>
|
</url>
|
||||||
<url>
|
<url>
|
||||||
<loc>https://www.misp-project.org/import_mod/</loc>
|
<loc>https://www.misp-project.org/import_mod/</loc>
|
||||||
<lastmod>2021-04-22</lastmod>
|
<lastmod>2021-07-29</lastmod>
|
||||||
<changefreq>daily</changefreq>
|
<changefreq>daily</changefreq>
|
||||||
</url>
|
</url>
|
||||||
<url>
|
<url>
|
||||||
<loc>https://www.misp-project.org/install/</loc>
|
<loc>https://www.misp-project.org/install/</loc>
|
||||||
<lastmod>2021-04-22</lastmod>
|
<lastmod>2021-07-29</lastmod>
|
||||||
<changefreq>daily</changefreq>
|
<changefreq>daily</changefreq>
|
||||||
</url>
|
</url>
|
||||||
<url>
|
<url>
|
||||||
<loc>https://www.misp-project.org/contribute/</loc>
|
<loc>https://www.misp-project.org/contribute/</loc>
|
||||||
<lastmod>2021-04-22</lastmod>
|
<lastmod>2021-07-29</lastmod>
|
||||||
<changefreq>daily</changefreq>
|
<changefreq>daily</changefreq>
|
||||||
</url>
|
</url>
|
||||||
<url>
|
<url>
|
||||||
<loc>https://www.misp-project.org/license/</loc>
|
<loc>https://www.misp-project.org/license/</loc>
|
||||||
<lastmod>2021-04-22</lastmod>
|
<lastmod>2021-07-29</lastmod>
|
||||||
<changefreq>daily</changefreq>
|
<changefreq>daily</changefreq>
|
||||||
</url>
|
</url>
|
||||||
</urlset>
|
</urlset>
|
BIN
sitemap.xml.gz
BIN
sitemap.xml.gz
Binary file not shown.
Loading…
Reference in New Issue