added module documentation

pull/409/head
Jesse Hedden 2 years ago
parent 68b4fbba09
commit 859bd19e24
  1. 29
      doc/README.md
  2. 12
      doc/expansion/trustar_enrich.json

@ -1168,6 +1168,35 @@ Module to get information from ThreatMiner.
-----
#### [trustar_enrich](https://github.com/MISP/misp-modules/tree/master/misp_modules/modules/expansion/trustar_enrich.py)
<img src=logos/trustar.png height=60>
Module to get enrich indicators with TruSTAR.
- **features**:
>This module enriches MISP attributes with scoring and metadata from TruSTAR.
>
>The TruSTAR indicator summary is appended to the attributes along with links to any associated reports.
- **input**:
>Any of the following MISP attributes:
>- btc
>- domain
>- email-src
>- filename
>- hostname
>- ip-src
>- ip-dst
>- md5
>- sha1
>- sha256
>- url
- **output**:
>MISP attributes enriched with indicator summary data from the TruSTAR API. Data includes a severity level score and additional source and scoring info.
- **references**:
>https://docs.trustar.co/api/v13/indicators/get_indicator_summaries.html
-----
#### [urlhaus](https://github.com/MISP/misp-modules/tree/master/misp_modules/modules/expansion/urlhaus.py)
<img src=logos/urlhaus.png height=60>

@ -1,8 +1,8 @@
{
"description": "Module to get information from ThreatMiner.",
"logo": "logos/threatminer.png",
"input": "A MISP attribute included in the following list:\n- hostname\n- domain\n- ip-src\n- ip-dst\n- md5\n- sha1\n- sha256\n- sha512",
"output": "MISP attributes mapped from the result of the query on ThreatMiner, included in the following list:\n- domain\n- ip-src\n- ip-dst\n- text\n- md5\n- sha1\n- sha256\n- sha512\n- ssdeep\n- authentihash\n- filename\n- whois-registrant-email\n- url\n- link",
"references": ["https://www.threatminer.org/"],
"features": "This module takes a MISP attribute as input and queries ThreatMiner with it.\n\nThe result of this query is then parsed and some data is mapped into MISP attributes in order to enrich the input attribute."
"description": "Module to get enrich indicators with TruSTAR.",
"logo": "logos/trustar.png",
"input": "Any of the following MISP attributes:\n- btc\n- domain\n- email-src\n- filename\n- hostname\n- ip-src\n- ip-dst\n- md5\n- sha1\n- sha256\n- url",
"output": "MISP attributes enriched with indicator summary data from the TruSTAR API. Data includes a severity level score and additional source and scoring info.",
"references": ["https://docs.trustar.co/api/v13/indicators/get_indicator_summaries.html"],
"features": "This module enriches MISP attributes with scoring and metadata from TruSTAR.\n\nThe TruSTAR indicator summary is appended to the attributes along with links to any associated reports."
}

Loading…
Cancel
Save