MISP
/
misp-modules
mirror of https://github.com/MISP/misp-modules
2
0
Fork 0
Code Issues Releases Wiki Activity

update greynoise.json

pull/515/head
Brad Chiappetta 2021-08-09 16:46:33 -04:00
parent e57393a71d
commit 859d7d2a82
1 changed files with 7 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
documentation/website/expansion/greynoise.json
View File

@ -1,14 +1,15 @@
{ {
"description": "Module to access GreyNoise.io API", "description": "Module to query IP and CVE information from GreyNoise",
"logo": "greynoise.png", "logo": "greynoise.png",
"requirements": [ "requirements": [
"A Greynoise API key." "A Greynoise API key. Both Enterprise (Paid) and Community (Free) API keys are supported, however Community API users will only be able to perform IP lookups."
], ],
"input": "An IP address.", "input": "An IP address or CVE ID",
"output": "Additional information about the IP fetched from Greynoise API.", "output": "IP Lookup information or CVE scanning profile for past 7 days",
"references": [ "references": [
"https://greynoise.io/", "https://greynoise.io/",
"https://github.com/GreyNoise-Intelligence/api.greynoise.io" "https://docs.greyniose.io/",
"https://www.greynoise.io/viz/account/"
], ],
"features": "The module takes an IP address as input and queries Greynoise for some additional information about it: basically it checks whether a given IP address is \u201cInternet background noise\u201d, or has been observed scanning or attacking devices across the Internet. The result is returned as text." "features": "This module supports: 1) Query an IP from GreyNoise to see if it is internet background noise or a common business service 2) Query a CVE from GreyNoise to see the total number of internet scanners looking for the CVE in the last 7 days."
} }