MISP
/
misp-modules
mirror of https://github.com/MISP/misp-modules
2
0
Fork 0
Code Issues Releases Wiki Activity

add: Updated documentation with the latest modules info

pull/603/head
chrisr3d 2019-10-31 14:16:20 +01:00
parent 189b4697ec
commit 86023fb67d
No known key found for this signature in database
GPG Key ID: 6BBED1B63A6D639F
4 changed files with 53 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
doc/README.md
View File

@ -2,6 +2,26 @@
## Expansion Modules ## Expansion Modules
#### [apiosintds](https://github.com/MISP/misp-modules/tree/master/misp_modules/modules/expansion/apiosintds.py)
On demand query API for OSINT.digitalside.it project.
- **features**:
>The module simply queries the API of OSINT.digitalside.it with a domain, ip, url or hash attribute.
>
>The result of the query is then parsed to extract additional hashes or urls. A module parameters also allows to parse the hashes related to the urls.
>
>Furthermore, it is possible to cache the urls and hashes collected over the last 7 days by OSINT.digitalside.it
- **input**:
>A domain, ip, url or hash attribute.
- **output**:
>Hashes and urls resulting from the query to OSINT.digitalside.it
- **references**:
>https://osint.digitalside.it/#About
- **requirements**:
>The apiosintDS python library to query the OSINT.digitalside.it API.
-----
#### [backscatter_io](https://github.com/MISP/misp-modules/tree/master/misp_modules/modules/expansion/backscatter_io.py) #### [backscatter_io](https://github.com/MISP/misp-modules/tree/master/misp_modules/modules/expansion/backscatter_io.py)
<img src=logos/backscatter_io.png height=60> <img src=logos/backscatter_io.png height=60>
@ -306,6 +326,22 @@ DomainTools MISP expansion module.
----- -----
#### [eql](https://github.com/MISP/misp-modules/tree/master/misp_modules/modules/expansion/eql.py)
<img src=logos/eql.png height=60>
Generates EQL queries from attributes
- **features**:
>The module simply generates EQL rules out of the input attribute.
- **input**:
>A filename or ip attribute.
- **output**:
>The EQL query generated from the input attribute.
- **references**:
>https://eql.readthedocs.io/en/latest/
-----
#### [eupi](https://github.com/MISP/misp-modules/tree/master/misp_modules/modules/expansion/eupi.py) #### [eupi](https://github.com/MISP/misp-modules/tree/master/misp_modules/modules/expansion/eupi.py)
<img src=logos/eupi.png height=60> <img src=logos/eupi.png height=60>

8
doc/expansion/apiosintds.json Normal file
View File

@ -0,0 +1,8 @@
{
"description": "On demand query API for OSINT.digitalside.it project.",
"requirements": ["The apiosintDS python library to query the OSINT.digitalside.it API."],
"input": "A domain, ip, url or hash attribute.",
"output": "Hashes and urls resulting from the query to OSINT.digitalside.it",
"references": ["https://osint.digitalside.it/#About"],
"features": "The module simply queries the API of OSINT.digitalside.it with a domain, ip, url or hash attribute.\n\nThe result of the query is then parsed to extract additional hashes or urls. A module parameters also allows to parse the hashes related to the urls.\n\nFurthermore, it is possible to cache the urls and hashes collected over the last 7 days by OSINT.digitalside.it"
}

9
doc/expansion/eql.json Normal file
View File

@ -0,0 +1,9 @@
{
"description": "Generates EQL queries from attributes",
"logo": "logos/eql.png",
"requirements": [],
"input": "A filename or ip attribute.",
"output": "The EQL query generated from the input attribute.",
"references": ["https://eql.readthedocs.io/en/latest/"],
"features": "The module simply generates EQL rules out of the input attribute."
}

BIN
doc/logos/eql.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 61 KiB