MISP
/
misp-modules
mirror of https://github.com/MISP/misp-modules
2
0
Fork 0
Code Issues Releases Wiki Activity

chg: Updated documentation following the latest changes on the passive ssl module

Browse Source
pull/360/head
chrisr3d 3 years ago
parent 6849daebfa
commit 9da6a3744c
No known key found for this signature in database
GPG Key ID: 6BBED1B63A6D639F
2 changed files with 4 additions and 4 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      README.md
  2. 6
      doc/expansion/circl_passivessl.json

2
README.md
Unescape View File

@ -26,7 +26,7 @@ For more information: [Extending MISP with Python modules](https://www.misp-proj
* [BTC scam check](misp_modules/modules/expansion/btc_scam_check.py) - An expansion hover module to instantly check if a BTC address has been abused.
* [BTC transactions](misp_modules/modules/expansion/btc_steroids.py) - An expansion hover module to get a blockchain balance and the transactions from a BTC address in MISP.
* [CIRCL Passive DNS](misp_modules/modules/expansion/circl_passivedns.py) - a hover and expansion module to expand hostname and IP addresses with passive DNS information.
* [CIRCL Passive SSL](misp_modules/modules/expansion/circl_passivessl.py) - a hover and expansion module to expand IP addresses with the X.509 certificate seen.
* [CIRCL Passive SSL](misp_modules/modules/expansion/circl_passivessl.py) - a hover and expansion module to expand IP addresses with the X.509 certificate(s) seen.
* [countrycode](misp_modules/modules/expansion/countrycode.py) - a hover module to tell you what country a URL belongs to.
* [CrowdStrike Falcon](misp_modules/modules/expansion/crowdstrike_falcon.py) - an expansion module to expand using CrowdStrike Falcon Intel Indicator API.
* [CVE](misp_modules/modules/expansion/cve.py) - a hover module to give more information about a vulnerability (CVE).

6
doc/expansion/circl_passivessl.json
Unescape View File

@ -2,8 +2,8 @@
"description": "Modules to access CIRCL Passive SSL.",
"logo": "logos/passivessl.png",
"requirements": ["pypssl: Passive SSL python library", "A CIRCL passive SSL account with username & password"],
"input": "Ip-address attribute.",
"output": "Text describing passive SSL information related to the input attribute.",
"features": "This module takes an ip-address (ip-src or ip-dst) attribute as input, and queries the CIRCL Passive SSL REST API to get and display information about this input.\n\nTo make it work a username and a password are thus required to authenticate to the CIRCL Passive SSL API.",
"input": "IP address attribute.",
"output": "x509 certificate objects seen by the IP address(es).",
"features": "This module takes an ip-address (ip-src or ip-dst) attribute as input, and queries the CIRCL Passive SSL REST API to gather the related certificates and return the corresponding MISP objects.\n\nTo make it work a username and a password are required to authenticate to the CIRCL Passive SSL API.",
"references": ["https://www.circl.lu/services/passive-ssl/"]
}

Write Preview
Loading…
Cancel
Save