diff --git a/docs/logos/google_threat_intelligence.png b/docs/logos/google_threat_intelligence.png index d0aa76df..9a2067b2 100644 Binary files a/docs/logos/google_threat_intelligence.png and b/docs/logos/google_threat_intelligence.png differ diff --git a/documentation/website/expansion/google_threat_intelligence.json b/documentation/website/expansion/google_threat_intelligence.json new file mode 100644 index 00000000..89f4bff9 --- /dev/null +++ b/documentation/website/expansion/google_threat_intelligence.json @@ -0,0 +1,14 @@ +{ + "description": "An expansion module to have the observable's threat score assessed by Google Threat Intelligence.", + "logo": "google_threat_intelligence.png", + "requirements": [ + "An access to the Google Threat Intelligence API (apikey), with a high request rate limit." + ], + "input": "A domain, hash (md5, sha1, sha256 or sha512), hostname or IP address attribute.", + "output": "Text fields containing the threat score, the severity, the verdict and the threat label of the observable inspected.", + "references": [ + "https://www.virustotal.com/", + "https://gtidocs.virustotal.com/reference" + ], + "features": "GTI assessment for the given observable, this include information about level of severity, a clear verdict (malicious, suspicious, undetected and bening) and additional information provided by the Mandiant expertise combined with the VirusTotal database.\n\n[Output example screeshot](https://github.com/MISP/MISP/assets/4747608/e275db2f-bb1e-4413-8cc0-ec3cb05e0414)" +} diff --git a/misp_modules/modules/expansion/google_threat_intelligence.py b/misp_modules/modules/expansion/google_threat_intelligence.py index 3b767034..220b96f4 100644 --- a/misp_modules/modules/expansion/google_threat_intelligence.py +++ b/misp_modules/modules/expansion/google_threat_intelligence.py @@ -52,8 +52,6 @@ MODULE_INFO = { DEFAULT_RESULTS_LIMIT = 10 - - class GoogleThreatIntelligenceParser: """Main parser class to create the MISP event.""" def __init__(self, client: vt.Client, limit: int) -> None: