mirror of https://github.com/MISP/misp-modules
Merge pull request #664 from VirusTotal/feat/gti-doc
[Google Threat Intelligence] Add web doc and fix logo for the modulepull/666/head
commit
b5c459c71d
Binary file not shown.
Before Width: | Height: | Size: 4.6 KiB After Width: | Height: | Size: 18 KiB |
|
@ -0,0 +1,14 @@
|
||||||
|
{
|
||||||
|
"description": "An expansion module to have the observable's threat score assessed by Google Threat Intelligence.",
|
||||||
|
"logo": "google_threat_intelligence.png",
|
||||||
|
"requirements": [
|
||||||
|
"An access to the Google Threat Intelligence API (apikey), with a high request rate limit."
|
||||||
|
],
|
||||||
|
"input": "A domain, hash (md5, sha1, sha256 or sha512), hostname or IP address attribute.",
|
||||||
|
"output": "Text fields containing the threat score, the severity, the verdict and the threat label of the observable inspected.",
|
||||||
|
"references": [
|
||||||
|
"https://www.virustotal.com/",
|
||||||
|
"https://gtidocs.virustotal.com/reference"
|
||||||
|
],
|
||||||
|
"features": "GTI assessment for the given observable, this include information about level of severity, a clear verdict (malicious, suspicious, undetected and bening) and additional information provided by the Mandiant expertise combined with the VirusTotal database.\n\n[Output example screeshot](https://github.com/MISP/MISP/assets/4747608/e275db2f-bb1e-4413-8cc0-ec3cb05e0414)"
|
||||||
|
}
|
|
@ -52,8 +52,6 @@ MODULE_INFO = {
|
||||||
DEFAULT_RESULTS_LIMIT = 10
|
DEFAULT_RESULTS_LIMIT = 10
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
class GoogleThreatIntelligenceParser:
|
class GoogleThreatIntelligenceParser:
|
||||||
"""Main parser class to create the MISP event."""
|
"""Main parser class to create the MISP event."""
|
||||||
def __init__(self, client: vt.Client, limit: int) -> None:
|
def __init__(self, client: vt.Client, limit: int) -> None:
|
||||||
|
|
Loading…
Reference in New Issue