Deployed c1b46bb with MkDocs version: 1.2.3

expansion/index.html

@@ -601,6 +601,13 @@
     malwarebazaar
   </a>
   
+</li>
+      
+        <li class="md-nav__item">
+  <a href="#mmdb_lookup" class="md-nav__link">
+    mmdb_lookup
+  </a>
+  
 </li>
       
         <li class="md-nav__item">
@@ -1369,6 +1376,13 @@
     malwarebazaar
   </a>
   
+</li>
+      
+        <li class="md-nav__item">
+  <a href="#mmdb_lookup" class="md-nav__link">
+    mmdb_lookup
+  </a>
+  
 </li>
       
         <li class="md-nav__item">
@@ -2511,6 +2525,23 @@ File object(s) related to the input attribute found on MALWAREbazaar databases.
 <a href="https://bazaar.abuse.ch/">https://bazaar.abuse.ch/</a></p>
 </blockquote>
 <hr />
+<h4 id="mmdb_lookup"><a href="https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/mmdb_lookup.py">mmdb_lookup</a><a class="headerlink" href="#mmdb_lookup" title="Permanent link">&para;</a></h4>
+<p><img src=../logos/circl.png height=60></p>
+<p>A hover and expansion module to enrich an ip with geolocation and ASN information from an mmdb server instance, such as CIRCL's ip.circl.lu.
+- <strong>features</strong>:</p>
+<blockquote>
+<p>The module takes an IP address related attribute as input.
+It queries the public CIRCL.lu mmdb-server instance, available at ip.circl.lu, by default. The module can be configured with a custom mmdb server url if required.
+It is also possible to filter results on 1 db_source by configuring db_source_filter.
+- <strong>input</strong>:
+An IP address attribute (for example ip-src or ip-src|port).
+- <strong>output</strong>:
+Geolocation and asn objects.
+- <strong>references</strong>:
+- <a href="https://data.public.lu/fr/datasets/geo-open-ip-address-geolocation-per-country-in-mmdb-format/">https://data.public.lu/fr/datasets/geo-open-ip-address-geolocation-per-country-in-mmdb-format/</a>
+- <a href="https://github.com/adulau/mmdb-server">https://github.com/adulau/mmdb-server</a></p>
+</blockquote>
+<hr />
 <h4 id="mwdb"><a href="https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/mwdb.py">mwdb</a><a class="headerlink" href="#mwdb" title="Permanent link">&para;</a></h4>
 <p>Module to push malware samples to a MWDB instance
 - <strong>features</strong>:</p>

sitemap.xml

@@ -2,37 +2,37 @@
 <urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
     <url>
          <loc>https://www.misp-project.org/</loc>
-         <lastmod>2022-02-15</lastmod>
+         <lastmod>2022-02-23</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://www.misp-project.org/contribute/</loc>
-         <lastmod>2022-02-15</lastmod>
+         <lastmod>2022-02-23</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://www.misp-project.org/expansion/</loc>
-         <lastmod>2022-02-15</lastmod>
+         <lastmod>2022-02-23</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://www.misp-project.org/export_mod/</loc>
-         <lastmod>2022-02-15</lastmod>
+         <lastmod>2022-02-23</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://www.misp-project.org/import_mod/</loc>
-         <lastmod>2022-02-15</lastmod>
+         <lastmod>2022-02-23</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://www.misp-project.org/install/</loc>
-         <lastmod>2022-02-15</lastmod>
+         <lastmod>2022-02-23</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://www.misp-project.org/license/</loc>
-         <lastmod>2022-02-15</lastmod>
+         <lastmod>2022-02-23</lastmod>
          <changefreq>daily</changefreq>
     </url>
 </urlset>