MISP
/
misp-modules
mirror of https://github.com/MISP/misp-modules
2
0
Fork 0
Code Issues Releases Wiki Activity

Documentation for Cytomic Orion

Browse Source
pull/379/head
Koen Van Impe 3 years ago
parent 2713d3c655
commit d2f0d8027b
2 changed files with 9 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 9
      doc/expansion/cytomic_orion.py
  2. BIN
      doc/logos/cytomic_orion.png

9
doc/expansion/cytomic_orion.py
Unescape View File

@ -0,0 +1,9 @@
{
"description": "An expansion module to enrich attributes in MISP by quering the Cytomic Orion API",
"logo": "logos/cytomic_orion.png",
"requirements": ["Access (license) to Cytomic Orion"],
"input": "MD5, hash of the sample / malware to search for.",
"output": "MISP objects with sightings of the hash in Cytomic Orion. Includes files and machines.",
"references": ["https://www.vanimpe.eu/2020/03/10/integrating-misp-and-cytomic-orion/", "https://www.cytomicmodel.com/solutions/"],
"features": "This module takes an MD5 hash and searches for occurrences of this hash in the Cytomic Orion database. Returns observed files and machines."
}

BIN
doc/logos/cytomic_orion.png
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 898 B

Write Preview
Loading…
Cancel
Save