Update expansion.md

Add: virustotal upload malshare upload triage submit
2024-08-16 18:55:58 -07:00 · 2024-08-16 18:55:58 -07:00 · dce7fc1c18
parent 9106a44e8f
commit dce7fc1c18
1 changed files with 88 additions and 0 deletions
--- a/documentation/mkdocs/expansion.md
+++ b/documentation/mkdocs/expansion.md
@ -1561,6 +1561,29 @@ Module to access Macvendors API.

 -----

+#### [Malshare Upload](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/malshare_upload.py)
+
+Module to push malware samples to MalShare.com
+[[source code](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/malshare_upload.py)]
+
+- **features**:
+>The module requires a MalShare API key to upload files,  and returns the link of the MalShare analysis.
+
+- **config**:
+>api_key
+
+- **input**:
+>Attachment or malware sample
+
+- **output**:
+>Link attribute that points to the sample at the MalShare analysis instance.
+
+- **references**:
+> - https://malshare.com/
+> - https://malshare.com/doc.php
+
+-----
+
 #### [Malware Bazaar Lookup](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/malwarebazaar.py)

 Query Malware Bazaar to get additional information about the input hash.
@ -2454,6 +2477,42 @@ Module to get information from ThreatMiner.
 - **references**:
 >https://www.threatminer.org/

+
+
+-----
+
+#### [Triage Submit](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/triage_submit.py)
+
+Module to submit samples to tria.ge
+[[source code](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/triage_submit.py)]
+
+- **features**:
+> Upload files, and returns the link of the uploaded analysis.
+>
+>The module can submit URLs to retrieve and analyze them directly in the browser or fetch and execute files in the sandbox.
+
+
+- **config**:
+>apikey
+>
+>url_mode ( 'submit' or 'fetch' ) 
+
+- **input**:
+>A MISP attribute included in the following list:
+>- Attachment
+>- malware-sample
+>- url
+
+- **output**:
+>Link attribute that points to the sample at the Triage analysis instance.
+
+- **references**:
+> - https://tria.ge/
+> - https://tria.ge/docs/cloud-api/submit/
+
+- **requirements**:
+>An access to the Triage API (apikey)
+
 -----

 #### [TruSTAR Enrich](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/trustar_enrich.py)
@ -2653,6 +2712,35 @@ Enrich observables with the VirusTotal v3 public API
 - **requirements**:
 >An access to the VirusTotal API (apikey)

+
+-----
+
+#### [VirusTotal Upload](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/virustotal_upload.py)
+
+<img src=../logos/virustotal.png height=60>
+
+Module to push malware samples to VirusTotal v3 public API
+[[source code](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/virustotal_upload.py)]
+
+- **features**:
+>The module requires a VirusTotal API key to Upload files, and returns the link of the uploaded analysis.
+
+- **config**:
+> - apikey
+
+- **input**:
+>Attachment or malware sample
+
+- **output**:
+>Link attribute that points to the sample at the VirusTotal analysis instance.
+
+- **references**:
+> - https://www.virustotal.com
+> - https://docs.virustotal.com/reference/overview
+
+- **requirements**:
+>An access to the VirusTotal API (apikey)
+
 -----

 #### [VMRay Submit](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/vmray_submit.py)