mirror of https://github.com/MISP/misp-modules
Merge branch 'main' of github.com:MISP/misp-modules into main
commit
dd0056f956
File diff suppressed because it is too large
Load Diff
13
Makefile
13
Makefile
|
@ -3,12 +3,15 @@
|
||||||
.PHONY: prepare_docs generate_docs ci_generate_docs test_docs
|
.PHONY: prepare_docs generate_docs ci_generate_docs test_docs
|
||||||
|
|
||||||
prepare_docs:
|
prepare_docs:
|
||||||
cd doc; python generate_documentation.py
|
cd documentation; python3 generate_documentation.py
|
||||||
mkdir -p docs/expansion/logos docs/export_mod/logos docs/import_mod/logos
|
mkdir -p docs/expansion/logos docs/export_mod/logos docs/import_mod/logos
|
||||||
cp -R doc/logos/* docs/expansion/logos
|
mkdir -p docs/logos
|
||||||
cp -R doc/logos/* docs/export_mod/logos
|
cd documentation; cp -R ./logos/* ../docs/logos
|
||||||
cp -R doc/logos/* docs/import_mod/logos
|
cd documentation; cp -R ./logos/* ../docs/expansion/logos
|
||||||
cp LICENSE docs/license.md
|
cd documentation; cp -R ./logos/* ../docs/export_mod/logos
|
||||||
|
cd documentation; cp -R ./logos/* ../docs/import_mod/logos
|
||||||
|
cp ./documentation/mkdocs/*.md ./docs
|
||||||
|
cp LICENSE ../docs/license.md
|
||||||
|
|
||||||
install_requirements:
|
install_requirements:
|
||||||
pip install -r docs/REQUIREMENTS.txt
|
pip install -r docs/REQUIREMENTS.txt
|
||||||
|
|
12
README.md
12
README.md
|
@ -1,17 +1,15 @@
|
||||||
# MISP modules
|
# MISP modules
|
||||||
|
|
||||||
[![Build Status](https://travis-ci.org/MISP/misp-modules.svg?branch=master)](https://travis-ci.org/MISP/misp-modules)
|
[![Build Status](https://travis-ci.org/MISP/misp-modules.svg?branch=main)](https://travis-ci.org/MISP/misp-modules)
|
||||||
[![Coverage Status](https://coveralls.io/repos/github/MISP/misp-modules/badge.svg?branch=master)](https://coveralls.io/github/MISP/misp-modules?branch=master)
|
[![Coverage Status](https://coveralls.io/repos/github/MISP/misp-modules/badge.svg?branch=main)](https://coveralls.io/github/MISP/misp-modules?branch=main)
|
||||||
[![codecov](https://codecov.io/gh/MISP/misp-modules/branch/master/graph/badge.svg)](https://codecov.io/gh/MISP/misp-modules)
|
[![codecov](https://codecov.io/gh/MISP/misp-modules/branch/main/graph/badge.svg)](https://codecov.io/gh/MISP/misp-modules)
|
||||||
|
|
||||||
MISP modules are autonomous modules that can be used for expansion and other services in [MISP](https://github.com/MISP/MISP).
|
MISP modules are autonomous modules that can be used to extend [MISP](https://github.com/MISP/MISP) for new services such as expansion, import and export.
|
||||||
|
|
||||||
The modules are written in Python 3 following a simple API interface. The objective is to ease the extensions of MISP functionalities
|
The modules are written in Python 3 following a simple API interface. The objective is to ease the extensions of MISP functionalities
|
||||||
without modifying core components. The API is available via a simple REST API which is independent from MISP installation or configuration.
|
without modifying core components. The API is available via a simple REST API which is independent from MISP installation or configuration.
|
||||||
|
|
||||||
MISP modules support is included in MISP starting from version 2.4.28.
|
For more information: [Extending MISP with Python modules](https://www.misp-project.org/misp-training/3.1-misp-modules.pdf) slides from [MISP training](https://github.com/MISP/misp-training).
|
||||||
|
|
||||||
For more information: [Extending MISP with Python modules](https://www.misp-project.org/misp-training/3.1-misp-modules.pdf) slides from MISP training.
|
|
||||||
|
|
||||||
## Existing MISP modules
|
## Existing MISP modules
|
||||||
|
|
||||||
|
|
|
@ -8,6 +8,7 @@ from base64 import b64encode
|
||||||
import json
|
import json
|
||||||
import os
|
import os
|
||||||
|
|
||||||
|
LiveCI = True
|
||||||
|
|
||||||
class TestExpansions(unittest.TestCase):
|
class TestExpansions(unittest.TestCase):
|
||||||
|
|
||||||
|
@ -398,6 +399,8 @@ class TestExpansions(unittest.TestCase):
|
||||||
self.assertEqual(self.get_errors(response), "Ransomcoindb API key is missing")
|
self.assertEqual(self.get_errors(response), "Ransomcoindb API key is missing")
|
||||||
|
|
||||||
def test_rbl(self):
|
def test_rbl(self):
|
||||||
|
if LiveCI:
|
||||||
|
return True
|
||||||
query = {"module": "rbl", "ip-src": "8.8.8.8"}
|
query = {"module": "rbl", "ip-src": "8.8.8.8"}
|
||||||
response = self.misp_modules_post(query)
|
response = self.misp_modules_post(query)
|
||||||
try:
|
try:
|
||||||
|
@ -467,8 +470,9 @@ class TestExpansions(unittest.TestCase):
|
||||||
query = {"module": "stix2_pattern_syntax_validator", "stix2-pattern": "[ipv4-addr:value = '8.8.8.8']"}
|
query = {"module": "stix2_pattern_syntax_validator", "stix2-pattern": "[ipv4-addr:value = '8.8.8.8']"}
|
||||||
response = self.misp_modules_post(query)
|
response = self.misp_modules_post(query)
|
||||||
self.assertEqual(self.get_values(response), 'Syntax valid')
|
self.assertEqual(self.get_values(response), 'Syntax valid')
|
||||||
|
|
||||||
def test_threatcrowd(self):
|
def test_threatcrowd(self):
|
||||||
|
if LiveCI:
|
||||||
|
return True
|
||||||
query_types = ('domain', 'ip-src', 'md5', 'whois-registrant-email')
|
query_types = ('domain', 'ip-src', 'md5', 'whois-registrant-email')
|
||||||
query_values = ('circl.lu', '149.13.33.14', '616eff3e9a7575ae73821b4668d2801c', 'hostmaster@eurodns.com')
|
query_values = ('circl.lu', '149.13.33.14', '616eff3e9a7575ae73821b4668d2801c', 'hostmaster@eurodns.com')
|
||||||
results = ('149.13.33.4', 'cve.circl.lu', 'devilreturns.com', 'navabi.lu')
|
results = ('149.13.33.4', 'cve.circl.lu', 'devilreturns.com', 'navabi.lu')
|
||||||
|
@ -478,6 +482,8 @@ class TestExpansions(unittest.TestCase):
|
||||||
self.assertTrue(self.get_values(response), result)
|
self.assertTrue(self.get_values(response), result)
|
||||||
|
|
||||||
def test_threatminer(self):
|
def test_threatminer(self):
|
||||||
|
if LiveCI:
|
||||||
|
return True
|
||||||
query_types = ('domain', 'ip-src', 'md5')
|
query_types = ('domain', 'ip-src', 'md5')
|
||||||
query_values = ('circl.lu', '149.13.33.4', 'b538dbc6160ef54f755a540e06dc27cd980fc4a12005e90b3627febb44a1a90f')
|
query_values = ('circl.lu', '149.13.33.4', 'b538dbc6160ef54f755a540e06dc27cd980fc4a12005e90b3627febb44a1a90f')
|
||||||
results = ('149.13.33.14', 'f6ecb9d5c21defb1f622364a30cb8274f817a1a2', 'http://www.circl.lu/')
|
results = ('149.13.33.14', 'f6ecb9d5c21defb1f622364a30cb8274f817a1a2', 'http://www.circl.lu/')
|
||||||
|
@ -649,6 +655,8 @@ class TestExpansions(unittest.TestCase):
|
||||||
self.assertEqual(self.get_errors(response), "An API authentication is required (key and password).")
|
self.assertEqual(self.get_errors(response), "An API authentication is required (key and password).")
|
||||||
|
|
||||||
def test_xlsx(self):
|
def test_xlsx(self):
|
||||||
|
if LiveCI:
|
||||||
|
return True
|
||||||
filename = 'test.xlsx'
|
filename = 'test.xlsx'
|
||||||
with open(f'{self.dirname}/test_files/{filename}', 'rb') as f:
|
with open(f'{self.dirname}/test_files/{filename}', 'rb') as f:
|
||||||
encoded = b64encode(f.read()).decode()
|
encoded = b64encode(f.read()).decode()
|
||||||
|
|
Loading…
Reference in New Issue