Merge branch 'main' of github.com:MISP/misp-modules into main

pull/488/head
chrisr3d 2021-04-19 11:54:12 +02:00
commit dd0056f956
4 changed files with 4624 additions and 13 deletions

4602
ChangeLog.md Normal file

File diff suppressed because it is too large Load Diff

View File

@ -3,12 +3,15 @@
.PHONY: prepare_docs generate_docs ci_generate_docs test_docs .PHONY: prepare_docs generate_docs ci_generate_docs test_docs
prepare_docs: prepare_docs:
cd doc; python generate_documentation.py cd documentation; python3 generate_documentation.py
mkdir -p docs/expansion/logos docs/export_mod/logos docs/import_mod/logos mkdir -p docs/expansion/logos docs/export_mod/logos docs/import_mod/logos
cp -R doc/logos/* docs/expansion/logos mkdir -p docs/logos
cp -R doc/logos/* docs/export_mod/logos cd documentation; cp -R ./logos/* ../docs/logos
cp -R doc/logos/* docs/import_mod/logos cd documentation; cp -R ./logos/* ../docs/expansion/logos
cp LICENSE docs/license.md cd documentation; cp -R ./logos/* ../docs/export_mod/logos
cd documentation; cp -R ./logos/* ../docs/import_mod/logos
cp ./documentation/mkdocs/*.md ./docs
cp LICENSE ../docs/license.md
install_requirements: install_requirements:
pip install -r docs/REQUIREMENTS.txt pip install -r docs/REQUIREMENTS.txt

View File

@ -1,17 +1,15 @@
# MISP modules # MISP modules
[![Build Status](https://travis-ci.org/MISP/misp-modules.svg?branch=master)](https://travis-ci.org/MISP/misp-modules) [![Build Status](https://travis-ci.org/MISP/misp-modules.svg?branch=main)](https://travis-ci.org/MISP/misp-modules)
[![Coverage Status](https://coveralls.io/repos/github/MISP/misp-modules/badge.svg?branch=master)](https://coveralls.io/github/MISP/misp-modules?branch=master) [![Coverage Status](https://coveralls.io/repos/github/MISP/misp-modules/badge.svg?branch=main)](https://coveralls.io/github/MISP/misp-modules?branch=main)
[![codecov](https://codecov.io/gh/MISP/misp-modules/branch/master/graph/badge.svg)](https://codecov.io/gh/MISP/misp-modules) [![codecov](https://codecov.io/gh/MISP/misp-modules/branch/main/graph/badge.svg)](https://codecov.io/gh/MISP/misp-modules)
MISP modules are autonomous modules that can be used for expansion and other services in [MISP](https://github.com/MISP/MISP). MISP modules are autonomous modules that can be used to extend [MISP](https://github.com/MISP/MISP) for new services such as expansion, import and export.
The modules are written in Python 3 following a simple API interface. The objective is to ease the extensions of MISP functionalities The modules are written in Python 3 following a simple API interface. The objective is to ease the extensions of MISP functionalities
without modifying core components. The API is available via a simple REST API which is independent from MISP installation or configuration. without modifying core components. The API is available via a simple REST API which is independent from MISP installation or configuration.
MISP modules support is included in MISP starting from version 2.4.28. For more information: [Extending MISP with Python modules](https://www.misp-project.org/misp-training/3.1-misp-modules.pdf) slides from [MISP training](https://github.com/MISP/misp-training).
For more information: [Extending MISP with Python modules](https://www.misp-project.org/misp-training/3.1-misp-modules.pdf) slides from MISP training.
## Existing MISP modules ## Existing MISP modules

View File

@ -8,6 +8,7 @@ from base64 import b64encode
import json import json
import os import os
LiveCI = True
class TestExpansions(unittest.TestCase): class TestExpansions(unittest.TestCase):
@ -398,6 +399,8 @@ class TestExpansions(unittest.TestCase):
self.assertEqual(self.get_errors(response), "Ransomcoindb API key is missing") self.assertEqual(self.get_errors(response), "Ransomcoindb API key is missing")
def test_rbl(self): def test_rbl(self):
if LiveCI:
return True
query = {"module": "rbl", "ip-src": "8.8.8.8"} query = {"module": "rbl", "ip-src": "8.8.8.8"}
response = self.misp_modules_post(query) response = self.misp_modules_post(query)
try: try:
@ -467,8 +470,9 @@ class TestExpansions(unittest.TestCase):
query = {"module": "stix2_pattern_syntax_validator", "stix2-pattern": "[ipv4-addr:value = '8.8.8.8']"} query = {"module": "stix2_pattern_syntax_validator", "stix2-pattern": "[ipv4-addr:value = '8.8.8.8']"}
response = self.misp_modules_post(query) response = self.misp_modules_post(query)
self.assertEqual(self.get_values(response), 'Syntax valid') self.assertEqual(self.get_values(response), 'Syntax valid')
def test_threatcrowd(self): def test_threatcrowd(self):
if LiveCI:
return True
query_types = ('domain', 'ip-src', 'md5', 'whois-registrant-email') query_types = ('domain', 'ip-src', 'md5', 'whois-registrant-email')
query_values = ('circl.lu', '149.13.33.14', '616eff3e9a7575ae73821b4668d2801c', 'hostmaster@eurodns.com') query_values = ('circl.lu', '149.13.33.14', '616eff3e9a7575ae73821b4668d2801c', 'hostmaster@eurodns.com')
results = ('149.13.33.4', 'cve.circl.lu', 'devilreturns.com', 'navabi.lu') results = ('149.13.33.4', 'cve.circl.lu', 'devilreturns.com', 'navabi.lu')
@ -478,6 +482,8 @@ class TestExpansions(unittest.TestCase):
self.assertTrue(self.get_values(response), result) self.assertTrue(self.get_values(response), result)
def test_threatminer(self): def test_threatminer(self):
if LiveCI:
return True
query_types = ('domain', 'ip-src', 'md5') query_types = ('domain', 'ip-src', 'md5')
query_values = ('circl.lu', '149.13.33.4', 'b538dbc6160ef54f755a540e06dc27cd980fc4a12005e90b3627febb44a1a90f') query_values = ('circl.lu', '149.13.33.4', 'b538dbc6160ef54f755a540e06dc27cd980fc4a12005e90b3627febb44a1a90f')
results = ('149.13.33.14', 'f6ecb9d5c21defb1f622364a30cb8274f817a1a2', 'http://www.circl.lu/') results = ('149.13.33.14', 'f6ecb9d5c21defb1f622364a30cb8274f817a1a2', 'http://www.circl.lu/')
@ -649,6 +655,8 @@ class TestExpansions(unittest.TestCase):
self.assertEqual(self.get_errors(response), "An API authentication is required (key and password).") self.assertEqual(self.get_errors(response), "An API authentication is required (key and password).")
def test_xlsx(self): def test_xlsx(self):
if LiveCI:
return True
filename = 'test.xlsx' filename = 'test.xlsx'
with open(f'{self.dirname}/test_files/{filename}', 'rb') as f: with open(f'{self.dirname}/test_files/{filename}', 'rb') as f:
encoded = b64encode(f.read()).decode() encoded = b64encode(f.read()).decode()