Jakub Onderka
19d5f367a3
chg: [internal] Resolve deprecation warning in dbl_spamhaus
2024-01-08 21:36:14 +01:00
Jakub Onderka
13e48821c6
chg: [internal] Resolve deprecation warning in dns
2024-01-08 21:35:55 +01:00
Jakub Onderka
bfe7fddf72
chg: [internal] Resolve deprecation warning in reversedns
2024-01-08 21:35:37 +01:00
Jakub Onderka
fa744c72e5
chg: [internal] Resolve deprecation warning in qrcode
2024-01-08 21:35:18 +01:00
Jakub Onderka
193d7fd0bc
new: [internal] Avoid double JSON decoding
2024-01-06 19:13:36 +01:00
Jakub Onderka
1764b24647
fix: [apiosintds] Try to fix tests
2024-01-06 13:40:39 +01:00
Jakub Onderka
57e04d6b6c
chg: [internal] Optimise clamav to avoid JSON decoding/encoding
2024-01-06 13:37:23 +01:00
Germán Esteban López
0a654f6394
Fix vysion.py return error
2023-12-20 16:11:56 +01:00
Germán Esteban López
21c6bcbb2c
Added vysion.py
2023-12-15 10:45:16 +01:00
Germán Esteban López
cd0f1654c5
Added vysion expansion and documentation
2023-12-13 12:06:40 +01:00
ip2location
f0b610907d
Update ip2locationiopy and add documentations
2023-12-08 10:01:14 +08:00
ip2location
58265dc925
Add IP2Location.io module
2023-12-07 10:40:04 +08:00
Milo Volpicelli
52f53f81d0
cluster25_expand: handles related items and more
2023-11-07 15:23:33 +00:00
Milo Volpicelli
a4bcc15db0
enriches with c25 MISP objects
2023-10-26 15:47:22 +00:00
Milo Volpicelli
0b167df5b0
actual expand implementation
2023-10-20 13:22:26 +00:00
Milo Volpicelli
4c7637237f
renamed cluster25.py to cluster25_expand.py, module implementation
2023-10-20 08:37:21 +00:00
Milo Volpicelli
f77baec63b
adds cluster25.py expansion module and entry in expansion/__init__.py
2023-10-18 14:18:29 +00:00
Sid Odgers
0f5532b2a1
Rename `files_iterator` and related variables to avoid overwriting `file_object` in virustotal enrichments
2023-10-13 15:59:47 +11:00
Luciano Righetti
1bbe16eabc
fix: remove unused import
2023-08-03 11:57:53 +02:00
Luciano Righetti
10c333cd1c
Merge pull request #628 from righel/add-sigmf-expand-module
...
new: add sigmf module to expand a sigmf recording object template
2023-08-03 09:37:50 +02:00
Luciano Righetti
23069a7c5d
add: support extracting sigmf archives into sigmf recordings
2023-08-03 09:25:46 +02:00
Sami Mokaddem
296c7fb16a
Merge branch 'main' of github.com:MISP/misp-modules into main
2023-07-13 10:15:14 -04:00
Sami Mokaddem
fb86bb0510
chg: [expansion:extract_url_components] Better support in case attributes are not defined
2023-07-13 10:14:04 -04:00
Sami Mokaddem
fa9854e6cd
Merge pull request #629 from TinyHouseHippos/abuseipdb_googlesafebrowsing
...
Added the new attribute and tags for AbuseIPDB and added the google s…
2023-07-13 10:08:00 -04:00
Steph S
43e1eb07d0
Added the new attribute and tags for AbuseIPDB and added the google safe browsing expansion module
2023-07-13 09:33:59 -04:00
Luciano Righetti
df2183ce54
fix: properly read samples in different datatypes
2023-07-13 11:06:25 +02:00
Luciano Righetti
e26bfef477
fix: remove debug
2023-07-12 15:51:50 +02:00
Luciano Righetti
3f0fa14545
new: add waterfall plot to the expanded object
2023-07-12 15:34:44 +02:00
Luciano Righetti
5e2957b13f
new: add sigmf module to expand a sigmf recording object template
2023-07-11 16:42:33 +02:00
Alexandre Dulaunoy
93bae11e33
Merge pull request #627 from hyasinfosec/main
...
Added User Agent
2023-07-11 06:35:41 +02:00
Alexandre Dulaunoy
8401470359
Merge pull request #626 from GeekWeekSteph/abuseipdb2
...
Fixed object reference issue for the AbuseIPDB expansion module
2023-07-11 06:35:05 +02:00
Rambatla Venkat Rao
7d006566cf
Added User Agent
2023-07-11 08:26:16 +05:30
Steph S
513d292994
Fixed object reference issue for the AbuseIPDB expansion module
2023-07-10 17:14:15 -04:00
Alexandre Dulaunoy
ea0c6f9ac2
Merge pull request #625 from GeekWeekSteph/abuseipdb
...
Added AbuseIPDB expansion module
2023-07-10 21:56:50 +02:00
Steph S
53b7a76824
Added AbuseIPDB expansion module
2023-07-10 15:08:47 -04:00
Davide
702158ab16
Bug fix
2023-07-09 13:37:19 +02:00
Davide
4e00e60951
Bug fix
2023-07-09 13:35:47 +02:00
Davide
80dba63a8b
Module updated to apiosintDSv2.0
2023-07-09 12:42:59 +02:00
Koen Van Impe
436ed0cea9
Small bug fix for vulners - vulners_ai_score
2023-07-04 16:17:05 +02:00
Usama015
15728bb801
updated Description and removed redundant comments
2023-06-14 12:23:04 +05:00
Usama015
2d3631cd41
updated
2023-06-13 18:58:04 +05:00
Usama015
ea2ccc1004
updated
2023-06-13 18:57:33 +05:00
Usama015
ee5d503fc4
resolved Exception
2023-06-13 17:47:50 +05:00
Usama015
5b5eaddf5e
added Reverse API
2023-06-13 16:38:56 +05:00
Usama015
bb60e4742e
updated
2023-06-13 15:47:07 +05:00
Usama015
91fce45f82
updated
2023-06-13 12:45:10 +05:00
Usama015
a90a70613b
updated whoisfreaks module
2023-06-13 12:36:24 +05:00
Usama015
c0df182aa0
added whoisfreaks module in MISP
2023-06-12 19:00:41 +05:00
Christian Studer
51339c2a82
fix: [crowdsec] Kepping the original attribute used to query the module unchanged
2023-05-26 15:14:44 +02:00
Christian Studer
52ce2cf043
chg: [crowdsec] Added new attributes as describbed in the `crowdsec-ip-context` object template, and tags describbed in the crowdsec taxonomy to the IP address
2023-05-26 14:26:26 +02:00
Christian Studer
64d3a3e5a4
fix: [crowdsec] Typo
2023-05-23 13:34:52 +02:00
Christian Studer
6eea5f61d4
fix: [crowdsec] Fixed the `reverse_dns` field parsing & added the `background-noise` attribute
2023-05-23 13:20:52 +02:00
Christian Studer
ddd8b8513e
add: [expansion modules] Added `ipinfo` to the expansion modules list in `__init__`
2023-05-16 16:09:04 +02:00
Christian Studer
196939d205
chg: [crowdsec] Updated the module to support the recently added `crowdsec-ip-context` object template
2023-05-12 12:16:22 +02:00
Christian Studer
51cf8524ad
fix: [crowdsec] Fixed the module input handling
...
- Made the module an expansion module as it is the
standard type, and `hover` usually is the option
- Better input handling, checking now for the
`attribute` field as the information of the full
attribute is passed in misp standard format and
not only its type and value
- As for now only `v2` is supported as API version
we removed the parameter to avoid confusion. It
can be added back later when multiple versions
are supported
2023-05-11 16:12:07 +02:00
Alexandre Dulaunoy
98b766cbdc
fix: [crowdsec] more need to be fully supporting MISP standard format
2023-05-11 15:25:34 +02:00
Alexandre Dulaunoy
337dcf7acb
fix: [crowdsec] version 2
2023-05-11 15:21:31 +02:00
Alexandre Dulaunoy
fe778dd576
fix: [crowdsec] set default version and expansion added
2023-05-11 15:18:26 +02:00
Alexandre Dulaunoy
113a112001
fix: [dbl_spamhaus] if you want to run local test, the dns module
...
expansion is taking over from the original dnspython3 library.
The trick is just to get rid of the syspath to exclude the local
directory until the proper library is loaded.
2023-04-02 10:11:24 +02:00
Christian Studer
9892c8db88
Merge branch 'main' of github.com:MISP/misp-modules into new_module
2023-03-27 17:46:42 +02:00
Brad Chiappetta
b3865b33b7
refactor for sdk and expansion
2023-03-10 12:56:26 -05:00
Christian Studer
69deb8d10b
add: [ipinfo] First version of a new module to query ipinfo.io
...
- First version addressing the request from #600
- Straight forward parsing of the `geolocation`,
`domain-ip` and `asn` information returned by
the standard API endpoint (ipinfo.io/{ip_address})
2023-02-21 13:04:24 +01:00
Shivam Sandbhor
2c9b953f23
Set user agent of crowdsec misp module to crowdsec-misp/v1.0.0
...
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
2023-02-20 10:11:38 +05:30
Alexandre Dulaunoy
b7bd679b1c
fix: [url_import/url] added in __init__
2022-11-08 06:23:40 +01:00
Christian Studer
cb8f55425c
fix: [crowdsec] Fixed the __init__ files
2022-11-07 23:44:40 +01:00
Sami Mokaddem
9bf7e15053
new: [expansion] Added extract_url_components module to create an object from an URL attribute
2022-11-06 17:28:00 +01:00
Shivam Sandbhor
382d8036d9
Add crowdsec module
...
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
2022-10-28 12:19:35 +05:30
Christian Studer
e18ac776bb
fix: [variodbs] Fixed indentation issue
...
- if `exploit_results` is empty, we should not go
any further in the query for next values exploit
results
2022-10-27 09:50:24 +02:00
Christian Studer
5526c2c195
add: [variotdbs] Updated the exploit object mapping to support the object attributes recently added to the `exploit` template
2022-10-26 11:35:59 +02:00
Christian Studer
8e97bf9938
chg: [cve_advanced] Updated the module to use cvepremium & a few improvements
2022-10-25 22:20:30 +02:00
Christian Studer
38a6dc810e
fix: [variodbs] Properly handling the exploit results when there is more that 10 results
...
- We keep querying the VARIoT db API with the link
of the next content until there is no next result
2022-10-24 16:18:22 +02:00
Christian Studer
b964b5e2a6
fix: [variodbs] Fixed the empty vulnerability results case handling, to avoid the module to stop before looking for related exploits
2022-10-24 15:43:04 +02:00
Christian Studer
153ca8d3d4
add: [variotdbs] Added the exploit information parsing
...
- Following a recent change on the variotdbs API
allowing requests to get exploits information
base on a CVE number
2022-10-24 15:01:54 +02:00
Christian Studer
98031beeae
fix: [variotdbs] Fixed some typos, missing imports, and some issues in the main parsing process
2022-10-24 14:53:00 +02:00
Christian Studer
f5cb8d0f57
fix: [variotdbs] Added the reference between the resulting vulnerability object and the initial vulnerability attribute
2022-10-21 14:18:47 +02:00
Christian Studer
81375e1628
add: [variotdbs] Added module to query the variotdbs API with a vulnerabliity, to get additional info about it
2022-10-19 00:06:04 +02:00
Rambatla Venkat Rao
d00fee3ba0
Update hyasinsight.py
2022-10-11 08:26:12 +05:30
Rambatla Venkat Rao
66eb82cf1a
Added few more endpoints
2022-10-11 08:24:53 +05:30
Jeroen Pinoy
340b9c0954
fix: [expansion:apivoid] add missing email attribute input types
2022-09-20 06:05:06 -07:00
szopin
e10826aafc
Fix for hashdd
...
Endpoint has changed, now only accepts md5 and the format of the reply is also different
2022-09-15 10:09:21 +02:00
Rambatla Venkat Rao
03af649d06
fixed lgtm issues
2022-09-06 17:05:22 +05:30
Rambatla Venkat Rao
f3b2ea7c41
Added HYAS Insight Module
2022-09-06 16:07:52 +05:30
Rambatla Venkat Rao
3afcd825b9
Added Hyas Insight Module
2022-09-06 15:54:35 +05:30
Sami Mokaddem
a6930be862
new: [expansion:jinja_template_rendering] Added new module to rendre a jinja template based on the provided data
2022-08-25 10:57:17 +02:00
Christian Studer
71d8745b91
fix: [shodan] The input attribute is actually already added to the event at the beginning
2022-08-10 16:17:08 +02:00
chrisr3d
90a1644c8c
fix: [shodan] Fixed wrong asset used to add attribute to
...
- This caused the input `ip-src` or `ip-dst` input
attribute to be added to the `ip-api-addres`
which does not have these attributes in their
template, where they should be added to the
Event instead
2022-08-10 14:07:00 +02:00
Raphaël Vinot
81ec6fe415
fix: fix vulnerable_configuration object ref, rely on template.
...
Related #853
2022-07-28 14:41:36 +02:00
Daniel Pascual
d08bb5c365
Add more relations and attributes to VT modules
2022-04-18 10:20:33 +02:00
Alexandre Dulaunoy
8f3cc42082
Merge branch 'main' of github.com:MISP/misp-modules into main
2022-04-15 08:27:53 +02:00
Alexandre Dulaunoy
c384c3a2a5
fix: [expansion] clamav module was missing from the __init__
2022-04-15 08:27:19 +02:00
Dermott, Scott
f73b961330
* Fix for @chrisr3d - [joesandbox_query] Changed the import_pe param to `import_executable`
2022-04-07 14:44:22 +01:00
Daniel Pascual
ac704c8c99
VirusTotal modules migration to API v3
2022-03-16 18:05:13 +01:00
chrisr3d
c5b6d218bb
chg: [joesandbox_query] Changed the `import_pe` param to `import_executable`
2022-03-07 23:01:49 +01:00
Jakub Onderka
79de89657c
fix: [wiki] Change User-Agent to avoid 403 error
2022-03-04 10:07:53 +01:00
Alexandre Dulaunoy
c33a1fea22
Merge pull request #556 from Wachizungu/chg-add-edit-mmdb-lookup-documentation
...
chg:[doc] update mmdb_lookup documentation
2022-02-23 06:43:28 +01:00
Jeroen Pinoy
c5a9a97354
chg:[doc] update mmdb_lookup documentation
2022-02-23 00:54:13 +01:00
Jeroen Pinoy
a1e468f7bf
fix: Allow email-src and email-dst as input for apivoid module
2022-02-22 23:33:55 +01:00
Alexandre Dulaunoy
beb463bdab
Merge branch 'main' into main
2022-02-15 15:16:13 +01:00
Rambatla Venkat Rao
4a19d35da0
updated to add the latest modules
2022-02-15 19:19:51 +05:30
Rambatla Venkat Rao
82eee0074b
Update __init__.py
2022-02-15 19:11:36 +05:30