Commit Graph

194 Commits (master)

Author SHA1 Message Date
szopin 79e067188e
Fix for ocr import
Currently works only for .pdf files, with this .png and .jpg should also work (fixes #512)
2022-09-16 10:12:46 +02:00
chrisr3d 38047f2718
chg: [joe_import] Changed the user configuration param `Import PE` into `Import Executable` 2022-03-07 23:04:37 +01:00
Michael Chisholm 24070bfab7 Add workaround for PyMISP bug regarding conversion of objects
to JSON-serializable values.
2022-01-11 21:54:09 -05:00
Michael Chisholm 923fd05eb3 Contribute a TAXII 2.1 import style misp-module. 2022-01-11 21:54:09 -05:00
Derek LaHousse 6c4e788110 It seems alright to leave the field empty, just have to check that it is empty 2021-12-30 09:25:44 -05:00
Jason Zhang 83fd44ed13 add vmware_nsx module 2021-07-29 12:13:31 +01:00
Aaron Kaplan 4078119db0 fix the last issues of #493
(https://github.com/MISP/misp-modules/issues/493)
2021-06-17 14:36:27 +00:00
aaronkaplan 9813f7f7cb
Merge branch 'main' of https://github.com/MISP/misp-modules into cof2misp 2021-05-27 01:58:55 +02:00
aaronkaplan 6824b4e991
push version 2021-05-27 01:58:23 +02:00
aaronkaplan 4816844d16
Add a function to validate dnsdbflex output
add dnsdbflex parser. It's rather easy

Signed-off-by: aaronkaplan <aaron@lo-res.org>
2021-05-26 12:38:56 +02:00
Alexandre Dulaunoy 77035a82e0
chg: [cof2misp] bailiwick is optional 2021-05-11 14:46:16 +02:00
Alexandre Dulaunoy bcc05c3337
Merge pull request #497 from aaronkaplan/cof2misp
Cof2misp
2021-05-04 18:27:33 +02:00
root 117200f334 oops, there was a minor error. print(..., file=sys.stDerr) . Typo! 2021-05-04 07:48:30 +00:00
aaronkaplan 09f0f3943a
Add license text. No logical changes in this commit 2021-05-04 09:44:47 +02:00
Alexandre Dulaunoy c6d02cc177
chg: [cof2misp] debugging removed 2021-05-03 12:41:01 +02:00
Alexandre Dulaunoy 10b5295cdd
chg: [cof2misp] remove logging in the misp-modules 2021-05-03 12:27:52 +02:00
aaronkaplan 0c6a12ea60 Make teh special attributes *_ip and _domain not needed.
See the discussion in https://github.com/MISP/misp-objects/pull/314
2021-05-02 22:54:41 +00:00
aaronkaplan 763e10af5d flake8, you suck 2021-05-02 22:01:09 +00:00
aaronkaplan 36904c688c Merge branch 'cof2misp' of github.com:aaronkaplan/misp-modules into cof2misp 2021-05-02 21:49:40 +00:00
aaronkaplan 85864dad2e make flake8 happier 2021-05-02 21:39:39 +00:00
aaronkaplan ff950bc50c Merge branch 'cof2misp' of github.com:aaronkaplan/misp-modules into cof2misp 2021-05-02 21:11:00 +00:00
aaronkaplan f1da1dd6fa Version 0.2 of the cof2misp import module. 2021-05-02 20:51:07 +00:00
aaronkaplan c06b8ff604 Version 0.2 of the cof2misp import module. 2021-05-02 16:45:55 +00:00
Jakub Onderka 38457f0a7b
fix: Consider mail body as UTF-8 encoded 2021-03-02 15:03:15 +01:00
Jens Thom 0e4e432dc4 fix imports and unused variables 2020-11-30 12:48:01 +01:00
Jens Thom 2a870f2d97 * add parser for report version v1 and v2
* add summary JSON import module
2020-11-30 12:06:19 +01:00
Raphaël Vinot 2dde6e8757
fix: Typo in EMailObject
Fix #427
2020-09-09 10:56:01 +02:00
chrisr3d f99174af2e
fix: Removed multiple spaces to comply with pep8 2020-07-01 11:27:36 +02:00
chrisr3d 26b0357ac7
fix: Making pep8 happy 2020-06-30 23:10:35 +02:00
chrisr3d c0dae2b31b
fix: Removed trustar_import module name in init to avoid validation issues
(until it is submitted via PR?)
2020-06-30 18:08:34 +02:00
Jesse Hedden a70558945a removed obsolete file 2020-06-27 17:46:51 -07:00
Jesse Hedden 67bdb38fc8 WIP: initial push 2020-05-29 17:41:13 -07:00
Jesse Hedden 8a95a000ee initial commit. not a working product. need to create a class to manage the MISP event and TruStar client 2020-05-29 17:21:20 -07:00
chrisr3d 422f654988
fix: Making pep8 happy with indentation 2020-03-18 10:24:06 +01:00
Jakub Onderka fe34023866
csvimport: Return error if input is not valid UTF-8 2020-03-12 11:02:43 +01:00
Hendrik 8f9940200b Lastline verify_ssl option
Helps people with on-prem boxes
2020-01-27 07:46:48 +01:00
chrisr3d b2c8f79220
fix: Making pep8 happy 2020-01-24 15:17:35 +01:00
Georg Schölly 04685ea63e joe: (1) allow users to disable PE object import (2) set 'to_ids' to False 2020-01-24 14:51:38 +01:00
Stefano Ortolani 66bf650b79 change: migrate to analysis API when submitting tasks to Lastline 2020-01-21 11:32:05 +00:00
chrisr3d cf5ad29f27
chg: Checking attributes category
- We check the category before adding the
  attribute to the event
- Checking if the category is correct and if not,
  doing a case insensitive check
- If the category is not correct after the 2 first
  tests, we simply delete it from the attribute
  and pymisp will give the attribute a default
  category value based on the atttribute type, at
  the creation of the attribute
2020-01-07 17:03:10 +01:00
Raphaël Vinot b70c32af7b fix: Somewhat broken emails needed some love 2019-12-05 19:11:07 +01:00
Raphaël Vinot 6f95445143 chg: Update email import module, support objects 2019-12-04 15:25:01 +01:00
Stefano Ortolani f749578525 add: Modules to query/import/submit data from/to Lastline 2019-12-02 19:09:40 +00:00
chrisr3d 91d6f1baa0
fix: Fixed csv file parsing 2019-11-07 11:50:16 +01:00
chrisr3d fe1987101d
fix: Making pep8 happy 2019-10-03 17:10:47 +02:00
chrisr3d c5c5c16ff1
fix: Avoiding errors with uncommon lines
- Excluding first from data parsed all lines that
  are comments or empty
- Skipping lines with failing indexes
2019-10-03 16:03:30 +02:00
chrisr3d 3d7de2dc22
fix: Fixed unassigned variable name 2019-10-03 16:02:25 +02:00
chrisr3d ffe43acd89
fix: Removed no longer used variables 2019-09-20 09:22:20 +02:00
chrisr3d cfc6438c47
fix: csv import rework & improvement
- More efficient parsing
- Support of multiple csv formats
- Possibility to customise headers
- More improvement to come for external csv file
2019-09-19 23:19:57 +02:00
Pierre-Jean Grenier b2ab727f9b fix: prevent symlink attacks 2019-08-22 11:23:37 +02:00