chrisr3d
bd3fa3ea07
chg: [cpe] Added default limit to the results
...
- Results returned by CVE-search are sorted by
cvss score and limited in number to avoid
potential massive amount of data retuned back
to MISP.
- Users can overwrite the default limit with the
configuration already present as optional, and
can also set the limit to 0 to get the full list
of results
2020-11-13 15:46:41 +01:00
chrisr3d
3f863e4437
fix: [farsight_passivedns] Fixed typo in the lookup fields
2020-11-13 15:28:10 +01:00
chrisr3d
fe010782f3
chg: [farsight_passivedns] Now using the dnsdb2 python library
...
- Also updated the results parsing to check in
each returned result for every field if they are
included, to avoid key errors if any field is
missing
2020-11-12 16:01:14 +01:00
chrisr3d
f1b6b3e637
Merge branch 'main' of github.com:MISP/misp-modules into chrisr3d_patch
2020-11-12 15:44:34 +01:00
chrisr3d
2a25cda026
Merge branch 'chrisr3d_patch' of github.com:MISP/misp-modules into main
2020-11-11 10:46:44 +01:00
chrisr3d
be79d715b9
Merge branch 'main' of github.com:MISP/misp-modules into main
2020-11-11 10:46:05 +01:00
chrisr3d
bb7564dea9
Merge branch 'main' of github.com:MISP/misp-modules into chrisr3d_patch
2020-11-11 10:45:06 +01:00
Alexandre Dulaunoy
a9900a6fe9
Merge pull request #443 from trustar/main
...
fixed typo causing firstSeen and lastSeen to not be pulled from enric…
2020-11-11 08:55:19 +01:00
Jesse Hedden
0650126d6a
fixed typo causing firstSeen and lastSeen to not be pulled from enrichment data
2020-11-10 17:20:03 -08:00
chrisr3d
b98562a75e
chg: [cpe] Support of the new CVE-Search API
2020-11-10 17:53:47 +01:00
Alexandre Dulaunoy
ab23547844
Merge pull request #440 from MISP/chrisr3d_patch
...
Farsight passivedns module update
2020-11-10 08:33:34 +01:00
chrisr3d
d9cfcf8f62
fix: [farsight_passivedns] Uncommented mandatory field that was commented for tests
2020-11-05 17:51:41 +01:00
chrisr3d
87db6f04aa
fix: [tests] Small fixes on the expansion tests
2020-11-05 15:56:01 +01:00
chrisr3d
a357243d31
chg: [doc] Updated the farsight_passivedns module documentation
2020-11-05 15:55:46 +01:00
chrisr3d
c0440a0d33
chg: [farsight_passivedns] More context added to the results
...
- References between the passive-dns objects and
the initial attribute
- Comment on object attributes mentioning whether
the results come from an rrset or an rdata
lookup
2020-11-05 15:55:30 +01:00
chrisr3d
7c5465e02b
fix: [dnsdb] Avoiding AttributeError with the sys library, probably depending on the python version
2020-11-05 15:55:15 +01:00
chrisr3d
d9e576e605
chg: [farsight_passivedns] Rework of the module to return MISP objects
...
- All the results are parsed as passive-dns MISP
objects
- More love to give to the parsing to add
references between the passive-dns objects and
the input attribute, depending on the type of
the query (rrset or rdata), or the rrtype
(to be determined)
2020-11-05 15:55:00 +01:00
Alexandre Dulaunoy
900fe56fbb
Merge pull request #437 from chrisr3d/main
...
New expansion module to get the vulnerabilities related to a CPE
2020-11-02 20:35:38 +01:00
chrisr3d
260bddb3cf
chg: [cpe] Changed CVE-Search API default url
2020-11-02 19:03:26 +01:00
chrisr3d
54f7e604c8
Merge branch 'main' of github.com:MISP/misp-modules into main
2020-11-02 19:03:16 +01:00
chrisr3d
08d648e2f4
fix: [documentation] Updated links to the scripts, with the default branch no longer being master, but main
2020-10-29 18:29:04 +01:00
chrisr3d
bb8c616b6d
fix: Typo
2020-10-29 18:25:57 +01:00
chrisr3d
e4d2f90767
fix: Updated Pipfile
2020-10-29 18:22:07 +01:00
chrisr3d
04abdb3f59
Merge branch 'main' of github.com:MISP/misp-modules into main
2020-10-29 18:04:02 +01:00
chrisr3d
06d93101b1
add: Documentation for the html_to_markdown expansion module
2020-10-29 18:03:25 +01:00
Christian Studer
2779ed7331
Merge pull request #436 from MISP/new-html-to-markdown
...
new: [expansion] Added html_to_markdown module
2020-10-27 14:43:31 +01:00
chrisr3d
6660e2fc11
add: Added documentation for the cpe module
2020-10-24 23:52:06 +02:00
chrisr3d
88c8d9077c
fix: [cpe] Typos and variable name issues fixed + Making the module available in MISP
2020-10-24 02:40:31 +02:00
mokaddem
2be1d7a0cd
new: [expansion] Added html_to_markdown module
...
It fetches the HTML from the provided URL, performs a bit of DOM
clean-up then convert it into markdown
2020-10-23 22:17:47 +02:00
chrisr3d
410aaaeb28
add: First shot of an expansio module to query cve-search with a cpe to get the related vulnerabilities
2020-10-23 21:19:26 +02:00
chrisr3d
c00349e198
fix: [cve-advanced] Using the cpe and weakness attribute types
2020-10-22 23:25:20 +02:00
chrisr3d
2a2a908f09
Merge branch 'main' of github.com:MISP/misp-modules into new_module
2020-10-22 22:59:21 +02:00
Alexandre Dulaunoy
4b1b1820d2
Merge pull request #432 from JakubOnderka/clamav
...
chg: [clamav] Add reference to original attribute
2020-10-20 20:18:33 +02:00
Jakub Onderka
7ad5eb0bfa
chg: [clamav] Add reference to original attribute
2020-10-20 19:26:04 +02:00
Alexandre Dulaunoy
0872bb820c
chg: [clamav] TCP port connection must be an integer
2020-10-20 10:17:52 +02:00
Alexandre Dulaunoy
8b8ac581e5
Merge pull request #431 from JakubOnderka/clamav
...
new: [clamav] Module for malware scan by ClamAV
2020-10-20 09:58:55 +02:00
Jakub Onderka
f2de7ab87f
new: [clamav] Module for malware scan by ClamAV
2020-10-17 23:25:47 +02:00
Raphaël Vinot
095fbfd75f
chg: Bump deps
2020-10-09 14:41:38 +02:00
Raphaël Vinot
608bad1542
Merge branch 'main' of github.com:MISP/misp-modules into main
2020-10-09 14:24:30 +02:00
Raphaël Vinot
a907613ce2
chg: Bump deps
2020-10-09 14:24:19 +02:00
chrisr3d
48635d8f1b
add: Added documentation for the socialscan new module
...
- Also quick fix of the message for an invalid
result or response concerning the queried email
address or username
2020-10-02 17:01:02 +02:00
chrisr3d
95f5df7a91
Merge branch 'main' of github.com:MISP/misp-modules into new_module
2020-10-02 16:46:27 +02:00
chrisr3d
0072e04627
chg: Updated expansion modules documentation
...
- Added documentation for the missing modules
- Renamed some of the documentation files to match
with the module names and avoid issues within
the documentation file (README.md) with the link
of the miss-spelled module names
2020-10-02 16:41:47 +02:00
chrisr3d
d950b4d7ec
fix: Removed debugging print command
2020-10-02 01:50:49 +02:00
chrisr3d
39904b7f6c
chg: Added socialscan library in Pipfile and updated the lock file
2020-10-01 23:27:43 +02:00
chrisr3d
9a766d6010
add: New module using socialscan library to check email addresses and usernames linked to accounts on online platforms
2020-10-01 23:25:39 +02:00
chrisr3d
14aa6e2d1a
fix: [cve_advanced] Avoiding potential MISP object references issues
...
- Adding objects as dictionaries in an event may
cause issues in some cases. It is better to pass
the MISP object as is, as it is already a valid
object since the MISPObject class is used
2020-10-01 22:44:39 +02:00
chrisr3d
c5abf89805
fix: [virustotal_public] Resolve key error when user enrich hostname
...
- Same as #424
2020-09-28 12:34:00 +02:00
Christian Studer
38c3502394
Merge pull request #424 from JakubOnderka/vt-subdomains-fix
...
fix: [virustotal] Resolve key error when user enrich hostname
2020-09-28 12:32:42 +02:00
Raphaël Vinot
2dde6e8757
fix: Typo in EMailObject
...
Fix #427
2020-09-09 10:56:01 +02:00