chrisr3d
14cf39d8b6
chg: Updated the module to work with the updated VirusTotal API
...
- Parsing functions updated to support the updated
format of the VirusTotal API responses
- The module can now return objects
- /!\ This module requires a high number of
requests limit rate to work as expected /!\
2019-07-22 16:22:29 +02:00
chrisr3d
1fa37ea712
fix: Avoiding issues with non existing sample types
2019-07-22 11:43:35 +02:00
chrisr3d
675e0815ff
add: Parsing communicating samples returned by domain reports
2019-07-22 11:42:52 +02:00
chrisr3d
c9c2027a57
fix: Undetected urls are represented in lists
2019-07-22 11:39:46 +02:00
chrisr3d
6fdfcb0a29
fix: Changed function name to avoid confusion with the same variable name
2019-07-22 09:53:19 +02:00
chrisr3d
729c86c336
fix: Quick fix on siblings & url parsing
2019-07-22 09:16:04 +02:00
chrisr3d
9aa721bc37
fix: typo
2019-07-19 16:20:24 +02:00
chrisr3d
641dda0103
add: Parsing downloaded samples as well as the referrer ones
2019-07-18 21:38:17 +02:00
chrisr3d
795edb7457
chg: Adding references between a domain and their siblings
2019-07-17 20:40:56 +02:00
chrisr3d
8de350744b
chg: Getting domain siblings attributes uuid for further references
2019-07-16 22:39:35 +02:00
chrisr3d
a61d09db8b
fix: Parsing detected & undetected urls
2019-07-15 23:44:25 +02:00
chrisr3d
d9b03a7aa5
fix: Various fixes about typo, variable names, data types and so on
2019-07-12 10:59:19 +02:00
chrisr3d
f862a14ce6
add: Object for VirusTotal public API queries
...
- Lighter analysis of the report to avoid reaching
the limit of queries per minute while recursing
on the different elements
2019-07-11 22:59:07 +02:00
chrisr3d
ade4b98588
add: Updated README file with the new module description
2019-07-10 15:30:19 +02:00
chrisr3d
3edc323836
fix: Making pep8 happy
2019-07-10 15:29:31 +02:00
chrisr3d
5703253961
new: First version of an advanced CVE parser module
...
- Using cve.circl.lu as well as the initial module
- Going deeper into the CVE parsing
- More parsing to come with the CWE, CAPEC and so on
2019-07-10 15:20:22 +02:00
chrisr3d
181e6383a3
fix: Added missing add_attribute function
2019-07-03 11:14:46 +02:00
chrisr3d
6b59963a7f
fix: [documentation] Fixed json file name
2019-06-24 16:34:22 +02:00
chrisr3d
aa56248110
fix: [documentation] Fixed some description & logo
2019-06-24 16:26:36 +02:00
chrisr3d
d998368dea
add: [documentation] Added some missing documentation for the most recently added modules
2019-06-24 16:24:37 +02:00
chrisr3d
63e5a0342d
chg: [documentation] Making URLhaus visible from the github page
...
- Because of the white color, the logo was not
visible at all
2019-06-24 10:50:31 +02:00
chrisr3d
cd06221925
add: [documentation] Added documentation for Joe Sandbox & URLhaus
2019-06-24 10:22:30 +02:00
chrisr3d
06d4a30c48
Merge branch 'master' of github.com:MISP/misp-modules
2019-06-21 10:54:24 +02:00
chrisr3d
9a6d484188
add: Added screenshot of the behavior of the analyzed sample
2019-06-21 10:53:12 +02:00
Steve Clement
44ca8da97a
Merge pull request #309 from Kortho/patch-2
...
changed service pointer
2019-06-19 14:56:21 +10:00
Steve Clement
c79a6da57b
Merge pull request #308 from Kortho/patch-1
...
Fixed missing dependencies for RHEL install
2019-06-19 14:55:30 +10:00
Kortho
15c257e504
changed service pointer
...
Changed so the service starts the modules in the venv where they are installed
2019-06-18 10:37:40 +02:00
Kortho
7ef8acda0d
Fixed missing dependencies for RHEL install
...
Added dependencies needed for installing the python library pdftotext
2019-06-18 10:31:14 +02:00
chrisr3d
52dadd2df3
Merge branch 'master' of github.com:MISP/misp-modules
2019-06-18 09:47:09 +02:00
chrisr3d
9e45d302b1
fix: Testing if an object is not empty before adding it the the event
2019-06-18 09:45:59 +02:00
Alexandre Dulaunoy
205665fa82
Merge pull request #307 from ninoseki/fix-missing-links
...
Fix missing links in README.md
2019-06-17 23:28:15 +02:00
Manabu Niseki
a2d58918e4
Fix missing links in README.md
2019-06-17 17:50:26 +01:00
chrisr3d
9fdd6c5e58
fix: Making travis happy
2019-06-15 08:17:29 +02:00
chrisr3d
c1abea4759
Merge branch 'master' of github.com:MISP/misp-modules into new_module
2019-06-15 08:08:33 +02:00
chrisr3d
2f3ce1b615
fix: Support of the latest version of sigmatools
2019-06-15 08:06:47 +02:00
chrisr3d
1ac85a4879
fix: We will display galaxies with tags
2019-06-15 08:05:14 +02:00
Alexandre Dulaunoy
be61613da4
Merge pull request #306 from MISP/new_module
...
New modules able to return MISP objects
2019-06-14 12:28:28 +02:00
chrisr3d
f885b6c5e1
add: Added new modules to the list
2019-06-12 16:32:13 +02:00
chrisr3d
b7223abe78
Merge branch 'new_module' of github.com:MISP/misp-modules into new_module
2019-06-07 15:30:19 +02:00
chrisr3d
de966eac51
fix: Returning tags & galaxies with results
...
- Tags may exist with the current version of the
parser
- Galaxies are not yet expected from the parser,
nevertheless the principle is we want to return
them as well if ever we have some galaxies from
parsing a JoeSandbox report. Can be removed if
we never galaxies at all
2019-06-07 15:22:11 +02:00
chrisr3d
b52e17fa8d
fix: Removed duplicate finalize_results function call
2019-06-07 11:38:50 +02:00
Alexandre Dulaunoy
4cec6f50b3
Merge pull request #305 from joesecurity/new_module
...
joesandbox_query.py: improve behavior in unexpected circumstances
2019-06-05 13:26:48 +02:00
Georg Schölly
efb0a88eeb
joesandbox_query.py: improve behavior in unexpected circumstances
2019-06-04 11:29:40 +02:00
chrisr3d
aa3e873845
fix: Making pep8 happy + added joe_import module in the init list
2019-06-04 11:33:42 +10:00
chrisr3d
42bc6f8d2b
fix: Fixed variable name typo
2019-06-04 11:32:21 +10:00
chrisr3d
ee48d99845
add: New expansion module to query Joe Sandbox API with a report link
2019-06-04 09:48:50 +10:00
chrisr3d
07698e5c72
fix: Fixed references between domaininfo/ipinfo & their targets
...
- Fixed references when no target id is set
- Fixed domaininfo parsing when no ip is defined
2019-06-03 18:38:58 +10:00
chrisr3d
0d40830a7f
fix: Some quick fixes
...
- Fixed strptime matching because months are
expressed in abbreviated format
- Made data loaded while the parsing function is
called, in case it has to be called multiple
times at some point
2019-06-03 18:35:58 +10:00
chrisr3d
74b73f9332
chg: Moved JoeParser class to make it reachable from expansion & import modules
2019-05-29 11:26:14 +10:00
chrisr3d
f541b1f4ba
Merge branch 'master' of github.com:MISP/misp-modules into new_module
2019-05-29 10:50:39 +10:00