Commit Graph

165 Commits (18523c4ada89baadf68cc9a6b16292ae4bba3c16)

Author SHA1 Message Date
Koen Van Impe 3253d92b42 Submit malware samples
_submit now includes malware samples (zipped content from misp)
_import checks when no vti_results are returned + bugfix
2016-11-18 18:23:52 +01:00
Raphaël Vinot 5624104b77 Fix STIX import module 2016-11-15 16:47:17 +01:00
Raphaël Vinot c676587461 Multiple clanges in the vmray modules.
* Generic fix to load modules requiring a local library
* Fix python3 support
* PEP8 related cleanups
2016-11-15 16:43:11 +01:00
Koen Van Impe adda9562c0 VMRay Import & Submit module
* First commit
* No support for archives (yet) submit
2016-11-13 21:43:59 +01:00
seamus tuohy 5033b1a9ca Added email meta-data import module.
This email meta-data import module collects basic meta-data from an e-mail
and populates an event with it. It populates the email subject, source
addresses, destination addresses, subject, and any attachment file names.
This commit also contains unit-tests for this module as well as updates to
the readme. Readme updates are additions aimed to make it easier for
outsiders to build modules.
2016-10-22 17:13:20 -04:00
Roman Graf 03b6fd7b74 label replaced by text, which is existing attribute 2016-10-11 14:48:59 +02:00
Alexandre Dulaunoy d7137221db Chg: wikidata module added 2016-10-07 16:21:54 +02:00
Roman Graf d4370fc0e3 Added expansion for Wikidata. Analyst can query Wikidata by label to get additional information for particular term. 2016-10-07 12:57:01 +02:00
Andreas Muehlemann a568d1a1b3 updated geoip_country to __init__.py 2016-09-28 14:06:18 +02:00
Andreas Muehlemann 4bc76acd37 added geoip_country.py 2016-09-28 14:05:43 +02:00
Andreas Muehlemann 985f9de800 added new module reversedns.py, added reversedns to __init__.py 2016-09-22 11:42:52 +02:00
Raphaël Vinot a0cce11964 Dump host info as text 2016-09-15 15:59:08 +02:00
Raphaël Vinot ea2f106b00 Fix typo 2016-09-15 15:32:13 +02:00
Raphaël Vinot 43834b6d51 Add simple Shodan module 2016-09-15 15:11:04 +02:00
Alexandre Dulaunoy fb7411aa32 Merge pull request #49 from FloatingGhost/master
Removed useless pickle storage of stiximport
2016-09-06 15:22:00 +02:00
Hannah Ward 0521833c65
Removed useless pickle storage of stiximport 2016-09-06 14:12:09 +01:00
Alexandre Dulaunoy a9b95095c0 cef_export module added 2016-09-01 20:22:33 +02:00
Alexandre Dulaunoy 2df8bf970e Merge pull request #47 from FloatingGhost/CEF_Export
CEF export, fixes in CountryCode, virustotal
2016-09-01 19:39:16 +02:00
Hannah Ward 4f923d6606
Removed silly subdomain module 2016-09-01 16:14:25 +01:00
Raphaël Vinot c69fae087c Add timeout for the modules, cleanup. 2016-08-25 17:36:28 +02:00
Raphaël Vinot 1034f73479 Fix python 3.3 and 3.4 2016-08-24 10:24:42 +02:00
Raphaël Vinot c822c2df9c Make misp-modules really asynchronous 2016-08-24 00:22:03 +02:00
Raphaël Vinot d6388e1c52 Improve tornado parallel 2016-08-23 18:02:29 +02:00
Hannah Ward 4e3300d66c
Added CEF export module 2016-08-22 14:18:19 +01:00
Alexandre Dulaunoy 6ba2731eb5 coroutine decorator added to post handler 2016-08-21 10:21:00 +02:00
Hannah Ward a492d975c4
Now searches within observable_compositions 2016-08-19 17:21:12 +01:00
Hannah Ward 9db9247e55
Removed calls to print 2016-08-17 13:04:30 +01:00
Hannah Ward 232014f221
Added virustotal tests 2016-08-17 13:01:11 +01:00
Alexandre Dulaunoy bf29e30e4b -d option added - enabling debug on queried modules 2016-08-17 13:42:58 +02:00
Alexandre Dulaunoy 062f2dfd30 New modules added to __init__ 2016-08-17 11:27:07 +02:00
Hannah Ward 4ba86d4fa3
CountryCode JSON now is only grabbed once per server run 2016-08-17 09:51:16 +01:00
Hannah Ward 042bf2bb2f
Added virustotal module 2016-08-17 09:30:15 +01:00
Hannah Ward 393b637514 Merge branch 'master' of https://github.com/MISP/misp-modules 2016-08-15 11:11:28 +01:00
Hannah Ward 0f9221229a
Improved virustotal module 2016-08-15 11:09:40 +01:00
Hannah Ward 917c95cad5
Added countrycode, working on virustotal 2016-08-12 17:40:00 +01:00
Hannah Ward 4f5059fca4
Added lookup by country code 2016-08-12 14:45:28 +01:00
Alexandre Dulaunoy d499ac0ce6 Merge pull request #44 from Rafiot/travis
Add coverage, update logging
2016-08-12 15:20:26 +02:00
Raphaël Vinot b24b16b30a Add coverage, update logging 2016-08-12 15:15:38 +02:00
Hannah Ward 6db269f965
stiximport now uses temporary files to store stix data.
Set max size in config, in bytes
2016-08-12 13:53:23 +01:00
Raphaël Vinot c6fccf1b7e Make PEP8 happy \o/ 2016-08-12 14:09:59 +02:00
Raphaël Vinot 91675a635c Move stiximport.py to misp_modules/modules/import_mod/ 2016-08-12 14:08:47 +02:00
Hannah Ward 6f770ad0c7
Merge branch 'master' of https://github.com/MISP/misp-modules 2016-08-12 12:35:47 +01:00
Hannah Ward 2f6054e97f Merge branch 'stix_import' 2016-08-12 12:17:40 +01:00
Hannah Ward c02a452c05
added tests, also disregards related_observables. Because they're useless 2016-08-12 12:16:49 +01:00
Hannah Ward a34014e245
Fixed observables within an indicator not being added 2016-08-12 11:56:48 +01:00
Raphaël Vinot 59b16950f7 Remove bin script, use cleaner way. Fix last commit. 2016-08-12 12:35:33 +02:00
Hannah Ward faddf8378e
Stiximport will now consume campaigns 2016-08-12 11:34:43 +01:00
Hannah Ward 598a030962
stiximport will now identify file hashes 2016-08-12 11:22:42 +01:00
Alexandre Dulaunoy 99749d4de2 Merge pull request #39 from Rafiot/master
Use entry_points instead of scripts in the install.
2016-08-12 11:33:47 +02:00
Raphaël Vinot 23aedfb6ee Use entry_points instead of scripts. 2016-08-12 11:31:23 +02:00
Hannah Ward 3f7cdad0c3
Threat actors now get imported by stix 2016-08-12 10:06:53 +01:00
Alexandre Dulaunoy e7c6c36089 Fix: module_config should be set as introspection relies on it 2016-08-12 10:55:14 +02:00
Hannah Ward c106aa662b
Added docs to stiximport 2016-08-11 16:37:29 +01:00
Hannah Ward b654a9743b
Added stix import -- works for IPs/Domains 2016-08-11 16:33:02 +01:00
iglocska 6116c017c1 Update to the DNS module to support domain|ip 2016-08-10 17:11:46 +02:00
iglocska c3a3d68e43 Small change to the skeleton export 2016-08-10 16:47:55 +02:00
Iglocska eea62db199 Added test export module 2016-08-05 21:58:24 +02:00
Alexandre Dulaunoy bf035e148c Merge branch 'import-test' of github.com:MISP/misp-modules into import-test 2016-08-04 18:55:17 +02:00
Alexandre Dulaunoy 27ddbd9b92 Fix: types array 2016-08-04 18:54:21 +02:00
Raphaël Vinot b3a322a178 Pass the server port as integer to the uwhois client 2016-08-04 17:44:40 +02:00
Raphaël Vinot f72534c785 Add whois module 2016-08-04 17:23:23 +02:00
Alexandre Dulaunoy f97c5d62d6 First version of an Optical Character Recognition (OCR) module for MISP 2016-08-04 14:32:50 +02:00
Iglocska 2b84e47f34 first version of the import skeleton 2016-08-04 09:12:10 +02:00
Iglocska 3fb62fac70 Added simple import skeleton 2016-08-04 08:00:09 +02:00
Raphaël Vinot 22eaba6ab6 Make sure misp-modules can be launched from anywhere 2016-06-23 19:51:13 +09:00