Koen Van Impe
3253d92b42
Submit malware samples
...
_submit now includes malware samples (zipped content from misp)
_import checks when no vti_results are returned + bugfix
2016-11-18 18:23:52 +01:00
Raphaël Vinot
5624104b77
Fix STIX import module
2016-11-15 16:47:17 +01:00
Raphaël Vinot
c676587461
Multiple clanges in the vmray modules.
...
* Generic fix to load modules requiring a local library
* Fix python3 support
* PEP8 related cleanups
2016-11-15 16:43:11 +01:00
Koen Van Impe
adda9562c0
VMRay Import & Submit module
...
* First commit
* No support for archives (yet) submit
2016-11-13 21:43:59 +01:00
seamus tuohy
5033b1a9ca
Added email meta-data import module.
...
This email meta-data import module collects basic meta-data from an e-mail
and populates an event with it. It populates the email subject, source
addresses, destination addresses, subject, and any attachment file names.
This commit also contains unit-tests for this module as well as updates to
the readme. Readme updates are additions aimed to make it easier for
outsiders to build modules.
2016-10-22 17:13:20 -04:00
Roman Graf
03b6fd7b74
label replaced by text, which is existing attribute
2016-10-11 14:48:59 +02:00
Alexandre Dulaunoy
d7137221db
Chg: wikidata module added
2016-10-07 16:21:54 +02:00
Roman Graf
d4370fc0e3
Added expansion for Wikidata. Analyst can query Wikidata by label to get additional information for particular term.
2016-10-07 12:57:01 +02:00
Andreas Muehlemann
a568d1a1b3
updated geoip_country to __init__.py
2016-09-28 14:06:18 +02:00
Andreas Muehlemann
4bc76acd37
added geoip_country.py
2016-09-28 14:05:43 +02:00
Andreas Muehlemann
985f9de800
added new module reversedns.py, added reversedns to __init__.py
2016-09-22 11:42:52 +02:00
Raphaël Vinot
a0cce11964
Dump host info as text
2016-09-15 15:59:08 +02:00
Raphaël Vinot
ea2f106b00
Fix typo
2016-09-15 15:32:13 +02:00
Raphaël Vinot
43834b6d51
Add simple Shodan module
2016-09-15 15:11:04 +02:00
Alexandre Dulaunoy
fb7411aa32
Merge pull request #49 from FloatingGhost/master
...
Removed useless pickle storage of stiximport
2016-09-06 15:22:00 +02:00
Hannah Ward
0521833c65
Removed useless pickle storage of stiximport
2016-09-06 14:12:09 +01:00
Alexandre Dulaunoy
a9b95095c0
cef_export module added
2016-09-01 20:22:33 +02:00
Alexandre Dulaunoy
2df8bf970e
Merge pull request #47 from FloatingGhost/CEF_Export
...
CEF export, fixes in CountryCode, virustotal
2016-09-01 19:39:16 +02:00
Hannah Ward
4f923d6606
Removed silly subdomain module
2016-09-01 16:14:25 +01:00
Raphaël Vinot
c69fae087c
Add timeout for the modules, cleanup.
2016-08-25 17:36:28 +02:00
Raphaël Vinot
1034f73479
Fix python 3.3 and 3.4
2016-08-24 10:24:42 +02:00
Raphaël Vinot
c822c2df9c
Make misp-modules really asynchronous
2016-08-24 00:22:03 +02:00
Raphaël Vinot
d6388e1c52
Improve tornado parallel
2016-08-23 18:02:29 +02:00
Hannah Ward
4e3300d66c
Added CEF export module
2016-08-22 14:18:19 +01:00
Alexandre Dulaunoy
6ba2731eb5
coroutine decorator added to post handler
2016-08-21 10:21:00 +02:00
Hannah Ward
a492d975c4
Now searches within observable_compositions
2016-08-19 17:21:12 +01:00
Hannah Ward
9db9247e55
Removed calls to print
2016-08-17 13:04:30 +01:00
Hannah Ward
232014f221
Added virustotal tests
2016-08-17 13:01:11 +01:00
Alexandre Dulaunoy
bf29e30e4b
-d option added - enabling debug on queried modules
2016-08-17 13:42:58 +02:00
Alexandre Dulaunoy
062f2dfd30
New modules added to __init__
2016-08-17 11:27:07 +02:00
Hannah Ward
4ba86d4fa3
CountryCode JSON now is only grabbed once per server run
2016-08-17 09:51:16 +01:00
Hannah Ward
042bf2bb2f
Added virustotal module
2016-08-17 09:30:15 +01:00
Hannah Ward
393b637514
Merge branch 'master' of https://github.com/MISP/misp-modules
2016-08-15 11:11:28 +01:00
Hannah Ward
0f9221229a
Improved virustotal module
2016-08-15 11:09:40 +01:00
Hannah Ward
917c95cad5
Added countrycode, working on virustotal
2016-08-12 17:40:00 +01:00
Hannah Ward
4f5059fca4
Added lookup by country code
2016-08-12 14:45:28 +01:00
Alexandre Dulaunoy
d499ac0ce6
Merge pull request #44 from Rafiot/travis
...
Add coverage, update logging
2016-08-12 15:20:26 +02:00
Raphaël Vinot
b24b16b30a
Add coverage, update logging
2016-08-12 15:15:38 +02:00
Hannah Ward
6db269f965
stiximport now uses temporary files to store stix data.
...
Set max size in config, in bytes
2016-08-12 13:53:23 +01:00
Raphaël Vinot
c6fccf1b7e
Make PEP8 happy \o/
2016-08-12 14:09:59 +02:00
Raphaël Vinot
91675a635c
Move stiximport.py to misp_modules/modules/import_mod/
2016-08-12 14:08:47 +02:00
Hannah Ward
6f770ad0c7
Merge branch 'master' of https://github.com/MISP/misp-modules
2016-08-12 12:35:47 +01:00
Hannah Ward
2f6054e97f
Merge branch 'stix_import'
2016-08-12 12:17:40 +01:00
Hannah Ward
c02a452c05
added tests, also disregards related_observables. Because they're useless
2016-08-12 12:16:49 +01:00
Hannah Ward
a34014e245
Fixed observables within an indicator not being added
2016-08-12 11:56:48 +01:00
Raphaël Vinot
59b16950f7
Remove bin script, use cleaner way. Fix last commit.
2016-08-12 12:35:33 +02:00
Hannah Ward
faddf8378e
Stiximport will now consume campaigns
2016-08-12 11:34:43 +01:00
Hannah Ward
598a030962
stiximport will now identify file hashes
2016-08-12 11:22:42 +01:00
Alexandre Dulaunoy
99749d4de2
Merge pull request #39 from Rafiot/master
...
Use entry_points instead of scripts in the install.
2016-08-12 11:33:47 +02:00
Raphaël Vinot
23aedfb6ee
Use entry_points instead of scripts.
2016-08-12 11:31:23 +02:00
Hannah Ward
3f7cdad0c3
Threat actors now get imported by stix
2016-08-12 10:06:53 +01:00
Alexandre Dulaunoy
e7c6c36089
Fix: module_config should be set as introspection relies on it
2016-08-12 10:55:14 +02:00
Hannah Ward
c106aa662b
Added docs to stiximport
2016-08-11 16:37:29 +01:00
Hannah Ward
b654a9743b
Added stix import -- works for IPs/Domains
2016-08-11 16:33:02 +01:00
iglocska
6116c017c1
Update to the DNS module to support domain|ip
2016-08-10 17:11:46 +02:00
iglocska
c3a3d68e43
Small change to the skeleton export
2016-08-10 16:47:55 +02:00
Iglocska
eea62db199
Added test export module
2016-08-05 21:58:24 +02:00
Alexandre Dulaunoy
bf035e148c
Merge branch 'import-test' of github.com:MISP/misp-modules into import-test
2016-08-04 18:55:17 +02:00
Alexandre Dulaunoy
27ddbd9b92
Fix: types array
2016-08-04 18:54:21 +02:00
Raphaël Vinot
b3a322a178
Pass the server port as integer to the uwhois client
2016-08-04 17:44:40 +02:00
Raphaël Vinot
f72534c785
Add whois module
2016-08-04 17:23:23 +02:00
Alexandre Dulaunoy
f97c5d62d6
First version of an Optical Character Recognition (OCR) module for MISP
2016-08-04 14:32:50 +02:00
Iglocska
2b84e47f34
first version of the import skeleton
2016-08-04 09:12:10 +02:00
Iglocska
3fb62fac70
Added simple import skeleton
2016-08-04 08:00:09 +02:00
Raphaël Vinot
22eaba6ab6
Make sure misp-modules can be launched from anywhere
2016-06-23 19:51:13 +09:00