MISP
/
misp-modules
mirror of https://github.com/MISP/misp-modules
2
0
Fork 0
Code Issues Releases Wiki Activity
2,528 Commits
7 Branches
55 Tags
19 MiB
Commit Graph

1312 Commits (1a2c7f0f82ac0bd3d58e557f594f05c885055ded)

Author SHA1 Message Date
Koen Van Impe fe2f2acd42 Be more consistent with max_country_qt / max_country_info_qt 2024-10-18 22:04:38 +02:00
Koen Van Impe 4c6a215802 Extend MMDB with max_country_qt 
When querying MMDB there are sometimes multiple country_info objects returned, mostly due to the different db_source. Sometimes customers are not interested in the db_source, and only the geo-info.
This change adds max_country_qt. When
- Set to None or 0, has no effect
- Set to a value higher than 0, the number of country_info entries is limited to max_country_qt
 2024-10-18 22:00:46 +02:00
Sami Mokaddem 73e6ae2f58
fix: [expansion:init] Added new module `convert_markdown_to_pdf` for loading 2024-10-15 13:45:13 +02:00
Sami Mokaddem edad5580dd
Merge remote-tracking branch 'origin/main' 2024-10-15 12:00:11 +02:00
Sami Mokaddem eb55006f15
new: [expansion:convert_markdown_to_pdf] Added module to render a markdown (under GFM) into PDF 2024-10-15 11:58:42 +02:00
Sami Mokaddem 4ea30ae3a8
new: [expansion] Added skeleton module for the misp_standard format 2024-10-02 12:14:07 +02:00
Koen Van Impe 7ee975e57b
Update dns.py 
Get rid of 'jj' in DNS module description field
 2024-10-02 11:31:39 +02:00
Christian Studer 59c994678d
chg: [circl_passivedns] Using `time_first` & `time_last` as `first_seen` and `last_seen` fields on the `passive-dns` objects 
- Should fix #692
 2024-09-26 11:08:22 +02:00
Sami Mokaddem 75576f0016 Merge remote-tracking branch 'origin/main' 2024-09-03 11:14:54 +02:00
Sami Mokaddem 28390ac9ae fix: [expansion:virus_total] Capture `ForbiddenError` from vr.APIError correctly 2024-09-03 11:13:41 +02:00
Alexandre Dulaunoy a01aa157e5
Merge pull request #687 from crowdsecurity/feat/release-2.1.0 
feat(crowdsec): Update module (v2.1.1)
 2024-08-24 07:52:20 +02:00
Julien Loizelet 4dc71af301
feat(crowdsec): Use misp-objects template and check IP 2024-08-23 17:04:07 +09:00
Alexandre Dulaunoy 55a3d8e9f5
chg: [modules] formatting updated 2024-08-22 15:14:11 +02:00
Alexandre Dulaunoy 80f1f6ec1e
chg: [modules] add a loogo in the moduleinfo 2024-08-22 15:10:55 +02:00
Alexandre Dulaunoy 318318726b
Merge remote-tracking branch 'karen/main' into karenyousefi-main 2024-08-22 15:05:54 +02:00
Julien Loizelet 8c1d7b2c20
feat(crowdsec): Add missing moduleinfo fields 2024-08-22 14:48:30 +09:00
Julien Loizelet 57a1965b52
feat(crowdsec): Update module (v2.1.0) 2024-08-22 11:23:30 +09:00
Karen Yousefi dea91594ae
Update __init__.py 2024-08-19 23:25:44 -07:00
Karen Yousefi 2247e90e42
Update __init__.py 
fix bug pr #682
 2024-08-20 03:20:27 +03:30
Alexandre Dulaunoy feeeaddeb1
fix: [expansion] whois module added back 2024-08-19 11:23:45 +02:00
Alexandre Dulaunoy fd45532501
new: [whois] added back the whois module based on Raphael changes 2024-08-19 11:21:46 +02:00
Stefano Ortolani b89a33b74f Migrate to poetry and optimize dependencies 2024-08-17 15:54:37 +01:00
Karen Yousefi f7a4545727
Add Triage Submit 
Module to submit samples to tria.ge
 2024-08-16 18:52:01 -07:00
Karen Yousefi 1d5d0336c6
MalShare Upload 
Module to push malware samples to MalShare
 2024-08-16 18:50:33 -07:00
Karen Yousefi e3472136f0
VirusTotal Upload 
Module to push malware samples to VirusTotal
 2024-08-16 18:49:35 -07:00
Christophe Vandeplas 1bdb24c9bc
fix: fixes issues added in latest commit 2024-08-12 11:34:13 +02:00
Christophe Vandeplas 842f91a4db
chg: [doc] Big doc revamp #680 2024-08-12 11:23:10 +02:00
Christophe Vandeplas 79442c2cd3
fix: [modules] many modules not loaded as python module 2024-08-10 08:06:14 +02:00
Christophe Vandeplas 9e95c0e81d
fix: [cisco_firesight_manager_ACL_rule_export] include in __init__ 2024-08-10 07:46:01 +02:00
Christophe Vandeplas 33824e04ad
fix: [yara_export] add new module to __init__ 2024-08-10 07:39:53 +02:00
Christophe Vandeplas 01b07975a4
Merge branch 'main' of https://github.com/MISP/misp-modules 2024-08-09 15:54:10 +02:00
Christophe Vandeplas 20ec7c8a18
new: [yara_export] new export module 2024-08-09 15:53:27 +02:00
Germán Esteban 7a3ab8e413
Merge branch 'MISP:main' into main 2024-08-09 10:54:45 +02:00
Christophe Vandeplas dd3ac91afd
fix: [cve] fix CVE module to new vulnerability.circl.lu url 2024-08-09 09:53:14 +02:00
Germán Esteban 5daf7c6628
Merge branch 'MISP:main' into main 2024-08-09 07:54:35 +02:00
Daniel Pascual d720c38b0f WIP 2024-08-08 16:58:17 +02:00
german-esteban 50b96c0524 Update expansion/vysion.py 2024-08-08 15:40:25 +02:00
Daniel Pascual f6305f4041 WIP 2024-08-08 14:13:07 +02:00
Daniel Pascual 3b69446185 WIP 2024-08-07 17:10:28 +02:00
german-esteban 321879e165 Added cryptocurrencies types #2 2024-08-07 15:53:15 +02:00
german-esteban 572a97d1ee Added cryptocurrencies types 2024-08-07 15:45:55 +02:00
Daniel Pascual 798f05a117 Add more attributes to the GTI enrichment 2024-08-07 11:16:57 +02:00
german-esteban ba9798cf87 Update expansion module + Vysion client update version 2024-08-05 12:58:19 +02:00
Koen Van Impe 672640083b Fix 'Object' object has no attribute 'url' in virustotal 
Fix

File "/var/www/MISP/venv/lib/python3.8/site-packages/misp_modules/__init__.py", line 210, in run_request
    response = module.handler(q=json_payload)
  File "/var/www/MISP/venv/lib/python3.8/site-packages/misp_modules/modules/expansion/virustotal_public.py", line 248, in handler
    parser.query_api(attribute)
  File "/var/www/MISP/venv/lib/python3.8/site-packages/misp_modules/modules/expansion/virustotal_public.py", line 46, in query_api
    self.input_types_mapping[self.attribute.type](self.attribute.value)
  File "/var/www/MISP/venv/lib/python3.8/site-packages/misp_modules/modules/expansion/virustotal_public.py", line 143, in parse_hash
    related_file_object = self.create_misp_object(related_file)
  File "/var/www/MISP/venv/lib/python3.8/site-packages/misp_modules/modules/expansion/virustotal_public.py", line 83, in create_misp_object
    misp_object.add_attribute('Url', type='url', value=report.url)
  File "/var/www/MISP/venv/lib/python3.8/site-packages/vt/object.py", line 160, in __getattribute__
    value = super().__getattribute__(attr)
AttributeError: 'Object' object has no attribute 'url'
 2024-08-02 11:24:26 +02:00
Stefano Ortolani a52da45eff Update pandas and pandas_ods_reader and patch ods_enrich 2024-07-19 11:02:36 +01:00
Stefano Ortolani 308c5fb3ce Improve compatibility and upgrade python to 3.12 
Changes:
* Remove vysion (not compatible with python 3.12 and no public repository)
* Remove stiximport (requires archaic version of pymisp)
* Update Python to 3.12
* Pin Numpy to 1.X
* Add missing dependencies
* Commit lock file
* Update requirements file
 2024-07-12 17:09:19 +01:00
Alexandre Dulaunoy d49d8ececf
Merge pull request #669 from VirusTotal/update_doc_references 
chore: Update virustotal documentation references
 2024-07-11 08:19:13 +01:00
silviacuenca 64b7ef1340 Update doc references 2024-07-10 17:04:48 +02:00
Christian Studer 2423bc7ade
fix: [vulnerability_lookup] Avoiding issues with `Iterator` in python3.8 2024-07-08 11:52:26 +02:00
Christian Studer 7d7dc1e633
fix: [vulnerability_lookup] Avoiding KeyError exceptions on some fields 2024-07-02 11:09:26 +02:00