MISP
/
misp-modules
mirror of https://github.com/MISP/misp-modules
2
0
Fork 0
Code Issues Releases Wiki Activity
1,252 Commits
7 Branches
55 Tags
20 MiB
Commit Graph

676 Commits (1c85caf31da613b72c8ed882294547b86062fcec)

Author SHA1 Message Date
milkmix bdc5282e09 updated to geoip2 to support mmdb format 2019-10-25 18:09:44 +02:00
chrisr3d e1602fdca9
fix: Updates following the latest CVE-search version 
- Support of the new vulnerable configuration
  field for CPE version > 2.2
- Support of different 'unknown CWE' message
 2019-10-23 11:55:36 +02:00
chrisr3d 63dba29c52
fix: Fixed module names with - to avoid errors with python paths 2019-10-18 11:09:10 +02:00
chrisr3d d740abe74b
fix: Making pep8 happy 2019-10-17 10:45:51 +02:00
chrisr3d a228e2505d
fix: Avoiding empty values + Fixed empty types error + Fixed filename KeyError 2019-10-17 10:42:34 +02:00
chrisr3d 5f7b127713
chg: Avoids returning empty values + easier results parsing 2019-10-15 23:30:39 +02:00
chrisr3d 8aca19ba68
chg: Taking into consideration if a user agent is specified in the module configuration 2019-10-15 11:25:30 +02:00
chrisr3d 6d19549184
fix: Grouped two if conditions to avoid issues with variable unassigned if the second condition is not true 2019-10-13 20:23:02 +02:00
chrisr3d b560347d5d
fix: Considering the case of empty results 2019-10-08 15:49:09 +02:00
chrisr3d 8bcb630340
fix: Catching results exceptions properly 2019-10-08 15:48:26 +02:00
chrisr3d 2850d6f690
fix: Catching exceptions and results properly depending on the cases 2019-10-08 15:45:06 +02:00
chrisr3d 5d4a0bff98
fix: Handling cases where there is no result from the query 2019-10-08 13:28:23 +02:00
chrisr3d 662e58da88
fix: Fixed pattern parsing + made the module hover only 2019-10-07 16:46:32 +02:00
chrisr3d b9b78d1606
fix: Travis tests should be happy now 2019-10-04 17:22:32 +02:00
chrisr3d 6801289175
fix: Returning results in text format 
- Makes the hover functionality display the full
  result instead of skipping the records list
 2019-10-04 15:54:25 +02:00
chrisr3d fe1987101d
fix: Making pep8 happy 2019-10-03 17:10:47 +02:00
chrisr3d c5c5c16ff1
fix: Avoiding errors with uncommon lines 
- Excluding first from data parsed all lines that
  are comments or empty
- Skipping lines with failing indexes
 2019-10-03 16:03:30 +02:00
chrisr3d 3d7de2dc22
fix: Fixed unassigned variable name 2019-10-03 16:02:25 +02:00
chrisr3d ffe43acd89
fix: Removed no longer used variables 2019-09-20 09:22:20 +02:00
chrisr3d cfc6438c47
fix: csv import rework & improvement 
- More efficient parsing
- Support of multiple csv formats
- Possibility to customise headers
- More improvement to come for external csv file
 2019-09-19 23:19:57 +02:00
chrisr3d 09590ca451
fix: Making pep8 happy 2019-09-17 14:13:05 +02:00
Christian Studer 205342996a
Merge pull request #335 from FafnerKeyZee/patch-2 
Travis should not be complaining with the tests after the latest update on "test_cve"
 2019-09-17 14:11:03 +02:00
Fafner [_KeyZee_] dc84c9f972
adding custom API 
Adding the possibility to have our own API server.
 2019-09-17 11:07:23 +02:00
Fafner [_KeyZee_] 5c09b66706
Cleaning the error message 
The original message can be confusing is the user change to is own API.
 2019-09-17 10:42:29 +02:00
chrisr3d 5ebd0bd4fc Merge branch 'master' of github.com:MISP/misp-modules 2019-09-16 14:31:01 +02:00
chrisr3d 8d33d6c18c
add: New parameter to specify a custom CVE API to query 
- Any API specified here must return the same
  format as the CIRCL CVE search one in order to
  be supported by the parsing functions, and
  ideally provide response to the same kind of
  requests (so the CWE search works as well)
 2019-09-16 14:19:20 +02:00
Pierre-Jean Grenier b2ab727f9b fix: prevent symlink attacks 2019-08-22 11:23:37 +02:00
Pierre-Jean Grenier 413cc2469f chg: [cuckooimport] Handle archives downloaded from both the WebUI and the API 2019-08-21 16:35:11 +02:00
Alexandre Dulaunoy c019e4d997
Merge pull request #322 from zaphodef/cuckooimport 
Rewrite cuckooimport
 2019-08-13 14:32:48 +02:00
Pierre-Jean Grenier 6ba6f8bb1f new: Rewrite cuckooimport 2019-08-09 15:44:47 +02:00
chrisr3d 415fa55fff
fix: Avoiding issues when no CWE id is provided 2019-08-06 15:55:50 +02:00
chrisr3d 0b603fc5d3
fix: Fixed unnecessary dictionary field call 
- No longer necessary to go under 'Event' field
  since PyMISP does not contain it since the
  latest update
 2019-08-05 11:33:04 +02:00
chrisr3d 4df528c331
add: Added initial event to reference it from the vulnerability object created out of it 2019-08-02 15:35:33 +02:00
chrisr3d 034222d7b3
fix: Using the attack-pattern object template (copy-paste typo) 2019-08-02 10:10:44 +02:00
chrisr3d 7eb4f034c0
fix: Making pep8 happy 2019-08-01 17:17:16 +02:00
chrisr3d 5c15c0ff93
add: Making vulnerability object reference to its related capec & cwe objects 2019-08-01 15:37:10 +02:00
chrisr3d c4302aa35e
add: Parsing CAPEC information related to the CVE 2019-08-01 15:21:18 +02:00
chrisr3d 7445d7336e
add: Parsing CWE related to the CVE 2019-08-01 14:55:53 +02:00
chrisr3d 7b1c35d583
fix: Fixed cvss-score object relation name 2019-07-30 09:55:36 +02:00
chrisr3d 3367e47490
fix: Avoid issues when there is no pe field in a windows file sample analysis 
- For instance: doc file
 2019-07-25 17:57:36 +02:00
chrisr3d 3d41104d5b
fix: Avoid adding file object twice if a KeyError exception comes for some unexpected reasons 2019-07-25 17:47:08 +02:00
chrisr3d ddeb04bd74
add: Parsing linux samples and their elf data 2019-07-25 17:46:21 +02:00
chrisr3d 41bbbeddfb
fix: Testing if file & registry activities fields exist before trying to parse it 2019-07-25 17:44:32 +02:00
chrisr3d 4c8fe9d8ef
fix: Testing if there is some screenshot data before trying to fetch it 2019-07-25 17:43:11 +02:00
chrisr3d e2a0f27d75
fix: Fixed direction of the relationship between files, PEs and their sections 
- The file object includes a PE, and the PE
  includes sections, not the other way round
 2019-07-24 14:58:45 +02:00
chrisr3d 42b95c4210
fix: Fixed variable names 2019-07-24 12:21:58 +02:00
chrisr3d 27f5c9ceeb Merge branch 'master' of github.com:MISP/misp-modules 2019-07-24 12:08:28 +02:00
chrisr3d 5602cf1759
add: Parsing apk samples and their permissions 2019-07-24 11:59:11 +02:00
chrisr3d fc8a573ba7
fix: Changed the way references added at the end are saved 
- Some references are saved until they are added
  at the end, to make it easier when needed
- Here we changed the way they are saved, from a
  dictionary with some keys to identify each part
  to the actual dictionary with the keys the
  function add_reference needs, so we can directly
  use this dictionary as is when the references are
  added to the different objects
 2019-07-24 11:14:12 +02:00
chrisr3d 4ee0cbe4c5
add: Added virustotal_public to the list of available modules 2019-07-24 11:10:25 +02:00