Commit Graph

40 Commits (2813e64752a01526a5e31456b5354e283ae1e3d9)

Author SHA1 Message Date
milkmix e8761c1664 super simple support for mutexes through winbaseobj in osquery 3.3 2018-10-25 21:28:46 +02:00
Julien Bachmann 04ba4b34e3
Merge branch 'master' into export_osquery 2018-10-03 16:59:51 +01:00
milkmix 78b4aade08 corrected typos and unused imports 2018-10-03 17:55:08 +02:00
chrisr3d d15cbe58fe
fix: Quick cleanup 2018-08-30 20:41:49 +02:00
chrisr3d 63c3252062
fix: Put the report location parsing in a try/catch statement as it is an optional field 2018-07-30 14:22:40 +02:00
Steve Clement 562a6b1308 - Removed test modules from view
- Moved skeleton expansion module to it's proper place
2018-07-03 08:27:54 +02:00
milkmix 349dd99d47 added support for scheduledtasks 2018-06-24 21:13:56 +02:00
milkmix 7c037ed090 added support for service-displayname, regkey|value 2018-06-24 21:09:42 +02:00
milkmix 0c6a205136 initial implementation supporting regkey. mutexes support waiting osquery table 2018-06-23 15:51:38 +02:00
chrisr3d a02dbd6a8d
fix: Fixed typo of the aml type for country codes 2018-02-26 18:52:28 +01:00
chrisr3d 5df2d309a0
typo 2018-02-26 15:58:53 +01:00
chrisr3d 359ac9100e
fix: typo in references mapping dictionary 2018-02-23 15:58:04 +01:00
chrisr3d b2b0fccd47
fix: Added an object checking
- Checking if there are objects in the event, and then
  if there is at least 1 transaction object
- This prevents the module from crashing, but does not
  guaranty having a valid GoAML file (depending on
  objects and their relations)
2018-02-22 16:37:27 +01:00
chrisr3d c942013812
chg: Modified the mapping dictionary to support misp-objects updates 2018-02-22 01:23:08 +01:00
chrisr3d 5995458aab
fix: Added the moduleinfo field need to have MISP event in standard format 2018-02-21 17:14:26 +01:00
Alexandre Dulaunoy c3ac53a069
fix: goamlexport added 2018-02-20 17:18:36 +01:00
chrisr3d 02b8938b2a
typo 2018-02-20 16:57:27 +01:00
chrisr3d eb9e06f1cc
explicit name
Avoiding confusion with the coming import module for goaml
2018-02-20 15:18:12 +01:00
chrisr3d 92ab1d5c23
Added "t_to" and "t_from" required fields: funds code & country 2018-02-14 21:30:48 +01:00
chrisr3d be1b541966
Added a required field & the latest attributes in transaction 2018-02-14 12:18:12 +01:00
chrisr3d 43e9010858
Added report expected information fields 2018-02-13 16:39:19 +01:00
chrisr3d d4538382d0
Simplified ObjectReference dictionary reading 2018-02-13 13:41:22 +01:00
chrisr3d a97eeb44fe
Added some report information
Also changed the ObjectReference parser to replace
all the if conditions by a dictionary reading
2018-02-13 11:51:34 +01:00
chrisr3d 8569c3d702
Suporting the recent objects added to misp-objects
- Matching the aml documents structure
- Some parts of the document still need to be added
2018-02-12 13:40:49 +01:00
chrisr3d 8983ebc4b2
wip: added location & signatory information 2018-02-05 15:51:03 +01:00
chrisr3d 8dce7935ae
Outputting xml format
Also mapping MISP and GoAML types
2018-02-01 14:55:48 +01:00
chrisr3d 48869335ee
first tests for the GoAML export module 2018-01-31 18:09:45 +01:00
Alexandre Dulaunoy 5c4df3075e
Fix the __init__ import 2018-01-08 20:31:26 +01:00
Robert Nixon 85f1a9bd91
Update threatStream_misp_export.py 2018-01-08 12:09:23 -05:00
Robert Nixon 1d2f3d9c3c
Updated __init__.py
Added reference to new ThreatStream export module
2018-01-08 11:03:42 -05:00
Robert Nixon 49d5520fa3
Added threatStream_misp_export.py 2018-01-08 11:01:16 -05:00
Raphaël Vinot 37d9b3831c Add quick and dirty pdf export 2017-10-26 16:54:20 -04:00
Thomas Gardner 72c52da7ed added threat_connect_export to export_mod.__init__ 2017-08-06 08:15:17 -06:00
Thomas Gardner 529719d9d8 added threat_connect_export.py 2017-08-03 16:21:26 -06:00
Tristan METAYER 24c51a6e21 Add indent field for export 2017-04-21 15:53:48 +02:00
Tristan METAYER 20cb534203 Exclude internal reference 2017-02-21 17:12:17 +01:00
Tristan METAYER dd2646a0f4 Add lite Export module 2017-02-21 16:48:09 +01:00
Alexandre Dulaunoy a9b95095c0 cef_export module added 2016-09-01 20:22:33 +02:00
Hannah Ward 4e3300d66c
Added CEF export module 2016-08-22 14:18:19 +01:00
Raphaël Vinot 59b16950f7 Remove bin script, use cleaner way. Fix last commit. 2016-08-12 12:35:33 +02:00