MISP
/
misp-modules
mirror of https://github.com/MISP/misp-modules
2
0
Fork 0
Code Issues Releases Wiki Activity
1,042 Commits
23 Branches
47 Tags
22 MiB
Commit Graph

120 Commits (29e681ef81ceea22ec3b91936fb89957ec4e5c83)

Author SHA1 Message Date
chrisr3d 29e681ef81
add: Parsing processes called by the file analyzed in the joe sandbox report 2019-05-13 17:30:01 +02:00
chrisr3d d39fb7da18
add: Parsing some object references at the end of the process 2019-05-13 17:29:07 +02:00
chrisr3d 728386d8a0
add: [new_module] Module to import data from Joe sandbox reports 
- Parsing file, pe and pe-section objects from the
  report file info field
- Deeper file info parsing to come
- Other fields parsing to come as well
 2019-05-08 16:52:49 +02:00
chrisr3d 77db21cf18
fix: Making pep8 happy 2019-05-07 09:37:21 +02:00
chrisr3d f1b5f05bb3
fix: Checking not MISP header fields 
- Rejecting fields not recognizable by MISP
 2019-05-07 09:35:56 +02:00
chrisr3d 6608671a01 Merge branch 'master' of github.com:MISP/misp-modules into new_module 2019-05-07 08:38:16 +02:00
chrisr3d 28eb92da53
fix: Using pymisp classes & methods to parse the module results 2019-05-06 22:16:14 +02:00
chrisr3d ae5bd8d06a
fix: Clearer user config messages displayed in the import view 2019-05-06 22:15:14 +02:00
Koen Van Impe 1cd60790fd Bugfix for "sources" ; do not include as IDS for "access" registry keys 
- Bugfix to query "operations" in files, mutex, registry
- Do not set IDS flag for registry 'access' operations
 2019-05-06 16:36:26 +02:00
chrisr3d 6f4b88606b
fix: Make pep8 happy 2019-05-02 14:07:36 +02:00
chrisr3d a5ff849950 Merge branch 'master' of github.com:MISP/misp-modules into new_module 2019-05-02 13:23:24 +02:00
Steve Clement 559ed786ba
chg: [pep8] try/except # noqa 
Not sure how to make flake happy on this one.
 2019-05-02 11:44:32 +09:00
Steve Clement 9af06fd24c
fix: [pep8] More fixes 2019-05-02 11:23:49 +09:00
Steve Clement 81ffabd621
fix: [pep8] More pep8 happiness 2019-05-02 11:06:32 +09:00
Koen Van Impe c8a4d8d76f New VMRay modules 
New JSON output format of VMRay
Prepare for automation (via PyMISP) with workflow taxonomy tags
 2019-05-01 22:44:24 +02:00
root c886247a64
fix: Fixed standard MISP csv format header 
- The csv header we can find in data produced from
  MISP restSearch csv format is the one to use to
  recognize a csv file produced by MISP
 2019-05-01 22:32:06 +02:00
root f900cb7c68
fix: Fixed introspection fields for csvimport & goamlimport 
- Added format field for goaml so the module is
  known as returning MISP attributes & objects
- Fixed introspection to make the format, user
  config and input source fields visible from
  MISP (format also added at the same time)
 2019-05-01 22:28:19 +02:00
root db74c5f49a
fix: Fixed libraries import that changed with the latest merge 2019-05-01 22:26:53 +02:00
chrisr3d 55e494c9ed Merge branch 'features_csvimport' of github.com:MISP/misp-modules into features_csvimport 2019-04-30 17:16:31 +02:00
Raphaël Vinot 454c9e0f43 fix: Pep8 related fixes. 2019-02-04 11:05:51 +01:00
Raphaël Vinot 8fc5b1fd1f fix: Make pep8 happy 2018-12-11 15:29:09 +01:00
Christophe Vandeplas 8817de4765 fix: threatanalyzer_import - bugfix for TA6.1 behavior 2018-11-16 13:29:47 +01:00
chrisr3d fcc18cbd73 Merge branch 'master' of github.com:MISP/misp-modules into features_csvimport 2018-09-03 15:40:19 +02:00
Christophe Vandeplas 7deeb95820 fix: ta_import - bugfixes 2018-08-21 11:13:08 +02:00
Christophe Vandeplas 8d4e2025f7 ta_import - bugfixes for TA 6.1 2018-08-03 13:58:53 +02:00
chrisr3d 8b4d24ba63
fix: Fixed fields parsing to support files from csv export with additional context 2018-08-02 15:42:59 +02:00
chrisr3d 7980aa045a
fix: Handling the case of Context included in the csv file exported from MISP 2018-08-01 17:59:00 +02:00
chrisr3d 92fbcaeff6
fix: Fixed changes omissions in handler function 2018-07-28 00:07:02 +02:00
chrisr3d 63ba7580d3
chg: Updated csvimport to support files from csv export + import MISP objects 2018-07-27 23:13:47 +02:00
Christophe Vandeplas 2f27ff1244 ta_import - support for TheatAnalyzer 6.1 2018-07-27 14:44:06 +02:00
Steve Clement 562a6b1308 - Removed test modules from view 
- Moved skeleton expansion module to it's proper place
 2018-07-03 08:27:54 +02:00
Steve Clement 549f32547d - Reverted to <3.6 compatibility 2018-07-01 22:09:02 +08:00
Steve Clement 9f0313a97e - Fixed log output 2018-06-30 12:01:21 +08:00
Steve Clement 184065cf74 - Forgot to import sys 2018-06-30 11:58:44 +08:00
Steve Clement ffce2aa5cc - Added logger functionality for debug sessions 2018-06-30 11:52:12 +08:00
Steve Clement 2f5dd9928e - content was already a wand.obj 2018-06-30 11:38:26 +08:00
Steve Clement 90f2fe9d19 Merge remote-tracking branch 'upstream/master' 2018-06-30 01:05:01 +08:00
Steve Clement f97359de6a Merge branch 'master' of github.com:SteveClement/misp-modules 2018-06-30 01:04:30 +08:00
Steve Clement ef3837077e - Some more comments 
- Removed libmagic, wand can handle it better
 2018-06-30 00:58:25 +08:00
Christophe Vandeplas ff793bc221
threatanalyzer_import - order of category tuned 2018-06-29 11:17:03 +02:00
Alexandre Dulaunoy d8eeb73a4a
Merge branch 'master' into master 2018-06-29 06:49:40 +02:00
Steve Clement fbb3617f25 - Quick comment ToDo: Avoid using Magic in future releases 2018-06-29 12:01:17 +08:00
Steve Clement 60a3fbe282 - added wand requirement 
- fixed missing return png byte-stream
- move module import to handler to catch and  report errorz
 2018-06-28 23:20:38 +08:00
Steve Clement 7885017981 - fixed typo move image back in scope 2018-06-28 16:59:03 +08:00
chrisr3d 7dd8e988c0
Updated the list of modules (removed stiximport) 2018-06-28 10:51:40 +02:00
Steve Clement 59b7688bdc - Added initial PDF support, nothing is processed yet 
- Test to replace PIL with wand
 2018-06-28 16:00:14 +08:00
chrisr3d 2b509a2fd3
Updated delimiter finder function 2018-05-18 11:38:13 +02:00
chrisr3d 1fb72f3c7a
add: Added user config to specify if there is a header in the csv to import 2018-05-18 11:33:53 +02:00
chrisr3d dba8bd8c5b
fix: Avoid trying to build attributes with not intended fields 
- Previously: if the header field is not an attribute type, then
              it was added as an attribute field.
              PyMISP then used to skip it if needed

- Now: Those fields are discarded before they are put in an attribute
 2018-05-17 16:24:11 +02:00
chrisr3d c088b13f03
fix: Using userConfig to define the header instead of moduleconfig 2018-05-17 13:47:49 +02:00