Commit Graph

458 Commits (359ac9100ebb9ed41c853d228cc84e2d4cb2441c)

Author SHA1 Message Date
chrisr3d 359ac9100e
fix: typo in references mapping dictionary 2018-02-23 15:58:04 +01:00
chrisr3d b2b0fccd47
fix: Added an object checking
- Checking if there are objects in the event, and then
  if there is at least 1 transaction object
- This prevents the module from crashing, but does not
  guaranty having a valid GoAML file (depending on
  objects and their relations)
2018-02-22 16:37:27 +01:00
chrisr3d 53b4a43448 Merge branch 'master' of github.com:chrisr3d/misp-modules into aml_import 2018-02-22 14:29:36 +01:00
Alexandre Dulaunoy 8728ff8bb6
Merge pull request #164 from chrisr3d/master
Latest fixes to make GoAML export module work
2018-02-22 11:24:37 +01:00
chrisr3d 694a63c8f3
add: Added an example file generated by GoAML export module 2018-02-22 10:29:05 +01:00
chrisr3d c942013812
chg: Modified the mapping dictionary to support misp-objects updates 2018-02-22 01:23:08 +01:00
chrisr3d 9b34602f73
Added GoAML export module in description 2018-02-22 01:22:08 +01:00
chrisr3d 5995458aab
fix: Added the moduleinfo field need to have MISP event in standard format 2018-02-21 17:14:26 +01:00
Alexandre Dulaunoy c3ac53a069
fix: goamlexport added 2018-02-20 17:18:36 +01:00
Alexandre Dulaunoy 60c4fd03b5
Merge pull request #163 from chrisr3d/master
GoAML export
2018-02-20 17:17:44 +01:00
chrisr3d f361fb4ee3
Reading the entire document, to create a big dictionary containing the data, as a beginning 2018-02-20 17:00:13 +01:00
chrisr3d 02b8938b2a
typo 2018-02-20 16:57:27 +01:00
chrisr3d 11dddb974b Merge branch 'master' of github.com:MISP/misp-modules 2018-02-20 15:18:45 +01:00
chrisr3d eb9e06f1cc
explicit name
Avoiding confusion with the coming import module for goaml
2018-02-20 15:18:12 +01:00
Andras Iklody 978903f911
Quick fix to the invalid hash types offered on all returned hashes, hopefully fixes #162 2018-02-20 14:08:14 +01:00
chrisr3d 92ab1d5c23
Added "t_to" and "t_from" required fields: funds code & country 2018-02-14 21:30:48 +01:00
chrisr3d be1b541966
Added a required field & the latest attributes in transaction 2018-02-14 12:18:12 +01:00
chrisr3d 43e9010858
Added report expected information fields 2018-02-13 16:39:19 +01:00
chrisr3d d4538382d0
Simplified ObjectReference dictionary reading 2018-02-13 13:41:22 +01:00
chrisr3d b7098d1cff Merge branch 'master' of github.com:MISP/misp-modules 2018-02-13 11:58:56 +01:00
chrisr3d a97eeb44fe
Added some report information
Also changed the ObjectReference parser to replace
all the if conditions by a dictionary reading
2018-02-13 11:51:34 +01:00
Alexandre Dulaunoy 37ea090cba
add: YARA syntax validator 2018-02-12 21:13:32 +01:00
Alexandre Dulaunoy ad112f9b87
Merge pull request #161 from eCrimeLabs/ecrimelabs_dev
Added Yara syntax validation expansion module
2018-02-12 21:02:14 +01:00
Dennis Rand 43db92dbe6 Added Yara syntax validation expansion module 2018-02-12 19:11:54 +00:00
chrisr3d 8569c3d702
Suporting the recent objects added to misp-objects
- Matching the aml documents structure
- Some parts of the document still need to be added
2018-02-12 13:40:49 +01:00
chrisr3d 8983ebc4b2
wip: added location & signatory information 2018-02-05 15:51:03 +01:00
chrisr3d 54ebb8a96f Merge branch 'master' of github.com:MISP/misp-modules into test 2018-02-04 17:16:25 +01:00
Alexandre Dulaunoy 1908b5cdca
Merge pull request #157 from CenturyLinkCIRT/master
added csvimport to __init__.py
2018-02-02 07:22:14 +01:00
Alexandre Dulaunoy deed898c04
add: CSV import module added 2018-02-02 07:16:44 +01:00
Thomas Gardner 69d733bb35 added csvimport to __init__.py 2018-02-01 10:22:28 -07:00
chrisr3d 8dce7935ae
Outputting xml format
Also mapping MISP and GoAML types
2018-02-01 14:55:48 +01:00
chrisr3d 48869335ee
first tests for the GoAML export module 2018-01-31 18:09:45 +01:00
Alexandre Dulaunoy 90ca0cc3a9
Merge pull request #156 from chrisr3d/master
CSV import
2018-01-30 14:21:16 +01:00
chrisr3d bd48ae978c Merge branch 'master' of github.com:MISP/misp-modules 2018-01-30 14:16:17 +01:00
Alexandre Dulaunoy 3a4c8ea952
3.7-alpha removed 2018-01-30 12:26:26 +01:00
Alexandre Dulaunoy 545589373c
fix: Python version in Travis 2018-01-30 12:13:00 +01:00
chrisr3d 71c00954d0
fix: Solved reading problems for some files 2018-01-30 11:20:28 +01:00
chrisr3d b2ec186ccb
Updated delimiter finder method 2018-01-29 17:04:32 +01:00
chrisr3d 529d22cca8
fix: skipping empty lines 2018-01-29 09:19:58 +01:00
chrisr3d 56cbd72b65
Fixed data treatment & other updates 2018-01-28 18:12:40 +01:00
chrisr3d 4d846f968f
Updated delimiter parsing & data reading functions 2018-01-26 17:11:01 +01:00
chrisr3d b9d72bb043
First version of csv import module
- If more than 1 misp type is recognized, for each one an
  attribute is created

- Needs to have header set by user as parameters of the module atm

- Review needed to see the feasibility with fields that can create
  confusion and be interpreted both as misp type or attribute field
  (for instance comment is a misp type and an attribute field)
2018-01-25 15:44:08 +01:00
Raphaël Vinot f29515f86c
Merge pull request #154 from cvandeplas/master
added CrowdStrike Falcon Intel Indicators expansion module
2018-01-19 16:59:05 +01:00
Christophe Vandeplas 8a1a860cda added CrowdStrike Falcon Intel Indicators expansion module 2018-01-19 14:42:25 +01:00
Alexandre Dulaunoy 8008d62bc1
add: RBL added 2018-01-16 20:16:53 +01:00
Alexandre Dulaunoy be258ce2b6
Merge pull request #150 from chrisr3d/master
RBL check module
2018-01-16 20:09:23 +01:00
chrisr3d d045cf7d5f
chg: Modified output format 2018-01-16 19:46:52 +01:00
chrisr3d dcab9aa150 Merge github.com:MISP/misp-modules 2018-01-16 17:15:36 +01:00
Alexandre Dulaunoy c3823b74cf
Merge pull request #149 from cvandeplas/master
Added ThreatAnalyzer sandbox import
2018-01-16 17:11:38 +01:00
chrisr3d 18523c4ada
Check an IPv4 address against known RBLs 2018-01-16 17:08:44 +01:00