Commit Graph

456 Commits (547985b8ce75e4df7ab6b779814a5c33c86ee095)

Author SHA1 Message Date
chrisr3d 547985b8ce fix: Added Macaddress.io module in the init list 2018-11-22 12:26:27 +01:00
chrisr3d be3063f3c6 fix: Typo on input type 2018-11-22 12:24:47 +01:00
chrisr3d 22173c249e add: Update to support sha1 & sha256 attributes 2018-11-22 12:23:40 +01:00
chrisr3d b778dd5e67 fix: Fixed type of the result in case of exception
- Set as str since some exception types are not
  jsonable
2018-11-21 16:06:22 +01:00
chrisr3d 1b44668094 fix: Added hostname attribute support as it is intended 2018-11-21 16:05:38 +01:00
Christophe Vandeplas 8817de4765 fix: threatanalyzer_import - bugfix for TA6.1 behavior 2018-11-16 13:29:47 +01:00
chrisr3d 651f69126d Merge branch 'master' of github.com:MISP/misp-modules into chrisr3d_patch 2018-11-13 16:05:24 +01:00
chrisr3d 299e97d1ce
add: Added imphash to input attribute types 2018-11-13 15:40:47 +01:00
Sascha Rommelfangen 3e25428978 debug removed 2018-11-13 15:34:33 +01:00
Sascha Rommelfangen 8285ff324f API changes reflected 2018-11-13 15:30:06 +01:00
chrisr3d 58b3a069bf
fix: Updated yara import error message
- Better to 'pip install -I -r REQUIREMENTS' to
  have the correct yara-python version working
  for all the modules, than having another one
  failing with yara hash & pe modules
2018-11-12 16:22:14 +01:00
chrisr3d ad1ccdb9d0 Merge branch 'master' of github.com:MISP/misp-modules into chrisr3d_patch 2018-11-12 12:48:58 +01:00
Alexandre Dulaunoy 5d1583d88b
chg: [onyphe] fix #252 2018-11-11 15:49:14 +01:00
Sascha Rommelfangen 463d7ae874
bug fix regarding leftovers between runs 2018-11-07 14:57:19 +01:00
Steve Clement 91f922b5c4 chg: [btc] Removed simple PoC for btc expansion. 2018-11-07 22:53:21 +09:00
Sascha Rommelfangen 00b1b3214b added btc_steroids to the list 2018-11-07 14:28:28 +01:00
Sascha Rommelfangen b01cb28323 initial version of a Bitcoin module 2018-11-07 14:14:39 +01:00
Steve Clement 7bafa939b0 new: [btc] Very simple BTC expansion
chg: [req] yara-python is preferred
2018-11-06 00:48:36 +09:00
chrisr3d d1308f9924
chg: Validating yara rules after their creation 2018-11-02 21:35:02 +01:00
Steve Clement bb5f6fffae chg: [init] Added try/catch in case misp-modules is already running on a port, or port is in use... 2018-11-02 10:42:40 +09:00
chrisr3d 62aa268d01 Merge branch 'master' of github.com:MISP/misp-modules 2018-10-31 10:22:12 +01:00
chrisr3d 1c10fd5e50
fix: Making yara query an expansion module for single attributes atm 2018-10-31 10:21:21 +01:00
milkmix e8761c1664 super simple support for mutexes through winbaseobj in osquery 3.3 2018-10-25 21:28:46 +02:00
chrisr3d 1d530a7fa6
new: First version of a yara rule creation expansion module 2018-10-18 14:44:57 +02:00
Julien Bachmann 04ba4b34e3
Merge branch 'master' into export_osquery 2018-10-03 16:59:51 +01:00
milkmix 78b4aade08 corrected typos and unused imports 2018-10-03 17:55:08 +02:00
chrisr3d e2cebd6c3e
fix: Catching errors while parsing additional info in requests 2018-09-25 17:10:19 +02:00
Codelinefi-admin c19989e217 Fixed a bug with wrong dates conversion 2018-09-19 21:50:56 +03:00
isox f1325f4316 Fixed getting of the Vulners AI score. 2018-09-18 18:36:12 +03:00
Igor Ivanov 3e9589d0f4 code cleanup and formatting 2018-09-18 14:38:49 +02:00
Igor Ivanov 8d7d377464 added exploit information 2018-09-18 12:11:47 +02:00
Igor Ivanov 5dc05bfafc initial Vulners module PoC 2018-09-18 11:18:55 +02:00
Codelinefi-admin db7dbd6ed5 macaddress.io hover module added 2018-09-13 17:02:49 +03:00
chrisr3d 5c718c5379
fix: Making python 3.5 happy with the exception type ImportError 2018-09-08 02:53:15 +02:00
chrisr3d cfbd63f14e
fix: Fixed exception type for python 3.5 2018-09-07 18:06:01 +02:00
chrisr3d a18db2ed1d
fix: Fixed exception type 2018-09-07 17:56:25 +02:00
chrisr3d 48fcf9a85e
fix: Fixed syntax error 2018-09-07 17:49:28 +02:00
chrisr3d 26647a164b
fix: Fixed indentation error 2018-09-07 17:43:46 +02:00
chrisr3d 5c69f1d867 Merge branch 'master' of github.com:MISP/misp-modules 2018-09-07 16:59:21 +02:00
Sascha Rommelfangen ef781f59f8
fixed typo
via #220
2018-09-06 14:05:55 +02:00
chrisr3d ba728f7120
fix: Fixed 1 variable misuse + cleaned up variable names
- Fixed use of 'domain' variable instead of 'email'
- Cleaned up variable names to avoid redefinition
  of built-in variables
2018-09-03 14:43:51 +02:00
chrisr3d cdf2f434ce
fix: Avoiding adding attributes that are already in the event 2018-09-03 14:30:33 +02:00
chrisr3d 33181bc52b
fix: Fixed quick variable issue 2018-09-03 14:29:42 +02:00
chrisr3d 0ab38feade
fix: Cleaned up test function not used anymore 2018-09-03 13:17:48 +02:00
chrisr3d 936e30b15b
fix: Multiple attributes parsing support
- Fixing one of my previous changes not processing
  multiple attributes parsing
2018-09-03 12:03:42 +02:00
chrisr3d 2af947a2de
fix: Removed print 2018-09-03 10:23:05 +02:00
chrisr3d bc2a73c5cf Merge branch 'master' of github.com:MISP/misp-modules 2018-09-02 20:21:01 +02:00
chrisr3d 179430d69d
fix: Some cleanup and output types fixed
- hashes types specified in output
2018-08-31 21:38:53 +02:00
SuRb0 b0be965e57
Update urlscan.py
Added hash to the search so you can take advantage of the new file down load function on urlscan.io.  You can use this to pivot on file hashes and find out domains that hosting the same malicious file.
2018-08-30 19:41:34 -05:00
chrisr3d 35f3a5e43f
fix: Quick cleanup 2018-08-30 20:45:29 +02:00