Commit Graph

316 Commits (5adb9bfcfab220f5db5af4f0ec89a9611984db8b)

Author SHA1 Message Date
Sascha Rommelfangen b01cb28323 initial version of a Bitcoin module 2018-11-07 14:14:39 +01:00
Steve Clement 7bafa939b0 new: [btc] Very simple BTC expansion
chg: [req] yara-python is preferred
2018-11-06 00:48:36 +09:00
chrisr3d d1308f9924
chg: Validating yara rules after their creation 2018-11-02 21:35:02 +01:00
chrisr3d 1c10fd5e50
fix: Making yara query an expansion module for single attributes atm 2018-10-31 10:21:21 +01:00
chrisr3d 1d530a7fa6
new: First version of a yara rule creation expansion module 2018-10-18 14:44:57 +02:00
chrisr3d e2cebd6c3e
fix: Catching errors while parsing additional info in requests 2018-09-25 17:10:19 +02:00
Codelinefi-admin c19989e217 Fixed a bug with wrong dates conversion 2018-09-19 21:50:56 +03:00
isox f1325f4316 Fixed getting of the Vulners AI score. 2018-09-18 18:36:12 +03:00
Igor Ivanov 3e9589d0f4 code cleanup and formatting 2018-09-18 14:38:49 +02:00
Igor Ivanov 8d7d377464 added exploit information 2018-09-18 12:11:47 +02:00
Igor Ivanov 5dc05bfafc initial Vulners module PoC 2018-09-18 11:18:55 +02:00
Codelinefi-admin db7dbd6ed5 macaddress.io hover module added 2018-09-13 17:02:49 +03:00
chrisr3d 5c718c5379
fix: Making python 3.5 happy with the exception type ImportError 2018-09-08 02:53:15 +02:00
chrisr3d cfbd63f14e
fix: Fixed exception type for python 3.5 2018-09-07 18:06:01 +02:00
chrisr3d a18db2ed1d
fix: Fixed exception type 2018-09-07 17:56:25 +02:00
chrisr3d 48fcf9a85e
fix: Fixed syntax error 2018-09-07 17:49:28 +02:00
chrisr3d 26647a164b
fix: Fixed indentation error 2018-09-07 17:43:46 +02:00
chrisr3d 5c69f1d867 Merge branch 'master' of github.com:MISP/misp-modules 2018-09-07 16:59:21 +02:00
Sascha Rommelfangen ef781f59f8
fixed typo
via #220
2018-09-06 14:05:55 +02:00
chrisr3d ba728f7120
fix: Fixed 1 variable misuse + cleaned up variable names
- Fixed use of 'domain' variable instead of 'email'
- Cleaned up variable names to avoid redefinition
  of built-in variables
2018-09-03 14:43:51 +02:00
chrisr3d cdf2f434ce
fix: Avoiding adding attributes that are already in the event 2018-09-03 14:30:33 +02:00
chrisr3d 33181bc52b
fix: Fixed quick variable issue 2018-09-03 14:29:42 +02:00
chrisr3d 0ab38feade
fix: Cleaned up test function not used anymore 2018-09-03 13:17:48 +02:00
chrisr3d 936e30b15b
fix: Multiple attributes parsing support
- Fixing one of my previous changes not processing
  multiple attributes parsing
2018-09-03 12:03:42 +02:00
chrisr3d 2af947a2de
fix: Removed print 2018-09-03 10:23:05 +02:00
chrisr3d bc2a73c5cf Merge branch 'master' of github.com:MISP/misp-modules 2018-09-02 20:21:01 +02:00
chrisr3d 179430d69d
fix: Some cleanup and output types fixed
- hashes types specified in output
2018-08-31 21:38:53 +02:00
SuRb0 b0be965e57
Update urlscan.py
Added hash to the search so you can take advantage of the new file down load function on urlscan.io.  You can use this to pivot on file hashes and find out domains that hosting the same malicious file.
2018-08-30 19:41:34 -05:00
chrisr3d 35f3a5e43f
fix: Quick cleanup 2018-08-30 20:45:29 +02:00
chrisr3d 18bad54603 Merge branch 'master' of github.com:MISP/misp-modules 2018-08-30 09:11:25 +02:00
David J a697f65382
Add error handling for DNS failures, reduce imports, and simplify misp_comments 2018-08-14 10:51:15 -05:00
David J bdbf538893
Create urlscan.py 2018-08-10 16:00:01 -05:00
chrisr3d 3a57d11745 Merge branch 'chrisr3d_patch' of github.com:chrisr3d/misp-modules 2018-08-08 17:41:07 +02:00
chrisr3d 90baa1dd5a
add: Added DBL spamhaus module documentation and in expansion init file 2018-08-08 17:05:22 +02:00
chrisr3d 61232ad93e
new: Expansion hover module to check spamhaus DBL for a domain name 2018-08-08 17:00:10 +02:00
chrisr3d 0666a60b3d
fix: [cleanup] Quick clean up on exception type 2018-08-07 18:15:15 +02:00
chrisr3d bb6002a3ff
fix: [cleanup] Quick clean up on yaml load function 2018-08-07 18:14:29 +02:00
chrisr3d 57af98720d
fix: [cleanup] Quick clean up on exception type 2018-08-07 18:13:25 +02:00
sebdraven d7fac002af
Merge branch 'master' into dnstrails 2018-07-18 11:07:44 +02:00
Sebdraven 804e59ed8d change type of status 2018-07-18 10:58:51 +02:00
Sebdraven c8e20d9087 remove print 2018-07-18 10:51:47 +02:00
Sebdraven f2df6dc538 last commit for release 2018-07-18 10:47:42 +02:00
Sebdraven 88859a0ba7 add logs 2018-07-17 18:43:52 +02:00
Sebdraven 8cbeda40a5 add searching_stats 2018-07-17 18:42:01 +02:00
Sebdraven 9d603344c2 add searching_stats 2018-07-17 18:32:50 +02:00
Sebdraven c785cae89b correct key 2018-07-17 17:22:48 +02:00
Sebdraven 2706c4a82a correct key 2018-07-17 17:21:38 +02:00
Sebdraven 431c1511a3 correct param 2018-07-17 17:20:30 +02:00
Sebdraven 999ae1f6f0 add searching domains 2018-07-17 17:09:01 +02:00
Sebdraven a41cf59e0c add searching domains 2018-07-17 15:05:15 +02:00
Sebdraven 966f9603a9 add return 2018-07-12 15:02:46 +02:00
Sebdraven 7f52a15d16 add logs 2018-07-12 14:59:50 +02:00
Sebdraven 3eda712193 add whois expand to test 2018-07-12 14:58:48 +02:00
Sebdraven 5a422c2e5b add whois expand to test 2018-07-12 14:57:37 +02:00
Sebdraven db35c9b091 correct index error 2018-07-12 14:55:56 +02:00
Sebdraven 0341bdc398 error call functions 2018-07-12 14:52:01 +02:00
Sebdraven 2f5381d7b2 add logs 2018-07-12 14:49:51 +02:00
Sebdraven 0b0137829a add logs 2018-07-12 14:48:15 +02:00
Sebdraven 86d236f859 add status_ok to true 2018-07-12 14:47:34 +02:00
Sebdraven aa89a7fc4d add logs 2018-07-12 14:44:19 +02:00
Sebdraven 86d9427816 add logs 2018-07-12 14:42:33 +02:00
Sebdraven a0cf9de590 add logs 2018-07-12 14:38:38 +02:00
Sebdraven 9de201375b add logs 2018-07-12 14:37:09 +02:00
Sebdraven d56bf55038 add logs 2018-07-12 14:33:52 +02:00
Sebdraven 844b25b4cd correct out of bound returns 2018-07-12 14:32:56 +02:00
Sebdraven 9063da88cd correct key and return of functions 2018-07-12 14:27:59 +02:00
Sebdraven 731c06a939 add logs 2018-07-12 14:17:16 +02:00
Sebdraven fb595c08aa add logs 2018-07-12 14:16:19 +02:00
Sebdraven 41587bd568 correct typo 2018-07-12 14:14:43 +02:00
Sebdraven 4b0daee6f1 test whois history 2018-07-12 14:04:37 +02:00
Sebdraven 576b3c9b9b history whois dns 2018-07-12 13:40:51 +02:00
chrisr3d 32419c398e Merge branch 'master' of github.com:MISP/misp-modules 2018-07-12 00:05:01 +02:00
chrisr3d a62078aad1
add: Experimental expansion module to display the SIEM signatures from a sigma rule 2018-07-11 23:43:42 +02:00
Sebdraven 51067039da correct typo 2018-07-11 13:03:47 +02:00
Sebdraven 3a2aab6d71 rename misp modules 2018-07-11 12:41:54 +02:00
Sebdraven a8ae6e06e9 add a test to check if the list is not empty 2018-07-11 12:09:34 +02:00
Sebdraven f0a4c71908 add a test to check if the list is not empty 2018-07-11 12:08:01 +02:00
Sebdraven dbeec4682e add logs 2018-07-11 12:02:31 +02:00
Sebdraven fb262b451f debug whois 2018-07-11 12:00:59 +02:00
Sebdraven 80e71f582c debug ipv4 or ipv6 2018-07-11 11:58:42 +02:00
Sebdraven 386d38c88f add debug 2018-07-11 11:55:59 +02:00
Sebdraven 45decc728d debug 2018-07-11 11:55:31 +02:00
Sebdraven 45c473aef5 change status 2018-07-11 11:52:10 +02:00
Sebdraven 64e7f9c8b6 change history dns 2018-07-11 11:47:10 +02:00
Sebdraven 560dacbf7e add logs to debug 2018-07-11 11:40:22 +02:00
Sebdraven 74c611d2fb correct call function 2018-07-11 11:37:07 +02:00
Sebdraven f47a64b364 add history mx and soa 2018-07-11 11:24:49 +02:00
Sebdraven 43a49dafc6 add history dns and handler exception 2018-07-11 09:48:14 +02:00
Sebdraven 54d996cb00 add history dns 2018-07-11 09:39:09 +02:00
Sebdraven dcdb6e5895 switch type ip 2018-07-11 09:02:47 +02:00
Sebdraven 42c362d2fd refactoring expand_whois 2018-07-11 09:00:23 +02:00
Sebdraven 41635d43c7 correct typo 2018-07-11 08:49:59 +02:00
Sebdraven 3a96e189ed add ipv6 and ipv4 2018-07-11 08:43:23 +02:00
Sebdraven f2333a4978 change type 2018-07-10 16:55:13 +02:00
Sebdraven 9e6162a434 change type 2018-07-10 16:53:06 +02:00
Sebdraven 26950ea7de change loop 2018-07-10 16:51:31 +02:00
Sebdraven e9747a3379 add time sleep in each request 2018-07-10 16:41:44 +02:00
Sebdraven 602da3d1a3 control return of records 2018-07-10 16:35:01 +02:00
Sebdraven 495c720d0f add history ipv4 2018-07-10 16:31:39 +02:00
Sebdraven 21794249d0 add logs 2018-07-10 15:17:37 +02:00