misp-modules

Commit Graph

Author	SHA1	Message	Date
chrisr3d	8d33d6c18c	add: New parameter to specify a custom CVE API to query - Any API specified here must return the same format as the CIRCL CVE search one in order to be supported by the parsing functions, and ideally provide response to the same kind of requests (so the CWE search works as well)	3 years ago
Pierre-Jean Grenier	b2ab727f9b	fix: prevent symlink attacks	3 years ago
Pierre-Jean Grenier	413cc2469f	chg: [cuckooimport] Handle archives downloaded from both the WebUI and the API	3 years ago
Pierre-Jean Grenier	6ba6f8bb1f	new: Rewrite cuckooimport	3 years ago
chrisr3d	415fa55fff	fix: Avoiding issues when no CWE id is provided	3 years ago
chrisr3d	0b603fc5d3	fix: Fixed unnecessary dictionary field call - No longer necessary to go under 'Event' field since PyMISP does not contain it since the latest update	3 years ago
chrisr3d	4df528c331	add: Added initial event to reference it from the vulnerability object created out of it	3 years ago
chrisr3d	034222d7b3	fix: Using the attack-pattern object template (copy-paste typo)	3 years ago
chrisr3d	7eb4f034c0	fix: Making pep8 happy	3 years ago
chrisr3d	5c15c0ff93	add: Making vulnerability object reference to its related capec & cwe objects	3 years ago
chrisr3d	c4302aa35e	add: Parsing CAPEC information related to the CVE	3 years ago
chrisr3d	7445d7336e	add: Parsing CWE related to the CVE	3 years ago
chrisr3d	7b1c35d583	fix: Fixed cvss-score object relation name	3 years ago
chrisr3d	3367e47490	fix: Avoid issues when there is no pe field in a windows file sample analysis - For instance: doc file	3 years ago
chrisr3d	3d41104d5b	fix: Avoid adding file object twice if a KeyError exception comes for some unexpected reasons	3 years ago
chrisr3d	ddeb04bd74	add: Parsing linux samples and their elf data	3 years ago
chrisr3d	41bbbeddfb	fix: Testing if file & registry activities fields exist before trying to parse it	3 years ago
chrisr3d	4c8fe9d8ef	fix: Testing if there is some screenshot data before trying to fetch it	3 years ago
chrisr3d	e2a0f27d75	fix: Fixed direction of the relationship between files, PEs and their sections - The file object includes a PE, and the PE includes sections, not the other way round	3 years ago
chrisr3d	42b95c4210	fix: Fixed variable names	3 years ago
chrisr3d	5602cf1759	add: Parsing apk samples and their permissions	3 years ago
chrisr3d	fc8a573ba7	fix: Changed the way references added at the end are saved - Some references are saved until they are added at the end, to make it easier when needed - Here we changed the way they are saved, from a dictionary with some keys to identify each part to the actual dictionary with the keys the function add_reference needs, so we can directly use this dictionary as is when the references are added to the different objects	3 years ago
chrisr3d	4ee0cbe4c5	add: Added virustotal_public to the list of available modules	3 years ago
Raphaël Vinot	80ce0a58b5	fix: Skip tests on haveibeenpwned.com if 403. Make pep8 happy.	3 years ago
chrisr3d	92d90e8e1c	add: TODO comment for the next improvement	3 years ago
chrisr3d	14cf39d8b6	chg: Updated the module to work with the updated VirusTotal API - Parsing functions updated to support the updated format of the VirusTotal API responses - The module can now return objects - /!\ This module requires a high number of requests limit rate to work as expected /!\	3 years ago
chrisr3d	1fa37ea712	fix: Avoiding issues with non existing sample types	3 years ago
chrisr3d	675e0815ff	add: Parsing communicating samples returned by domain reports	3 years ago
chrisr3d	c9c2027a57	fix: Undetected urls are represented in lists	3 years ago
chrisr3d	6fdfcb0a29	fix: Changed function name to avoid confusion with the same variable name	3 years ago
chrisr3d	729c86c336	fix: Quick fix on siblings & url parsing	3 years ago
chrisr3d	9aa721bc37	fix: typo	3 years ago
chrisr3d	641dda0103	add: Parsing downloaded samples as well as the referrer ones	3 years ago
chrisr3d	795edb7457	chg: Adding references between a domain and their siblings	3 years ago
chrisr3d	8de350744b	chg: Getting domain siblings attributes uuid for further references	3 years ago
chrisr3d	a61d09db8b	fix: Parsing detected & undetected urls	3 years ago
chrisr3d	d9b03a7aa5	fix: Various fixes about typo, variable names, data types and so on	3 years ago
chrisr3d	f862a14ce6	add: Object for VirusTotal public API queries - Lighter analysis of the report to avoid reaching the limit of queries per minute while recursing on the different elements	3 years ago
chrisr3d	3edc323836	fix: Making pep8 happy	3 years ago
chrisr3d	5703253961	new: First version of an advanced CVE parser module - Using cve.circl.lu as well as the initial module - Going deeper into the CVE parsing - More parsing to come with the CWE, CAPEC and so on	3 years ago
chrisr3d	181e6383a3	fix: Added missing add_attribute function	3 years ago
chrisr3d	9a6d484188	add: Added screenshot of the behavior of the analyzed sample	3 years ago
chrisr3d	9e45d302b1	fix: Testing if an object is not empty before adding it the the event	3 years ago
chrisr3d	9fdd6c5e58	fix: Making travis happy	3 years ago
chrisr3d	2f3ce1b615	fix: Support of the latest version of sigmatools	3 years ago
chrisr3d	1ac85a4879	fix: We will display galaxies with tags	3 years ago
chrisr3d	de966eac51	fix: Returning tags & galaxies with results - Tags may exist with the current version of the parser - Galaxies are not yet expected from the parser, nevertheless the principle is we want to return them as well if ever we have some galaxies from parsing a JoeSandbox report. Can be removed if we never galaxies at all	3 years ago
chrisr3d	b52e17fa8d	fix: Removed duplicate finalize_results function call	3 years ago
Georg Schölly	efb0a88eeb	joesandbox_query.py: improve behavior in unexpected circumstances	3 years ago
chrisr3d	aa3e873845	fix: Making pep8 happy + added joe_import module in the init list	3 years ago

1 2 3 4 5 ...

652 Commits (5ebd0bd4fcdf9018abce914e854a22e1dbc1e237)