Alexandre Dulaunoy
6f378578dc
fix: misp-modules are by default installed in /bin
2017-02-21 11:27:59 +01:00
Alexandre Dulaunoy
09bf2f918f
Merge pull request #100 from rmarsollier/master
...
Some improvements of virustotal plugin
2017-02-10 17:47:51 +01:00
rmarsollier
b5b7e09ef4
Some improvements of virustotal plugin
2017-02-10 14:16:39 +01:00
Raphaël Vinot
fb3624451d
Merge pull request #96 from johestephan/master
...
XForce Exchange v1 (alpha)
2017-02-06 17:40:49 +01:00
Joerg Stephan
de3495ea6c
passed local run check
2017-02-01 14:05:29 +01:00
Joerg Stephan
68250094ff
v1
2017-01-31 16:57:16 +01:00
Joerg Stephan
2651e68238
removed urrlib2
2017-01-31 16:54:53 +01:00
Joerg Stephan
dad73feaa4
python3 changes
2017-01-31 16:34:41 +01:00
Joerg Stephan
03044e1e6a
merged xforce exchange
2017-01-22 00:00:15 +01:00
Joerg Stephan
3590504821
XForce Exchange v1 (alpha)
2017-01-21 23:31:19 +01:00
seamus tuohy
0566049c63
Added unit tests for UTF emails
2017-01-11 17:53:54 -05:00
Alexandre Dulaunoy
8bdb0fcdc9
Merge pull request #56 from RichieB2B/ncsc-nl/mispjson
...
Simple import module to import MISP JSON format
2017-01-11 10:16:33 +01:00
Richard van den Berg
3a4c540a81
Updated description to reflect merging use case
2017-01-11 10:08:35 +01:00
Richard van den Berg
50bae1f549
Simple import module to import MISP JSON format
2017-01-11 10:08:35 +01:00
Alexandre Dulaunoy
bf5ed3d032
Merge pull request #92 from seamustuohy/duck_typing_failure
...
Email import no longer unzips major compressed text document formats.
2017-01-10 16:04:28 +01:00
seamus tuohy
83a9d695ea
Email import no longer unzips major compressed text document formats.
...
Let this commit serve as a warning about the perils of duck typing.
Word documents (docx,odt,etc) were being uncompressed when they were
attached to emails. The email importer now checks a list of well known
extensions and will not attempt to unzip them.
It is stuck using a list of extensions instead of using file magic because
many of these formats produce an application/zip mimetype when scanned.
2017-01-10 09:55:33 -05:00
Raphaël Vinot
7ec6e3dc8e
Merge branch 'master' of github.com:MISP/misp-modules
2017-01-07 19:30:36 -05:00
Raphaël Vinot
1051e2210b
Keep zip content as binary
2017-01-07 19:30:00 -05:00
Raphaël Vinot
d07e34e76c
Merge pull request #91 from Rafiot/master
...
Improve email import module
2017-01-07 18:53:08 -05:00
Raphaël Vinot
9f84db3659
Fix tests, cleanup
2017-01-07 18:36:08 -05:00
Raphaël Vinot
2db845c45c
Improve support of email attachments
...
Related to #90
2017-01-07 14:39:52 -05:00
Raphaël Vinot
352f9ec2ed
Merge pull request #89 from Rafiot/fix_87
...
Improve VT support.
2017-01-07 10:46:37 -05:00
Hannah Ward
727f302dd1
Standardised key checking
2017-01-07 10:38:28 -05:00
Hannah Ward
20fd05a231
Fixed checking for submission_names in VT JSON
2017-01-07 10:37:57 -05:00
CheYenBzh
d7b33532eb
Update virustotal.py
2017-01-07 10:37:47 -05:00
Raphaël Vinot
15c3f0d482
Merge branch 'master' of github.com:MISP/misp-modules
2017-01-07 10:26:24 -05:00
Raphaël Vinot
b51806ac9f
Improve support of email importer if headers are missing
...
Fix #88
2017-01-07 10:25:38 -05:00
Alexandre Dulaunoy
f61edd98d2
Training materials updated + Cuckoo JSON import module was missing
2017-01-07 10:45:22 +01:00
Raphaël Vinot
3b56abd70e
Remove python 3.3 support
2017-01-06 20:41:43 -05:00
Raphaël Vinot
02f5e95a98
Fix python 3.6 support
2017-01-06 20:36:09 -05:00
Raphaël Vinot
329586768b
Make PEP8 happy
2017-01-06 20:10:44 -05:00
Raphaël Vinot
7a9774bff7
Add email_import in the modules loaded by default
2017-01-06 19:23:23 -05:00
Raphaël Vinot
93a49c3c1d
Make PEP8 happy
2017-01-06 19:01:19 -05:00
Raphaël Vinot
3f83357a2d
Fix failing test (bug in the mail parser?)
2017-01-06 18:56:29 -05:00
seamus tuohy
1a7973bc06
Add additional email parsing and tests
...
Added additional attribute parsing and corresponding unit-tests.
E-mail attachment and url extraction added in this commit. This includes
unpacking zipfiles and simple password cracking of encrypted zipfiles.
2017-01-04 10:21:36 -08:00
seamus tuohy
0ff270a3be
Fixed basic errors
2016-12-26 14:33:10 -08:00
seamus tuohy
08261366b7
Merged with current master
2016-12-26 14:17:20 -08:00
seamus tuohy
6ec307b911
Adding basic test mockup
2016-12-26 14:09:52 -08:00
seamus tuohy
ec2d78c768
Adding more steps to module testing
2016-12-26 14:09:21 -08:00
seamus tuohy
86ae72c444
Added attachment and url support
2016-12-26 13:55:54 -08:00
Raphaël Vinot
05d0e9aed6
Merge pull request #85 from rmarsollier/master
...
add libjpeg-dev as a dep to allow pillow to be installed succesfully
2016-12-20 21:51:40 +01:00
robin.marsollier@conix.fr
97c49e2675
add libjpeg-dev as a dep to allow pillow to be installed succesfully
2016-12-20 16:14:08 +01:00
Alexandre Dulaunoy
1753c89bed
GeoIP module added
2016-12-17 15:06:08 +01:00
Raphaël Vinot
fb6af4493f
Merge pull request #84 from MISP/amuehlem-master
...
Fix PR
2016-12-16 15:40:16 +01:00
Raphaël Vinot
9bf1c936cf
Do not crash if the dat file is not available
2016-12-16 15:22:16 +01:00
Raphaël Vinot
064c3e3649
Fix path to config file
2016-12-16 15:14:48 +01:00
Raphaël Vinot
29bedc7faa
Merge branch 'master' of https://github.com/amuehlem/misp-modules into amuehlem-master
2016-12-16 15:05:45 +01:00
Raphaël Vinot
60d3e0a1ac
Better error reporting
2016-12-16 12:02:28 +01:00
Raphaël Vinot
ffc0a97126
Catch exception
2016-12-16 11:52:51 +01:00
Raphaël Vinot
467e50327d
Add reverse lookup
2016-12-16 11:22:22 +01:00