Commit Graph

338 Commits (6f378578dc6644a0c18249ccd277b5eb54e8b034)

Author SHA1 Message Date
Alexandre Dulaunoy 6f378578dc fix: misp-modules are by default installed in /bin 2017-02-21 11:27:59 +01:00
Alexandre Dulaunoy 09bf2f918f Merge pull request #100 from rmarsollier/master
Some improvements of virustotal plugin
2017-02-10 17:47:51 +01:00
rmarsollier b5b7e09ef4 Some improvements of virustotal plugin 2017-02-10 14:16:39 +01:00
Raphaël Vinot fb3624451d Merge pull request #96 from johestephan/master
XForce Exchange v1 (alpha)
2017-02-06 17:40:49 +01:00
Joerg Stephan de3495ea6c passed local run check 2017-02-01 14:05:29 +01:00
Joerg Stephan 68250094ff v1 2017-01-31 16:57:16 +01:00
Joerg Stephan 2651e68238 removed urrlib2 2017-01-31 16:54:53 +01:00
Joerg Stephan dad73feaa4 python3 changes 2017-01-31 16:34:41 +01:00
Joerg Stephan 03044e1e6a merged xforce exchange 2017-01-22 00:00:15 +01:00
Joerg Stephan 3590504821 XForce Exchange v1 (alpha) 2017-01-21 23:31:19 +01:00
Alexandre Dulaunoy 8bdb0fcdc9 Merge pull request #56 from RichieB2B/ncsc-nl/mispjson
Simple import module to import MISP JSON format
2017-01-11 10:16:33 +01:00
Richard van den Berg 3a4c540a81 Updated description to reflect merging use case 2017-01-11 10:08:35 +01:00
Richard van den Berg 50bae1f549 Simple import module to import MISP JSON format 2017-01-11 10:08:35 +01:00
Alexandre Dulaunoy bf5ed3d032 Merge pull request #92 from seamustuohy/duck_typing_failure
Email import no longer unzips major compressed text document formats.
2017-01-10 16:04:28 +01:00
seamus tuohy 83a9d695ea Email import no longer unzips major compressed text document formats.
Let this commit serve as a warning about the perils of duck typing.
Word documents (docx,odt,etc) were being uncompressed when they were
attached to emails. The email importer now checks a list of well known
extensions and will not attempt to unzip them.

It is stuck using a list of extensions instead of using file magic because
many of these formats produce an application/zip mimetype when scanned.
2017-01-10 09:55:33 -05:00
Raphaël Vinot 7ec6e3dc8e Merge branch 'master' of github.com:MISP/misp-modules 2017-01-07 19:30:36 -05:00
Raphaël Vinot 1051e2210b Keep zip content as binary 2017-01-07 19:30:00 -05:00
Raphaël Vinot d07e34e76c Merge pull request #91 from Rafiot/master
Improve email import module
2017-01-07 18:53:08 -05:00
Raphaël Vinot 9f84db3659 Fix tests, cleanup 2017-01-07 18:36:08 -05:00
Raphaël Vinot 2db845c45c Improve support of email attachments
Related to #90
2017-01-07 14:39:52 -05:00
Raphaël Vinot 352f9ec2ed Merge pull request #89 from Rafiot/fix_87
Improve VT support.
2017-01-07 10:46:37 -05:00
Hannah Ward 727f302dd1 Standardised key checking 2017-01-07 10:38:28 -05:00
Hannah Ward 20fd05a231 Fixed checking for submission_names in VT JSON 2017-01-07 10:37:57 -05:00
CheYenBzh d7b33532eb Update virustotal.py 2017-01-07 10:37:47 -05:00
Raphaël Vinot 15c3f0d482 Merge branch 'master' of github.com:MISP/misp-modules 2017-01-07 10:26:24 -05:00
Raphaël Vinot b51806ac9f Improve support of email importer if headers are missing
Fix #88
2017-01-07 10:25:38 -05:00
Alexandre Dulaunoy f61edd98d2 Training materials updated + Cuckoo JSON import module was missing 2017-01-07 10:45:22 +01:00
Raphaël Vinot 3b56abd70e Remove python 3.3 support 2017-01-06 20:41:43 -05:00
Raphaël Vinot 02f5e95a98 Fix python 3.6 support 2017-01-06 20:36:09 -05:00
Raphaël Vinot 329586768b Make PEP8 happy 2017-01-06 20:10:44 -05:00
Raphaël Vinot 7a9774bff7 Add email_import in the modules loaded by default 2017-01-06 19:23:23 -05:00
Raphaël Vinot 93a49c3c1d Make PEP8 happy 2017-01-06 19:01:19 -05:00
Raphaël Vinot 3f83357a2d Fix failing test (bug in the mail parser?) 2017-01-06 18:56:29 -05:00
seamus tuohy 1a7973bc06 Add additional email parsing and tests
Added additional attribute parsing and corresponding unit-tests.
E-mail attachment and url extraction added in this commit. This includes
unpacking zipfiles and simple password cracking of encrypted zipfiles.
2017-01-04 10:21:36 -08:00
seamus tuohy 0ff270a3be Fixed basic errors 2016-12-26 14:33:10 -08:00
seamus tuohy 08261366b7 Merged with current master 2016-12-26 14:17:20 -08:00
seamus tuohy 6ec307b911 Adding basic test mockup 2016-12-26 14:09:52 -08:00
seamus tuohy ec2d78c768 Adding more steps to module testing 2016-12-26 14:09:21 -08:00
seamus tuohy 86ae72c444 Added attachment and url support 2016-12-26 13:55:54 -08:00
Raphaël Vinot 05d0e9aed6 Merge pull request #85 from rmarsollier/master
add libjpeg-dev as a dep to allow pillow to be installed succesfully
2016-12-20 21:51:40 +01:00
robin.marsollier@conix.fr 97c49e2675 add libjpeg-dev as a dep to allow pillow to be installed succesfully 2016-12-20 16:14:08 +01:00
Alexandre Dulaunoy 1753c89bed GeoIP module added 2016-12-17 15:06:08 +01:00
Raphaël Vinot fb6af4493f Merge pull request #84 from MISP/amuehlem-master
Fix PR
2016-12-16 15:40:16 +01:00
Raphaël Vinot 9bf1c936cf Do not crash if the dat file is not available 2016-12-16 15:22:16 +01:00
Raphaël Vinot 064c3e3649 Fix path to config file 2016-12-16 15:14:48 +01:00
Raphaël Vinot 29bedc7faa Merge branch 'master' of https://github.com/amuehlem/misp-modules into amuehlem-master 2016-12-16 15:05:45 +01:00
Raphaël Vinot 60d3e0a1ac Better error reporting 2016-12-16 12:02:28 +01:00
Raphaël Vinot ffc0a97126 Catch exception 2016-12-16 11:52:51 +01:00
Raphaël Vinot 467e50327d Add reverse lookup 2016-12-16 11:22:22 +01:00
Raphaël Vinot 4a8ccb54fb Refactoring of domaintools expansion module 2016-12-15 16:49:56 +01:00