chrisr3d
b98562a75e
chg: [cpe] Support of the new CVE-Search API
2020-11-10 17:53:47 +01:00
Alexandre Dulaunoy
ab23547844
Merge pull request #440 from MISP/chrisr3d_patch
...
Farsight passivedns module update
2020-11-10 08:33:34 +01:00
chrisr3d
d9cfcf8f62
fix: [farsight_passivedns] Uncommented mandatory field that was commented for tests
2020-11-05 17:51:41 +01:00
chrisr3d
87db6f04aa
fix: [tests] Small fixes on the expansion tests
2020-11-05 15:56:01 +01:00
chrisr3d
a357243d31
chg: [doc] Updated the farsight_passivedns module documentation
2020-11-05 15:55:46 +01:00
chrisr3d
c0440a0d33
chg: [farsight_passivedns] More context added to the results
...
- References between the passive-dns objects and
the initial attribute
- Comment on object attributes mentioning whether
the results come from an rrset or an rdata
lookup
2020-11-05 15:55:30 +01:00
chrisr3d
7c5465e02b
fix: [dnsdb] Avoiding AttributeError with the sys library, probably depending on the python version
2020-11-05 15:55:15 +01:00
chrisr3d
d9e576e605
chg: [farsight_passivedns] Rework of the module to return MISP objects
...
- All the results are parsed as passive-dns MISP
objects
- More love to give to the parsing to add
references between the passive-dns objects and
the input attribute, depending on the type of
the query (rrset or rdata), or the rrtype
(to be determined)
2020-11-05 15:55:00 +01:00
Alexandre Dulaunoy
900fe56fbb
Merge pull request #437 from chrisr3d/main
...
New expansion module to get the vulnerabilities related to a CPE
2020-11-02 20:35:38 +01:00
chrisr3d
260bddb3cf
chg: [cpe] Changed CVE-Search API default url
2020-11-02 19:03:26 +01:00
chrisr3d
54f7e604c8
Merge branch 'main' of github.com:MISP/misp-modules into main
2020-11-02 19:03:16 +01:00
chrisr3d
08d648e2f4
fix: [documentation] Updated links to the scripts, with the default branch no longer being master, but main
2020-10-29 18:29:04 +01:00
chrisr3d
bb8c616b6d
fix: Typo
2020-10-29 18:25:57 +01:00
chrisr3d
e4d2f90767
fix: Updated Pipfile
2020-10-29 18:22:07 +01:00
chrisr3d
04abdb3f59
Merge branch 'main' of github.com:MISP/misp-modules into main
2020-10-29 18:04:02 +01:00
chrisr3d
06d93101b1
add: Documentation for the html_to_markdown expansion module
2020-10-29 18:03:25 +01:00
Christian Studer
2779ed7331
Merge pull request #436 from MISP/new-html-to-markdown
...
new: [expansion] Added html_to_markdown module
2020-10-27 14:43:31 +01:00
chrisr3d
6660e2fc11
add: Added documentation for the cpe module
2020-10-24 23:52:06 +02:00
chrisr3d
88c8d9077c
fix: [cpe] Typos and variable name issues fixed + Making the module available in MISP
2020-10-24 02:40:31 +02:00
mokaddem
2be1d7a0cd
new: [expansion] Added html_to_markdown module
...
It fetches the HTML from the provided URL, performs a bit of DOM
clean-up then convert it into markdown
2020-10-23 22:17:47 +02:00
chrisr3d
410aaaeb28
add: First shot of an expansio module to query cve-search with a cpe to get the related vulnerabilities
2020-10-23 21:19:26 +02:00
chrisr3d
c00349e198
fix: [cve-advanced] Using the cpe and weakness attribute types
2020-10-22 23:25:20 +02:00
chrisr3d
2a2a908f09
Merge branch 'main' of github.com:MISP/misp-modules into new_module
2020-10-22 22:59:21 +02:00
Alexandre Dulaunoy
4b1b1820d2
Merge pull request #432 from JakubOnderka/clamav
...
chg: [clamav] Add reference to original attribute
2020-10-20 20:18:33 +02:00
Jakub Onderka
7ad5eb0bfa
chg: [clamav] Add reference to original attribute
2020-10-20 19:26:04 +02:00
Alexandre Dulaunoy
0872bb820c
chg: [clamav] TCP port connection must be an integer
2020-10-20 10:17:52 +02:00
Alexandre Dulaunoy
8b8ac581e5
Merge pull request #431 from JakubOnderka/clamav
...
new: [clamav] Module for malware scan by ClamAV
2020-10-20 09:58:55 +02:00
Jakub Onderka
f2de7ab87f
new: [clamav] Module for malware scan by ClamAV
2020-10-17 23:25:47 +02:00
Raphaël Vinot
095fbfd75f
chg: Bump deps
2020-10-09 14:41:38 +02:00
Raphaël Vinot
608bad1542
Merge branch 'main' of github.com:MISP/misp-modules into main
2020-10-09 14:24:30 +02:00
Raphaël Vinot
a907613ce2
chg: Bump deps
2020-10-09 14:24:19 +02:00
chrisr3d
48635d8f1b
add: Added documentation for the socialscan new module
...
- Also quick fix of the message for an invalid
result or response concerning the queried email
address or username
2020-10-02 17:01:02 +02:00
chrisr3d
95f5df7a91
Merge branch 'main' of github.com:MISP/misp-modules into new_module
2020-10-02 16:46:27 +02:00
chrisr3d
0072e04627
chg: Updated expansion modules documentation
...
- Added documentation for the missing modules
- Renamed some of the documentation files to match
with the module names and avoid issues within
the documentation file (README.md) with the link
of the miss-spelled module names
2020-10-02 16:41:47 +02:00
chrisr3d
d950b4d7ec
fix: Removed debugging print command
2020-10-02 01:50:49 +02:00
chrisr3d
39904b7f6c
chg: Added socialscan library in Pipfile and updated the lock file
2020-10-01 23:27:43 +02:00
chrisr3d
9a766d6010
add: New module using socialscan library to check email addresses and usernames linked to accounts on online platforms
2020-10-01 23:25:39 +02:00
chrisr3d
14aa6e2d1a
fix: [cve_advanced] Avoiding potential MISP object references issues
...
- Adding objects as dictionaries in an event may
cause issues in some cases. It is better to pass
the MISP object as is, as it is already a valid
object since the MISPObject class is used
2020-10-01 22:44:39 +02:00
chrisr3d
c5abf89805
fix: [virustotal_public] Resolve key error when user enrich hostname
...
- Same as #424
2020-09-28 12:34:00 +02:00
Christian Studer
38c3502394
Merge pull request #424 from JakubOnderka/vt-subdomains-fix
...
fix: [virustotal] Resolve key error when user enrich hostname
2020-09-28 12:32:42 +02:00
Raphaël Vinot
2dde6e8757
fix: Typo in EMailObject
...
Fix #427
2020-09-09 10:56:01 +02:00
chrisr3d
9f315f1728
chg: Updated the bgpranking expansion module test
2020-09-08 16:24:41 +02:00
chrisr3d
589a0a0321
chg: Updated documentation for the recently updated bgpranking module
2020-09-08 16:15:23 +02:00
chrisr3d
3101e5bc26
chg: Updated the bgpranking expansion module to return MISP objects
...
- The module no longer returns freetext, since the
result returned to the freetext import as text
only allowed MISP to parse the same AS number as
the input attribute.
- The new result returned with the updated module
is an asn object describing more precisely the
AS number, and its ranking for a given day
2020-09-08 16:08:57 +02:00
chrisr3d
ae1016946b
fix: Making pep8 happy
2020-08-28 17:30:23 +02:00
chrisr3d
1349ef61a5
chg: Turned the Shodan expansion module into a misp_standard format module
...
- As expected with the misp_standard modules, the
input is a full attribute and the module is able
to return attributes and objects
- There was a lot of data that was parsed as regkey
attributes by the freetext import, the module now
parses properly the different field of the result
of the query returned by Shodan
2020-08-28 16:55:50 +02:00
Alexandre Dulaunoy
dedce3da28
Merge pull request #426 from hildenjohannes/main
...
Recorded Future module: Add proxy support and User-Agent header
2020-08-28 11:06:12 +02:00
johannesh
8087c9a6a1
Add proxy support and User-Agent header
2020-08-24 11:19:15 +02:00
Alexandre Dulaunoy
c1815beff2
Merge pull request #425 from elhoim/elhoim-patch-1
...
Disable correlation for detection-ratio attribute in virustotal.py
2020-08-24 10:32:11 +02:00
David André
b5d7c9c7a3
Disable correlation for detection-ratio in virustotal.py
2020-08-24 10:11:08 +02:00