MISP
/
misp-modules
mirror of https://github.com/MISP/misp-modules
2
0
Fork 0
Code Issues Releases Wiki Activity
1,882 Commits
6 Branches
54 Tags
18 MiB
Commit Graph

718 Commits (77035a82e0c39d26fa97270dd254edd36d199331)

Author SHA1 Message Date
Sebdraven 5d80b79bc4 Update yeti.py 
add tags for attribute
 2021-04-19 17:55:29 +02:00
Sebdraven 43672ee9a9 Update yeti.py 
remove tag
 2021-04-19 17:20:13 +02:00
Sebdraven f7ca8bf140 Update yeti.py 
test tags
 2021-04-19 17:19:23 +02:00
Sebdraven ee7c065795 Update yeti.py 
change tags method
 2021-04-19 17:16:59 +02:00
Sebdraven 21b52dda15 Update yeti.py 
add related observable and AS
 2021-04-19 17:10:47 +02:00
Sebdraven 5e6aec4162 Update yeti.py 
remove print debug
 2021-04-19 13:49:02 +02:00
Sebdraven b46a3a8885 Update yeti.py 
fix bugs key error
 2021-04-19 13:47:45 +02:00
Sebdraven 0da40b34ee Update yeti.py 
add param
 2021-04-19 13:45:29 +02:00
Sebdraven 1e98f1d575 Update yeti.py 
try typo
 2021-04-19 12:20:25 +02:00
Sebdraven 53cc15adcd Update yeti.py 
remove print
 2021-04-19 12:12:32 +02:00
Sebdraven ef6596637d Update yeti.py 
remove tests
 2021-04-19 11:49:24 +02:00
Sebdraven e3fc3a3f38 Update yeti.py 
test
 2021-04-19 11:47:06 +02:00
Sebdraven 8a24ed7fd6 Update yeti.py 
add logs
 2021-04-19 11:27:33 +02:00
Sebdraven 559533ea78 Update yeti.py 
try test
 2021-04-19 11:25:50 +02:00
Sebdraven a29779eff6 Update yeti.py 
add check
 2021-04-19 11:24:01 +02:00
Sebdraven 4634567b23 Update yeti.py 
correct bug
 2021-04-19 11:09:38 +02:00
Sebdraven be212097a7 Update yeti.py 
add log
 2021-04-19 11:08:21 +02:00
Sebdraven af01db860a Update yeti.py 
add log
 2021-04-19 11:05:16 +02:00
Sebdraven 07f54c1b86 Update yeti.py 
correct typo
 2021-04-19 11:03:39 +02:00
Sebdraven 69a5584dfe Update yeti.py 
add relation
 2021-04-19 11:00:55 +02:00
Sebdraven 6cd99c03e4 Update yeti.py 
refactoring and add Url neighboors
 2021-04-19 10:46:07 +02:00
chrisr3d dbff9b3aa8
chg: [rbl] Added a timeout parameter to change the resolver timeout & lifetime if needed 2021-04-16 22:00:27 +02:00
chrisr3d 576dcca671
chg: [rbl] Small changes on the rbl list and the results handling 2021-04-16 16:45:38 +02:00
chrisr3d 300cdc7a4c
fix: [ocr_enrich] Making Pep8 happy 2021-04-15 16:41:15 +02:00
chrisr3d 611bb6fa9e
fix: [ocr_enrich] Fixed tesseract input format 
- It looks like the `image_to_string` method now
  assumes RGB format and the `imdecode` method
  seems to give BGR format, so we convert the
  image array before
 2021-04-15 16:12:00 +02:00
chrisr3d 729feaa3f2
fix: [hibp] Fixed config handling to avoir KeyError exceptions 2021-04-14 16:52:55 +02:00
Alexandre Dulaunoy 577d0de500
chg: [farsight] make PEP happy 2021-04-14 14:45:55 +02:00
Alexandre Dulaunoy 0752628de5
fix: [cve_advanced] Some CVEs are not in CWE format but in NVD-CWE-Other 2021-04-08 19:14:13 +02:00
chrisr3d a2282c4721
add: [farsight_passivedns] Adding first_seen & last_seen (when available) in passivedns objects 
- The object_relation `time_first` is added as the
  `first_seen` value of the object
- Same with `time_last` -> `last_seen`
 2021-03-31 13:42:07 +02:00
chrisr3d 505bbbc20a
fix: [farsight_passivedns] Excluding last_seen value for now, in order to get the available results 
- With last_seen set we can easily get results
  included in a certain time frame (between first
  seen and last seen), but we do not get the
  latest results. In order to get those ones, we
  skip filtering on the time_last_before value
 2021-03-30 17:34:01 +02:00
chrisr3d 5077050a3e
chg: [farsight_passivedns] Making first_time and last_time results human readable 
- We get the datetime format instead of the raw
  timestamp
 2021-03-30 03:47:34 +02:00
chrisr3d 327a1ac893
fix: [farsight_passivedns] Fixed lookup_rdata_name results desclaration 
- Getting generator as a list as it is already the
  case for all the other results, so it avoids
  issues to read the results by accidently looping
  through the generator before it is actually
  needed, which would lose the content of the
  generator
- Also removed print that was accidently introduced
  with the last commit
 2021-03-30 03:42:54 +02:00
chrisr3d 8935c4adc5 Merge branch 'main' of github.com:MISP/misp-modules into new_features 2021-03-29 20:10:28 +02:00
chrisr3d 25d826076c
add: [farsight_passivedns] New lookup argument based on the first_seen & last_seen fields 2021-03-29 20:09:29 +02:00
Alexandre Dulaunoy 521cdc4435
Merge pull request #484 from GreyNoise-Intelligence/main 
Update to GreyNoise expansion module
 2021-03-26 23:20:24 +01:00
Brad Chiappetta 5e20ea0dc0 update community api to released ver 2021-03-26 11:19:40 -04:00
Brad Chiappetta 714eb425c6 fix ver info 2021-03-23 13:41:05 -04:00
Brad Chiappetta 2855f7ff5f updates for greynoise community api 2021-03-23 13:39:36 -04:00
Sebdraven b42da0435b Update yeti.py 
add key results
 2021-03-19 15:55:18 +01:00
Sebdraven 240d043f91 Update yeti.py 
delete attr
 2021-03-19 15:50:37 +01:00
Sebdraven ef2bf29621 Update yeti.py 
correction format strings
 2021-03-19 15:39:09 +01:00
Sebdraven 76133ace8b Update yeti.py 
change logs
 2021-03-19 15:37:49 +01:00
Sebdraven 6b35a7ee4d Update yeti.py 
value attribute
 2021-03-19 15:32:05 +01:00
Sebdraven ed3e0d56fd Update yeti.py 
change logs
 2021-03-19 15:29:21 +01:00
Sebdraven 1be2c27131 Update yeti.py 
add logs
 2021-03-19 15:26:45 +01:00
Sebdraven 83c4b2f4b0 Update yeti.py 
add relation
 2021-03-19 15:22:53 +01:00
Sebdraven cd97186776 Update yeti.py 
remove add
 2021-03-19 15:20:58 +01:00
Sebdraven 624f423264 Update yeti.py 
add logs
 2021-03-19 15:19:37 +01:00
Sebdraven 5176a36acf Update yeti.py 
change relations
 2021-03-19 15:16:00 +01:00
Sebdraven 86275d7610 Update yeti.py 
change modification
 2021-03-19 14:38:34 +01:00
Sebdraven 0a364cf815 Update yeti.py 
update relation
 2021-03-19 14:32:00 +01:00
Sebdraven 9eb41f4022 Update yeti.py 
change relation type
 2021-03-19 14:26:44 +01:00
Sebdraven 0d035c0292 Update yeti.py 
add relationship
 2021-03-19 14:22:51 +01:00
Sebdraven b9ce6d689c Update yeti.py 
add ref
 2021-03-19 13:56:02 +01:00
Sebdraven 28b554d975 Update yeti.py 
add test
 2021-03-19 12:24:15 +01:00
Sebdraven bc1bea0ec4 Update yeti.py 
change attribute add
 2021-03-19 12:12:37 +01:00
Sebdraven 7255a1eddc Update yeti.py 
change relationship
 2021-03-19 12:09:54 +01:00
Sebdraven 65d8bb6b07 Update yeti.py 
log json
 2021-03-19 11:51:55 +01:00
Sebdraven 633f5efd56 Update yeti.py 
log object
 2021-03-19 11:48:55 +01:00
Sebdraven bd5c1b0b53 Update yeti.py 
add logs
 2021-03-19 11:40:23 +01:00
Sebdraven 1dfdb5a2a2 Update yeti.py 
change type attr and relation
 2021-03-19 11:29:57 +01:00
Sebdraven 347d12c78c Update yeti.py 
add logs
 2021-03-19 11:27:23 +01:00
Sebdraven d868373c5a Update yeti.py 
add logs
 2021-03-19 11:24:10 +01:00
Sebdraven bd4a4b87fc Update yeti.py 
add logs
 2021-03-19 11:18:01 +01:00
Sebdraven c9bc97c9f9 Update yeti.py 
change relation type and misp event init
 2021-03-19 11:15:27 +01:00
Sebdraven 0618e288d3 Update yeti.py 
add relation object
 2021-03-19 11:01:02 +01:00
Sebdraven 48f56b0690 Update yeti.py 
add object
 2021-03-19 10:52:48 +01:00
chrisr3d 9f80d69e64 Merge branch 'main' of github.com:MISP/misp-modules into new_features 2021-03-18 19:34:18 +01:00
chrisr3d 458e432bb7
fix: Making pep8 happy 2021-03-18 19:22:26 +01:00
chrisr3d aea7e247a5 Merge branch 'main' of github.com:MISP/misp-modules into new_features 2021-03-18 18:45:41 +01:00
chrisr3d c8c44e75bf
fix: [farsight_passivedns] Fixed queries to the API 
- Since flex queries input may be email addresses,
  we nake sure we replace '@' by '.' in the flex
  queries input.
- We also run the flex queries with the input as
  is first, before runnning them as second time
  with '.' characters escaped: '\\.'
 2021-03-18 18:40:27 +01:00
Alexandre Dulaunoy bd38fabba5
Merge pull request #481 from cocaman/main 
Adding ThreatFox enrichment module
 2021-03-17 23:17:21 +01:00
chrisr3d f58f4aa9eb
chg: [farsight_passivedns] Added input types for more flex queries 
- Standard types still supported as before
  - Name or ip lookup, with optional flex queries
- New attribute types added will only send flex
  queries to the DNSDB API
 2021-03-17 20:17:07 +01:00
Corsin Camichel a13184b078
adding additional tags 2021-03-13 20:59:54 +01:00
Corsin Camichel d14d3d585f
first version of ThreatFox enrichment module 2021-03-13 20:36:49 +01:00
Corsin Camichel d913ae4b36
updating "hibp" for API version 3 2021-03-13 17:44:27 +01:00
Jürgen Löhel 9e8d01b6c8
fix: google.py module 
The search result does not include always 3 elements. It's better to
enumerate here.
The googleapi fails sometimes. Retry it 3 times.

Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
 2021-03-09 18:04:12 -06:00
Jürgen Löhel c1700cc955
fix: google.py module 
Corrects import for gh.com/abenassi/Google-Search-API.

Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
 2021-03-09 16:46:11 -06:00
Sebdraven 6fc3b2a860 Update yeti.py 
refactoring
 2021-03-05 19:01:25 +01:00
Sebdraven 294bdee51a Update yeti.py 
using attribute
 2021-03-05 16:57:55 +01:00
Sebdraven 33bba708bf Update yeti.py 
use format misp
 2021-03-05 16:53:49 +01:00
Sebdraven bf617807df Update yeti.py 
modify acess dict
 2021-03-05 15:19:30 +01:00
Sebdraven 9de5dd89ee Update yeti.py 
add logs
 2021-03-05 15:14:25 +01:00
Sebdraven 7e1bf41d47 Update yeti.py 
add logs
 2021-03-05 15:08:32 +01:00
Sebdraven cb008124c3 Update yeti.py 
add neighboors iocs to add the event
 2021-03-05 15:06:13 +01:00
Sebdraven e3f23793e0 Update yeti.py 
modify call yeti
 2021-03-05 11:40:11 +01:00
Sebdraven 6aff43cf99 Update yeti.py 
Correct bugs
 2021-03-05 11:37:04 +01:00
Sebdraven 800020d6a2 Update yeti.py 
change inherit
 2021-03-05 11:34:01 +01:00
Sebdraven e2a1ade14a Update yeti.py 
change path to access config settings
 2021-03-05 11:28:50 +01:00
Sebdraven 3fdce84ff7 Update yeti.py 
add log
 2021-03-05 11:24:43 +01:00
Sebdraven e7cb15a0c4 Update yeti.py 
add ip-dst to enrich
 2021-03-05 11:22:53 +01:00
Sebdraven 0f31893fdb Update yeti.py 
add logs
 2021-03-05 11:06:12 +01:00
Sebdraven 1209cd3a75 yeti pluggin 
get_entities and get_neighboors
 2021-03-05 11:00:19 +01:00
Sebdraven 1def6e3f06 Update yeti.py 
add introspection method
 2021-02-05 12:02:08 +01:00
Sebdraven b29b3ded28 Update yeti.py 
add method version
 2021-02-05 11:47:27 +01:00
Sebdraven 619d648084 Update yeti.py 
correct import
 2021-02-05 11:37:34 +01:00
Sebdraven 66fc121dbe Update yeti.py 
add config and struct
 2021-02-05 11:17:40 +01:00
Sebdraven 7781a0cae7 add new module 
new module yeti
 2021-02-05 10:18:52 +01:00
adammchugh 2832466f7f
Update assemblyline_submit.py 2021-02-02 22:56:02 +10:30
adammchugh 6f5c77ef08
Update assemblyline_query.py 2021-02-02 22:55:09 +10:30