MISP
/
misp-modules
mirror of https://github.com/MISP/misp-modules
2
0
Fork 0
Code Issues Releases Wiki Activity
836 Commits
6 Branches
54 Tags
18 MiB
Commit Graph

446 Commits (7da6d4102035f3fc0d75e922155ce3ee78f03601)

Author SHA1 Message Date
chrisr3d 7da6d41020
add: Update to include domain & hostname composite attributes 2018-11-19 09:33:49 +01:00
chrisr3d d127865139
add: Update to include composite attributes in the supported input types 2018-11-16 17:12:38 +01:00
chrisr3d a02811cdbe
add: Updated input types to include hostname attributes 2018-11-16 16:17:43 +01:00
chrisr3d 804fe00188
add: Supporting composite attributes ip-*|port 
- Including 1 test to avoid querying Crowdstrike
  with a port value
 2018-11-16 16:14:55 +01:00
chrisr3d b37073c746 Merge branch 'master' of github.com:MISP/misp-modules into chrisr3d_patch 2018-11-16 15:14:53 +01:00
chrisr3d 6e2b38d9e0
add: Update to support domain|ip attributes 
- Also including separate parsing of each part of
  the composite domain|ip value
 2018-11-16 15:11:48 +01:00
Christophe Vandeplas 8817de4765 fix: threatanalyzer_import - bugfix for TA6.1 behavior 2018-11-16 13:29:47 +01:00
chrisr3d 839c8de0eb
add: Update to support attribute hostname|port 2018-11-16 10:02:19 +01:00
chrisr3d f94adcada6
fix: Fixed type of the result in case of exception 
- Set as str since some exception types are not
  jsonable
 2018-11-15 19:47:02 +01:00
chrisr3d ec9d78362c
fix: Removed wrong 'ip' attribute type from input types 2018-11-15 19:45:34 +01:00
chrisr3d 36fbf96a12
fix: Added hostname attribute support as it is intended 2018-11-15 19:44:43 +01:00
chrisr3d 651f69126d Merge branch 'master' of github.com:MISP/misp-modules into chrisr3d_patch 2018-11-13 16:05:24 +01:00
chrisr3d 299e97d1ce
add: Added imphash to input attribute types 2018-11-13 15:40:47 +01:00
Sascha Rommelfangen 3e25428978 debug removed 2018-11-13 15:34:33 +01:00
Sascha Rommelfangen 8285ff324f API changes reflected 2018-11-13 15:30:06 +01:00
chrisr3d 58b3a069bf
fix: Updated yara import error message 
- Better to 'pip install -I -r REQUIREMENTS' to
  have the correct yara-python version working
  for all the modules, than having another one
  failing with yara hash & pe modules
 2018-11-12 16:22:14 +01:00
chrisr3d ad1ccdb9d0 Merge branch 'master' of github.com:MISP/misp-modules into chrisr3d_patch 2018-11-12 12:48:58 +01:00
Alexandre Dulaunoy 5d1583d88b
chg: [onyphe] fix #252 2018-11-11 15:49:14 +01:00
Sascha Rommelfangen 463d7ae874
bug fix regarding leftovers between runs 2018-11-07 14:57:19 +01:00
Steve Clement 91f922b5c4 chg: [btc] Removed simple PoC for btc expansion. 2018-11-07 22:53:21 +09:00
Sascha Rommelfangen 00b1b3214b added btc_steroids to the list 2018-11-07 14:28:28 +01:00
Sascha Rommelfangen b01cb28323 initial version of a Bitcoin module 2018-11-07 14:14:39 +01:00
Steve Clement 7bafa939b0 new: [btc] Very simple BTC expansion 
chg: [req] yara-python is preferred
 2018-11-06 00:48:36 +09:00
chrisr3d d1308f9924
chg: Validating yara rules after their creation 2018-11-02 21:35:02 +01:00
chrisr3d 62aa268d01 Merge branch 'master' of github.com:MISP/misp-modules 2018-10-31 10:22:12 +01:00
chrisr3d 1c10fd5e50
fix: Making yara query an expansion module for single attributes atm 2018-10-31 10:21:21 +01:00
milkmix e8761c1664 super simple support for mutexes through winbaseobj in osquery 3.3 2018-10-25 21:28:46 +02:00
chrisr3d 1d530a7fa6
new: First version of a yara rule creation expansion module 2018-10-18 14:44:57 +02:00
Julien Bachmann 04ba4b34e3
Merge branch 'master' into export_osquery 2018-10-03 16:59:51 +01:00
milkmix 78b4aade08 corrected typos and unused imports 2018-10-03 17:55:08 +02:00
chrisr3d e2cebd6c3e
fix: Catching errors while parsing additional info in requests 2018-09-25 17:10:19 +02:00
Codelinefi-admin c19989e217 Fixed a bug with wrong dates conversion 2018-09-19 21:50:56 +03:00
isox f1325f4316 Fixed getting of the Vulners AI score. 2018-09-18 18:36:12 +03:00
Igor Ivanov 3e9589d0f4 code cleanup and formatting 2018-09-18 14:38:49 +02:00
Igor Ivanov 8d7d377464 added exploit information 2018-09-18 12:11:47 +02:00
Igor Ivanov 5dc05bfafc initial Vulners module PoC 2018-09-18 11:18:55 +02:00
Codelinefi-admin db7dbd6ed5 macaddress.io hover module added 2018-09-13 17:02:49 +03:00
chrisr3d 5c718c5379
fix: Making python 3.5 happy with the exception type ImportError 2018-09-08 02:53:15 +02:00
chrisr3d cfbd63f14e
fix: Fixed exception type for python 3.5 2018-09-07 18:06:01 +02:00
chrisr3d a18db2ed1d
fix: Fixed exception type 2018-09-07 17:56:25 +02:00
chrisr3d 48fcf9a85e
fix: Fixed syntax error 2018-09-07 17:49:28 +02:00
chrisr3d 26647a164b
fix: Fixed indentation error 2018-09-07 17:43:46 +02:00
chrisr3d 5c69f1d867 Merge branch 'master' of github.com:MISP/misp-modules 2018-09-07 16:59:21 +02:00
Sascha Rommelfangen ef781f59f8
fixed typo 
via #220
 2018-09-06 14:05:55 +02:00
chrisr3d ba728f7120
fix: Fixed 1 variable misuse + cleaned up variable names 
- Fixed use of 'domain' variable instead of 'email'
- Cleaned up variable names to avoid redefinition
  of built-in variables
 2018-09-03 14:43:51 +02:00
chrisr3d cdf2f434ce
fix: Avoiding adding attributes that are already in the event 2018-09-03 14:30:33 +02:00
chrisr3d 33181bc52b
fix: Fixed quick variable issue 2018-09-03 14:29:42 +02:00
chrisr3d 0ab38feade
fix: Cleaned up test function not used anymore 2018-09-03 13:17:48 +02:00
chrisr3d 936e30b15b
fix: Multiple attributes parsing support 
- Fixing one of my previous changes not processing
  multiple attributes parsing
 2018-09-03 12:03:42 +02:00
chrisr3d 2af947a2de
fix: Removed print 2018-09-03 10:23:05 +02:00