Commit Graph

447 Commits (8285ff324fcd03c97ee6a077b05cd5a4430e9712)

Author SHA1 Message Date
Sascha Rommelfangen 8285ff324f API changes reflected 2018-11-13 15:30:06 +01:00
chrisr3d 58b3a069bf
fix: Updated yara import error message
- Better to 'pip install -I -r REQUIREMENTS' to
  have the correct yara-python version working
  for all the modules, than having another one
  failing with yara hash & pe modules
2018-11-12 16:22:14 +01:00
chrisr3d ad1ccdb9d0 Merge branch 'master' of github.com:MISP/misp-modules into chrisr3d_patch 2018-11-12 12:48:58 +01:00
Alexandre Dulaunoy 5d1583d88b
chg: [onyphe] fix #252 2018-11-11 15:49:14 +01:00
Sascha Rommelfangen 463d7ae874
bug fix regarding leftovers between runs 2018-11-07 14:57:19 +01:00
Steve Clement 91f922b5c4 chg: [btc] Removed simple PoC for btc expansion. 2018-11-07 22:53:21 +09:00
Sascha Rommelfangen 00b1b3214b added btc_steroids to the list 2018-11-07 14:28:28 +01:00
Sascha Rommelfangen b01cb28323 initial version of a Bitcoin module 2018-11-07 14:14:39 +01:00
Steve Clement 7bafa939b0 new: [btc] Very simple BTC expansion
chg: [req] yara-python is preferred
2018-11-06 00:48:36 +09:00
chrisr3d d1308f9924
chg: Validating yara rules after their creation 2018-11-02 21:35:02 +01:00
Steve Clement bb5f6fffae chg: [init] Added try/catch in case misp-modules is already running on a port, or port is in use... 2018-11-02 10:42:40 +09:00
chrisr3d 62aa268d01 Merge branch 'master' of github.com:MISP/misp-modules 2018-10-31 10:22:12 +01:00
chrisr3d 1c10fd5e50
fix: Making yara query an expansion module for single attributes atm 2018-10-31 10:21:21 +01:00
milkmix e8761c1664 super simple support for mutexes through winbaseobj in osquery 3.3 2018-10-25 21:28:46 +02:00
chrisr3d 1d530a7fa6
new: First version of a yara rule creation expansion module 2018-10-18 14:44:57 +02:00
Julien Bachmann 04ba4b34e3
Merge branch 'master' into export_osquery 2018-10-03 16:59:51 +01:00
milkmix 78b4aade08 corrected typos and unused imports 2018-10-03 17:55:08 +02:00
chrisr3d e2cebd6c3e
fix: Catching errors while parsing additional info in requests 2018-09-25 17:10:19 +02:00
Codelinefi-admin c19989e217 Fixed a bug with wrong dates conversion 2018-09-19 21:50:56 +03:00
isox f1325f4316 Fixed getting of the Vulners AI score. 2018-09-18 18:36:12 +03:00
Igor Ivanov 3e9589d0f4 code cleanup and formatting 2018-09-18 14:38:49 +02:00
Igor Ivanov 8d7d377464 added exploit information 2018-09-18 12:11:47 +02:00
Igor Ivanov 5dc05bfafc initial Vulners module PoC 2018-09-18 11:18:55 +02:00
Codelinefi-admin db7dbd6ed5 macaddress.io hover module added 2018-09-13 17:02:49 +03:00
chrisr3d 5c718c5379
fix: Making python 3.5 happy with the exception type ImportError 2018-09-08 02:53:15 +02:00
chrisr3d cfbd63f14e
fix: Fixed exception type for python 3.5 2018-09-07 18:06:01 +02:00
chrisr3d a18db2ed1d
fix: Fixed exception type 2018-09-07 17:56:25 +02:00
chrisr3d 48fcf9a85e
fix: Fixed syntax error 2018-09-07 17:49:28 +02:00
chrisr3d 26647a164b
fix: Fixed indentation error 2018-09-07 17:43:46 +02:00
chrisr3d 5c69f1d867 Merge branch 'master' of github.com:MISP/misp-modules 2018-09-07 16:59:21 +02:00
Sascha Rommelfangen ef781f59f8
fixed typo
via #220
2018-09-06 14:05:55 +02:00
chrisr3d ba728f7120
fix: Fixed 1 variable misuse + cleaned up variable names
- Fixed use of 'domain' variable instead of 'email'
- Cleaned up variable names to avoid redefinition
  of built-in variables
2018-09-03 14:43:51 +02:00
chrisr3d cdf2f434ce
fix: Avoiding adding attributes that are already in the event 2018-09-03 14:30:33 +02:00
chrisr3d 33181bc52b
fix: Fixed quick variable issue 2018-09-03 14:29:42 +02:00
chrisr3d 0ab38feade
fix: Cleaned up test function not used anymore 2018-09-03 13:17:48 +02:00
chrisr3d 936e30b15b
fix: Multiple attributes parsing support
- Fixing one of my previous changes not processing
  multiple attributes parsing
2018-09-03 12:03:42 +02:00
chrisr3d 2af947a2de
fix: Removed print 2018-09-03 10:23:05 +02:00
chrisr3d bc2a73c5cf Merge branch 'master' of github.com:MISP/misp-modules 2018-09-02 20:21:01 +02:00
chrisr3d 179430d69d
fix: Some cleanup and output types fixed
- hashes types specified in output
2018-08-31 21:38:53 +02:00
SuRb0 b0be965e57
Update urlscan.py
Added hash to the search so you can take advantage of the new file down load function on urlscan.io.  You can use this to pivot on file hashes and find out domains that hosting the same malicious file.
2018-08-30 19:41:34 -05:00
chrisr3d 35f3a5e43f
fix: Quick cleanup 2018-08-30 20:45:29 +02:00
chrisr3d d15cbe58fe
fix: Quick cleanup 2018-08-30 20:41:49 +02:00
chrisr3d 18bad54603 Merge branch 'master' of github.com:MISP/misp-modules 2018-08-30 09:11:25 +02:00
Christophe Vandeplas 7deeb95820 fix: ta_import - bugfixes 2018-08-21 11:13:08 +02:00
David J a697f65382
Add error handling for DNS failures, reduce imports, and simplify misp_comments 2018-08-14 10:51:15 -05:00
David J bdbf538893
Create urlscan.py 2018-08-10 16:00:01 -05:00
chrisr3d 3a57d11745 Merge branch 'chrisr3d_patch' of github.com:chrisr3d/misp-modules 2018-08-08 17:41:07 +02:00
chrisr3d 90baa1dd5a
add: Added DBL spamhaus module documentation and in expansion init file 2018-08-08 17:05:22 +02:00
chrisr3d 61232ad93e
new: Expansion hover module to check spamhaus DBL for a domain name 2018-08-08 17:00:10 +02:00
chrisr3d 9acf66053e Merge branch 'master' of github.com:MISP/misp-modules 2018-08-08 16:51:42 +02:00