Commit Graph

783 Commits (a614689287f6149b1f1cd9217a1bb0e2b081cbbf)

Author SHA1 Message Date
Christian Studer 71d8745b91
fix: [shodan] The input attribute is actually already added to the event at the beginning 2022-08-10 16:17:08 +02:00
chrisr3d 90a1644c8c
fix: [shodan] Fixed wrong asset used to add attribute to
- This caused the input `ip-src` or `ip-dst` input
  attribute to be added to the `ip-api-addres`
  which does not have these attributes in their
  template, where they should be added to the
  Event instead
2022-08-10 14:07:00 +02:00
Raphaël Vinot 81ec6fe415 fix: fix vulnerable_configuration object ref, rely on template.
Related #853
2022-07-28 14:41:36 +02:00
Daniel Pascual d08bb5c365 Add more relations and attributes to VT modules 2022-04-18 10:20:33 +02:00
Alexandre Dulaunoy 8f3cc42082
Merge branch 'main' of github.com:MISP/misp-modules into main 2022-04-15 08:27:53 +02:00
Alexandre Dulaunoy c384c3a2a5
fix: [expansion] clamav module was missing from the __init__ 2022-04-15 08:27:19 +02:00
Dermott, Scott f73b961330 * Fix for @chrisr3d - [joesandbox_query] Changed the import_pe param to `import_executable` 2022-04-07 14:44:22 +01:00
Daniel Pascual ac704c8c99 VirusTotal modules migration to API v3 2022-03-16 18:05:13 +01:00
chrisr3d c5b6d218bb
chg: [joesandbox_query] Changed the `import_pe` param to `import_executable` 2022-03-07 23:01:49 +01:00
Jakub Onderka 79de89657c fix: [wiki] Change User-Agent to avoid 403 error 2022-03-04 10:07:53 +01:00
Alexandre Dulaunoy c33a1fea22
Merge pull request #556 from Wachizungu/chg-add-edit-mmdb-lookup-documentation
chg:[doc] update mmdb_lookup documentation
2022-02-23 06:43:28 +01:00
Jeroen Pinoy c5a9a97354
chg:[doc] update mmdb_lookup documentation 2022-02-23 00:54:13 +01:00
Jeroen Pinoy a1e468f7bf
fix: Allow email-src and email-dst as input for apivoid module 2022-02-22 23:33:55 +01:00
Alexandre Dulaunoy beb463bdab
Merge branch 'main' into main 2022-02-15 15:16:13 +01:00
Rambatla Venkat Rao 4a19d35da0
updated to add the latest modules 2022-02-15 19:19:51 +05:30
Rambatla Venkat Rao 82eee0074b
Update __init__.py 2022-02-15 19:11:36 +05:30
Rambatla Venkat Rao 9b4b1a1c4f
Update __init__.py 2022-02-15 19:01:13 +05:30
Rambatla Venkat Rao 2f1d35774d
Update ipqs_fraud_and_risk_scoring.py 2022-02-15 18:52:14 +05:30
Rambatla Venkat Rao 3856f9fe1d
Update ipqs_fraud_and_risk_scoring.py 2022-02-12 10:38:48 +05:30
Rambatla Venkat Rao 430a838332
Update ipqs_fraud_and_risk_scoring.py 2022-02-12 10:20:48 +05:30
Rambatla Venkat Rao fedf731e07
added ipqs_fraud_and_risk_scoring to modules list 2022-02-09 10:22:16 +05:30
Rambatla Venkat Rao 85bd1b69ad
Initial Commit for IPQualityScore Expansion Module 2022-02-09 10:21:40 +05:30
Rambatla Venkat Rao 47dde7943b
delete 2022-02-09 10:20:42 +05:30
Jeroen Pinoy 0072a45aab
chg:[apivoid] Add handling with email verify API 2022-02-07 17:41:15 +01:00
Jeroen Pinoy 4408f24714
chg: [mmdb_lookup] Add handling of ASN details. 2022-02-06 15:51:54 +01:00
Jeroen Pinoy 267824a6df
new: Add mmdb lookup expansion module 2022-02-05 20:23:28 +01:00
Rambatla Venkat Rao 17541e2938
Added ipqualityscore to All list 2022-02-05 11:33:43 +05:30
Rambatla Venkat Rao cf7b8318a4
Initial Commit for IPQualityScore Expansion Module 2022-02-05 11:32:46 +05:30
Jeroen Pinoy ed2d14c956
Add hashlookup to expansion init.py 2022-02-03 10:44:13 +01:00
Raphaël Vinot 2874c41f7f
fix: required parameters for Recorded Future object 2022-01-14 10:23:08 +01:00
Silvian I 23ff0348ed [crowdstrike_falcon] fix imports warning 2022-01-11 15:25:39 +01:00
Silvian I 13cb1f472d [crowdstrike_falcon] Upgrade crowdstrike_falcon enrich module to new api version & add attribute creation on enrichment functionality 2022-01-11 13:59:59 +01:00
Silvian I 950a76a3ad Upgrade censys_enrich module to new api version - fix test error 2022-01-07 19:26:02 +01:00
Silvian I ef543a3fa8 Upgrade censys_enrich module to new api version - fix test error 2022-01-07 19:05:05 +01:00
Silvian I b9d9df4dd0 Upgrade censys_enrich module to new api version 2022-01-07 14:46:10 +01:00
Koen Van Impe b9fb2f3ca7 Update mwdb.py 2021-12-26 23:59:16 +01:00
Koen Van Impe c42723d42d Module to push malware samples to a MWDB instance
- Upload of attachment or malware sample to MWDB
- Tags of events and/or attributes are added to MWDB.
- Comment of the MISP attribute is added to MWDB.
- A link back to the MISP event is added to MWDB via the MWDB attribute.
- A link to the MWDB attribute is added as an enriched attribute to the MISP event.
2021-12-26 23:34:00 +01:00
Jakub Onderka 907ac1e935 fix: [ods_enrich] Try to fix reading bytesio 2021-12-24 16:48:24 +01:00
Jakub Onderka 3fe7072bfb fix: [ods_enrich] Better exception logging 2021-12-24 16:48:24 +01:00
Alexandre Dulaunoy 268bb312c9
fix: [hashlookup] typo fixed 2021-12-18 17:11:06 +01:00
Alexandre Dulaunoy 2d98885231
chg: [hashlookup] support for sha256 and bug fix for non-exising MD5 2021-12-18 09:22:32 +01:00
Calvin Krzywiec dc0660acd0
feature: add qintel qsentry expansion module 2021-11-22 15:46:46 -05:00
Jean-Louis Huynen 84ecc19206
Merge branch 'MISP:main' into main 2021-10-26 15:12:12 +02:00
Jean-Louis Huynen 7967542be6 add: [passive-ssh] initial commit 2021-10-26 15:11:20 +02:00
rderkach 4fd3323220 Update Recorded future expansion module with the new data
In this release, we added new data that we have called Links.
It represents better and more filtered related data.
Also did some code formatting.
2021-10-25 18:01:05 +03:00
chrisr3d be5635b0a4
fix: [yara_query] Fixed module input parsing
- The module used to work properly when called
  from a single attribute enrichment, but was
  broken when called from the hover enrichment
  feature, because of the additional `persistent`
  field used to define which type of hover
  enrichment is queried
2021-10-15 17:18:29 +02:00
Alexandre Dulaunoy 4162ccb528
chg: [hashlookup] KnownMalicious field added 2021-09-24 15:35:14 +02:00
Alexandre Dulaunoy b6e0c4ce53
chg: [hashlookup] add new fields such as source, SSDEEP and TLSH 2021-09-24 15:29:23 +02:00
Alexandre Dulaunoy 9783113a1e
fix: [hashlookup] FileName and size are not required fields and can be missing in a hashlookup record 2021-09-24 15:09:07 +02:00
Andras Iklody 4115b7607e
fix: added note about the Domaintools module being deprecated
- as requested by Domaintools, including a link to their own, up to date module
2021-09-09 13:57:29 +02:00