MISP
/
misp-modules
mirror of https://github.com/MISP/misp-modules
2
0
Fork 0
Code Issues Releases Wiki Activity
2,090 Commits
6 Branches
54 Tags
18 MiB
Commit Graph

783 Commits (a614689287f6149b1f1cd9217a1bb0e2b081cbbf)

Author SHA1 Message Date
chrisr3d 82e0628fe7
chg: [hashlookup] Using the actual attribute types for FileName & FileSize 
- Following the recent changes on the obejct template
  to use `filename` as attribute type for the FileName
  object relation instead of `text`
  d2b93f5aa6
 2021-08-26 15:19:36 +02:00
chrisr3d 1d7f0ee1f0
fix: [hashlookup] Fixed the errors handling 
- Since the modules system is waiting for a dict,
  we return `misperrors` instead of the actual
  value of the 'error' key, and the module will
  no longer fail when there is no result to parse
 2021-08-26 15:02:32 +02:00
Alexandre Dulaunoy 73e78463d0
new: [hashlookup] new hashlookup module added 
https://www.circl.lu/services/hashlookup/
 2021-08-25 18:42:16 +02:00
Alexandre Dulaunoy 7b675f7857
Merge branch 'main' of github.com:MISP/misp-modules into main 2021-08-25 18:41:31 +02:00
Alexandre Dulaunoy f40fc7ebc4
new: [hashlookup] new hashlookup module added 2021-08-25 18:38:09 +02:00
Martin Ohl d2ed09d081
Create mcafee_insights_enrich.py 
Module to expand IOC information with McAfee MVISION Insights
 2021-08-13 14:55:08 +02:00
Jason Zhang f5fdf343b8 Sanity checks 2021-08-12 11:08:09 +01:00
Brad Chiappetta b3daa138f1 add cve support and enhance ip lookups 2021-08-09 15:37:37 -04:00
Jason Zhang 83fd44ed13 add vmware_nsx module 2021-07-29 12:13:31 +01:00
Alexandre Dulaunoy 605231e089
chg :[virustotal_public] make flake8 happy 2021-06-11 14:54:07 +02:00
Alexandre Dulaunoy 94795e4993
chg: [virustotal] make flake8 happy 2021-06-11 14:51:30 +02:00
Alex Resnick c4bc2408ad add proxy configs for virus total modules 2021-05-28 14:53:35 -05:00
Rambatla Venkat Rao 6a731454f1
Updated Distribution Constant 2021-05-12 21:42:25 +05:30
Rambatla Venkat Rao f6c0f68263
Default distribution setting to DNSDB Objects 2021-05-12 18:38:55 +05:30
Rambatla Venkat Rao 7aa6b39da8
Added a default distribution setting to Objects 2021-05-12 18:30:54 +05:30
Sebdraven 382025453e fix bug on loop 2021-05-07 14:38:42 +02:00
Sebdraven eb48635ce5 remove print and variable unsuable 2021-05-07 14:07:18 +02:00
sebdraven 8491e169e0
Merge pull request #4 from MISP/main 
merge
 2021-05-07 12:34:33 +02:00
Sebdraven d0c2f94354 add summary ip, domain and hostname 2021-05-07 12:27:11 +02:00
chrisr3d 780590cee3
fix: [farsight_passivedns] Handling exceptions raised from a query error 
- This can happen with for instance a wrong server URL
 2021-05-04 18:36:56 +02:00
chrisr3d 790090eb0b
chg: [farsight_passivedns] Updated the bailiwick attribute type, following the latest changes on the passive-dns object template 2021-05-03 11:25:37 +02:00
Sebdraven 16f9ec9f6d fix bug 2021-04-30 15:46:59 +02:00
Sebdraven 73ea9620bf add reference 2021-04-30 15:39:56 +02:00
Sebdraven 86beb488c1 add test to check 2021-04-30 15:25:27 +02:00
Sebdraven 32aeb52efc fixe typo 2021-04-30 15:22:55 +02:00
Sebdraven 4478440d5b remove pass 2021-04-30 15:16:47 +02:00
Sebdraven 7f1caaba25 add object certificate 2021-04-30 15:16:22 +02:00
Sebdraven 098616846d add hostname 2021-04-23 16:19:47 +02:00
Sebdraven e1c2c779aa Update onyphe.py 
remove typo
 2021-04-23 16:16:43 +02:00
Sebdraven f32717c896 check entry in result dico 2021-04-23 16:15:38 +02:00
Sebdraven 436254cd8c add logs 2021-04-23 16:13:32 +02:00
Sebdraven 7813ba4fc3 fix logical test 2021-04-23 16:11:10 +02:00
Sebdraven 9fd23d6fe0 add logs 2021-04-23 16:09:21 +02:00
Sebdraven ff6470d0e2 add logs 2021-04-23 16:07:44 +02:00
Sebdraven 8fbe371eca add logs 2021-04-23 16:06:20 +02:00
Sebdraven 94f6af8882 add summary ip 
object domain
 2021-04-23 16:02:21 +02:00
Sebdraven 9364859ce9 refactoring of the module 2021-04-22 15:05:29 +02:00
Sebdraven b9407ad85a Merge branch 'main' 2021-04-22 11:27:43 +02:00
Sebdraven 7ab2e099f4 fix typo 2021-04-21 18:15:16 +02:00
Sebdraven 9f5a4be9d7 remove variable unused 2021-04-21 17:54:01 +02:00
Sebdraven abac4cfab7 remove import unused and add package in requirements 2021-04-21 17:51:22 +02:00
Sebdraven 1b9d47dd33 Update yeti.py 
pep 8 compliant
 2021-04-21 15:41:20 +02:00
Sebdraven a76978d6c6 Update yeti.py 
remove tags and entity
 2021-04-21 15:40:46 +02:00
Sebdraven a277cbb8bf Update yeti.py 
add input
 2021-04-21 14:45:07 +02:00
sebdraven f6675a71e4
Merge pull request #2 from MISP/master 
Master
 2021-04-21 12:42:33 +02:00
Sebdraven 7e5238e8be Update yeti.py 
add tests
 2021-04-20 14:35:18 +02:00
Sebdraven 8683c9e5ce Update yeti.py 
add ns record dst and src link
 2021-04-20 14:13:16 +02:00
Sebdraven 26bc02617f Update yeti.py 
add test to create result
 2021-04-20 14:08:31 +02:00
Sebdraven 3426ad13c5 Update yeti.py 
fix edges
 2021-04-20 14:05:51 +02:00
Sebdraven fd76e55093 Update yeti.py 
fix typo
 2021-04-20 13:56:45 +02:00
Sebdraven dfa46b551a Update yeti.py 
change params
 2021-04-20 13:55:36 +02:00
Sebdraven baaaa81ec3 Update yeti.py 
add ns_record object
 2021-04-20 13:53:06 +02:00
Sebdraven cec06ed26d Update yeti.py 
change loop
 2021-04-20 13:38:45 +02:00
Sebdraven bb1cd7c4de Update yeti.py 
fix bug
 2021-04-20 12:43:43 +02:00
Sebdraven e037c4c767 Update yeti.py 
remove tests
 2021-04-20 12:42:49 +02:00
Sebdraven e0506ee31e Update yeti.py 
filter by id
 2021-04-20 12:40:01 +02:00
Sebdraven f701256008 Update yeti.py 
add src
 2021-04-20 12:33:46 +02:00
Sebdraven a2741e8eb7 Update yeti.py 
fix keyerror
 2021-04-20 12:30:22 +02:00
Sebdraven 9cb1a83e54 Update yeti.py 
fix bug about id
 2021-04-20 12:24:34 +02:00
Sebdraven 37867f89ee Update yeti.py 
add logs
 2021-04-20 12:21:56 +02:00
Sebdraven 507e56228f Update yeti.py 
add logs
 2021-04-20 12:19:43 +02:00
Sebdraven abba63f32f Update yeti.py 
add test of id
 2021-04-20 12:17:17 +02:00
Sebdraven 1a67f8ed96 Update yeti.py 
add log
 2021-04-20 12:08:59 +02:00
Sebdraven 385af28a0a Update yeti.py 
add descripton
 2021-04-20 12:07:06 +02:00
Sebdraven 8ea3d5c5c7 Update yeti.py 
add file to add in attribute
 2021-04-20 10:41:44 +02:00
Sebdraven 5d80b79bc4 Update yeti.py 
add tags for attribute
 2021-04-19 17:55:29 +02:00
Sebdraven 43672ee9a9 Update yeti.py 
remove tag
 2021-04-19 17:20:13 +02:00
Sebdraven f7ca8bf140 Update yeti.py 
test tags
 2021-04-19 17:19:23 +02:00
Sebdraven ee7c065795 Update yeti.py 
change tags method
 2021-04-19 17:16:59 +02:00
Sebdraven 21b52dda15 Update yeti.py 
add related observable and AS
 2021-04-19 17:10:47 +02:00
Sebdraven 5e6aec4162 Update yeti.py 
remove print debug
 2021-04-19 13:49:02 +02:00
Sebdraven b46a3a8885 Update yeti.py 
fix bugs key error
 2021-04-19 13:47:45 +02:00
Sebdraven 0da40b34ee Update yeti.py 
add param
 2021-04-19 13:45:29 +02:00
Sebdraven 1e98f1d575 Update yeti.py 
try typo
 2021-04-19 12:20:25 +02:00
Sebdraven 53cc15adcd Update yeti.py 
remove print
 2021-04-19 12:12:32 +02:00
Sebdraven ef6596637d Update yeti.py 
remove tests
 2021-04-19 11:49:24 +02:00
Sebdraven e3fc3a3f38 Update yeti.py 
test
 2021-04-19 11:47:06 +02:00
Sebdraven 8a24ed7fd6 Update yeti.py 
add logs
 2021-04-19 11:27:33 +02:00
Sebdraven 559533ea78 Update yeti.py 
try test
 2021-04-19 11:25:50 +02:00
Sebdraven a29779eff6 Update yeti.py 
add check
 2021-04-19 11:24:01 +02:00
Sebdraven 4634567b23 Update yeti.py 
correct bug
 2021-04-19 11:09:38 +02:00
Sebdraven be212097a7 Update yeti.py 
add log
 2021-04-19 11:08:21 +02:00
Sebdraven af01db860a Update yeti.py 
add log
 2021-04-19 11:05:16 +02:00
Sebdraven 07f54c1b86 Update yeti.py 
correct typo
 2021-04-19 11:03:39 +02:00
Sebdraven 69a5584dfe Update yeti.py 
add relation
 2021-04-19 11:00:55 +02:00
Sebdraven 6cd99c03e4 Update yeti.py 
refactoring and add Url neighboors
 2021-04-19 10:46:07 +02:00
chrisr3d dbff9b3aa8
chg: [rbl] Added a timeout parameter to change the resolver timeout & lifetime if needed 2021-04-16 22:00:27 +02:00
chrisr3d 576dcca671
chg: [rbl] Small changes on the rbl list and the results handling 2021-04-16 16:45:38 +02:00
chrisr3d 300cdc7a4c
fix: [ocr_enrich] Making Pep8 happy 2021-04-15 16:41:15 +02:00
chrisr3d 611bb6fa9e
fix: [ocr_enrich] Fixed tesseract input format 
- It looks like the `image_to_string` method now
  assumes RGB format and the `imdecode` method
  seems to give BGR format, so we convert the
  image array before
 2021-04-15 16:12:00 +02:00
chrisr3d 729feaa3f2
fix: [hibp] Fixed config handling to avoir KeyError exceptions 2021-04-14 16:52:55 +02:00
Alexandre Dulaunoy 577d0de500
chg: [farsight] make PEP happy 2021-04-14 14:45:55 +02:00
Alexandre Dulaunoy 0752628de5
fix: [cve_advanced] Some CVEs are not in CWE format but in NVD-CWE-Other 2021-04-08 19:14:13 +02:00
chrisr3d a2282c4721
add: [farsight_passivedns] Adding first_seen & last_seen (when available) in passivedns objects 
- The object_relation `time_first` is added as the
  `first_seen` value of the object
- Same with `time_last` -> `last_seen`
 2021-03-31 13:42:07 +02:00
chrisr3d 505bbbc20a
fix: [farsight_passivedns] Excluding last_seen value for now, in order to get the available results 
- With last_seen set we can easily get results
  included in a certain time frame (between first
  seen and last seen), but we do not get the
  latest results. In order to get those ones, we
  skip filtering on the time_last_before value
 2021-03-30 17:34:01 +02:00
chrisr3d 5077050a3e
chg: [farsight_passivedns] Making first_time and last_time results human readable 
- We get the datetime format instead of the raw
  timestamp
 2021-03-30 03:47:34 +02:00
chrisr3d 327a1ac893
fix: [farsight_passivedns] Fixed lookup_rdata_name results desclaration 
- Getting generator as a list as it is already the
  case for all the other results, so it avoids
  issues to read the results by accidently looping
  through the generator before it is actually
  needed, which would lose the content of the
  generator
- Also removed print that was accidently introduced
  with the last commit
 2021-03-30 03:42:54 +02:00
chrisr3d 8935c4adc5 Merge branch 'main' of github.com:MISP/misp-modules into new_features 2021-03-29 20:10:28 +02:00
chrisr3d 25d826076c
add: [farsight_passivedns] New lookup argument based on the first_seen & last_seen fields 2021-03-29 20:09:29 +02:00
Alexandre Dulaunoy 521cdc4435
Merge pull request #484 from GreyNoise-Intelligence/main 
Update to GreyNoise expansion module
 2021-03-26 23:20:24 +01:00