misp-modules

Commit Graph

Author	SHA1	Message	Date
chrisr3d	dbff9b3aa8	chg: [rbl] Added a timeout parameter to change the resolver timeout & lifetime if needed	2021-04-16 22:00:27 +02:00
chrisr3d	576dcca671	chg: [rbl] Small changes on the rbl list and the results handling	2021-04-16 16:45:38 +02:00
chrisr3d	300cdc7a4c	fix: [ocr_enrich] Making Pep8 happy	2021-04-15 16:41:15 +02:00
chrisr3d	611bb6fa9e	fix: [ocr_enrich] Fixed tesseract input format - It looks like the `image_to_string` method now assumes RGB format and the `imdecode` method seems to give BGR format, so we convert the image array before	2021-04-15 16:12:00 +02:00
chrisr3d	729feaa3f2	fix: [hibp] Fixed config handling to avoir KeyError exceptions	2021-04-14 16:52:55 +02:00
Alexandre Dulaunoy	577d0de500	chg: [farsight] make PEP happy	2021-04-14 14:45:55 +02:00
Alexandre Dulaunoy	0752628de5	fix: [cve_advanced] Some CVEs are not in CWE format but in NVD-CWE-Other	2021-04-08 19:14:13 +02:00
chrisr3d	a2282c4721	add: [farsight_passivedns] Adding first_seen & last_seen (when available) in passivedns objects - The object_relation `time_first` is added as the `first_seen` value of the object - Same with `time_last` -> `last_seen`	2021-03-31 13:42:07 +02:00
chrisr3d	505bbbc20a	fix: [farsight_passivedns] Excluding last_seen value for now, in order to get the available results - With last_seen set we can easily get results included in a certain time frame (between first seen and last seen), but we do not get the latest results. In order to get those ones, we skip filtering on the time_last_before value	2021-03-30 17:34:01 +02:00
chrisr3d	5077050a3e	chg: [farsight_passivedns] Making first_time and last_time results human readable - We get the datetime format instead of the raw timestamp	2021-03-30 03:47:34 +02:00
chrisr3d	327a1ac893	fix: [farsight_passivedns] Fixed lookup_rdata_name results desclaration - Getting generator as a list as it is already the case for all the other results, so it avoids issues to read the results by accidently looping through the generator before it is actually needed, which would lose the content of the generator - Also removed print that was accidently introduced with the last commit	2021-03-30 03:42:54 +02:00
chrisr3d	8935c4adc5	Merge branch 'main' of github.com:MISP/misp-modules into new_features	2021-03-29 20:10:28 +02:00
chrisr3d	25d826076c	add: [farsight_passivedns] New lookup argument based on the first_seen & last_seen fields	2021-03-29 20:09:29 +02:00
Alexandre Dulaunoy	521cdc4435	Merge pull request #484 from GreyNoise-Intelligence/main Update to GreyNoise expansion module	2021-03-26 23:20:24 +01:00
Brad Chiappetta	5e20ea0dc0	update community api to released ver	2021-03-26 11:19:40 -04:00
Brad Chiappetta	714eb425c6	fix ver info	2021-03-23 13:41:05 -04:00
Brad Chiappetta	2855f7ff5f	updates for greynoise community api	2021-03-23 13:39:36 -04:00
chrisr3d	9f80d69e64	Merge branch 'main' of github.com:MISP/misp-modules into new_features	2021-03-18 19:34:18 +01:00
chrisr3d	458e432bb7	fix: Making pep8 happy	2021-03-18 19:22:26 +01:00
chrisr3d	aea7e247a5	Merge branch 'main' of github.com:MISP/misp-modules into new_features	2021-03-18 18:45:41 +01:00
chrisr3d	c8c44e75bf	fix: [farsight_passivedns] Fixed queries to the API - Since flex queries input may be email addresses, we nake sure we replace '@' by '.' in the flex queries input. - We also run the flex queries with the input as is first, before runnning them as second time with '.' characters escaped: '\\.'	2021-03-18 18:40:27 +01:00
Alexandre Dulaunoy	bd38fabba5	Merge pull request #481 from cocaman/main Adding ThreatFox enrichment module	2021-03-17 23:17:21 +01:00
chrisr3d	f58f4aa9eb	chg: [farsight_passivedns] Added input types for more flex queries - Standard types still supported as before - Name or ip lookup, with optional flex queries - New attribute types added will only send flex queries to the DNSDB API	2021-03-17 20:17:07 +01:00
Corsin Camichel	a13184b078	adding additional tags	2021-03-13 20:59:54 +01:00
Corsin Camichel	d14d3d585f	first version of ThreatFox enrichment module	2021-03-13 20:36:49 +01:00
Corsin Camichel	d913ae4b36	updating "hibp" for API version 3	2021-03-13 17:44:27 +01:00
Jürgen Löhel	9e8d01b6c8	fix: google.py module The search result does not include always 3 elements. It's better to enumerate here. The googleapi fails sometimes. Retry it 3 times. Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>	2021-03-09 18:04:12 -06:00
Jürgen Löhel	c1700cc955	fix: google.py module Corrects import for gh.com/abenassi/Google-Search-API. Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>	2021-03-09 16:46:11 -06:00
adammchugh	2832466f7f	Update assemblyline_submit.py	2021-02-02 22:56:02 +10:30
adammchugh	6f5c77ef08	Update assemblyline_query.py	2021-02-02 22:55:09 +10:30
adammchugh	07b8968b7d	Update assemblyline_submit.py	2021-02-02 22:52:27 +10:30
Cory Kennedy	774b2f37a6	Corrected VMray rest API import When loading misp-modules, the VMray module ```modules/expansion/vmray_submit.py ``` incorrectly imports the library. VMray's documentation and examples here: https://pypi.org/project/vmray-rest-api/#history also reflect this change as the correct import.	2021-01-04 15:27:47 -06:00
Alexandre Dulaunoy	ff9ac60bbd	Merge pull request #457 from trustar/main added more explicit error messages for indicators that return no enri…	2020-12-04 21:37:47 +01:00
Jesse Hedden	bad538653d	added more explicit error messages for indicators that return no enrichment data	2020-12-04 11:59:57 -08:00
Jens Thom	0e4e432dc4	fix imports and unused variables	2020-11-30 12:48:01 +01:00
Jens Thom	a404202d1d	Merge remote-tracking branch 'upstream/main' into main	2020-11-30 12:23:11 +01:00
Jens Thom	2a870f2d97	* add parser for report version v1 and v2 * add summary JSON import module	2020-11-30 12:06:19 +01:00
chrisr3d	575bed0da8	Merge branch 'main' of github.com:MISP/misp-modules into chrisr3d_patch	2020-11-18 11:52:53 +01:00
chrisr3d	2464172e1a	Merge branch 'main' of github.com:MISP/misp-modules into new_module	2020-11-18 11:34:33 +01:00
chrisr3d	c1e52fdb12	fix: [farsight_passivedns] Fixed pep8 backslash issue	2020-11-15 20:15:06 +01:00
chrisr3d	d1ac0cffe0	fix: [farsight_passivedns] Fixed issue with variable name	2020-11-15 20:11:08 +01:00
chrisr3d	dfec0e5cf4	add: [farsight-passivedns] Optional feature to submit flex queries - The rrset and rdata queries remain the same but with the parameter `flex_queries`, users can also get the results of the flex rrnames & flex rdata regex queries about their domain, hostname or ip address - Results can thus include passive-dns objects containing the `raw_rdata` object_relation added with 0a3e948	2020-11-13 20:38:02 +01:00
chrisr3d	993a614a20	Merge branch 'main' of github.com:MISP/misp-modules into chrisr3d_patch	2020-11-13 16:47:07 +01:00
chrisr3d	32c0bf9ae2	fix: [cpe] Fixed typo in vulnerable-configuration object relation fields	2020-11-13 15:49:58 +01:00
chrisr3d	bd3fa3ea07	chg: [cpe] Added default limit to the results - Results returned by CVE-search are sorted by cvss score and limited in number to avoid potential massive amount of data retuned back to MISP. - Users can overwrite the default limit with the configuration already present as optional, and can also set the limit to 0 to get the full list of results	2020-11-13 15:46:41 +01:00
chrisr3d	3f863e4437	fix: [farsight_passivedns] Fixed typo in the lookup fields	2020-11-13 15:28:10 +01:00
chrisr3d	fe010782f3	chg: [farsight_passivedns] Now using the dnsdb2 python library - Also updated the results parsing to check in each returned result for every field if they are included, to avoid key errors if any field is missing	2020-11-12 16:01:14 +01:00
chrisr3d	2a25cda026	Merge branch 'chrisr3d_patch' of github.com:MISP/misp-modules into main	2020-11-11 10:46:44 +01:00
chrisr3d	bb7564dea9	Merge branch 'main' of github.com:MISP/misp-modules into chrisr3d_patch	2020-11-11 10:45:06 +01:00
Jesse Hedden	0650126d6a	fixed typo causing firstSeen and lastSeen to not be pulled from enrichment data	2020-11-10 17:20:03 -08:00

1 2 3 4 5 ...

598 Commits (a9f90d964c163be168b3a8907e01972f6a73c506)