Commit Graph

101 Commits (b5b42e6807f2da28c03fcd99bb03bee8aa38baca)

Author SHA1 Message Date
Germán Esteban López cd0f1654c5 Added vysion expansion and documentation 2023-12-13 12:06:40 +01:00
ip2location 58265dc925 Add IP2Location.io module 2023-12-07 10:40:04 +08:00
Milo Volpicelli 4c7637237f renamed cluster25.py to cluster25_expand.py, module implementation 2023-10-20 08:37:21 +00:00
Milo Volpicelli f77baec63b adds cluster25.py expansion module and entry in expansion/__init__.py 2023-10-18 14:18:29 +00:00
Usama015 c0df182aa0 added whoisfreaks module in MISP 2023-06-12 19:00:41 +05:00
Christian Studer ddd8b8513e
add: [expansion modules] Added `ipinfo` to the expansion modules list in `__init__` 2023-05-16 16:09:04 +02:00
Alexandre Dulaunoy b7bd679b1c
fix: [url_import/url] added in __init__ 2022-11-08 06:23:40 +01:00
Christian Studer cb8f55425c
fix: [crowdsec] Fixed the __init__ files 2022-11-07 23:44:40 +01:00
Christian Studer 98031beeae
fix: [variotdbs] Fixed some typos, missing imports, and some issues in the main parsing process 2022-10-24 14:53:00 +02:00
Rambatla Venkat Rao 3afcd825b9
Added Hyas Insight Module 2022-09-06 15:54:35 +05:30
Sami Mokaddem a6930be862
new: [expansion:jinja_template_rendering] Added new module to rendre a jinja template based on the provided data 2022-08-25 10:57:17 +02:00
Alexandre Dulaunoy c384c3a2a5
fix: [expansion] clamav module was missing from the __init__ 2022-04-15 08:27:19 +02:00
Rambatla Venkat Rao 4a19d35da0
updated to add the latest modules 2022-02-15 19:19:51 +05:30
Rambatla Venkat Rao 82eee0074b
Update __init__.py 2022-02-15 19:11:36 +05:30
Rambatla Venkat Rao 9b4b1a1c4f
Update __init__.py 2022-02-15 19:01:13 +05:30
Rambatla Venkat Rao fedf731e07
added ipqs_fraud_and_risk_scoring to modules list 2022-02-09 10:22:16 +05:30
Rambatla Venkat Rao 17541e2938
Added ipqualityscore to All list 2022-02-05 11:33:43 +05:30
Koen Van Impe c42723d42d Module to push malware samples to a MWDB instance
- Upload of attachment or malware sample to MWDB
- Tags of events and/or attributes are added to MWDB.
- Comment of the MISP attribute is added to MWDB.
- A link back to the MISP event is added to MWDB via the MWDB attribute.
- A link to the MWDB attribute is added as an enriched attribute to the MISP event.
2021-12-26 23:34:00 +01:00
Calvin Krzywiec dc0660acd0
feature: add qintel qsentry expansion module 2021-11-22 15:46:46 -05:00
Jean-Louis Huynen 7967542be6 add: [passive-ssh] initial commit 2021-10-26 15:11:20 +02:00
Jens Thom 0e4e432dc4 fix imports and unused variables 2020-11-30 12:48:01 +01:00
chrisr3d 2464172e1a Merge branch 'main' of github.com:MISP/misp-modules into new_module 2020-11-18 11:34:33 +01:00
chrisr3d 54f7e604c8 Merge branch 'main' of github.com:MISP/misp-modules into main 2020-11-02 19:03:16 +01:00
chrisr3d 88c8d9077c
fix: [cpe] Typos and variable name issues fixed + Making the module available in MISP 2020-10-24 02:40:31 +02:00
mokaddem 2be1d7a0cd new: [expansion] Added html_to_markdown module
It fetches the HTML from the provided URL, performs a bit of DOM
clean-up then convert it into markdown
2020-10-23 22:17:47 +02:00
chrisr3d 9a766d6010
add: New module using socialscan library to check email addresses and usernames linked to accounts on online platforms 2020-10-01 23:25:39 +02:00
chrisr3d d2661c7a20
fix: Fixed pep8 + some copy paste issues introduced with the latest commits 2020-07-28 15:06:25 +02:00
chrisr3d 3b7a5c4dc2
add: Specific error message for misp_standard format expansion modules
- Checking if the input format is respected and
  displaying an error message if it is not
2020-07-28 11:47:53 +02:00
johannesh c91a61110a Add Recorded Future expansion module 2020-07-23 12:28:56 +02:00
chrisr3d 3e12feae79
Merge branch 'feat/EN-4664/trustar-misp' of https://github.com/trustar/misp-modules into trustar-feat/EN-4664/trustar-misp 2020-06-30 18:07:14 +02:00
Jesse Hedden 8a95a000ee initial commit. not a working product. need to create a class to manage the MISP event and TruStar client 2020-05-29 17:21:20 -07:00
chrisr3d 1e27c2de5a
Merge branch 'master' of github.com:MISP/misp-modules into new_module 2020-05-05 11:53:09 +02:00
Golbark b79636ccfa new: usr: Censys Expansion module 2020-04-03 03:15:03 -07:00
chrisr3d 0671f93724
new: Expansion module to query MALWAREbazaar API with some hash attribute 2020-03-18 18:05:57 +01:00
Koen Van Impe 2713d3c655 Update __init__ 2020-03-10 19:50:00 +01:00
Koen Van Impe e023f0b470 Cytomic Orion MISP Module
An expansion module to enrich attributes in MISP and share indicators
of compromise with Cytomic Orion
2020-03-10 18:25:30 +01:00
bennyv a32685df8a Initial Build of SOPHOSLabs Intelix Product 2020-03-04 09:52:55 +11:00
GlennHD 46f0f410e7
Added geoip_asn and geoip_city to load 2020-02-12 21:31:41 -06:00
chrisr3d 7945d060ff
new: Enrichment module for querying APIVoid with domain attributes 2019-12-18 17:11:13 +01:00
Stefano Ortolani f749578525 add: Modules to query/import/submit data from/to Lastline 2019-12-02 19:09:40 +00:00
aaronkaplan 5350003e3a
initial version of the ransomcoindb expansion module 2019-11-25 18:52:39 +01:00
chrisr3d 96712da5e0
add: Module to query AssemblyLine and parse the results
- Takes an AssemblyLine submission link to query
  the API and get the full submission report
- Parses the potentially malicious files and the
  IPs, domains or URLs they are connecting to
- Possible improvement of the parsing filters in
  order to include more data in the MISP event
2019-11-21 13:25:50 -05:00
chrisr3d 58a4cb15a1
add: New expansion module to submit samples and urls to AssemblyLine 2019-11-19 15:41:35 -05:00
chrisr3d 852018bf79
fix: Added urlscan & secuirtytrails modules in __init__ list 2019-11-04 16:52:26 +01:00
Alexandre Dulaunoy c3c6f1a6ea
Merge pull request #346 from blaverick62/master
EQL Query Generation Modules
2019-10-30 22:08:07 +01:00
Braden Laverick a426ad249d Added EQL enrichment module 2019-10-29 19:42:47 +00:00
Davide 56e16dbaf5 Added apiosintDS module to query OSINT.digitalside.it services 2019-10-24 12:49:29 +02:00
chrisr3d 63dba29c52
fix: Fixed module names with - to avoid errors with python paths 2019-10-18 11:09:10 +02:00
chrisr3d 4ee0cbe4c5
add: Added virustotal_public to the list of available modules 2019-07-24 11:10:25 +02:00
chrisr3d 5703253961
new: First version of an advanced CVE parser module
- Using cve.circl.lu as well as the initial module
- Going deeper into the CVE parsing
- More parsing to come with the CWE, CAPEC and so on
2019-07-10 15:20:22 +02:00