Commit Graph

744 Commits (c19989e217627d7a7b05dde17a6f735ad7bc3126)

Author SHA1 Message Date
Christophe Vandeplas ce826dbabb
Merge pull request #187 from cvandeplas/master
threatanalyzer_import - minor generic noise removal
2018-05-15 13:01:08 +02:00
Christophe Vandeplas 7b4db1ce5c threatanalyzer_import - minor generic noise removal 2018-05-15 12:59:55 +02:00
Christophe Vandeplas 8ed472c7d1
Merge pull request #185 from cvandeplas/master
threatanalyzer_import - loads sample info + pollution fix
2018-05-03 09:43:15 +02:00
Christophe Vandeplas 27a22e5d86 threatanalyzer_import - loads sample info + pollution fix 2018-05-03 09:42:38 +02:00
Christophe Vandeplas 35a19b118a
Merge pull request #184 from cvandeplas/master
threatanalyzer_import - fix regkey issue
2018-05-02 12:44:13 +02:00
Christophe Vandeplas 370011c081 threatanalyzer_import - fix regkey issue 2018-05-02 12:43:34 +02:00
Alexandre Dulaunoy d29e300312
Merge pull request #177 from TheDr1ver/patch-1
fix missing comma
2018-03-31 10:51:55 +02:00
Nick Driver 252d190714
fix missing comma
fix ip-dst and vulnerability input
2018-03-30 14:27:37 -04:00
Alexandre Dulaunoy fd054a305b
Merge pull request #176 from cudeso/master
Fix VMRay API access error
2018-03-30 15:41:56 +02:00
Koen Van Impe 6d23d4f4c7 Fix VMRay API access error
hotfix for the "Unable to access VMRay API" error
2018-03-30 15:11:25 +02:00
Koen Van Impe 326e701260 Merge remote-tracking branch 'MISP/master' 2018-03-30 15:07:43 +02:00
Alexandre Dulaunoy 7a8aacb986
Merge pull request #173 from m3047/master
Add exception blocks for query errors.
2018-03-10 13:53:58 +01:00
Fred Morris d0f618b648 Add exception blocks for query errors. 2018-03-08 15:26:39 -08:00
Alexandre Dulaunoy a2ebcdb358
Merge pull request #170 from P4rs3R/patch-1
Improving regex (validating e-mail)
2018-03-06 20:07:49 +01:00
x41\x43 0436118747
Improving regex (validating e-mail)
Line 48:
The previous regex ` ^[\w\.\+\-]+\@[\w]+\.[a-z]{2,3}$ ` matched only a small subset of valid e-mail address (e.g.: didn't match domain names longer than 3 chars or user@this-domain.de or user@multiple.level.dom) and needed to be with start (^) and end ($).
This ` [a-zA-Z0-9!#$%&'*+\/=?^_`{|}~-]+(?:\.[a-zA-Z0-9!#$%&'*+\/=?^_`{|}~-]+)*@(?:[a-zA-Z0-9](?:[a-zA-Z0-9-]*[a-zA-Z0-9])?\.)+[a-zA-Z0-9](?:[a-zA-Z0-9-]*[a-zA-Z0-9])? ` is not perfect (e.g: can't match oriental chars), but imho is much more complete. 

Regex tested with several e-mail addresses with Python 3.6.4 and Python 2.7.14 on Linux 4.14.
2018-03-06 18:12:36 +01:00
Alexandre Dulaunoy 297343b7fc
Merge pull request #169 from chrisr3d/master
Updated GoAML import including Object References
2018-03-05 21:35:18 +01:00
chrisr3d d885286792
Clarified functions arguments using a class 2018-03-05 19:59:30 +01:00
chrisr3d 4d7642ac91
add: Added Object References in the objects imported 2018-03-05 14:58:31 +01:00
Alexandre Dulaunoy b1dd21fd06
Merge pull request #168 from chrisr3d/goaml
GoAML import module & GoAML export updates
2018-03-02 11:39:23 +01:00
chrisr3d 82fe8ba78c
fix: Fixed input & output of the module 2018-03-02 11:03:21 +01:00
chrisr3d 0a96d44810 Merge branch 'master' of github.com:MISP/misp-modules into goaml 2018-03-02 09:56:33 +01:00
chrisr3d 70436b7ddb Merge branch 'csvimport' of github.com:chrisr3d/misp-modules into goaml 2018-03-02 09:40:46 +01:00
Alexandre Dulaunoy 8ad11e4be1
Merge pull request #167 from chrisr3d/csvimport
Updated csvimport
2018-03-02 09:15:54 +01:00
chrisr3d c9ef578262
Removed print 2018-03-02 09:09:12 +01:00
chrisr3d 8d345d8cf5 Merge branch 'master' of github.com:MISP/misp-modules into csvimport 2018-03-02 09:05:46 +01:00
chrisr3d e6c55f5dde
fix: Fixed input & output of the module
Also updated some functions
2018-03-02 09:03:51 +01:00
chrisr3d 03d20856d9
add: added goamlimport 2018-02-28 22:46:39 +01:00
chrisr3d 323f71cdd3
Fixed some details about the module output 2018-02-28 17:41:45 +01:00
chrisr3d 8f5c08e2c6
Converting GoAML into MISPEvent 2018-02-28 15:07:55 +01:00
chrisr3d cad62464c5
Now parsing all the transaction attributes 2018-02-27 11:08:37 +01:00
chrisr3d a02dbd6a8d
fix: Fixed typo of the aml type for country codes 2018-02-26 18:52:28 +01:00
chrisr3d 478cd53912
add: Added dictionary to map aml types into MISP types 2018-02-26 18:13:43 +01:00
chrisr3d 5df2d309a0
typo 2018-02-26 15:58:53 +01:00
chrisr3d 81a6be17d3
chg: Structurded data 2018-02-26 11:47:35 +01:00
Alexandre Dulaunoy dba817fd95
Merge pull request #165 from chrisr3d/goaml
fix: Added an object checking
2018-02-23 16:12:22 +01:00
chrisr3d 359ac9100e
fix: typo in references mapping dictionary 2018-02-23 15:58:04 +01:00
Christian Studer 983b7da7b7
fix: Added an object checking
- Checking if there are objects in the event, and then if there is at least 1 transaction object
- This prevents the module from crashing, but does not guaranty having a valid GoAML file (depending on objects and their relations)
2018-02-22 16:55:52 +01:00
chrisr3d b2b0fccd47
fix: Added an object checking
- Checking if there are objects in the event, and then
  if there is at least 1 transaction object
- This prevents the module from crashing, but does not
  guaranty having a valid GoAML file (depending on
  objects and their relations)
2018-02-22 16:37:27 +01:00
chrisr3d 53b4a43448 Merge branch 'master' of github.com:chrisr3d/misp-modules into aml_import 2018-02-22 14:29:36 +01:00
Alexandre Dulaunoy 8728ff8bb6
Merge pull request #164 from chrisr3d/master
Latest fixes to make GoAML export module work
2018-02-22 11:24:37 +01:00
chrisr3d 694a63c8f3
add: Added an example file generated by GoAML export module 2018-02-22 10:29:05 +01:00
chrisr3d c942013812
chg: Modified the mapping dictionary to support misp-objects updates 2018-02-22 01:23:08 +01:00
chrisr3d 9b34602f73
Added GoAML export module in description 2018-02-22 01:22:08 +01:00
chrisr3d 5995458aab
fix: Added the moduleinfo field need to have MISP event in standard format 2018-02-21 17:14:26 +01:00
Alexandre Dulaunoy c3ac53a069
fix: goamlexport added 2018-02-20 17:18:36 +01:00
Alexandre Dulaunoy 60c4fd03b5
Merge pull request #163 from chrisr3d/master
GoAML export
2018-02-20 17:17:44 +01:00
chrisr3d f361fb4ee3
Reading the entire document, to create a big dictionary containing the data, as a beginning 2018-02-20 17:00:13 +01:00
chrisr3d 02b8938b2a
typo 2018-02-20 16:57:27 +01:00
chrisr3d 11dddb974b Merge branch 'master' of github.com:MISP/misp-modules 2018-02-20 15:18:45 +01:00
chrisr3d eb9e06f1cc
explicit name
Avoiding confusion with the coming import module for goaml
2018-02-20 15:18:12 +01:00