Calvin Krzywiec
dc0660acd0
feature: add qintel qsentry expansion module
2021-11-22 15:46:46 -05:00
Jean-Louis Huynen
84ecc19206
Merge branch 'MISP:main' into main
2021-10-26 15:12:12 +02:00
Jean-Louis Huynen
7967542be6
add: [passive-ssh] initial commit
2021-10-26 15:11:20 +02:00
rderkach
4fd3323220
Update Recorded future expansion module with the new data
...
In this release, we added new data that we have called Links.
It represents better and more filtered related data.
Also did some code formatting.
2021-10-25 18:01:05 +03:00
chrisr3d
be5635b0a4
fix: [yara_query] Fixed module input parsing
...
- The module used to work properly when called
from a single attribute enrichment, but was
broken when called from the hover enrichment
feature, because of the additional `persistent`
field used to define which type of hover
enrichment is queried
2021-10-15 17:18:29 +02:00
Alexandre Dulaunoy
4162ccb528
chg: [hashlookup] KnownMalicious field added
2021-09-24 15:35:14 +02:00
Alexandre Dulaunoy
b6e0c4ce53
chg: [hashlookup] add new fields such as source, SSDEEP and TLSH
2021-09-24 15:29:23 +02:00
Alexandre Dulaunoy
9783113a1e
fix: [hashlookup] FileName and size are not required fields and can be missing in a hashlookup record
2021-09-24 15:09:07 +02:00
Andras Iklody
4115b7607e
fix: added note about the Domaintools module being deprecated
...
- as requested by Domaintools, including a link to their own, up to date module
2021-09-09 13:57:29 +02:00
chrisr3d
82e0628fe7
chg: [hashlookup] Using the actual attribute types for FileName & FileSize
...
- Following the recent changes on the obejct template
to use `filename` as attribute type for the FileName
object relation instead of `text`
d2b93f5aa6
2021-08-26 15:19:36 +02:00
chrisr3d
1d7f0ee1f0
fix: [hashlookup] Fixed the errors handling
...
- Since the modules system is waiting for a dict,
we return `misperrors` instead of the actual
value of the 'error' key, and the module will
no longer fail when there is no result to parse
2021-08-26 15:02:32 +02:00
Alexandre Dulaunoy
73e78463d0
new: [hashlookup] new hashlookup module added
...
https://www.circl.lu/services/hashlookup/
2021-08-25 18:42:16 +02:00
Alexandre Dulaunoy
7b675f7857
Merge branch 'main' of github.com:MISP/misp-modules into main
2021-08-25 18:41:31 +02:00
Alexandre Dulaunoy
f40fc7ebc4
new: [hashlookup] new hashlookup module added
2021-08-25 18:38:09 +02:00
Martin Ohl
d2ed09d081
Create mcafee_insights_enrich.py
...
Module to expand IOC information with McAfee MVISION Insights
2021-08-13 14:55:08 +02:00
Jason Zhang
f5fdf343b8
Sanity checks
2021-08-12 11:08:09 +01:00
Brad Chiappetta
b3daa138f1
add cve support and enhance ip lookups
2021-08-09 15:37:37 -04:00
Jason Zhang
83fd44ed13
add vmware_nsx module
2021-07-29 12:13:31 +01:00
Alexandre Dulaunoy
354427d173
Merge pull request #507 from aaronkaplan/cof2misp
...
Cof2misp
2021-06-17 19:40:08 +02:00
Aaron Kaplan
4078119db0
fix the last issues of #493
...
(https://github.com/MISP/misp-modules/issues/493 )
2021-06-17 14:36:27 +00:00
Aaron Kaplan
d1aeafb3ae
unit test for dnsdbflex in lib/cof.py
2021-06-17 14:33:15 +00:00
Alexandre Dulaunoy
605231e089
chg :[virustotal_public] make flake8 happy
2021-06-11 14:54:07 +02:00
Alexandre Dulaunoy
94795e4993
chg: [virustotal] make flake8 happy
2021-06-11 14:51:30 +02:00
Alex Resnick
c4bc2408ad
add proxy configs for virus total modules
2021-05-28 14:53:35 -05:00
aaronkaplan
9813f7f7cb
Merge branch 'main' of https://github.com/MISP/misp-modules into cof2misp
2021-05-27 01:58:55 +02:00
aaronkaplan
6824b4e991
push version
2021-05-27 01:58:23 +02:00
aaronkaplan
4816844d16
Add a function to validate dnsdbflex output
...
add dnsdbflex parser. It's rather easy
Signed-off-by: aaronkaplan <aaron@lo-res.org>
2021-05-26 12:38:56 +02:00
aaronkaplan
bbe0a1efa8
Merge remote-tracking branch 'origin/cof2misp' into cof2misp
2021-05-26 12:17:18 +02:00
aaronkaplan
5b41c82f78
Add a function to validate dnsdbflex output
...
Signed-off-by: aaronkaplan <aaron@lo-res.org>
2021-05-26 12:16:11 +02:00
Rambatla Venkat Rao
6a731454f1
Updated Distribution Constant
2021-05-12 21:42:25 +05:30
Rambatla Venkat Rao
f6c0f68263
Default distribution setting to DNSDB Objects
2021-05-12 18:38:55 +05:30
Rambatla Venkat Rao
7aa6b39da8
Added a default distribution setting to Objects
2021-05-12 18:30:54 +05:30
Alexandre Dulaunoy
77035a82e0
chg: [cof2misp] bailiwick is optional
2021-05-11 14:46:16 +02:00
Sebdraven
382025453e
fix bug on loop
2021-05-07 14:38:42 +02:00
Sebdraven
eb48635ce5
remove print and variable unsuable
2021-05-07 14:07:18 +02:00
sebdraven
8491e169e0
Merge pull request #4 from MISP/main
...
merge
2021-05-07 12:34:33 +02:00
Sebdraven
d0c2f94354
add summary ip, domain and hostname
2021-05-07 12:27:11 +02:00
chrisr3d
dc3b892a42
Merge branch 'main' of github.com:MISP/misp-modules into main
2021-05-04 18:39:26 +02:00
chrisr3d
780590cee3
fix: [farsight_passivedns] Handling exceptions raised from a query error
...
- This can happen with for instance a wrong server URL
2021-05-04 18:36:56 +02:00
Alexandre Dulaunoy
bcc05c3337
Merge pull request #497 from aaronkaplan/cof2misp
...
Cof2misp
2021-05-04 18:27:33 +02:00
root
117200f334
oops, there was a minor error. print(..., file=sys.stDerr) . Typo!
2021-05-04 07:48:30 +00:00
aaronkaplan
09f0f3943a
Add license text. No logical changes in this commit
2021-05-04 09:44:47 +02:00
Alexandre Dulaunoy
c6d02cc177
chg: [cof2misp] debugging removed
2021-05-03 12:41:01 +02:00
Alexandre Dulaunoy
10b5295cdd
chg: [cof2misp] remove logging in the misp-modules
2021-05-03 12:27:52 +02:00
Alexandre Dulaunoy
8e55101dc8
chg: [cof2misp module] fix the import module/package "__init__.py" missing
2021-05-03 12:04:22 +02:00
chrisr3d
790090eb0b
chg: [farsight_passivedns] Updated the bailiwick attribute type, following the latest changes on the passive-dns object template
2021-05-03 11:25:37 +02:00
aaronkaplan
0c6a12ea60
Make teh special attributes *_ip and _domain not needed.
...
See the discussion in https://github.com/MISP/misp-objects/pull/314
2021-05-02 22:54:41 +00:00
aaronkaplan
5a3465844a
Make stub strict parser
2021-05-02 22:23:52 +00:00
aaronkaplan
763e10af5d
flake8, you suck
2021-05-02 22:01:09 +00:00
aaronkaplan
36904c688c
Merge branch 'cof2misp' of github.com:aaronkaplan/misp-modules into cof2misp
2021-05-02 21:49:40 +00:00