Commit Graph

2474 Commits (feeeaddeb1640a7af6cbee3056110335507156e6)

Author SHA1 Message Date
Alexandre Dulaunoy 98b766cbdc
fix: [crowdsec] more need to be fully supporting MISP standard format 2023-05-11 15:25:34 +02:00
Alexandre Dulaunoy 337dcf7acb
fix: [crowdsec] version 2 2023-05-11 15:21:31 +02:00
Alexandre Dulaunoy fe778dd576
fix: [crowdsec] set default version and expansion added 2023-05-11 15:18:26 +02:00
Christian Studer 5b42f9056a Merge branch 'main' of github.com:MISP/misp-modules 2023-04-28 14:48:01 +02:00
Alexandre Dulaunoy c1168ac627
fix: [test] pdftotext output check
The important part is the matching text from the PDF not any trailling
which might be different depending of the encoding.
2023-04-02 10:47:41 +02:00
Alexandre Dulaunoy 113a112001
fix: [dbl_spamhaus] if you want to run local test, the dns module
expansion is taking over from the original dnspython3 library.

The trick is just to get rid of the syspath to exclude the local
directory until the proper library is loaded.
2023-04-02 10:11:24 +02:00
Alexandre Dulaunoy 5aa47e7aeb
Merge pull request #603 from MISP/new_module
New module to query ipinfo.io to gather additional information on an IP address
2023-03-29 19:13:54 +02:00
Christian Studer 78b06ea51b Merge branch 'main' of github.com:MISP/misp-modules 2023-03-27 17:48:30 +02:00
Christian Studer 9892c8db88 Merge branch 'main' of github.com:MISP/misp-modules into new_module 2023-03-27 17:46:42 +02:00
Alexandre Dulaunoy d275ec5d07
Merge pull request #607 from crowdsecurity/add_crowdsec_doc
Add crowdsec json doc
2023-03-21 18:16:48 +01:00
Shivam Sandbhor f20f9d3043 Add crowdsec json doc
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
2023-03-21 19:09:14 +05:30
Alexandre Dulaunoy 8b4efbfd59
chg: [mkdocs] config updated 2023-03-20 18:10:59 +01:00
Alexandre Dulaunoy 494c7bbef1
Merge pull request #605 from maikwuerth/main
Updated Defender export module
2023-03-12 09:06:11 +01:00
Alexandre Dulaunoy 901c86b0ac
Merge pull request #606 from GreyNoise-Intelligence/greynoise-add-expansion
[greynoise] add expansion and refactor
2023-03-10 23:41:34 +01:00
Brad Chiappetta 6a46bd61a2 update message in test_expansions 2023-03-10 13:55:33 -05:00
Brad Chiappetta b3865b33b7 refactor for sdk and expansion 2023-03-10 12:56:26 -05:00
Maik Würth ff92b2c5cc updated moduleInfo 2023-03-10 16:17:56 +01:00
Maik Würth db5e56c7b2 Added support for SHA256 and MISPObject attributes to Defender export module. 2023-03-10 16:08:49 +01:00
Maik Würth 8cc4774be5 Export object attributes with Defender export module. 2023-03-10 15:48:28 +01:00
Christian Studer f40f61fc18
add: [documentation] Added documentation for the new ipinfo.io module & updated the main readme file 2023-02-21 15:21:56 +01:00
Christian Studer 69deb8d10b
add: [ipinfo] First version of a new module to query ipinfo.io
- First version addressing the request from #600
- Straight forward parsing of the `geolocation`,
  `domain-ip` and `asn` information returned by
  the standard API endpoint (ipinfo.io/{ip_address})
2023-02-21 13:04:24 +01:00
Christian Studer 81f94d96fd Merge branch 'main' of github.com:MISP/misp-modules into new_module 2023-02-20 18:59:34 +01:00
Christian Studer 33650819e9 Merge branch 'main' of github.com:MISP/misp-modules 2023-02-20 18:39:13 +01:00
Alexandre Dulaunoy 8579cbb260
chg: [REQUIREMENTS] remove specific version of psutil as mentioned in #593 2023-02-20 10:16:34 +01:00
Alexandre Dulaunoy f09fe8d243
Merge pull request #602 from crowdsecurity/crowdsec_user_agent
Set user agent of crowdsec misp module to crowdsec-misp/v1.0.0
2023-02-20 06:44:18 +01:00
Shivam Sandbhor 2c9b953f23 Set user agent of crowdsec misp module to crowdsec-misp/v1.0.0
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
2023-02-20 10:11:38 +05:30
Christian Studer 2e7ab05972 Merge branch 'main' of github.com:MISP/misp-modules into new_module 2023-02-09 15:52:57 +01:00
Christian Studer 4cd5f4baf0 Merge branch 'main' of github.com:MISP/misp-modules 2022-11-21 11:46:45 +01:00
Alexandre Dulaunoy b7bd679b1c
fix: [url_import/url] added in __init__ 2022-11-08 06:23:40 +01:00
Christian Studer cb8f55425c
fix: [crowdsec] Fixed the __init__ files 2022-11-07 23:44:40 +01:00
Christian Studer b9f97567c5 Merge branch 'main' of github.com:MISP/misp-modules 2022-11-07 23:35:21 +01:00
Sami Mokaddem 9bf7e15053
new: [expansion] Added extract_url_components module to create an object from an URL attribute 2022-11-06 17:28:00 +01:00
Sami Mokaddem 359e3cc21f
Merge branch 'main' of github.com:MISP/misp-modules into main 2022-11-06 17:22:58 +01:00
Sami Mokaddem 4e25a6c126
new: [import] import_blueprint to facilitate an easy-to-use blueprint for data import 2022-11-06 17:21:50 +01:00
Sami Mokaddem 8c053d90b1
new: [import] Url_import module to convert batch of URLs into url objects 2022-11-06 17:21:24 +01:00
Alexandre Dulaunoy b8de83e9f5
Merge pull request #590 from crowdsecurity/main
Add crowdsec module
2022-10-30 22:56:22 +01:00
Shivam Sandbhor 382d8036d9 Add crowdsec module
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
2022-10-28 12:19:35 +05:30
Alexandre Dulaunoy eaebba2912
chg: [mkdocs] updated doc 2022-10-27 10:15:58 +02:00
Alexandre Dulaunoy ea071519b2
chg: [mkdows] footer updated 2022-10-27 10:15:25 +02:00
Alexandre Dulaunoy e8cb47a8c7
chg: [doc] updated 2022-10-27 10:14:56 +02:00
Christian Studer e18ac776bb
fix: [variodbs] Fixed indentation issue
- if `exploit_results` is empty, we should not go
  any further in the query for next values exploit
  results
2022-10-27 09:50:24 +02:00
Christian Studer 5526c2c195
add: [variotdbs] Updated the exploit object mapping to support the object attributes recently added to the `exploit` template 2022-10-26 11:35:59 +02:00
Christian Studer 8e97bf9938
chg: [cve_advanced] Updated the module to use cvepremium & a few improvements 2022-10-25 22:20:30 +02:00
Christian Studer 38a6dc810e
fix: [variodbs] Properly handling the exploit results when there is more that 10 results
- We keep querying the VARIoT db API with the link
  of the next content until there is no next result
2022-10-24 16:18:22 +02:00
Christian Studer b964b5e2a6
fix: [variodbs] Fixed the empty vulnerability results case handling, to avoid the module to stop before looking for related exploits 2022-10-24 15:43:04 +02:00
Christian Studer 3db8fa63db Merge branch 'new_module' of github.com:MISP/misp-modules 2022-10-24 15:31:17 +02:00
Christian Studer a93b382f1f
add: [readme] Added description for the variotdbs module 2022-10-24 15:25:56 +02:00
Christian Studer 27673d0516
add: [documentation] Regenerated documentation with the recently added modules description 2022-10-24 15:23:20 +02:00
Christian Studer 5376993ba9
add: [documentation] Added documentation for the variotdbs module 2022-10-24 15:20:42 +02:00
Christian Studer 153ca8d3d4
add: [variotdbs] Added the exploit information parsing
- Following a recent change on the variotdbs API
  allowing requests to get exploits information
  base on a CVE number
2022-10-24 15:01:54 +02:00