Commit Graph

1938 Commits (v2.4.150)

Author SHA1 Message Date
chrisr3d be5635b0a4
fix: [yara_query] Fixed module input parsing
- The module used to work properly when called
  from a single attribute enrichment, but was
  broken when called from the hover enrichment
  feature, because of the additional `persistent`
  field used to define which type of hover
  enrichment is queried
2021-10-15 17:18:29 +02:00
Alexandre Dulaunoy 4162ccb528
chg: [hashlookup] KnownMalicious field added 2021-09-24 15:35:14 +02:00
Alexandre Dulaunoy b6e0c4ce53
chg: [hashlookup] add new fields such as source, SSDEEP and TLSH 2021-09-24 15:29:23 +02:00
Alexandre Dulaunoy 9783113a1e
fix: [hashlookup] FileName and size are not required fields and can be missing in a hashlookup record 2021-09-24 15:09:07 +02:00
Luciano Righetti e7488791d3 fix: add missing dependency (ndjson) of cof2misp1 2021-09-20 15:17:12 +02:00
Andras Iklody 4115b7607e
fix: added note about the Domaintools module being deprecated
- as requested by Domaintools, including a link to their own, up to date module
2021-09-09 13:57:29 +02:00
Alexandre Dulaunoy 1a86419331
Merge pull request #520 from aaronkaplan/fix-github-alerts
Fix github's security alert: fix
2021-08-26 17:47:32 +02:00
aaronkaplan 327ee8e5c3 Fix github's security alert: fix
* CVE-2021-28676
* CVE-2021-25287
* CVE-2021-28675
* CVE-2021-28678
* CVE-2021-25288
* CVE-2021-28677
2021-08-26 14:29:23 +00:00
chrisr3d 82e0628fe7
chg: [hashlookup] Using the actual attribute types for FileName & FileSize
- Following the recent changes on the obejct template
  to use `filename` as attribute type for the FileName
  object relation instead of `text`
  d2b93f5aa6
2021-08-26 15:19:36 +02:00
chrisr3d 1d7f0ee1f0
fix: [hashlookup] Fixed the errors handling
- Since the modules system is waiting for a dict,
  we return `misperrors` instead of the actual
  value of the 'error' key, and the module will
  no longer fail when there is no result to parse
2021-08-26 15:02:32 +02:00
Alexandre Dulaunoy 7645b97bf7
chg: [hashlookup] logo updated 2021-08-25 21:44:20 +02:00
Alexandre Dulaunoy 525678eab6
new: [hashlookup] documentation added 2021-08-25 21:42:30 +02:00
Alexandre Dulaunoy 1a90237a21
chg: [logo] CIRCL logo added for hashlookup service 2021-08-25 21:41:08 +02:00
Alexandre Dulaunoy 73e78463d0
new: [hashlookup] new hashlookup module added
https://www.circl.lu/services/hashlookup/
2021-08-25 18:42:16 +02:00
Alexandre Dulaunoy 7b675f7857
Merge branch 'main' of github.com:MISP/misp-modules into main 2021-08-25 18:41:31 +02:00
Alexandre Dulaunoy da6092f9e1
Revert "fix: [greynoise] typo fixed"
This reverts commit e36e3ea117.
2021-08-25 18:41:08 +02:00
Alexandre Dulaunoy f40fc7ebc4
new: [hashlookup] new hashlookup module added 2021-08-25 18:38:09 +02:00
Alexandre Dulaunoy d9a9864f32
Merge pull request #519 from Lastline-Inc/main
Update dependency files
2021-08-24 15:01:57 +02:00
Jason Zhang 05578b6a0d Update dependency files 2021-08-24 12:31:23 +01:00
Alexandre Dulaunoy dddb698a65
Merge pull request #517 from mohlcyber/main
Added McAfee MVISION Insights Expansion Module
2021-08-13 16:49:51 +02:00
Martin Ohl 431d081227
Added McAfee MVISION Insights 2021-08-13 14:57:15 +02:00
Martin Ohl 209411c6fc
Update README.md 2021-08-13 14:56:30 +02:00
Martin Ohl d2ed09d081
Create mcafee_insights_enrich.py
Module to expand IOC information with McAfee MVISION Insights
2021-08-13 14:55:08 +02:00
Alexandre Dulaunoy e36e3ea117
fix: [greynoise] typo fixed 2021-08-13 14:11:12 +02:00
Alexandre Dulaunoy 5507d65ef2
Merge pull request #516 from Lastline-Inc/main
Sanity checks
2021-08-13 07:43:48 +02:00
Jason Zhang f5fdf343b8 Sanity checks 2021-08-12 11:08:09 +01:00
Alexandre Dulaunoy b4938c77cb
Merge pull request #515 from GreyNoise-Intelligence/greynoise_update_doc_json
Update the greynoise.json file
2021-08-11 06:59:01 +02:00
Brad Chiappetta 859d7d2a82 update greynoise.json 2021-08-09 16:46:33 -04:00
Alexandre Dulaunoy e57393a71d
Merge pull request #514 from GreyNoise-Intelligence/greynoise-add-cve-enhance-ip
Add CVE Lookup and Enhance IP Lookup
2021-08-09 22:28:17 +02:00
Brad Chiappetta baa31c464c documenation updates 2021-08-09 15:52:49 -04:00
Brad Chiappetta b3daa138f1 add cve support and enhance ip lookups 2021-08-09 15:37:37 -04:00
Alexandre Dulaunoy 260a521794
Merge pull request #513 from Lastline-Inc/main
Add vmware_nsx module
2021-07-29 18:56:19 +02:00
Jason Zhang 83fd44ed13 add vmware_nsx module 2021-07-29 12:13:31 +01:00
Alexandre Dulaunoy 354427d173
Merge pull request #507 from aaronkaplan/cof2misp
Cof2misp
2021-06-17 19:40:08 +02:00
Aaron Kaplan 4078119db0 fix the last issues of #493
(https://github.com/MISP/misp-modules/issues/493)
2021-06-17 14:36:27 +00:00
Aaron Kaplan d1aeafb3ae unit test for dnsdbflex in lib/cof.py 2021-06-17 14:33:15 +00:00
Alexandre Dulaunoy 605231e089
chg :[virustotal_public] make flake8 happy 2021-06-11 14:54:07 +02:00
Alexandre Dulaunoy 3e53398dee
chg: [travis] flake8 updated 2021-06-11 14:52:28 +02:00
Alexandre Dulaunoy 94795e4993
chg: [virustotal] make flake8 happy 2021-06-11 14:51:30 +02:00
Alexandre Dulaunoy 7248eb72e5
chg: [requirements] remove the pypi index from the requirements
This fixes #505 but we need to find a clean solution for Pipfile generating
it.
2021-06-11 11:22:25 +02:00
Alexandre Dulaunoy f422463f70
chg: [tests] btc_steroid not working via CI 2021-06-11 11:19:57 +02:00
Alexandre Dulaunoy cb12d8a055
chg: [travis] remove old docker before install 2021-06-10 07:04:18 +02:00
Raphaël Vinot 99b13eed43 chg: Bump deps 2021-06-09 14:42:49 -07:00
Raphaël Vinot 1004bb8bb7 chg: Bump deps 2021-06-09 14:31:27 -07:00
Alexandre Dulaunoy e720c11501
Merge pull request #501 from legoguy1000/virustotal-proxy
Add proxy configs for virus total modules
2021-05-28 23:10:57 +02:00
Alex Resnick c4bc2408ad add proxy configs for virus total modules 2021-05-28 14:53:35 -05:00
aaronkaplan 9813f7f7cb
Merge branch 'main' of https://github.com/MISP/misp-modules into cof2misp 2021-05-27 01:58:55 +02:00
aaronkaplan 6824b4e991
push version 2021-05-27 01:58:23 +02:00
aaronkaplan 4816844d16
Add a function to validate dnsdbflex output
add dnsdbflex parser. It's rather easy

Signed-off-by: aaronkaplan <aaron@lo-res.org>
2021-05-26 12:38:56 +02:00
aaronkaplan bbe0a1efa8
Merge remote-tracking branch 'origin/cof2misp' into cof2misp 2021-05-26 12:17:18 +02:00