MISP
/
misp-modules
mirror of https://github.com/MISP/misp-modules
2
0
Fork 0
Code Issues Releases Wiki Activity
2,248 Commits
23 Branches
47 Tags
23 MiB
Commit Graph

849 Commits (v2.4.175)

Author SHA1 Message Date
Luciano Righetti 1bbe16eabc fix: remove unused import 2023-08-03 11:57:53 +02:00
Luciano Righetti 10c333cd1c
Merge pull request #628 from righel/add-sigmf-expand-module 
new: add sigmf module to expand a sigmf recording object template
 2023-08-03 09:37:50 +02:00
Luciano Righetti 23069a7c5d add: support extracting sigmf archives into sigmf recordings 2023-08-03 09:25:46 +02:00
Sami Mokaddem 296c7fb16a
Merge branch 'main' of github.com:MISP/misp-modules into main 2023-07-13 10:15:14 -04:00
Sami Mokaddem fb86bb0510
chg: [expansion:extract_url_components] Better support in case attributes are not defined 2023-07-13 10:14:04 -04:00
Sami Mokaddem fa9854e6cd
Merge pull request #629 from TinyHouseHippos/abuseipdb_googlesafebrowsing 
Added the new attribute and tags for AbuseIPDB and added the google s…
 2023-07-13 10:08:00 -04:00
Steph S 43e1eb07d0 Added the new attribute and tags for AbuseIPDB and added the google safe browsing expansion module 2023-07-13 09:33:59 -04:00
Luciano Righetti df2183ce54 fix: properly read samples in different datatypes 2023-07-13 11:06:25 +02:00
Luciano Righetti e26bfef477 fix: remove debug 2023-07-12 15:51:50 +02:00
Luciano Righetti 3f0fa14545 new: add waterfall plot to the expanded object 2023-07-12 15:34:44 +02:00
Luciano Righetti 5e2957b13f new: add sigmf module to expand a sigmf recording object template 2023-07-11 16:42:33 +02:00
Alexandre Dulaunoy 93bae11e33
Merge pull request #627 from hyasinfosec/main 
Added User Agent
 2023-07-11 06:35:41 +02:00
Alexandre Dulaunoy 8401470359
Merge pull request #626 from GeekWeekSteph/abuseipdb2 
Fixed object reference issue for the AbuseIPDB expansion module
 2023-07-11 06:35:05 +02:00
Rambatla Venkat Rao 7d006566cf
Added User Agent 2023-07-11 08:26:16 +05:30
Steph S 513d292994 Fixed object reference issue for the AbuseIPDB expansion module 2023-07-10 17:14:15 -04:00
Alexandre Dulaunoy ea0c6f9ac2
Merge pull request #625 from GeekWeekSteph/abuseipdb 
Added AbuseIPDB expansion module
 2023-07-10 21:56:50 +02:00
Steph S 53b7a76824 Added AbuseIPDB expansion module 2023-07-10 15:08:47 -04:00
Davide 702158ab16 Bug fix 2023-07-09 13:37:19 +02:00
Davide 4e00e60951 Bug fix 2023-07-09 13:35:47 +02:00
Davide 80dba63a8b Module updated to apiosintDSv2.0 2023-07-09 12:42:59 +02:00
Koen Van Impe 436ed0cea9 Small bug fix for vulners - vulners_ai_score 2023-07-04 16:17:05 +02:00
Usama015 15728bb801 updated Description and removed redundant comments 2023-06-14 12:23:04 +05:00
Usama015 2d3631cd41 updated 2023-06-13 18:58:04 +05:00
Usama015 ea2ccc1004 updated 2023-06-13 18:57:33 +05:00
Usama015 ee5d503fc4 resolved Exception 2023-06-13 17:47:50 +05:00
Usama015 5b5eaddf5e added Reverse API 2023-06-13 16:38:56 +05:00
Usama015 bb60e4742e updated 2023-06-13 15:47:07 +05:00
Usama015 91fce45f82 updated 2023-06-13 12:45:10 +05:00
Usama015 a90a70613b updated whoisfreaks module 2023-06-13 12:36:24 +05:00
Usama015 c0df182aa0 added whoisfreaks module in MISP 2023-06-12 19:00:41 +05:00
Christian Studer 51339c2a82
fix: [crowdsec] Kepping the original attribute used to query the module unchanged 2023-05-26 15:14:44 +02:00
Christian Studer 52ce2cf043
chg: [crowdsec] Added new attributes as describbed in the `crowdsec-ip-context` object template, and tags describbed in the crowdsec taxonomy to the IP address 2023-05-26 14:26:26 +02:00
Christian Studer 64d3a3e5a4
fix: [crowdsec] Typo 2023-05-23 13:34:52 +02:00
Christian Studer 6eea5f61d4
fix: [crowdsec] Fixed the `reverse_dns` field parsing & added the `background-noise` attribute 2023-05-23 13:20:52 +02:00
Christian Studer ddd8b8513e
add: [expansion modules] Added `ipinfo` to the expansion modules list in `__init__` 2023-05-16 16:09:04 +02:00
Christian Studer 196939d205
chg: [crowdsec] Updated the module to support the recently added `crowdsec-ip-context` object template 2023-05-12 12:16:22 +02:00
Christian Studer 51cf8524ad
fix: [crowdsec] Fixed the module input handling 
- Made the module an expansion module as it is the
  standard type, and `hover` usually is the option
- Better input handling, checking now for the
  `attribute` field as the information of the full
  attribute is passed in misp standard format and
  not only its type and value
- As for now only `v2` is supported as API version
  we removed the parameter to avoid confusion. It
  can be added back later when multiple versions
  are supported
 2023-05-11 16:12:07 +02:00
Alexandre Dulaunoy 98b766cbdc
fix: [crowdsec] more need to be fully supporting MISP standard format 2023-05-11 15:25:34 +02:00
Alexandre Dulaunoy 337dcf7acb
fix: [crowdsec] version 2 2023-05-11 15:21:31 +02:00
Alexandre Dulaunoy fe778dd576
fix: [crowdsec] set default version and expansion added 2023-05-11 15:18:26 +02:00
Alexandre Dulaunoy 113a112001
fix: [dbl_spamhaus] if you want to run local test, the dns module 
expansion is taking over from the original dnspython3 library.

The trick is just to get rid of the syspath to exclude the local
directory until the proper library is loaded.
 2023-04-02 10:11:24 +02:00
Christian Studer 9892c8db88 Merge branch 'main' of github.com:MISP/misp-modules into new_module 2023-03-27 17:46:42 +02:00
Brad Chiappetta b3865b33b7 refactor for sdk and expansion 2023-03-10 12:56:26 -05:00
Christian Studer 69deb8d10b
add: [ipinfo] First version of a new module to query ipinfo.io 
- First version addressing the request from #600
- Straight forward parsing of the `geolocation`,
  `domain-ip` and `asn` information returned by
  the standard API endpoint (ipinfo.io/{ip_address})
 2023-02-21 13:04:24 +01:00
Shivam Sandbhor 2c9b953f23 Set user agent of crowdsec misp module to crowdsec-misp/v1.0.0 
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
 2023-02-20 10:11:38 +05:30
Alexandre Dulaunoy b7bd679b1c
fix: [url_import/url] added in __init__ 2022-11-08 06:23:40 +01:00
Christian Studer cb8f55425c
fix: [crowdsec] Fixed the __init__ files 2022-11-07 23:44:40 +01:00
Sami Mokaddem 9bf7e15053
new: [expansion] Added extract_url_components module to create an object from an URL attribute 2022-11-06 17:28:00 +01:00
Shivam Sandbhor 382d8036d9 Add crowdsec module 
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
 2022-10-28 12:19:35 +05:30
Christian Studer e18ac776bb
fix: [variodbs] Fixed indentation issue 
- if `exploit_results` is empty, we should not go
  any further in the query for next values exploit
  results
 2022-10-27 09:50:24 +02:00