mirror of https://github.com/MISP/misp-modules
Compare commits
7 Commits
Author | SHA1 | Date |
---|---|---|
Alexandre Dulaunoy | 0a01b382f4 | |
Andreas Muehlemann | 85af573a74 | |
Alexandre Dulaunoy | 53d4cb3860 | |
Alexandre Dulaunoy | 1c963d3482 | |
Andreas Muehlemann | 8d240e3541 | |
Steve Clement | af1739cec5 | |
Steve Clement | 70543820eb |
263
REQUIREMENTS
263
REQUIREMENTS
|
@ -1,181 +1,112 @@
|
||||||
-i https://pypi.org/simple
|
-i https://pypi.org/simple
|
||||||
aiohttp==3.8.3
|
-e .
|
||||||
aiosignal==1.2.0 ; python_version >= '3.6'
|
-e git+https://github.com/D4-project/BGP-Ranking.git/@fd9c0e03af9b61d4bf0b67ac73c7208a55178a54#egg=pybgpranking&subdirectory=client
|
||||||
antlr4-python3-runtime==4.9.3
|
-e git+https://github.com/D4-project/IPASN-History.git/@fc5e48608afc113e101ca6421bf693b7b9753f9e#egg=pyipasnhistory&subdirectory=client
|
||||||
anyio==3.6.1 ; python_full_version >= '3.6.2'
|
-e git+https://github.com/MISP/PyIntel471.git@0df8d51f1c1425de66714b3a5a45edb69b8cc2fc#egg=pyintel471
|
||||||
|
-e git+https://github.com/MISP/PyMISP.git@b5b40ae2c5225a4b349c26294cfc012309a61352#egg=pymisp[fileobjects,openioc,virustotal,pdfexport]
|
||||||
|
-e git+https://github.com/Rafiot/uwhoisd.git@411572840eba4c72dc321c549b36a54ed5cea9de#egg=uwhois&subdirectory=client
|
||||||
|
-e git+https://github.com/cartertemm/ODTReader.git/@49d6938693f6faa3ff09998f86dba551ae3a996b#egg=odtreader
|
||||||
|
-e git+https://github.com/sebdraven/pydnstrails@48c1f740025c51289f43a24863d1845ff12fd21a#egg=pydnstrails
|
||||||
|
-e git+https://github.com/sebdraven/pyonyphe@1ce15581beebb13e841193a08a2eb6f967855fcb#egg=pyonyphe
|
||||||
|
-e git+https://github.com/stricaud/faup.git#egg=pyfaup&subdirectory=src/lib/bindings/python
|
||||||
|
aiohttp==3.4.4
|
||||||
|
antlr4-python3-runtime==4.8 ; python_version >= '3'
|
||||||
apiosintds==1.8.3
|
apiosintds==1.8.3
|
||||||
appdirs==1.4.4
|
|
||||||
argparse==1.4.0
|
argparse==1.4.0
|
||||||
assemblyline-client==4.5.0
|
assemblyline-client==3.7.3
|
||||||
async-timeout==4.0.2 ; python_version >= '3.6'
|
async-timeout==3.0.1
|
||||||
asynctest==0.13.0 ; python_version < '3.8'
|
attrs==19.3.0
|
||||||
attrs==22.1.0 ; python_version >= '3.5'
|
|
||||||
backoff==2.1.2 ; python_version >= '3.7' and python_version < '4.0'
|
|
||||||
backports.zoneinfo==0.2.1 ; python_version < '3.9'
|
|
||||||
backscatter==0.2.4
|
backscatter==0.2.4
|
||||||
beautifulsoup4==4.11.1
|
beautifulsoup4==4.8.2
|
||||||
bidict==0.22.0 ; python_version >= '3.7'
|
|
||||||
blockchain==1.4.4
|
blockchain==1.4.4
|
||||||
censys==2.1.8
|
censys==0.0.8
|
||||||
certifi==2022.9.24 ; python_version >= '3.6'
|
certifi==2019.11.28
|
||||||
cffi==1.15.1
|
cffi==1.14.0
|
||||||
chardet==5.0.0
|
chardet==3.0.4
|
||||||
charset-normalizer==2.1.1 ; python_full_version >= '3.6.0'
|
|
||||||
clamd==1.0.2
|
|
||||||
click==8.1.3 ; python_version >= '3.7'
|
|
||||||
click-plugins==1.1.1
|
click-plugins==1.1.1
|
||||||
colorama==0.4.5 ; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'
|
click==7.1.1
|
||||||
colorclass==2.2.2 ; python_version >= '2.6'
|
colorama==0.4.3
|
||||||
commonmark==0.9.1
|
cryptography==2.8
|
||||||
compressed-rtf==1.0.6
|
decorator==4.4.2
|
||||||
configparser==5.3.0 ; python_version >= '3.7'
|
deprecated==1.2.7
|
||||||
crowdstrike-falconpy==1.2.2
|
dnspython==1.16.0
|
||||||
cryptography==38.0.1 ; python_version >= '3.6'
|
domaintools-api==0.3.3
|
||||||
dateparser==1.1.1 ; python_version >= '3.5'
|
|
||||||
decorator==5.1.1 ; python_version >= '3.5'
|
|
||||||
deprecated==1.2.13 ; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'
|
|
||||||
dnsdb2==1.1.4
|
|
||||||
dnspython==2.2.1
|
|
||||||
domaintools-api==1.0.1
|
|
||||||
easygui==0.98.3
|
|
||||||
ebcdic==1.1.1
|
|
||||||
enum-compat==0.0.3
|
enum-compat==0.0.3
|
||||||
et-xmlfile==1.1.0 ; python_version >= '3.6'
|
ez-setup==0.9
|
||||||
extract-msg==0.36.3
|
|
||||||
ezodf==0.3.2
|
ezodf==0.3.2
|
||||||
filelock==3.8.0 ; python_version >= '3.7'
|
future==0.18.2
|
||||||
frozenlist==1.3.1 ; python_version >= '3.7'
|
futures==3.1.1
|
||||||
future==0.18.2 ; python_version >= '2.6' and python_version not in '3.0, 3.1, 3.2, 3.3'
|
geoip2==3.0.0
|
||||||
geoip2==4.6.0
|
httplib2==0.17.0
|
||||||
h11==0.12.0 ; python_version >= '3.6'
|
idna-ssl==1.1.0 ; python_version < '3.7'
|
||||||
httpcore==0.15.0 ; python_version >= '3.7'
|
idna==2.9
|
||||||
httplib2==0.20.4 ; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'
|
importlib-metadata==1.6.0 ; python_version < '3.8'
|
||||||
httpx==0.23.0 ; python_version >= '3.7'
|
isodate==0.6.0
|
||||||
idna==3.4 ; python_version >= '3.5'
|
jbxapi==3.4.0
|
||||||
imapclient==2.3.1
|
jsonschema==3.2.0
|
||||||
importlib-metadata==4.12.0 ; python_version < '3.8'
|
lief==0.10.1
|
||||||
importlib-resources==5.9.0 ; python_version < '3.9'
|
lxml==4.6.4
|
||||||
isodate==0.6.1
|
|
||||||
itsdangerous==2.1.2 ; python_version >= '3.7'
|
|
||||||
jaraco.classes==3.2.3 ; python_version >= '3.7'
|
|
||||||
jbxapi==3.18.0
|
|
||||||
jeepney==0.8.0 ; sys_platform == 'linux'
|
|
||||||
jinja2==3.1.2
|
|
||||||
json-log-formatter==0.5.1
|
|
||||||
jsonschema==4.16.0 ; python_version >= '3.7'
|
|
||||||
keyring==23.9.3 ; python_version >= '3.7'
|
|
||||||
lark-parser==0.12.0
|
|
||||||
lief==0.12.1
|
|
||||||
lxml==4.9.1
|
|
||||||
maclookup==1.0.3
|
maclookup==1.0.3
|
||||||
markdownify==0.5.3
|
maxminddb==1.5.2
|
||||||
markupsafe==2.1.1 ; python_version >= '3.7'
|
multidict==4.7.5
|
||||||
mattermostdriver==7.3.2
|
|
||||||
maxminddb==2.2.0 ; python_version >= '3.6'
|
|
||||||
.
|
|
||||||
more-itertools==8.14.0 ; python_version >= '3.5'
|
|
||||||
msoffcrypto-tool==5.0.0 ; python_version >= '3' and platform_python_implementation != 'PyPy' or (platform_system != 'Windows' and platform_system != 'Darwin')
|
|
||||||
multidict==6.0.2 ; python_version >= '3.7'
|
|
||||||
mwdblib==4.3.1
|
|
||||||
ndjson==0.3.1
|
|
||||||
np==1.0.2
|
np==1.0.2
|
||||||
numpy==1.21.6 ; python_version < '3.10' and platform_machine == 'aarch64'
|
numpy==1.21.4
|
||||||
oauth2==1.9.0.post1
|
oauth2==1.9.0.post1
|
||||||
git+https://github.com/cartertemm/ODTReader.git/@49d6938693f6faa3ff09998f86dba551ae3a996b#egg=odtreader
|
opencv-python==4.2.0.32
|
||||||
olefile==0.46 ; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'
|
pandas-ods-reader==0.1.4
|
||||||
oletools==0.60.1
|
pandas==1.3.4
|
||||||
opencv-python==4.6.0.66
|
passivetotal==1.0.31
|
||||||
openpyxl==3.0.10
|
pdftotext==2.1.4
|
||||||
packaging==21.3 ; python_version >= '3.6'
|
pillow==7.0.0
|
||||||
pandas==1.3.5
|
progressbar2==3.50.1
|
||||||
pandas-ods-reader==0.1.2
|
psutil==5.7.0
|
||||||
passivetotal==2.5.9
|
pycparser==2.20
|
||||||
pcodedmp==1.2.6
|
pycryptodome==3.9.7
|
||||||
pdftotext==2.2.2
|
pycryptodomex==3.9.7
|
||||||
pillow==9.2.0
|
pydeep==0.4
|
||||||
pkgutil-resolve-name==1.3.10 ; python_version < '3.9'
|
pyeupi==1.0
|
||||||
progressbar2==4.0.0 ; python_full_version >= '3.7.0'
|
|
||||||
psutil==5.9.2 ; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'
|
|
||||||
publicsuffixlist==0.8.0 ; python_version >= '2.6'
|
|
||||||
git+https://github.com/D4-project/BGP-Ranking.git/@68de39f6c5196f796055c1ac34504054d688aa59#egg=pybgpranking&subdirectory=client
|
|
||||||
pycparser==2.21
|
|
||||||
pycryptodome==3.15.0 ; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'
|
|
||||||
pycryptodomex==3.15.0 ; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'
|
|
||||||
pydeep2==0.5.1
|
|
||||||
git+https://github.com/sebdraven/pydnstrails@48c1f740025c51289f43a24863d1845ff12fd21a#egg=pydnstrails
|
|
||||||
pyeupi==1.1
|
|
||||||
pyfaup==1.2
|
|
||||||
pygeoip==0.3.2
|
pygeoip==0.3.2
|
||||||
pygments==2.13.0 ; python_version >= '3.6'
|
pyopenssl==19.1.0
|
||||||
git+https://github.com/MISP/PyIntel471.git@917272fafa8e12102329faca52173e90c5256968#egg=pyintel471
|
pyparsing==2.4.6
|
||||||
git+https://github.com/D4-project/IPASN-History.git/@a2853c39265cecdd0c0d16850bd34621c0551b87#egg=pyipasnhistory&subdirectory=client
|
pypdns==1.5.1
|
||||||
pymisp[email,fileobjects,openioc,pdfexport,url]==2.4.162
|
pypssl==2.1
|
||||||
git+https://github.com/sebdraven/pyonyphe@d1d6741f8ea4475f3bb77ff20c876f08839cabd1#egg=pyonyphe
|
pyrsistent==0.16.0
|
||||||
pyparsing==2.4.7 ; python_version >= '2.6' and python_version not in '3.0, 3.1, 3.2, 3.3'
|
pytesseract==0.3.3
|
||||||
pypdns==1.5.2
|
python-dateutil==2.8.2
|
||||||
pypssl==2.2
|
python-docx==0.8.10
|
||||||
pyrsistent==0.18.1 ; python_version >= '3.7'
|
python-magic==0.4.15
|
||||||
pytesseract==0.3.10
|
python-pptx==0.6.18
|
||||||
python-baseconv==1.2.2
|
python-utils==2.4.0
|
||||||
python-dateutil==2.8.2 ; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'
|
pytz==2021.3
|
||||||
python-docx==0.8.11
|
pyyaml==5.3.1
|
||||||
python-engineio==4.3.4 ; python_version >= '3.6'
|
pyzbar==0.1.8
|
||||||
python-magic==0.4.27
|
pyzipper==0.3.1 ; python_version >= '3.5'
|
||||||
python-pptx==0.6.21
|
rdflib==4.2.2
|
||||||
python-socketio[client]==5.7.1 ; python_version >= '3.6'
|
redis==3.4.1
|
||||||
python-utils==3.3.3 ; python_version >= '3.7'
|
reportlab==3.5.42
|
||||||
pytz==2019.3
|
requests-cache==0.5.2
|
||||||
pytz-deprecation-shim==0.1.0.post0 ; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4, 3.5'
|
requests[security]==2.23.0
|
||||||
pyyaml==6.0 ; python_version >= '3.6'
|
shodan==1.22.0
|
||||||
pyzbar==0.1.9
|
sigmatools==0.16.0
|
||||||
pyzipper==0.3.6 ; python_version >= '3.5'
|
six==1.16.0
|
||||||
rdflib==6.2.0 ; python_version >= '3.7'
|
socketio-client==0.5.6
|
||||||
redis==4.3.4 ; python_version >= '3.6'
|
soupsieve==2.0
|
||||||
regex==2022.3.2 ; python_version >= '3.6'
|
sparqlwrapper==1.8.5
|
||||||
reportlab==3.6.11
|
stix2-patterns==1.3.0
|
||||||
requests==2.28.1
|
tabulate==0.8.7
|
||||||
requests-cache==0.6.4 ; python_version >= '3.6'
|
tornado==6.0.4
|
||||||
requests-file==1.5.1
|
trustar==0.3.28
|
||||||
rfc3986[idna2008]==1.5.0
|
url-normalize==1.4.1
|
||||||
rich==12.5.1 ; python_full_version >= '3.6.3' and python_full_version < '4.0.0'
|
|
||||||
rtfde==0.0.2
|
|
||||||
secretstorage==3.3.3 ; sys_platform == 'linux'
|
|
||||||
setuptools==65.4.0 ; python_version >= '3.7'
|
|
||||||
shodan==1.28.0
|
|
||||||
sigmatools==0.19.1
|
|
||||||
simplejson==3.17.6 ; python_version >= '2.5' and python_version not in '3.0, 3.1, 3.2, 3.3'
|
|
||||||
six==1.16.0 ; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'
|
|
||||||
sniffio==1.3.0 ; python_version >= '3.7'
|
|
||||||
socialscan==1.4.2
|
|
||||||
socketio-client==0.5.7.4
|
|
||||||
soupsieve==2.3.2.post1 ; python_version >= '3.6'
|
|
||||||
sparqlwrapper==2.0.0
|
|
||||||
stix2==3.0.1
|
|
||||||
stix2-patterns==2.0.0
|
|
||||||
tabulate==0.8.10 ; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'
|
|
||||||
tau-clients==0.2.9
|
|
||||||
taxii2-client==2.3.0
|
|
||||||
tldextract==3.3.1 ; python_version >= '3.7'
|
|
||||||
tornado==6.2 ; python_version >= '3.7'
|
|
||||||
tqdm==4.64.1 ; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'
|
|
||||||
git+https://github.com/SteveClement/trustar-python.git@6954eae38e0c77eaeef26084b6c5fd033925c1c7#egg=trustar
|
|
||||||
typing-extensions==4.3.0 ; python_version < '3.8'
|
|
||||||
tzdata==2022.4 ; python_version >= '3.6'
|
|
||||||
tzlocal==4.2 ; python_version >= '3.6'
|
|
||||||
unicodecsv==0.14.1
|
|
||||||
url-normalize==1.4.3 ; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4, 3.5'
|
|
||||||
urlarchiver==0.2
|
urlarchiver==0.2
|
||||||
urllib3==1.26.12 ; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4, 3.5' and python_version < '4'
|
urllib3==1.25.8
|
||||||
validators==0.14.0
|
validators==0.14.0
|
||||||
vt-graph-api==2.2.0
|
vt-graph-api==1.0.1
|
||||||
vt-py==0.17.1
|
vulners==1.5.5
|
||||||
vulners==2.0.4
|
wand==0.5.9
|
||||||
wand==0.6.10
|
websocket-client==0.57.0
|
||||||
websocket-client==1.4.1 ; python_version >= '3.7'
|
wrapt==1.12.1
|
||||||
websockets==10.3 ; python_version >= '3.7'
|
xlrd==1.2.0
|
||||||
wrapt==1.14.1 ; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'
|
xlsxwriter==1.2.8
|
||||||
xlrd==2.0.1
|
|
||||||
xlsxwriter==3.0.3 ; python_version >= '3.4'
|
|
||||||
yara-python==3.8.1
|
yara-python==3.8.1
|
||||||
yarl==1.8.1 ; python_version >= '3.7'
|
yarl==1.4.2
|
||||||
zipp==3.8.1 ; python_version >= '3.7'
|
zipp==3.1.0
|
||||||
|
|
|
@ -2,10 +2,10 @@ import json
|
||||||
from dns import reversename, resolver, exception
|
from dns import reversename, resolver, exception
|
||||||
|
|
||||||
misperrors = {'error': 'Error'}
|
misperrors = {'error': 'Error'}
|
||||||
mispattributes = {'input': ['ip-src', 'ip-dst', 'domain|ip'], 'output': ['hostname']}
|
mispattributes = {'input': ['ip-src', 'ip-dst', 'domain|ip', 'ip-src|port', 'ip-dst|port'], 'output': ['hostname']}
|
||||||
|
|
||||||
# possible module-types: 'expansion', 'hover' or both
|
# possible module-types: 'expansion', 'hover' or both
|
||||||
moduleinfo = {'version': '0.1', 'author': 'Andreas Muehlemann',
|
moduleinfo = {'version': '0.3', 'author': 'Andreas Muehlemann',
|
||||||
'description': 'Simple Reverse DNS expansion service to resolve reverse DNS from MISP attributes',
|
'description': 'Simple Reverse DNS expansion service to resolve reverse DNS from MISP attributes',
|
||||||
'module-type': ['expansion', 'hover']}
|
'module-type': ['expansion', 'hover']}
|
||||||
|
|
||||||
|
@ -23,6 +23,10 @@ def handler(q=False):
|
||||||
toquery = request['ip-src']
|
toquery = request['ip-src']
|
||||||
elif request.get('domain|ip'):
|
elif request.get('domain|ip'):
|
||||||
toquery = request['domain|ip'].split('|')[1]
|
toquery = request['domain|ip'].split('|')[1]
|
||||||
|
elif request.get('ip-src|port'):
|
||||||
|
toquery = request['ip-src|port'].split('|')[0]
|
||||||
|
elif request.get('ip-dst|port'):
|
||||||
|
toquery = request['ip-dst|port'].split('|')[0]
|
||||||
else:
|
else:
|
||||||
return False
|
return False
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue