Modules for expansion services, import and export in MISP http://misp.github.io/misp-modules
 
 
 
 
Go to file
Karen Yousefi dce7fc1c18
Update expansion.md
Add: virustotal upload 
malshare upload
triage submit
2024-08-16 18:55:58 -07:00
.github/workflows fix: [tests] fix yara issue in unit tests 2024-08-10 07:12:20 +02:00
docker
docs chg: [doc] make deploy 2024-08-13 09:21:36 +02:00
documentation Update expansion.md 2024-08-16 18:55:58 -07:00
etc/systemd/system Update misp-modules.service 2022-08-07 18:27:38 +02:00
misp_modules Add Triage Submit 2024-08-16 18:52:01 -07:00
tests fix: fixes issues added in latest commit 2024-08-12 11:34:13 +02:00
tools
var
website chg: [query] query as same 2024-07-08 16:06:29 +02:00
.gitchangelog.rc
.gitignore chg: [doc] Big doc revamp #680 2024-08-12 11:23:10 +02:00
.gitmodules Contribute a TAXII 2.1 import style misp-module. 2022-01-11 21:54:09 -05:00
.travis.yml
ChangeLog.md
DOC-REQUIREMENTS new: [REQUIREMENTS] for the documentation generation 2022-01-07 12:10:21 +01:00
LICENSE
Makefile fix: [make] be sure the version of misp_modules installed are the one 2024-08-13 08:21:53 +02:00
Pipfile fix: [tests] fix yara issue in unit tests 2024-08-10 07:12:20 +02:00
Pipfile.lock fix: [tests] fix yara issue in unit tests 2024-08-10 07:12:20 +02:00
README.md Update README.md 2024-08-16 18:54:14 -07:00
README.rst
REQUIREMENTS fix: [tests] fix yara issue in unit tests 2024-08-10 07:12:20 +02:00
mkdocs.yml chg: [doc] shorten README + link to githubio 2024-08-13 09:05:44 +02:00
pyproject.toml
setup.py fix: [setup] Fixed potential conflicts with libraries in python 3.10 install 2022-05-24 17:05:21 +02:00

README.md

MISP modules

Build statusCoverage Status codecov

MISP modules are autonomous modules that can be used to extend MISP for new services such as expansion, import, export and workflow action.

MISP modules can be also installed and used without MISP as a standalone tool accessible via a convenient web interface.

The modules are written in Python 3 following a simple API interface. The objective is to ease the extensions of MISP functionalities without modifying core components. The API is available via a simple REST API which is independent from MISP installation or configuration and can be used with other tools.

For more information: Extending MISP with Python modules slides from MISP training.

Installation

Installation instructions can be found in the installation documentation.

How to add your own MISP modules?

Developing a MISP module yourself is fairly easy. Start with a template or existing module and continue from there.
More information can be found in the contribute section of the documentation.

Documentation

In order to provide documentation about some modules that require specific input / output / configuration, the documentation contains detailed information about the general purpose, requirements, features, input and ouput of each of these modules:

  • *description - quick description of the general purpose of the module, as the one given by the moduleinfo
  • requirements - special libraries needed to make the module work
  • features - description of the way to use the module, with the required MISP features to make the module give the intended result
  • references - link(s) giving additional information about the format concerned in the module
  • input - description of the format of data used in input
  • output - description of the format given as the result of the module execution

Licenses

For further Information see the license file.

List of MISP modules

Expansion Modules

Export Modules

Import Modules

Action Modules

  • Mattermost - Simplistic module to send message to a Mattermost channel.
  • Slack - Simplistic module to send messages to a Slack channel.
  • Test action - This module is merely a test, always returning true. Triggers on event publishing.