MISP
/
misp-training
mirror of https://github.com/MISP/misp-training
2
0
Fork 0
Code Issues Releases Wiki Activity

Merge branch 'main' of github.com:MISP/misp-training

main
Christian Studer 2024-07-10 00:22:07 +02:00
parent 91dcefa17b 3e693bf418
commit 593e50383e
No known key found for this signature in database
GPG Key ID: 6BBED1B63A6D639F
12 changed files with 120 additions and 1058 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
0-intro-shorter/content.tex
View File

@ -24,7 +24,7 @@
\begin{frame} \begin{frame}
\frametitle{about CIRCL} \frametitle{about CIRCL}
The Computer Incident Response Center Luxembourg (CIRCL) is a government-driven initiative designed to provide a systematic response facility to computer security threats and incidents. CIRCL is the CERT for the private sector, communes and non-governmental entities in Luxembourg and is operated by securitymadein.lu g.i.e. The Computer Incident Response Center Luxembourg (CIRCL) is a government-driven initiative designed to provide a systematic response facility to computer security threats and incidents. CIRCL is the CERT for the private sector, communes and non-governmental entities in Luxembourg and is operated by LHC g.i.e.
\end{frame} \end{frame}
\begin{frame} \begin{frame}

118
3.1-misp-modules/content.tex
View File

@ -124,7 +124,7 @@
\begin{frame}[fragile] \begin{frame}[fragile]
\frametitle{Finding available MISP modules} \frametitle{Finding available MISP modules}
\begin{itemize} \begin{itemize}
\item curl -s http://127.0.0.1:6666/modules \item curl -s http://127.0.0.1:6666/modules | jq .
\end{itemize} \end{itemize}
\begin{adjustbox}{width=\textwidth,height=6cm,keepaspectratio} \begin{adjustbox}{width=\textwidth,height=6cm,keepaspectratio}
\begin{lstlisting}[language=json,firstnumber=1] \begin{lstlisting}[language=json,firstnumber=1]
@ -305,10 +305,12 @@
\begin{lstlisting}[language=python] \begin{lstlisting}[language=python]
import json import json
import dns.resolver import dns.resolver
misperrors = {'error' : 'Error'} misperrors = {'error': 'Error'}
mispattributes = {'input': ['hostname', 'domain'], 'output': ['ip-src', 'ip-dst']} mispattributes = {'input': ['hostname', 'domain', 'domain|ip'], 'output': ['ip-src','ip-dst']}
moduleinfo = {'version': '0.1', 'author': 'Alexandre Dulaunoy', moduleinfo = {'version': '0.3', 'author': 'Alexandre Dulaunoy','description': 'Simple DNS expansion service to resolve IP address from MISP attributes',
'description': 'Simple DNS expansion service to resolve IP address from MISP attributes', 'module-type': ['expansion','hover']} 'module-type': ['expansion', 'hover']}
moduleconfig = ['nameserver']
def handler(q=False): def handler(q=False):
if q is False: if q is False:
return False return False
@ -317,32 +319,38 @@
toquery = request['hostname'] toquery = request['hostname']
elif request.get('domain'): elif request.get('domain'):
toquery = request['domain'] toquery = request['domain']
elif request.get('domain|ip'):
toquery = request['domain|ip'].split('|')[0]
else: else:
return False return False
r = dns.resolver.Resolver() r = dns.resolver.Resolver()
r.timeout = 2 r.timeout = 2
r.lifetime = 2 r.lifetime = 2
r.nameservers = ['8.8.8.8']
if request.get('config'):
if request['config'].get('nameserver'):
nameservers = []
nameservers.append(request['config'].get('nameserver'))
r.nameservers = nameservers
else:
r.nameservers = ['8.8.8.8']
try: try:
answer = r.query(toquery, 'A') answer = r.resolve(toquery, 'A')
except dns.resolver.NXDOMAIN: except dns.resolver.NXDOMAIN:
misperrors['error'] = "NXDOMAIN" misperrors['error'] = "NXDOMAIN"
return misperrors return misperrors
except dns.exception.Timeout: except ...
misperrors['error'] = "Timeout"
return misperrors return {'results': [{'types': mispattributes['output'], 'values':[str(answer[0])]}]}
except:
misperrors['error'] = "DNS resolving error"
return misperrors
r = {'results': [{'types': mispattributes['output'], 'values':[str(answer[0])]}]}
return r
def introspection(): def introspection():
return mispattributes return mispattributes
def version(): def version():
moduleinfo['config'] = moduleconfig
return moduleinfo return moduleinfo
\end{lstlisting} \end{lstlisting}
\end{adjustbox} \end{adjustbox}
\end{frame} \end{frame}
@ -370,21 +378,28 @@
\end{frame} \end{frame}
\begin{frame}[fragile] \begin{frame}[fragile]
\frametitle{Code samples (Configuration)} \frametitle{Code samples (Configuration)}
\begin{adjustbox}{width=\textwidth,height=5cm,keepaspectratio} \begin{adjustbox}{width=\textwidth,height=5cm,keepaspectratio}
\begin{lstlisting}[language=python] \begin{lstlisting}[language=python]
# Configuration at the top # Configuration at the top
moduleconfig = ['username', 'password'] moduleconfig = ['username', 'password']
# Code block in the handler
if request.get('config'): # Code block in the handler
if (request['config'].get('username') is None) or (request['config'].get('password') is None): if not request.get('config'):
misperrors['error'] = 'CIRCL Passive SSL authentication is missing' return {'error': 'CIRCL Passive SSL authentication is missing.'}
return misperrors
if not request['config'].get('username') or not request['config'].get('password'):
return {'error': 'CIRCL Passive SSL authentication is incomplete, please provide your username and password.'}
authentication = (request['config']['username'], request['config']['password'])
if not request.get('attribute') or not check_input_attribute(request['attribute']):
return {'error': f'{standard_error_message}, which should contain at least a type, a value and an uuid.'}
attribute = request['attribute']
- -
x = pypssl.PyPSSL(basic_auth=(request['config']['username'], request['config']['password'])) pssl_parser = PassiveSSLParser(attribute, authentication)
\end{lstlisting} \end{lstlisting}
\end{adjustbox} \end{adjustbox}
\end{frame} \end{frame}
\begin{frame}[fragile] \begin{frame}[fragile]
@ -398,12 +413,12 @@
\item DNS resolver \item DNS resolver
\item DomainTools \item DomainTools
\item eupi (checking url in phishing database) \item eupi (checking url in phishing database)
\item IntelMQ (experimental)
\item ipasn \item ipasn
\item PassiveTotal - http://blog.passivetotal.org/misp-sharing-done-differently \item PassiveTotal - http://blog.passivetotal.org/misp-sharing-done-differently
\item sourcecache \item sourcecache
\item Virustotal \item Virustotal
\item Whois \item Whois
\item ...
\end{itemize} \end{itemize}
\end{frame} \end{frame}
@ -660,10 +675,53 @@
\end{frame} \end{frame}
\begin{frame}[fragile] \begin{frame}[fragile]
\frametitle{New expansion \& import modules view (MISP 2.4.110} \frametitle{New expansion \& import modules view (MISP 2.4.110)}
\includegraphics[scale=0.2]{new_format_view.png} \includegraphics[scale=0.2]{new_format_view.png}
\end{frame} \end{frame}
\begin{frame}[fragile]
\frametitle{New - Standalone Functionality}
\begin{itemize}
\item Flexibility, no need to install MISP
\item User friendly interface
\item Easiest way to test new modules
\end{itemize}
\end{frame}
\begin{frame}[fragile]
\frametitle{Web interface - Query}
\begin{itemize}
\item Add multiple entries
\item Choose different modules
\end{itemize}
\includegraphics[scale=0.23]{screenshots/misp_module_index.png}
\end{frame}
\begin{frame}[fragile]
\frametitle{Web interface - Results}
\begin{itemize}
\item Multiple tabs for visualization in different formats
\end{itemize}
\includegraphics[scale=0.23]{screenshots/misp_module_results.png}
\end{frame}
\begin{frame}[fragile]
\frametitle{Web interface - History}
\begin{itemize}
\item Save your researches and pivot from them
\end{itemize}
\includegraphics[scale=0.23]{screenshots/misp_module_history.png}
\end{frame}
\begin{frame}[fragile]
\begin{itemize}
\item Export results to other tools. (Still in dev)
\end{itemize}
\frametitle{Web interface - External tools (Dev)}
\includegraphics[scale=0.23]{screenshots/misp_module_external_tools.png}
\end{frame}
\begin{frame}[fragile] \begin{frame}[fragile]
\frametitle{Future of the modules system} \frametitle{Future of the modules system}
\begin{itemize} \begin{itemize}

BIN
3.1-misp-modules/screenshots/misp_module_external_tools.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 52 KiB

BIN
3.1-misp-modules/screenshots/misp_module_history.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 42 KiB

BIN
3.1-misp-modules/screenshots/misp_module_index.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 50 KiB

BIN
3.1-misp-modules/screenshots/misp_module_results.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 105 KiB

52
b.6-automation/content.tex
View File

@ -23,7 +23,7 @@
\begin{frame} \begin{frame}
\frametitle{Automation in MISP: What already exists?} \frametitle{Automation in MISP: What already exists?}
\includegraphics[valign=m,width=16px]{pictures/python-logo.png}\hspace*{0.5em} \textbf{MISP API / PyMISP} \includegraphics[valign=m,width=1em]{pictures/python-logo.png}\hspace*{0.5em} \textbf{MISP API / PyMISP}
\hspace*{0.25em} \hspace*{0.25em}
\begin{itemize} \begin{itemize}
\item Needs CRON Jobs in place \item Needs CRON Jobs in place
@ -31,7 +31,7 @@
\item Not realtime \item Not realtime
\end{itemize} \end{itemize}
\vspace*{1em} \vspace*{1em}
\includegraphics[valign=m,width=16px]{pictures/zeromq.png}\hspace*{0.5em} \textbf{PubSub channels} \includegraphics[valign=m,width=1em]{pictures/zeromq.png}\hspace*{0.5em} \textbf{PubSub channels}
\hspace*{0.25em} \hspace*{0.25em}
\begin{itemize} \begin{itemize}
\item After the actions happen: No feedback to MISP \item After the actions happen: No feedback to MISP
@ -97,7 +97,7 @@
\begin{frame} \begin{frame}
\frametitle{Automation in MISP: What already exists?} \frametitle{Automation in MISP: What already exists?}
\includegraphics[valign=m,width=16px]{pictures/python-logo.png}\hspace*{0.5em} \textbf{MISP API / PyMISP} \includegraphics[valign=m,width=1em]{pictures/python-logo.png}\hspace*{0.5em} \textbf{MISP API / PyMISP}
\hspace*{0.25em} \hspace*{0.25em}
\begin{itemize} \begin{itemize}
\item Needs CRON Jobs in place \item Needs CRON Jobs in place
@ -105,7 +105,7 @@
\item Not realtime \item Not realtime
\end{itemize} \end{itemize}
\vspace*{1em} \vspace*{1em}
\includegraphics[valign=m,width=16px]{pictures/zeromq.png}\hspace*{0.5em} \textbf{PubSub channels} \includegraphics[valign=m,width=1em]{pictures/zeromq.png}\hspace*{0.5em} \textbf{PubSub channels}
\hspace*{0.25em} \hspace*{0.25em}
\begin{itemize} \begin{itemize}
\item After the actions happen: No feedback to MISP \item After the actions happen: No feedback to MISP
@ -218,7 +218,7 @@
\begin{frame} \begin{frame}
\frametitle{What kind of events?} \frametitle{What kind of events?}
\includegraphics[width=60px]{pictures/sc-event.png} \includegraphics[width=5em]{pictures/sc-event.png}
\vspace*{0.5em} \vspace*{0.5em}
\begin{itemize} \begin{itemize}
\item New MISP Event \item New MISP Event
@ -235,7 +235,7 @@
\begin{frame} \begin{frame}
\frametitle{Triggers currently available} \frametitle{Triggers currently available}
Currently 10 triggers can be hooked. 3 being \includegraphics[width=36px]{pictures/blocking-workflow.png}. Currently 10 triggers can be hooked. 3 being \includegraphics[width=3em]{pictures/blocking-workflow.png}.
\begin{center} \begin{center}
\includegraphics[width=1.0\linewidth]{pictures/triggers.png} \includegraphics[width=1.0\linewidth]{pictures/triggers.png}
\end{center} \end{center}
@ -244,7 +244,7 @@
\begin{frame} \begin{frame}
\frametitle{What kind of conditions?} \frametitle{What kind of conditions?}
\vspace*{0.25em} \vspace*{0.25em}
\includegraphics[width=70px]{pictures/sc-condition.png} \includegraphics[width=6em]{pictures/sc-condition.png}
\vspace*{0.25em} \vspace*{0.25em}
\begin{itemize} \begin{itemize}
\item A MISP Event is tagged with \texttt{tlp:red} \item A MISP Event is tagged with \texttt{tlp:red}
@ -263,7 +263,7 @@
\begin{frame} \begin{frame}
\frametitle{Workflow - Logic modules} \frametitle{Workflow - Logic modules}
\begin{itemize} \begin{itemize}
\item \includegraphics[width=12px]{pictures/sc-condition-icon.png} \textbf{logic} modules: Allow to redirect the execution flow. \item \includegraphics[width=1em]{pictures/sc-condition-icon.png} \textbf{logic} modules: Allow to redirect the execution flow.
\begin{itemize} \begin{itemize}
\item IF conditions \item IF conditions
\item Delay execution \item Delay execution
@ -277,7 +277,7 @@
\begin{frame} \begin{frame}
\frametitle{What kind of actions?} \frametitle{What kind of actions?}
\vspace*{0.25em} \vspace*{0.25em}
\includegraphics[width=60px]{pictures/sc-action.png} \includegraphics[width=5em]{pictures/sc-action.png}
\vspace*{0.25em} \vspace*{0.25em}
\begin{itemize} \begin{itemize}
\item Send an email notification \item Send an email notification
@ -297,7 +297,7 @@
\begin{frame} \begin{frame}
\frametitle{Workflow - Action modules} \frametitle{Workflow - Action modules}
\begin{itemize} \begin{itemize}
\item \includegraphics[width=12px]{pictures/sc-action-icon.png} \textbf{action} modules: Allow to executes operations \item \includegraphics[width=1em]{pictures/sc-action-icon.png} \textbf{action} modules: Allow to executes operations
\begin{itemize} \begin{itemize}
\item Tag operations \item Tag operations
\item Send notifications \item Send notifications
@ -326,15 +326,15 @@
\frametitle{Workflow execution for Event publish} \frametitle{Workflow execution for Event publish}
\begin{itemize} \begin{itemize}
\setlength\itemsep{1em} \setlength\itemsep{1em}
\item[] \hspace*{-2em}\includegraphics[width=16px]{pictures/sc-event-icon.png} \hspace*{0.25em} An Event is about to be published \item[] \hspace*{-2em}\includegraphics[width=1em]{pictures/sc-event-icon.png} \hspace*{0.25em} An Event is about to be published
\begin{itemize} \begin{itemize}
\item The workflow for the \texttt{event-publish} trigger starts \item The workflow for the \texttt{event-publish} trigger starts
\end{itemize} \end{itemize}
\item[] \hspace*{-2em}\includegraphics[width=16px]{pictures/sc-condition-icon.png} \hspace*{0.25em} Conditions are evaluated \item[] \hspace*{-2em}\includegraphics[width=1em]{pictures/sc-condition-icon.png} \hspace*{0.25em} Conditions are evaluated
\begin{itemize} \begin{itemize}
\item They might change the path taken during the execution \item They might change the path taken during the execution
\end{itemize} \end{itemize}
\item[] \hspace*{-2em}\includegraphics[width=16px]{pictures/sc-action-icon.png} \hspace*{0.25em} Actions are executed \item[] \hspace*{-2em}\includegraphics[width=1em]{pictures/sc-action-icon.png} \hspace*{0.25em} Actions are executed
\begin{itemize} \begin{itemize}
\setlength\itemsep{0.75em} \setlength\itemsep{0.75em}
\item {\bf\color{green!50!black}success}: Continue the publishing action \item {\bf\color{green!50!black}success}: Continue the publishing action
@ -350,13 +350,13 @@
Two types of workflows: Two types of workflows:
\vspace{0.5em} \vspace{0.5em}
\begin{itemize} \begin{itemize}
\item[] \hspace*{-2em}\includegraphics[valign=m,width=48px]{pictures/blocking-workflow.png} Workflows \item[] \hspace*{-2em}\includegraphics[valign=m,width=4em]{pictures/blocking-workflow.png} Workflows
\begin{itemize} \begin{itemize}
\item Can prevent / block the original event to happen \item Can prevent / block the original event to happen
\item If a \textbf{blocking module}\includegraphics[valign=b,width=12px]{pictures/blocking-module.png} blocks the action \item If a \textbf{blocking module}\includegraphics[valign=b,width=1em]{pictures/blocking-module.png} blocks the action
\end{itemize} \end{itemize}
\vspace{0.5em} \vspace{0.5em}
\item[] \hspace*{-2em}\includegraphics[valign=b,width=56px]{pictures/non-blocking-workflow.png} Workflows execution outcome has no impact \item[] \hspace*{-2em}\includegraphics[valign=b,width=5em]{pictures/non-blocking-workflow.png} Workflows execution outcome has no impact
\begin{itemize} \begin{itemize}
\item No way to prevent something that happened in the past \item No way to prevent something that happened in the past
\end{itemize} \end{itemize}
@ -523,7 +523,7 @@ jq '.[] | select(.meta."module-type"[] | contains("action")) |
\vspace*{3em} \vspace*{3em}
{\LARGE Let's see how to build a workflow!} {\LARGE Let's see how to build a workflow!}
\begin{center} \begin{center}
\includegraphics[width=24px]{pictures/build-icon.png} \includegraphics[width=2em]{pictures/build-icon.png}
\end{center} \end{center}
\end{frame} \end{frame}
@ -545,7 +545,7 @@ jq '.[] | select(.meta."module-type"[] | contains("action")) |
} }
\textbf{Objective:} Overview of some common pitfalls \textbf{Objective:} Overview of some common pitfalls
\begin{center} \begin{center}
\includegraphics[width=24px]{pictures/radar.png} \includegraphics[width=2em]{pictures/radar.png}
\end{center} \end{center}
\end{frame} \end{frame}
@ -591,8 +591,8 @@ jq '.[] | select(.meta."module-type"[] | contains("action")) |
\frametitle{Working with the editor} \frametitle{Working with the editor}
Cases showing a warning: Cases showing a warning:
\begin{itemize} \begin{itemize}
\item \textbf{Blocking} modules \includegraphics[width=10px]{pictures/blocking-module.png} in a \includegraphics[valign=b,width=56px]{pictures/non-blocking-workflow.png} workflow \includegraphics[width=0.12\linewidth]{pictures/time-machine.png} \item \textbf{Blocking} modules \includegraphics[width=1em]{pictures/blocking-module.png} in a \includegraphics[valign=b,width=4em]{pictures/non-blocking-workflow.png} workflow \includegraphics[width=0.12\linewidth]{pictures/time-machine.png}
\item \textbf{Blocking} modules \includegraphics[width=10px]{pictures/blocking-module.png} after a \textbf{concurrent tasks} module \item \textbf{Blocking} modules \includegraphics[width=1em]{pictures/blocking-module.png} after a \textbf{concurrent tasks} module
\begin{center} \begin{center}
\frame{\includegraphics[width=1.0\linewidth]{pictures/editor-warning-1.png}} \frame{\includegraphics[width=1.0\linewidth]{pictures/editor-warning-1.png}}
\end{center} \end{center}
@ -611,7 +611,7 @@ jq '.[] | select(.meta."module-type"[] | contains("action")) |
\begin{frame} \begin{frame}
\frametitle{Workflow blueprints} \frametitle{Workflow blueprints}
\hspace*{0.9\textwidth}\includegraphics[width=32px]{pictures/blueprint-32.png} \hspace*{0.9\textwidth}\includegraphics[width=3em]{pictures/blueprint-32.png}
\vspace*{-2em} \vspace*{-2em}
\begin{enumerate} \begin{enumerate}
\item Blueprints allow to \textbf{re-use parts} of a workflow in another one \item Blueprints allow to \textbf{re-use parts} of a workflow in another one
@ -644,7 +644,7 @@ jq '.[] | select(.meta."module-type"[] | contains("action")) |
\begin{itemize} \begin{itemize}
\item Logic module allowing \textbf{multiple output} connections \item Logic module allowing \textbf{multiple output} connections
\item \textbf{Postpone the execution} for remaining modules \item \textbf{Postpone the execution} for remaining modules
\item Convert \includegraphics[valign=b,width=44px]{pictures/blocking-workflow.png} \faIcon{long-arrow-alt-right} \includegraphics[valign=b,width=56px]{pictures/non-blocking-workflow.png} \item Convert \includegraphics[valign=b,width=4em]{pictures/blocking-workflow.png} \faIcon{long-arrow-alt-right} \includegraphics[valign=b,width=5em]{pictures/non-blocking-workflow.png}
\end{itemize} \end{itemize}
\begin{center} \begin{center}
\frame{\includegraphics[width=0.5\linewidth]{pictures/module-concurrent.png}} \frame{\includegraphics[width=0.5\linewidth]{pictures/module-concurrent.png}}
@ -1004,7 +1004,7 @@ jq '.[] | select(.meta."module-type"[] | contains("action")) |
\begin{frame} \begin{frame}
\frametitle{Debugging Workflows: Debug mode} \frametitle{Debugging Workflows: Debug mode}
\begin{itemize} \begin{itemize}
\item The \includegraphics[width=70px]{pictures/debug-mode.png} can be turned on for each workflows \item The \includegraphics[width=6em]{pictures/debug-mode.png} can be turned on for each workflows
\item Each nodes will send data to the provided URL \item Each nodes will send data to the provided URL
\begin{itemize} \begin{itemize}
\item Configure the setting: \texttt{Plugin.Workflow\_debug\_url} \item Configure the setting: \texttt{Plugin.Workflow\_debug\_url}
@ -1151,9 +1151,9 @@ jq '.[] | select(.meta."module-type"[] | contains("action")) |
\begin{columns} \begin{columns}
\begin{column}{0.55\textwidth} \begin{column}{0.55\textwidth}
\begin{itemize} \begin{itemize}
\item More \includegraphics[width=12px]{pictures/sc-action-icon.png} modules \item More \includegraphics[width=1em]{pictures/sc-action-icon.png} modules
\item More \includegraphics[width=12px]{pictures/sc-condition-icon.png} modules \item More \includegraphics[width=1em]{pictures/sc-condition-icon.png} modules
\item More \includegraphics[width=12px]{pictures/sc-event-icon.png} triggers \item More \includegraphics[width=1em]{pictures/sc-event-icon.png} triggers
\item More documentation \item More documentation
\item Recursion prevention system \item Recursion prevention system
\item On-the-fly data override? \item On-the-fly data override?

3
b.6-automation/slide.tex
View File

@ -4,6 +4,7 @@
\definecolor{textcolor}{RGB}{128, 128, 128} \definecolor{textcolor}{RGB}{128, 128, 128}
\definecolor{background}{RGB}{240, 247, 255} \definecolor{background}{RGB}{240, 247, 255}
% \usepackage{pgfpages} % \usepackage{pgfpages}
% \setbeameroption{show notes on second screen=right} % \setbeameroption{show notes on second screen=right}
\usepackage[draft]{pdfcomment} \usepackage[draft]{pdfcomment}
@ -15,7 +16,7 @@
\usepackage{listings} \usepackage{listings}
\usepackage{fontawesome5} \usepackage{fontawesome5}
\usepackage[export]{adjustbox} \usepackage[export]{adjustbox}
\usepackage{fourier} \usepackage{fourier-otf}
\usetikzlibrary{positioning} \usetikzlibrary{positioning}
\usetikzlibrary{shapes,arrows} \usetikzlibrary{shapes,arrows}

BIN
complementary/other-slides/MISP 10 Commandments - Recommendations and Best Practices when encoding data.pdf → complementary/other-slides/MISP 10 Pillars.pdf
View File

Binary file not shown.

999
exercises/ransomware-exercice/2856.json
View File

File diff suppressed because one or more lines are too long

2
includes/agenda.txt
View File

@ -1,3 +1,3 @@
\begin{itemize} \begin{itemize}
\item Agenda and details available \url{https://hdoc.csirt-tooling.org/tq-qyvTQTLeZ0wy-OPXjiw?view} \item Agenda and details available \url{https://tinyurl.com/CRI-MISP}
\end{itemize} \end{itemize}

2
includes/location.txt
View File

@ -1 +1 @@
CTIS 2022 CRI MISP 2024