MISP
/
misp-warninglists
mirror of https://github.com/MISP/misp-warninglists
2
0
Fork 0
Code Issues Releases Wiki Activity

Changed matching algorithm to string 

Example for a dangerous entry: dropbox.com with the hostname algorithm and url as a valid attribute type means that https://dropbox.com/malicious/files.exe would get excluded from the automation systems when using the warninglist.

I've changed the algorithm to full string matches.
pull/163/head
Andras Iklody 2020-09-16 00:27:03 +02:00 committed by GitHub
parent fa7cbb52f7
commit 7c1de70ce0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
tools/generate_moz-top500.py
View File

@ -13,7 +13,7 @@ def process(files, dst):
'description': "Event contains one or more entries from the top 500 of the most used domains (Mozilla).", 'description': "Event contains one or more entries from the top 500 of the most used domains (Mozilla).",
'version': get_version(), 'version': get_version(),
'name': "Top 500 domains and pages from https://moz.com/top500", 'name': "Top 500 domains and pages from https://moz.com/top500",
'type': 'hostname', 'type': 'string',
'list': [], 'list': [],
'matching_attributes': ['hostname', 'domain', 'uri', 'url'] 'matching_attributes': ['hostname', 'domain', 'uri', 'url']
} }