diff --git a/_pages/tools.md b/_pages/tools.md old mode 100755 new mode 100644 index 4359e78..c0aec60 --- a/_pages/tools.md +++ b/_pages/tools.md @@ -19,51 +19,51 @@ is also to explore new ideas, concepts or functionality which can be integrated #### Expansion modules -* [ASN History](https://github.com/MISP/misp-modules/modules/expansion/asn_history.py) - a hover and expansion module to expand an AS number with the ASN description and its history. -* [CIRCL Passive DNS](https://github.com/MISP/misp-modules/modules/expansion/circl_passivedns.py) - a hover and expansion module to expand hostname and IP addresses with passive DNS information. -* [CIRCL Passive SSL](https://github.com/MISP/misp_modules/modules/expansion/circl_passivessl.py) - a hover and expansion module to expand IP addresses with the X.509 certificate seen. -* [countrycode](https://github.com/MISP/misp_modules/modules/expansion/countrycode.py) - a hover module to tell you what country a URL belongs to. -* [CrowdStrike Falcon](https://github.com/MISP/misp_modules/modules/expansion/crowdstrike_falcon.py) - an expansion module to expand using CrowdStrike Falcon Intel Indicator API. -* [CVE](https://github.com/MISP/misp_modules/modules/expansion/cve.py) - a hover module to give more information about a vulnerability (CVE). -* [DNS](https://github.com/MISP/misp_modules/modules/expansion/dns.py) - a simple module to resolve MISP attributes like hostname and domain to expand IP addresses attributes. -* [DomainTools](https://github.com/MISP/misp_modules/modules/expansion/domaintools.py) - a hover and expansion module to get information from [DomainTools](http://www.domaintools.com/) whois. -* [EUPI](https://github.com/MISP/misp_modules/modules/expansion/eupi.py) - a hover and expansion module to get information about an URL from the [Phishing Initiative project](https://phishing-initiative.eu/?lang=en). -* [Farsight DNSDB Passive DNS](https://github.com/MISP/misp_modules/modules/expansion/farsight_passivedns.py) - a hover and expansion module to expand hostname and IP addresses with passive DNS information. -* [GeoIP](https://github.com/MISP/misp_modules/modules/expansion/geoip_country.py) - a hover and expansion module to get GeoIP information from geolite/maxmind. -* [IPASN](https://github.com/MISP/misp_modules/modules/expansion/ipasn.py) - a hover and expansion to get the BGP ASN of an IP address. -* [iprep](https://github.com/MISP/misp-modules/modules/expansion/iprep.py) - an expansion module to get IP reputation from packetmail.net. -* [OTX](https://github.com/MISP/misp_modules/modules/expansion/otx.py) - an expansion module for [OTX](https://otx.alienvault.com/). -* [passivetotal](https://github.com/MISP/misp_modules/modules/expansion/passivetotal.py) - a [passivetotal](https://www.passivetotal.org/) module that queries a number of different PassiveTotal datasets. -* [rbl](https://github.com/MISP/misp_modules/modules/expansion/rbl.py) - a module to get RBL (Real-Time Blackhost List) values from an attribute. -* [shodan](https://github.com/MISP/misp_modules/modules/expansion/shodan.py) - a minimal [shodan](https://www.shodan.io/) expansion module. -* [sourcecache](https://github.com/MISP/misp_modules/modules/expansion/sourcecache.py) - a module to cache a specific link from a MISP instance. -* [ThreatCrowd](https://github.com/MISP/misp_modules/modules/expansion/threatcrowd.py) - an expansion module for [ThreatCrowd](https://www.threatcrowd.org/). -* [threatminer](https://github.com/MISP/misp_modules/modules/expansion/threatminer.py) - an expansion module to expand from [ThreatMiner](https://www.threatminer.org/). -* [virustotal](https://github.com/MISP/misp_modules/modules/expansion/virustotal.py) - an expansion module to pull known resolutions and malware samples related with an IP/Domain from virusTotal (this modules require a VirusTotal private API key) -* [wikidata](https://github.com/MISP/misp_modules/modules/expansion/wiki.py) - a [wikidata](https://www.wikidata.org) expansion module. -* [xforce](https://github.com/MISP/misp_modules/modules/expansion/xforceexchange.py) - an IBM X-Force Exchange expansion module. -* [YARA syntax validator](https://github.com/MISP/misp_modules/modules/expansion/yara_syntax_validator.py) - YARA syntax validator. +* [ASN History](https://github.com/MISP/misp-modules/blob/master/misp_modules/modules/expansion/asn_history.py) - a hover and expansion module to expand an AS number with the ASN description and its history. +* [CIRCL Passive DNS](https://github.com/MISP/misp-modules/blob/master/misp_modules/modules/expansion/circl_passivedns.py) - a hover and expansion module to expand hostname and IP addresses with passive DNS information. +* [CIRCL Passive SSL](https://github.com/MISP/misp-modules/blob/master/misp_modules/modules/expansion/circl_passivessl.py) - a hover and expansion module to expand IP addresses with the X.509 certificate seen. +* [countrycode](https://github.com/MISP/misp-modules/blob/master/misp_modules/modules/expansion/countrycode.py) - a hover module to tell you what country a URL belongs to. +* [CrowdStrike Falcon](https://github.com/MISP/misp-modules/blob/master/misp_modules/modules/expansion/crowdstrike_falcon.py) - an expansion module to expand using CrowdStrike Falcon Intel Indicator API. +* [CVE](https://github.com/MISP/misp-modules/blob/master/misp_modules/modules/expansion/cve.py) - a hover module to give more information about a vulnerability (CVE). +* [DNS](https://github.com/MISP/misp-modules/blob/master/misp_modules/modules/expansion/dns.py) - a simple module to resolve MISP attributes like hostname and domain to expand IP addresses attributes. +* [DomainTools](https://github.com/MISP/misp-modules/blob/master/misp_modules/modules/expansion/domaintools.py) - a hover and expansion module to get information from [DomainTools](http://www.domaintools.com/) whois. +* [EUPI](https://github.com/MISP/misp-modules/blob/master/misp_modules/modules/expansion/eupi.py) - a hover and expansion module to get information about an URL from the [Phishing Initiative project](https://phishing-initiative.eu/?lang=en). +* [Farsight DNSDB Passive DNS](https://github.com/MISP/misp-modules/blob/master/misp_modules/modules/expansion/farsight_passivedns.py) - a hover and expansion module to expand hostname and IP addresses with passive DNS information. +* [GeoIP](https://github.com/MISP/misp-modules/blob/master/misp_modules/modules/expansion/geoip_country.py) - a hover and expansion module to get GeoIP information from geolite/maxmind. +* [IPASN](https://github.com/MISP/misp-modules/blob/master/misp_modules/modules/expansion/ipasn.py) - a hover and expansion to get the BGP ASN of an IP address. +* [iprep](https://github.com/MISP/misp-modules/blob/master/misp_modules/modules/expansion/iprep.py) - an expansion module to get IP reputation from packetmail.net. +* [OTX](https://github.com/MISP/misp-modules/blob/master/misp_modules/modules/expansion/otx.py) - an expansion module for [OTX](https://otx.alienvault.com/). +* [passivetotal](https://github.com/MISP/misp-modules/blob/master/misp_modules/modules/expansion/passivetotal.py) - a [passivetotal](https://www.passivetotal.org/) module that queries a number of different PassiveTotal datasets. +* [rbl](https://github.com/MISP/misp-modules/blob/master/misp_modules/modules/expansion/rbl.py) - a module to get RBL (Real-Time Blackhost List) values from an attribute. +* [shodan](https://github.com/MISP/misp-modules/blob/master/misp_modules/modules/expansion/shodan.py) - a minimal [shodan](https://www.shodan.io/) expansion module. +* [sourcecache](https://github.com/MISP/misp-modules/blob/master/misp_modules/modules/expansion/sourcecache.py) - a module to cache a specific link from a MISP instance. +* [ThreatCrowd](https://github.com/MISP/misp-modules/blob/master/misp_modules/modules/expansion/threatcrowd.py) - an expansion module for [ThreatCrowd](https://www.threatcrowd.org/). +* [threatminer](https://github.com/MISP/misp-modules/blob/master/misp_modules/modules/expansion/threatminer.py) - an expansion module to expand from [ThreatMiner](https://www.threatminer.org/). +* [virustotal](https://github.com/MISP/misp-modules/blob/master/misp_modules/modules/expansion/virustotal.py) - an expansion module to pull known resolutions and malware samples related with an IP/Domain from virusTotal (this modules require a VirusTotal private API key) +* [wikidata](https://github.com/MISP/misp-modules/blob/master/misp_modules/modules/expansion/wiki.py) - a [wikidata](https://www.wikidata.org) expansion module. +* [xforce](https://github.com/MISP/misp-modules/blob/master/misp_modules/modules/expansion/xforceexchange.py) - an IBM X-Force Exchange expansion module. +* [YARA syntax validator](https://github.com/MISP/misp-modules/blob/master/misp_modules/modules/expansion/yara_syntax_validator.py) - YARA syntax validator. #### Export modules -* [CEF](https://github.com/MISP/misp_modules/modules/export_mod/cef_export.py) module to export Common Event Format (CEF). -* [GoAML export](https://github.com/MISP/misp_modules/modules/export_mod/goamlexport.py) module to export in GoAML format. -* [Lite Export](https://github.com/MISP/misp_modules/modules/export_mod/liteexport.py) module to export a lite event. -* [Simple PDF export](https://github.com/MISP/misp_modules/modules/export_mod/pdfexport.py) module to export in PDF (required: asciidoctor-pdf). -* [ThreatConnect](https://github.com/MISP/misp_modules/modules/export_mod/threat_connect_export.py) module to export in ThreatConnect CSV format. -* [ThreatStream](https://github.com/MISP/misp_modules/modules/export_mod/threatStream_misp_export.py) module to export in ThreatStream format. +* [CEF](https://github.com/MISP/misp-modules/blob/master/misp_modules/modules/export_mod/cef_export.py) module to export Common Event Format (CEF). +* [GoAML export](https://github.com/MISP/misp-modules/blob/master/misp_modules/modules/export_mod/goamlexport.py) module to export in GoAML format. +* [Lite Export](https://github.com/MISP/misp-modules/blob/master/misp_modules/modules/export_mod/liteexport.py) module to export a lite event. +* [Simple PDF export](https://github.com/MISP/misp-modules/blob/master/misp_modules/modules/export_mod/pdfexport.py) module to export in PDF (required: asciidoctor-pdf). +* [ThreatConnect](https://github.com/MISP/misp-modules/blob/master/misp_modules/modules/export_mod/threat_connect_export.py) module to export in ThreatConnect CSV format. +* [ThreatStream](https://github.com/MISP/misp-modules/blob/master/misp_modules/modules/export_mod/threatStream_misp_export.py) module to export in ThreatStream format. #### Import modules -* [CSV import](https://github.com/MISP/misp_modules/modules/import_mod/csvimport.py) Customizable CSV import module. -* [Cuckoo JSON](https://github.com/MISP/misp_modules/modules/import_mod/cuckooimport.py) Cuckoo JSON import. -* [Email Import](https://github.com/MISP/misp_modules/modules/import_mod/email_import.py) Email import module for MISP to import basic metadata. +* [CSV import](https://github.com/MISP/misp-modules/blob/master/misp_modules/modules/import_mod/csvimport.py) Customizable CSV import module. +* [Cuckoo JSON](https://github.com/MISP/misp-modules/blob/master/misp_modules/modules/import_mod/cuckooimport.py) Cuckoo JSON import. +* [Email Import](https://github.com/MISP/misp-modules/blob/master/misp_modules/modules/import_mod/email_import.py) Email import module for MISP to import basic metadata. * [GoAML Import](https://github.com/MISP/misp-modules/blob/master/misp_modules/modules/import_mod/goamlimport.py) GoAML format import. -* [OCR](https://github.com/MISP/misp_modules/modules/import_mod/ocr.py) Optical Character Recognition (OCR) module for MISP to import attributes from images, scan or faxes. -* [OpenIOC](https://github.com/MISP/misp_modules/modules/import_mod/openiocimport.py) OpenIOC import based on PyMISP library. -* [stiximport](https://github.com/MISP/misp_modules/modules/import_mod/stiximport.py) - An import module to process STIX xml/json. -* [ThreatAnalyzer](https://github.com/MISP/misp_modules/modules/import_mod/threatanalyzer_import.py) - An import module to process ThreatAnalyzer archive.zip/analysis.json sandbox exports. -* [VMRay](https://github.com/MISP/misp_modules/modules/import_mod/vmray_import.py) - An import module to process VMRay export. +* [OCR](https://github.com/MISP/misp-modules/blob/master/misp_modules/modules/import_mod/ocr.py) Optical Character Recognition (OCR) module for MISP to import attributes from images, scan or faxes. +* [OpenIOC](https://github.com/MISP/misp-modules/blob/master/misp_modules/modules/import_mod/openiocimport.py) OpenIOC import based on PyMISP library. +* [stiximport](https://github.com/MISP/misp-modules/blob/master/misp_modules/modules/import_mod/stiximport.py) - An import module to process STIX xml/json. +* [ThreatAnalyzer](https://github.com/MISP/misp-modules/blob/master/misp_modules/modules/import_mod/threatanalyzer_import.py) - An import module to process ThreatAnalyzer archive.zip/analysis.json sandbox exports. +* [VMRay](https://github.com/MISP/misp-modules/blob/master/misp_modules/modules/import_mod/vmray_import.py) - An import module to process VMRay export. * [misp-workbench](https://github.com/MISP/misp-workbench) - Tools to export data out of the MISP MySQL database and use and abuse them outside of this platform. * [MISpego](https://github.com/MISP/MISPego) - Maltego Transform to put entities into MISP events.