Safety vulnerability ID: 72797
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Misp-modules 2.4.106 updates its dependency 'urllib3' to include a security fix.
Latest version: 2.4.199
MISP modules are autonomous modules that can be used for expansion and other services in MISP
New
* Devel mode. [Raphaël Vinot]
Fix 293
* Modules for greynoise, haveibeenpwned and macvendors. [Raphaël Vinot]
* Add missing dependency (backscatter) [Raphaël Vinot]
* Add systemd launcher. [Raphaël Vinot]
* Intel471 module. [Raphaël Vinot]
* [btc] Very simple BTC expansion chg: [req] yara-python is preferred. [Steve Clement]
* First version of a yara rule creation expansion module. [chrisr3d]
* Documentation concerning modules explained in markdown file. [chrisr3d]
* Expansion hover module to check spamhaus DBL for a domain name. [chrisr3d]
Changes
* [doc] install of deps updated. [Alexandre Dulaunoy]
* Bump REQUIREMENTS. [Raphaël Vinot]
* Bump dependencies. [Raphaël Vinot]
* [doc] new MISP expansion modules added for PDF, OCR, DOCX, XLSX, PPTX , ODS and ODT. [Alexandre Dulaunoy]
* [init] cleanup for pep. [Alexandre Dulaunoy]
* [pdf-enrich] updated. [Alexandre Dulaunoy]
* [Pipfile] collection removed. [Alexandre Dulaunoy]
* Bump dependencies. [Raphaël Vinot]
* [doc] Added new dependencies and updated RHEL/CentOS howto. (295) [Steve Clement]
chg: [doc] Added new dependencies and updated RHEL/CentOS howto.
* [doc] Added new dependencies and updated RHEL/CentOS howto. [Steve Clement]
* [init] removed trailing whitespace. [Alexandre Dulaunoy]
* [ocr] re module not used - removed. [Alexandre Dulaunoy]
* Bump dependencies, update REQUIREMENTS file. [Raphaël Vinot]
* [doc] cuckoo_submit module added. [Alexandre Dulaunoy]
* Require python3 instead of python 3.6. [Raphaël Vinot]
* [travis] because we all need sudo. [Alexandre Dulaunoy]
* [travis] because everyone need a bar. [Alexandre Dulaunoy]
* [doc] qrcode and Cisco FireSight added. [Alexandre Dulaunoy]
* [qrcode] add requirements. [Alexandre Dulaunoy]
* [qrcode] added to the __init__ [Alexandre Dulaunoy]
* [qrcode] flake8 needs some drugs. [Alexandre Dulaunoy]
* [qrcode] various fixes to make it PEP compliant. [Alexandre Dulaunoy]
* Bump dependencies. [Raphaël Vinot]
Fix CVE-2019-11324 (urllib3)
* Bump Dependencies. [Raphaël Vinot]
* [doc] Updated README to reflect current virtualenv efforts. TODO: pipenv. [Steve Clement]
* [doc] new modules added. [Alexandre Dulaunoy]
* Bump dependencies. [Raphaël Vinot]
* Bump dependencies. [Raphaël Vinot]
* Bump Requirements. [Raphaël Vinot]
* [doc] asciidoctor requirement removed (new PDF module use reportlab) [Alexandre Dulaunoy]
* Bump dependencies, add update script. [Raphaël Vinot]
* [doc] PDF export. [Alexandre Dulaunoy]
* [pdfexport] make flake8 happy. [Alexandre Dulaunoy]
* [pipenv] fix the temporary issue that python-yara is not officially released. [Alexandre Dulaunoy]
* [requirements] reportlab added. [Alexandre Dulaunoy]
* [pipenv] Pipfile.lock updated. [Alexandre Dulaunoy]
* [requirements] updated. [Alexandre Dulaunoy]
* [PyMISP] dep updated to the latest version. [Alexandre Dulaunoy]
* PyMISP requirement. [Alexandre Dulaunoy]
* [pypi] Made sure url-normalize installs less stric. [Steve Clement]
* [btc_scam_check] fix spacing for making flake 8 happy. [Alexandre Dulaunoy]
* [backscatter.io] blind fix regarding undefined value. [Alexandre Dulaunoy]
* [doc] backscatter.io updated. [Alexandre Dulaunoy]
* [doc] backscatter.io documentation added. [Alexandre Dulaunoy]
* [backscatter.io] remove blank line at the end of the file. [Alexandre Dulaunoy]
* [backscatter.io] Exception handler fixed for recent version of Python. [Alexandre Dulaunoy]
* Bump dependencies. [Raphaël Vinot]
* Use pipenv, update bgpranking/ipasn modules. [Raphaël Vinot]
* [doc] Nexthink module added. [Alexandre Dulaunoy]
* [doc] osquery export module added. [Alexandre Dulaunoy]
* [doc] Nexthink export format added. [Alexandre Dulaunoy]
* [doc] cannot type today. [Alexandre Dulaunoy]
* [intel471] module added. [Alexandre Dulaunoy]
* Regenerated documentation markdown file. [chrisr3d]
* [onyphe] fix 252. [Alexandre Dulaunoy]
* [btc] Removed simple PoC for btc expansion. [Steve Clement]
* [doc] btc module added. [Alexandre Dulaunoy]
* [doc] generated documentation updated. [Alexandre Dulaunoy]
* [doc] btc module added to documentation. [Alexandre Dulaunoy]
* [tools] Added psutil as a dependency to detect misp-modules PID. [Steve Clement]
* [init] Added try/catch in case misp-modules is already running on a port, or port is in use... [Steve Clement]
* Validating yara rules after their creation. [chrisr3d]
* [documentation] osquery logo added. [Alexandre Dulaunoy]
* [documentation] generated. [Alexandre Dulaunoy]
* [docs] Added some missing dependencies and instructions for virtualenv deployment. [Steve Clement]
* [doc] documentation generator updated to include links to source code. [Alexandre Dulaunoy]
* Changed documentation markdown file name. [chrisr3d]
* Structurded data. [chrisr3d]
* Modified the mapping dictionary to support misp-objects updates. [chrisr3d]
* Modified output format. [chrisr3d]
* Add new dependency (oauth2) [Raphaël Vinot]
* Dnspython3 has been superseded by the regular dnspython kit. [Raphaël Vinot]
* Wikidata module added. [Alexandre Dulaunoy]
* SPARQLWrapper added (for wikidata module) [Alexandre Dulaunoy]
Fix
* Re-enable python 3.6 support. [Raphaël Vinot]
* CTRL+C is working again. [Raphaël Vinot]
Fix 292
* Make flake8 happy. [Raphaël Vinot]
* [doc] Small typo fix. [Steve Clement]
* Pep8 foobar. [Raphaël Vinot]
* Add the new module sin the list of modules availables. [Raphaël Vinot]
* Typos in variable names. [Raphaël Vinot]
* Remove unused import. [Raphaël Vinot]
* Tornado expects a KILL now. [Raphaël Vinot]
* [exportpdf] update documentation. [Falconieri]
* [exportpdf] custom path parameter. [Falconieri]
* [exportpdf] add parameters. [Falconieri]
* [exportpdf] mising whitespace. [Falconieri]
* [exportpdf] problem on one line. [Falconieri]
* [exportpdf] add configmodule parameter for galaxy. [Falconieri]
* [reportlab] Textual description parameter. [Falconieri]
* [pdfexport] Bugfix on PyMisp exportpdf call. [Falconieri]
* Systemd service. [Raphaël Vinot]
* Regenerated documentation. [chrisr3d]
* Description fixed. [chrisr3d]
* Pep8 related fixes. [Raphaël Vinot]
* Make flake8 happy. [Raphaël Vinot]
* Change in the imports in other sigma module. [Raphaël Vinot]
* Change in the imports. [Raphaël Vinot]
* Change module name. [Raphaël Vinot]
* Allow redis details to be retrieved from environment variables. [Ruiwen Chua]
* Remove tests on python 3.5. [Raphaël Vinot]
* Make pep8 happy. [Raphaël Vinot]
* Removed not valid input type. [chrisr3d]
* Cleaned up not used variables. [chrisr3d]
* Updated rbl module result format. [chrisr3d]
- More readable as str than dumped json
* Added Macaddress.io module in the init list. [chrisr3d]
* Typo on input type. [chrisr3d]
* Fixed type of the result in case of exception. [chrisr3d]
- Set as str since some exception types are not
jsonable
* Added hostname attribute support as it is intended. [chrisr3d]
* Threatanalyzer_import - bugfix for TA6.1 behavior. [Christophe Vandeplas]
* Displaying documentation items of each module by alphabetic order. [chrisr3d]
- Also regenerated updated documentation markdown
* Updated yara import error message. [chrisr3d]
- Better to 'pip install -I -r REQUIREMENTS' to
have the correct yara-python version working
for all the modules, than having another one
failing with yara hash & pe modules
* Specifying a yara-python version that works for hash & pe yara modules. [chrisr3d]
* Making yara query an expansion module for single attributes atm. [chrisr3d]
* Catching errors while parsing additional info in requests. [chrisr3d]
* Reduced logos size. [chrisr3d]
* Typo for separator between each explained module. [chrisr3d]
* Making python 3.5 happy with the exception type ImportError. [chrisr3d]
* Fixed exception type for python 3.5. [chrisr3d]
* Fixed exception type. [chrisr3d]
* Fixed syntax error. [chrisr3d]
* Fixed indentation error. [chrisr3d]
* Fixed 1 variable misuse + cleaned up variable names. [chrisr3d]
- Fixed use of 'domain' variable instead of 'email'
- Cleaned up variable names to avoid redefinition
of built-in variables
* Avoiding adding attributes that are already in the event. [chrisr3d]
* Fixed quick variable issue. [chrisr3d]
* Cleaned up test function not used anymore. [chrisr3d]
* Multiple attributes parsing support. [chrisr3d]
- Fixing one of my previous changes not processing
multiple attributes parsing
* Removed print. [chrisr3d]
* Some cleanup and output types fixed. [chrisr3d]
- hashes types specified in output
* Quick cleanup. [chrisr3d]
* Quick cleanup. [chrisr3d]
* Ta_import - bugfixes. [Christophe Vandeplas]
* [cleanup] Quick clean up on exception type. [chrisr3d]
* [cleanup] Quick clean up on yaml load function. [chrisr3d]
* [cleanup] Quick clean up on exception type. [chrisr3d]
* Put the report location parsing in a try/catch statement as it is an optional field. [chrisr3d]
* Put the stix2-pattern library import in a try statement. [chrisr3d]
--> Error more easily caught
* Removed STIX related libraries, files, documentation, etc. [chrisr3d]
* Avoid trying to build attributes with not intended fields. [chrisr3d]
- Previously: if the header field is not an attribute type, then
it was added as an attribute field.
PyMISP then used to skip it if needed
- Now: Those fields are discarded before they are put in an attribute
* Using userConfig to define the header instead of moduleconfig. [chrisr3d]
* Fixed input & output of the module. [chrisr3d]
* Added an object checking. [Christian Studer]
- Checking if there are objects in the event, and then if there is at least 1 transaction object
- This prevents the module from crashing, but does not guaranty having a valid GoAML file (depending on objects and their relations)
* Fixed input & output of the module. [chrisr3d]
Also updated some functions
* Fixed typo of the aml type for country codes. [chrisr3d]
* Typo in references mapping dictionary. [chrisr3d]
* Added an object checking. [chrisr3d]
- Checking if there are objects in the event, and then
if there is at least 1 transaction object
- This prevents the module from crashing, but does not
guaranty having a valid GoAML file (depending on
objects and their relations)
* Added the moduleinfo field need to have MISP event in standard format. [chrisr3d]
* Missing cve module test. [Alexandre Dulaunoy]
* Goamlexport added. [Alexandre Dulaunoy]
* Python version in Travis. [Alexandre Dulaunoy]
* Solved reading problems for some files. [chrisr3d]
* Skipping empty lines. [chrisr3d]
* Make travis happy. [Raphaël Vinot]
* OpenIOC importer. [Raphaël Vinot]
* 137 when a CVE is not found, a return message is given. [Alexandre Dulaunoy]
* Use the proper formatting method and not the horrible % one. [Hannah Ward]
* Misp-modules are by default installed in /bin. [Alexandre Dulaunoy]
* Module_config should be set as introspection relies on it. [Alexandre Dulaunoy]
* Types array. [Alexandre Dulaunoy]
* Run the server as "python3 misp-modules" [Raphaël Vinot]
* Stupid off-by-n line... [Alexandre Dulaunoy]
Other
* Merge branch 'master' of github.com:MISP/misp-modules. [Alexandre Dulaunoy]
* Removed trailing whitespaces. [Sascha Rommelfangen]
* Merge branch 'master' of https://github.com/MISP/misp-modules. [Sascha Rommelfangen]
* Merge branch 'master' of github.com:MISP/misp-modules. [Raphaël Vinot]
* New modules added. [Sascha Rommelfangen]
* New requirements for new modules. [Sascha Rommelfangen]
* Introduction of new modules. [Sascha Rommelfangen]
* Merge remote-tracking branch 'upstream/master' [Steve Clement]
* Merge branch 'master' of https://github.com/MISP/misp-modules. [Sascha Rommelfangen]
* Renamed file. [Sascha Rommelfangen]
* Renamed module. [Sascha Rommelfangen]
* Initial version of OCR expansion module. [Sascha Rommelfangen]
* Merge pull request 291 from Evert0x/submitcuckoo. [Alexandre Dulaunoy]
Expansion module - File/URL submission to Cuckoo Sandbox
* Generate latest version of documentation. [Ricardo van Zutphen]
* Document Cuckoo expansion module. [Ricardo van Zutphen]
* Use double quotes and provide headers correctly. [Ricardo van Zutphen]
* Update Cuckoo module to support files and URLs. [Ricardo van Zutphen]
* Update __init__.py. [Evert0x]
* Create cuckoo_submit.py. [Evert0x]
* Brackets are difficult... [Sascha Rommelfangen]
* Merge branch 'qr-code-module' of https://github.com/rommelfs/misp-modules into rommelfs-qr-code-module. [Alexandre Dulaunoy]
* Initial version of QR code reader. [Sascha Rommelfangen]
Module accepts attachments and processes pictures. It tries to identify and analyze an existing QR code.
Identified values can be inserted into the event.
* Merge branch 'iceone23-patch-1' [Raphaël Vinot]
* Create cisco_firesight_manager_ACL_rule_export.py. [iceone23]
Cisco Firesight Manager ACL Rule Export module
* Merge pull request 289 from SteveClement/master. [Steve Clement]
fix: [doc] Small typo fix
* Merge remote-tracking branch 'upstream/master' [Steve Clement]
* Merge pull request 285 from wesinator/patch-1. [Alexandre Dulaunoy]
Fix command highlighting
* Fix command highlighting. [Ԝеѕ]
* Merge branch 'master' of https://github.com/MISP/misp-modules. [Sascha Rommelfangen]
* Merge pull request 284 from Vincent-CIRCL/master. [Alexandre Dulaunoy]
fix: [exportpdf] custom path parameter
* Merge pull request 283 from Vincent-CIRCL/master. [Alexandre Dulaunoy]
fix: [exportpdf] add parameters
* Merge pull request 281 from Vincent-CIRCL/master. [Alexandre Dulaunoy]
fix: [exportpdf] add configmodule parameter for galaxy
* Merge pull request 282 from cgi1/patch-1. [Alexandre Dulaunoy]
Adding virtualenv to apt-get install
* Adding virtualenv to apt-get install. [cgi1]
* Merge pull request 279 from Vincent-CIRCL/master. [Alexandre Dulaunoy]
fix: [reportlab] Textual description parameter
* Chr: Restart the modules after update. [Raphaël Vinot]
* Fixed a bug when checking malformed BTC addresses. [Sascha Rommelfangen]
* Merge remote-tracking branch 'upstream/master' [Steve Clement]
* Merge branch 'master' of github.com:MISP/misp-modules. [Alexandre Dulaunoy]
* Merge pull request 278 from Vincent-CIRCL/master. [Alexandre Dulaunoy]
chg: [pdfexport] Fix pdf export, by calling new PyMISP tool for Misp Event export
* Fix [exportpdf] update parameters for links generation. [Falconieri]
* Tidy: Remove old dead export code. [Falconieri]
* Test 1 - PDF call. [Falconieri]
* Print values. [Vincent-CIRCL]
* Test update. [Vincent-CIRCL]
* Merge branch 'master' of github.com:MISP/misp-modules. [Alexandre Dulaunoy]
* Merge branch 'master' of github.com:MISP/misp-modules. [Alexandre Dulaunoy]
* Merge pull request 276 from iwitz/patch-1. [Alexandre Dulaunoy]
Add RHEL installation instructions
* Add: rhel installation instructions. [iwitz]
* Add: [doc] Added backscatter.io logo + regenerated documentation. [chrisr3d]
* Merge branch 'master' of github.com:MISP/misp-modules into new_module. [chrisr3d]
* Merge pull request 274 from 9b/master. [Alexandre Dulaunoy]
Backscatter.io expansion module
* Use the write var on return. [9b]
* Stubbed module. [9b]
* Add: New module to check if a bitcoin address has been abused. [chrisr3d]
- Also related update of documentation
* Sometimes server doesn't return expected values. fixed. [Sascha Rommelfangen]
* Merge pull request 266 from MISP/pipenv. [Raphaël Vinot]
chg: Use pipenv, update bgpranking/ipasn modules, fix imports for sigma
* Merge pull request 259 from ruiwen/fix_redis. [Alexandre Dulaunoy]
fix: allow redis details to be retrieved from environment variables
* Add: [doc] link documentation to README. [Alexandre Dulaunoy]
* Merge branch 'master' of github.com:MISP/misp-modules. [Alexandre Dulaunoy]
* Merge pull request 258 from HacknowledgeCH/export_nexthink. [Alexandre Dulaunoy]
Export nexthink
* Added 2 blank lines to comply w/ pep8. [milkmix]
* Removed unused re module. [milkmix]
* Added documentation. [milkmix]
* Added domain attributes support. [milkmix]
* Support for md5 and sha1 hashes. [milkmix]
* First export feature: sha1 attributes nxql query. [milkmix]
* Merge branch 'master' of https://github.com/MISP/misp-modules. [Sascha Rommelfangen]
* Add: Added missing expansion modules in readme. [chrisr3d]
* Add: Completed documentation for expansion modules. [chrisr3d]
* Add: Updated more expansion documentation files. [chrisr3d]
* Add: Added new documentation for hashdd module. [chrisr3d]
* Add: Update to support sha1 & sha256 attributes. [chrisr3d]
* Add: More documentation on expansion modules. [chrisr3d]
* Add: Started filling some expansion modules documentation. [chrisr3d]
* Add: Added yara_query module documentation, update yara_syntax_validator documentation & generated updated documentation markdown. [chrisr3d]
* Merge branch 'master' of github.com:MISP/misp-modules into chrisr3d_patch. [chrisr3d]
* Add: Added test files for yara to test yara library & potentially yara syntax. [chrisr3d]
* Add: Added imphash to input attribute types. [chrisr3d]
* Cosmetic output change. [Sascha Rommelfangen]
* Debug removed. [Sascha Rommelfangen]
* API changes reflected. [Sascha Rommelfangen]
* Merge pull request 253 from MISP/chrisr3d_patch. [Alexandre Dulaunoy]
Validation of yara rules
* Merge branch 'master' of github.com:MISP/misp-modules into chrisr3d_patch. [chrisr3d]
* Merge pull request 251 from MISP/rommelfs-patch-4. [Raphaël Vinot]
bug fix regarding leftovers between runs
* Bug fix regarding leftovers between runs. [Sascha Rommelfangen]
* Merge pull request 250 from SteveClement/btc. [Steve Clement]
chg: [btc] Removed simple PoC for btc expansion.
* Merge pull request 249 from MISP/rommelfs-patch-3. [Steve Clement]
added btc_steroids
* Added btc_steroids. [Sascha Rommelfangen]
* Merge pull request 248 from rommelfs/master. [Sascha Rommelfangen]
Pull request for master
* Added btc_steroids to the list. [Sascha Rommelfangen]
* Initial version of a Bitcoin module. [Sascha Rommelfangen]
* Merge pull request 247 from SteveClement/btc. [Alexandre Dulaunoy]
new: [module] Added very simple BitCoin expansion/hover module
* Merge pull request 245 from chrisr3d/master. [Alexandre Dulaunoy]
YARA rules from hashes expansion module
* Updated list of modules in readme. [chrisr3d]
* Merge branch 'master' of github.com:MISP/misp-modules. [chrisr3d]
* Add: [documentation] osquery logo. [Alexandre Dulaunoy]
* Merge pull request 241 from 0xmilkmix/doc_osqueryexport. [Alexandre Dulaunoy]
Added basic documentation for OS query
* Merge branch 'master' into doc_osqueryexport. [Alexandre Dulaunoy]
* Merge pull request 240 from 0xmilkmix/support_osquery_win_named_obj. [Alexandre Dulaunoy]
super simple support for mutexes through winbaseobj in osquery 3.3
* Merge branch 'master' into support_osquery_win_named_obj. [Alexandre Dulaunoy]
* Merge pull request 242 from 0xmilkmix/module_writting. [Steve Clement]
chg: [doc] Additional documentation for export module
* Documentation for export module. [milkmix]
* Super simple support for mutexes through winbaseobj in osquery 3.3. [milkmix]
* Added basic documentation. [milkmix]
* Merge pull request 239 from SteveClement/master. [Steve Clement]
chg: [docs] Added some missing dependencies and instructions for virtualenv deployment
* Merge pull request 237 from 0xmilkmix/export_osquery. [Alexandre Dulaunoy]
Export osquery
* Merge branch 'master' into export_osquery. [Julien Bachmann]
* Merge pull request 232 from CodeLineFi/master. [Alexandre Dulaunoy]
macaddres.io module - Date conversion bug fixed
* Merge branch 'master' into master. [Alexandre Dulaunoy]
* Merge pull request 233 from chrisr3d/documentation. [Christian Studer]
Modules documentation
* Merge branch 'master' of github.com:MISP/misp-modules into documentation. [chrisr3d]
* Updated documentation result file. [chrisr3d]
* Add: Added documentation for expansion modules. [chrisr3d]
* Add: Started adding logos on documentation for each module. [chrisr3d]
* Renamed directory to have consistency in names. [chrisr3d]
* Removed documentation about a module deleted from the repository. [chrisr3d]
* Merging readme. [chrisr3d]
* Merge branch 'master' of github.com:MISP/misp-modules into documentation. [chrisr3d]
* Merge branch 'master' of github.com:MISP/misp-modules into documentation. [chrisr3d]
* Merge branch 'master' of github.com:MISP/misp-modules into documentation. [chrisr3d]
* Merge branch 'master' of github.com:MISP/misp-modules into documentation. [chrisr3d]
* Merge branch 'master' of github.com:MISP/misp-modules into documentation. [chrisr3d]
* Merge branch 'master' of github.com:MISP/misp-modules into documentation. [chrisr3d]
* First try of documentation for import & export modules. [chrisr3d]
- Providing information about the general purpose of
the modules, their requirements, how to use them
(if there are special features), some references
about the format concerned or the vendors, and their
input and output.
- Documentation to be completed by additional fields
of documentation and / or more detailed descriptions
* Added Documentation explanations on readme file. [chrisr3d]
* CSV import documentation first try. [chrisr3d]
* GoAML modules documentation first try. [chrisr3d]
* Updated README. Added a link to the integration tutorial. [Codelinefi-admin]
* Fixed a bug with wrong dates conversion. [Codelinefi-admin]
* Merge branch 'vulnersCom-master' [Alexandre Dulaunoy]
* Merge branch 'master' of https://github.com/vulnersCom/misp-modules into vulnersCom-master. [Alexandre Dulaunoy]
* Fixed getting of the Vulners AI score. [isox]
* Merge pull request 230 from lctrcl/master. [Alexandre Dulaunoy]
* Merge branch 'master' into master. [lctrcl]
* Merge pull request 229 from lctrcl/master. [Alexandre Dulaunoy]
New vulners module added
* HotFix: Vulners AI score. [Igor Ivanov]
* Code cleanup and formatting. [Igor Ivanov]
* Added exploit information. [Igor Ivanov]
* Initial Vulners module PoC. [Igor Ivanov]
* Merge pull request 226 from CodeLineFi/master. [Alexandre Dulaunoy]
New macaddress.io hover module added
* Macaddress.io hover module added. [Codelinefi-admin]
* Merge pull request 223 from chrisr3d/master. [Christian Studer]
* Merge branch 'master' of github.com:MISP/misp-modules. [chrisr3d]
* Merge pull request 222 from chrisr3d/master. [Christian Studer]
Clean up + fix of some modules
* Merge branch 'master' of github.com:MISP/misp-modules. [chrisr3d]
* Merge pull request 221 from MISP/rommelfs-patch-2. [Alexandre Dulaunoy]
fixed typo
* Fixed typo. [Sascha Rommelfangen]
via 220
* Merge branch 'master' of github.com:MISP/misp-modules. [chrisr3d]
* Merge pull request 218 from surbo/patch-1. [Alexandre Dulaunoy]
Update urlscan.py
* Update urlscan.py. [SuRb0]
Added hash to the search so you can take advantage of the new file down load function on urlscan.io. You can use this to pivot on file hashes and find out domains that hosting the same malicious file.
* Merge branch 'master' of github.com:MISP/misp-modules. [chrisr3d]
* Merge pull request 217 from threatsmyth/master. [Alexandre Dulaunoy]
Add error handling for DNS failures, reduce imports, and simplify attribute comments
* Merge branch 'master' into master. [David J]
* Merge pull request 215 from threatsmyth/master. [Alexandre Dulaunoy]
Create urlscan.py
* Add error handling for DNS failures, reduce imports, and simplify misp_comments. [David J]
* Create urlscan.py. [David J]
* Merge branch 'master' of github.com:MISP/misp-modules. [chrisr3d]
* Merge pull request 214 from chrisr3d/chrisr3d_patch. [Alexandre Dulaunoy]
New module to check DBL Spamhaus
* Merge branch 'chrisr3d_patch' of github.com:chrisr3d/misp-modules. [chrisr3d]
* Add: Added DBL spamhaus module documentation and in expansion init file. [chrisr3d]
* Merge branch 'master' of github.com:MISP/misp-modules. [chrisr3d]
* Ta_import - bugfixes for TA 6.1. [Christophe Vandeplas]
* Merge pull request 210 from chrisr3d/master. [Christian Studer]
Put the report location parsing in a try/catch statement as it is an optional field
* Merge pull request 209 from cvandeplas/master. [Christophe Vandeplas]
ta_import - support for TheatAnalyzer 6.1
* Ta_import - support for TheatAnalyzer 6.1. [Christophe Vandeplas]
* Securitytrails.com expansion module added. [Alexandre Dulaunoy]
* Merge pull request 208 from sebdraven/dnstrails. [Alexandre Dulaunoy]
module securitytrails
* Merge branch 'master' into dnstrails. [sebdraven]
* Merge pull request 206 from chrisr3d/master. [Alexandre Dulaunoy]
Expansion module displaying SIEM signatures from a sigma rule
* Merge branch 'master' into master. [Alexandre Dulaunoy]
* Remove the never release Python code in Travis. [Alexandre Dulaunoy]
* Remove Python 3.4 and Python 3.7 added. [Alexandre Dulaunoy]
* Merge branch 'master' of github.com:MISP/misp-modules. [chrisr3d]
* Merge pull request 202 from SteveClement/master. [Alexandre Dulaunoy]
Removed test modules from view
* - Removed test modules from view - Moved skeleton expansion module to it's proper place. [Steve Clement]
* Merge pull request 201 from chrisr3d/master. [Alexandre Dulaunoy]
add: STIX2 pattern syntax validator
* Add: Experimental expansion module to display the SIEM signatures from a sigma rule. [chrisr3d]
* Add: stix2 pattern validator requirements. [chrisr3d]
* Add: STIX2 pattern syntax validator. [chrisr3d]
* Merge pull request 199 from SteveClement/master. [Alexandre Dulaunoy]
Added (Multipage) PDF support to OCR Module, minor refactor
* - Reverted to <3.6 compatibility. [Steve Clement]
* - Fixed log output. [Steve Clement]
* - Forgot to import sys. [Steve Clement]
* - Added logger functionality for debug sessions. [Steve Clement]
* - content was already a wand.obj. [Steve Clement]
* Merge remote-tracking branch 'upstream/master' [Steve Clement]
* Threatanalyzer_import - order of category tuned. [Christophe Vandeplas]
* Merge branch 'master' of github.com:SteveClement/misp-modules. [Steve Clement]
* Merge branch 'master' into master. [Alexandre Dulaunoy]
* - Some more comments - Removed libmagic, wand can handle it better. [Steve Clement]
* - Set tornado timeout to 300 seconds. [Steve Clement]
* - Quick comment ToDo: Avoid using Magic in future releases. [Steve Clement]
* - added wand requirement - fixed missing return png byte-stream - move module import to handler to catch and report errorz. [Steve Clement]
* - fixed typo move image back in scope. [Steve Clement]
* - Added initial PDF support, nothing is processed yet - Test to replace PIL with wand. [Steve Clement]
* Change type of status. [Sebdraven]
* Remove print. [Sebdraven]
* Last commit for release. [Sebdraven]
* Add logs. [Sebdraven]
* Add searching_stats. [Sebdraven]
* Add searching_stats. [Sebdraven]
* Correct key. [Sebdraven]
* Correct key. [Sebdraven]
* Correct param. [Sebdraven]
* Add searching domains. [Sebdraven]
* Add searching domains. [Sebdraven]
* Add return. [Sebdraven]
* Add logs. [Sebdraven]
* Add whois expand to test. [Sebdraven]
* Add whois expand to test. [Sebdraven]
* Correct index error. [Sebdraven]
* Error call functions. [Sebdraven]
* Add logs. [Sebdraven]
* Add logs. [Sebdraven]
* Add status_ok to true. [Sebdraven]
* Add logs. [Sebdraven]
* Add logs. [Sebdraven]
* Add logs. [Sebdraven]
* Add logs. [Sebdraven]
* Add logs. [Sebdraven]
* Correct out of bound returns. [Sebdraven]
* Correct key and return of functions. [Sebdraven]
* Add logs. [Sebdraven]
* Add logs. [Sebdraven]
* Correct typo. [Sebdraven]
* Test whois history. [Sebdraven]
* History whois dns. [Sebdraven]
* Correct typo. [Sebdraven]
* Rename misp modules. [Sebdraven]
* Add a test to check if the list is not empty. [Sebdraven]
* Add a test to check if the list is not empty. [Sebdraven]
* Add logs. [Sebdraven]
* Debug whois. [Sebdraven]
* Debug ipv4 or ipv6. [Sebdraven]
* Add debug. [Sebdraven]
* Debug. [Sebdraven]
* Change status. [Sebdraven]
* Change history dns. [Sebdraven]
* Add logs to debug. [Sebdraven]
* Correct call function. [Sebdraven]
* Add history mx and soa. [Sebdraven]
* Add history dns and handler exception. [Sebdraven]
* Add history dns. [Sebdraven]
* Switch type ip. [Sebdraven]
* Refactoring expand_whois. [Sebdraven]
* Correct typo. [Sebdraven]
* Add ipv6 and ipv4. [Sebdraven]
* Change type. [Sebdraven]
* Change type. [Sebdraven]
* Change loop. [Sebdraven]
* Add time sleep in each request. [Sebdraven]
* Control return of records. [Sebdraven]
* Add history ipv4. [Sebdraven]
* Add logs. [Sebdraven]
* Change categories. [Sebdraven]
* Concat results. [Sebdraven]
* Change name keys. [Sebdraven]
* Change return value. [Sebdraven]
* Add logs. [Sebdraven]
* Change errors. [Sebdraven]
* Add logs. [Sebdraven]
* Add expand whois. [Sebdraven]
* Typo. [Sebdraven]
* Add categories and comments. [Sebdraven]
* Add expand subdomains. [Sebdraven]
* Add expand subdomains. [Sebdraven]
* Change categories. [Sebdraven]
* Changes keys. [Sebdraven]
* Add status ! [Sebdraven]
* Add methods. [Sebdraven]
* Add expand domains. [Sebdraven]
* Add link pydnstrain in requirements. [Sebdraven]
* Add new module dnstrails. [Sebdraven]
* Merge pull request 198 from chrisr3d/master. [Alexandre Dulaunoy]
Sigma syntax validator expansion module + some updates
* Updated README to add sigma & some other missing modules. [chrisr3d]
* Updated the list of modules (removed stiximport) [chrisr3d]
* Add: Sigma syntax validator expansion module. [chrisr3d]
--> Checks sigma rules syntax
- Updated the expansion modules list as well
- Updated the requirements list
* Updated the list of expansion modules. [chrisr3d]
* Corrected typos and unused imports. [milkmix]
* Added support for scheduledtasks. [milkmix]
* Added support for service-displayname, regkey|value. [milkmix]
* Initial implementation supporting regkey. mutexes support waiting osquery table. [milkmix]
* Merge pull request 197 from sebdraven/onyphe_full_module. [Alexandre Dulaunoy]
Onyphe full module
* Add return handle domains. [Sebdraven]
* Add search. [Sebdraven]
* Add domain to expand. [Sebdraven]
* Correct bugs. [Sebdraven]
* Add domain expansion. [Sebdraven]
* Add comment. [Sebdraven]
* Correct bugs. [Sebdraven]
* Correct comments. [Sebdraven]
* Add threat list expansion. [Sebdraven]
* Change method to concat methods. [Sebdraven]
* Set status after requests. [Sebdraven]
* Set status after requests. [Sebdraven]
* Add logs. [Sebdraven]
* Add logs. [Sebdraven]
* Add logs. [Sebdraven]
* Pep 8. [Sebdraven]
* Correct bug. [Sebdraven]
* Add datascan expansion. [Sebdraven]
* Add reverse infos. [Sebdraven]
* Add reverse infos. [Sebdraven]
* Add reverse infos. [Sebdraven]
* Add reverse infos. [Sebdraven]
* Add forward infos. [Sebdraven]
* Add comment of attributes. [Sebdraven]
* Add comment of attributes. [Sebdraven]
* Error loops. [Sebdraven]
* Error method. [Sebdraven]
* Error type. [Sebdraven]
* Error keys. [Sebdraven]
* Add expansion synscan. [Sebdraven]
* Change key access domains. [Sebdraven]
* Change add in results. [Sebdraven]
* Add logs. [Sebdraven]
* Correct error keys. [Sebdraven]
* Test patries expansion. [Sebdraven]
* Add onyphe full module. [Sebdraven]
* Add onyphe full module and code the stub. [Sebdraven]
* Merge pull request 194 from chrisr3d/master. [Alexandre Dulaunoy]
Removed STIX1 related requirements to avoid version issues
* Merge branch 'master' of github.com:MISP/misp-modules. [chrisr3d]
* Merge pull request 193 from sebdraven/onyphe_module. [Alexandre Dulaunoy]
Onyphe module
* Delete vcs.xml. [sebdraven]
* Correct codecov. [Sebdraven]
* Pep 8 compliant. [Sebdraven]
* Correct type of comments. [Sebdraven]
* Correct typo. [Sebdraven]
* Correct typo. [Sebdraven]
* Add domains forward. [Sebdraven]
* Add domains. [Sebdraven]
* Add targeting os. [Sebdraven]
* Add category for AS number. [Sebdraven]
* Change keys. [Sebdraven]
* Change type. [Sebdraven]
* Add category. [Sebdraven]
* Add as number with onyphe. [Sebdraven]
* Add as number with onyphe. [Sebdraven]
* Error indentation. [Sebdraven]
* Correct key in map result. [Sebdraven]
* Correct a bug. [Sebdraven]
* Add pastebin url imports. [Sebdraven]
* Add onyphe module. [Sebdraven]
* Updated requirements to avoid version issues in the MISP packer installation script. [chrisr3d]
* Update countrycode.py. [Andras Iklody]
* Add: mixing modules. [Alexandre Dulaunoy]
* Merge branch 'master' of github.com:MISP/misp-modules. [Alexandre Dulaunoy]
* Merge pull request 190 from chrisr3d/master. [Alexandre Dulaunoy]
Updated csv import following our recent discussions
* Updated delimiter finder function. [chrisr3d]
* Add: Added user config to specify if there is a header in the csv to import. [chrisr3d]
* Merge branch 'master' of github.com:MISP/misp-modules. [chrisr3d]
* Merge pull request 189 from chrisr3d/master. [Andras Iklody]
Using userConfig to define the header instead of moduleconfig
* Merge pull request 188 from cvandeplas/master. [Christophe Vandeplas]
ta import - noise removal
* Merge branch 'master' into master. [Christophe Vandeplas]
* Merge pull request 187 from cvandeplas/master. [Christophe Vandeplas]
threatanalyzer_import - minor generic noise removal
* Threatanalyzer_import - minor generic noise removal. [Christophe Vandeplas]
* Ta import - more filter for pollution. [Christophe Vandeplas]
* Threatanalyzer_import - minor generic noise removal. [Christophe Vandeplas]
* Merge pull request 185 from cvandeplas/master. [Christophe Vandeplas]
threatanalyzer_import - loads sample info + pollution fix
* Threatanalyzer_import - loads sample info + pollution fix. [Christophe Vandeplas]
* Merge pull request 184 from cvandeplas/master. [Christophe Vandeplas]
threatanalyzer_import - fix regkey issue
* Threatanalyzer_import - fix regkey issue. [Christophe Vandeplas]
* Merge pull request 177 from TheDr1ver/patch-1. [Alexandre Dulaunoy]
fix missing comma
* Fix missing comma. [Nick Driver]
fix ip-dst and vulnerability input
* Merge pull request 176 from cudeso/master. [Alexandre Dulaunoy]
Fix VMRay API access error
* Fix VMRay API access error. [Koen Van Impe]
hotfix for the "Unable to access VMRay API" error
* Merge remote-tracking branch 'MISP/master' [Koen Van Impe]
* Merge pull request 173 from m3047/master. [Alexandre Dulaunoy]
Add exception blocks for query errors.
* Add exception blocks for query errors. [Fred Morris]
* Merge pull request 170 from P4rs3R/patch-1. [Alexandre Dulaunoy]
Improving regex (validating e-mail)
* Improving regex (validating e-mail) [x41\x43]
Line 48:
The previous regex ` ^[\w\.\+\-]+\[\w]+\.[a-z]{2,3}$ ` matched only a small subset of valid e-mail address (e.g.: didn't match domain names longer than 3 chars or userthis-domain.de or usermultiple.level.dom) and needed to be with start (^) and end ($).
This ` [a-zA-Z0-9!$%&'*+\/=?^_`{|}~-]+(?:\.[a-zA-Z0-9!$%&'*+\/=?^_`{|}~-]+)*(?:[a-zA-Z0-9](?:[a-zA-Z0-9-]*[a-zA-Z0-9])?\.)+[a-zA-Z0-9](?:[a-zA-Z0-9-]*[a-zA-Z0-9])? ` is not perfect (e.g: can't match oriental chars), but imho is much more complete.
Regex tested with several e-mail addresses with Python 3.6.4 and Python 2.7.14 on Linux 4.14.
* Merge pull request 169 from chrisr3d/master. [Alexandre Dulaunoy]
Updated GoAML import including Object References
* Clarified functions arguments using a class. [chrisr3d]
* Add: Added Object References in the objects imported. [chrisr3d]
* Merge pull request 168 from chrisr3d/goaml. [Alexandre Dulaunoy]
GoAML import module & GoAML export updates
* Merge branch 'master' of github.com:MISP/misp-modules into goaml. [chrisr3d]
* Merge pull request 167 from chrisr3d/csvimport. [Alexandre Dulaunoy]
Updated csvimport
* Merge branch 'csvimport' of github.com:chrisr3d/misp-modules into goaml. [chrisr3d]
* Removed print. [chrisr3d]
* Merge branch 'master' of github.com:MISP/misp-modules into csvimport. [chrisr3d]
* Merge pull request 165 from chrisr3d/goaml. [Alexandre Dulaunoy]
fix: Added an object checking
* Add: added goamlimport. [chrisr3d]
* Fixed some details about the module output. [chrisr3d]
* Converting GoAML into MISPEvent. [chrisr3d]
* Now parsing all the transaction attributes. [chrisr3d]
* Add: Added dictionary to map aml types into MISP types. [chrisr3d]
* Typo. [chrisr3d]
* Merge branch 'master' of github.com:chrisr3d/misp-modules into aml_import. [chrisr3d]
* Merge pull request 164 from chrisr3d/master. [Alexandre Dulaunoy]
Latest fixes to make GoAML export module work
* Add: Added an example file generated by GoAML export module. [chrisr3d]
* Added GoAML export module in description. [chrisr3d]
* Reading the entire document, to create a big dictionary containing the data, as a beginning. [chrisr3d]
* Add: new expansion module to check hashes against hashdd.com including NSLR dataset. [Alexandre Dulaunoy]
* Merge pull request 163 from chrisr3d/master. [Alexandre Dulaunoy]
GoAML export
* Typo. [chrisr3d]
* Merge branch 'master' of github.com:MISP/misp-modules. [chrisr3d]
* Quick fix to the invalid hash types offered on all returned hashes, hopefully fixes 162. [Andras Iklody]
* Explicit name. [chrisr3d]
Avoiding confusion with the coming import module for goaml
* Added "t_to" and "t_from" required fields: funds code & country. [chrisr3d]
* Added a required field & the latest attributes in transaction. [chrisr3d]
* Added report expected information fields. [chrisr3d]
* Simplified ObjectReference dictionary reading. [chrisr3d]
* Merge branch 'master' of github.com:MISP/misp-modules. [chrisr3d]
* Add: YARA syntax validator. [Alexandre Dulaunoy]
* Merge pull request 161 from eCrimeLabs/ecrimelabs_dev. [Alexandre Dulaunoy]
Added Yara syntax validation expansion module
* Added Yara syntax validation expansion module. [Dennis Rand]
* Added some report information. [chrisr3d]
Also changed the ObjectReference parser to replace
all the if conditions by a dictionary reading
* Suporting the recent objects added to misp-objects. [chrisr3d]
- Matching the aml documents structure
- Some parts of the document still need to be added
* Wip: added location & signatory information. [chrisr3d]
* Merge branch 'master' of github.com:MISP/misp-modules into test. [chrisr3d]
* Merge pull request 157 from CenturyLinkCIRT/master. [Alexandre Dulaunoy]
added csvimport to __init__.py
* Added csvimport to __init__.py. [Thomas Gardner]
* Add: CSV import module added. [Alexandre Dulaunoy]
* Outputting xml format. [chrisr3d]
Also mapping MISP and GoAML types
* First tests for the GoAML export module. [chrisr3d]
* Merge pull request 156 from chrisr3d/master. [Alexandre Dulaunoy]
CSV import
* Merge branch 'master' of github.com:MISP/misp-modules. [chrisr3d]
* 3.7-alpha removed. [Alexandre Dulaunoy]
* Updated delimiter finder method. [chrisr3d]
* Fixed data treatment & other updates. [chrisr3d]
* Updated delimiter parsing & data reading functions. [chrisr3d]
* First version of csv import module. [chrisr3d]
- If more than 1 misp type is recognized, for each one an
attribute is created
- Needs to have header set by user as parameters of the module atm
- Review needed to see the feasibility with fields that can create
confusion and be interpreted both as misp type or attribute field
(for instance comment is a misp type and an attribute field)
* Merge pull request 154 from cvandeplas/master. [Raphaël Vinot]
added CrowdStrike Falcon Intel Indicators expansion module
* Added CrowdStrike Falcon Intel Indicators expansion module. [Christophe Vandeplas]
* Add: RBL added. [Alexandre Dulaunoy]
* Merge pull request 150 from chrisr3d/master. [Alexandre Dulaunoy]
RBL check module
* Merge github.com:MISP/misp-modules. [chrisr3d]
* Merge pull request 149 from cvandeplas/master. [Alexandre Dulaunoy]
Added ThreatAnalyzer sandbox import
* Added ThreatAnalyzer sandbox import. [Christophe Vandeplas]
Experimental module - some parts should be migrated to
* Check an IPv4 address against known RBLs. [chrisr3d]
* Fix farsight_passivedns - rdata 404 not found. [Christophe Vandeplas]
* Added ThreatStream and PDF export. [Alexandre Dulaunoy]
* Merge branch 'robertnixon2003-master' + a small fix. [Alexandre Dulaunoy]
* Fix the __init__ import. [Alexandre Dulaunoy]
* Update threatStream_misp_export.py. [Robert Nixon]
* Updated __init__.py. [Robert Nixon]
Added reference to new ThreatStream export module
* Added threatStream_misp_export.py. [Robert Nixon]
* Merge branch 'cvandeplas-master' [Alexandre Dulaunoy]
* Fixes missing init file in dnsdb library folder. [Christophe Vandeplas]
* New Farsight DNSDB Passive DNS expansion module. [Christophe Vandeplas]
* Merge branch 'master' of github.com:MISP/misp-modules. [Raphaël Vinot]
* Merge pull request 144 from attritionorg/patch-1. [Andras Iklody]
minor touch-ups on error messages for user friendliness
* Minor touch-ups on error messages for user friendliness. [Jericho]
* Merge pull request 140 from cudeso/master. [Alexandre Dulaunoy]
VulnDB Queries
* VulnDB Queries. [Koen Van Impe]
Search on CVE at https://vulndb.cyberriskanalytics.com/
https://www.riskbasedsecurity.com/
Get extended CVE info, links + CPE
* Merge remote-tracking branch 'MISP/master' [Koen Van Impe]
* Add quick and dirty pdf export. [Raphaël Vinot]
* Merge pull request 139 from Rafiot/master. [Raphaël Vinot]
fix: OpenIOC importer
* Merge pull request 135 from DomainTools/domaintools-patch-1. [Raphaël Vinot]
Added code to allow 3rd party modules
* Added default parameter for new -m flag. [Viktor von Drakk]
* Added code to allow 3rd party modules. [Viktor von Drakk]
The new '-m pip.module.name' feature allows a pip-installed module to be specified on the command line and then loaded into the available modules without having to copy-paste files into the appropriate directories of this package.
* Broken links fixed. [Alexandre Dulaunoy]
* ThreatConnect export module added. [Alexandre Dulaunoy]
* Merge pull request 133 from CenturyLinkCIRT/master. [Alexandre Dulaunoy]
ThreatConnect export module
* Added threat_connect_export to export_mod.__init__ [Thomas Gardner]
* Added test files for threat_connect_export. [Thomas Gardner]
* Added threat_connect_export.py. [Thomas Gardner]
* Merge pull request 129 from seamustuohy/utf_hate. [Raphaël Vinot]
Added support for malformed internationalized email headers
* Added support for malformed internationalized email headers. [seamus tuohy]
When an emails contains headers that use Unicode without properly crafing
them to comform to RFC-6323 the email import module would crash.
(See issue 119 & issue 93)
To address this I have added additional layers of encoding/decoding to
any possibly internationalized email headers. This decodes properly
formed and malformed UTF-8, UTF-16, and UTF-32 headers appropriately.
When an unknown encoding is encountered it is returned as an 'encoded-word'
per RFC2047.
This commit also adds unit-tests that tests properly formed and malformed
UTF-8, UTF-16, UTF-32, and CJK encoded strings in all header fields; UTF-8,
UTF-16, and UTF-32 encoded message bodies; and emoji testing for headers
and attachment file names.
* Merge branch 'master' into utf_hate. [seamus tuohy]
* Added unit tests for UTF emails. [seamus tuohy]
* OTX and ThreatCrowd added. [Alexandre Dulaunoy]
* Merge pull request 130 from chrisdoman/master. [Alexandre Dulaunoy]
Add AlienVault OTX and ThreatCrowd Expansions
* Add AlienVault OTX and ThreatCrowd Expansions. [Chris Doman]
* Use proper version of PyMISP. [Raphaël Vinot]
* Update travis, fix open ioc import. [Raphaël Vinot]
* Merge pull request 122 from truckydev/master. [Alexandre Dulaunoy]
Add tags on import with ioc import module
* Replace tab by space. [Tristan METAYER]
* Add a field for user to add tag for this import. [Tristan METAYER]
* Merge pull request 121 from truckydev/master. [Andras Iklody]
If filename add iocfilename as attachment
* Typo correction. [Tristan METAYER]
* Add user config to not add file as attachement in a box. [Tristan METAYER]
* If filename add iocfilename as attachment. [Tristan METAYER]
* Merge pull request 118 from truckydev/master. [Alexandre Dulaunoy]
Add indent field for export
* Add indent field for export. [Tristan METAYER]
* Merge pull request 115 from FloatingGhost/master. [Alexandre Dulaunoy]
fix: Use the proper formatting method and not the horrible % one
* Missing expansion modules added in README. [Alexandre Dulaunoy]
* ThreatMiner added. [Alexandre Dulaunoy]
* Merge pull request 114 from kx499/master. [Alexandre Dulaunoy]
ThreatMiner Expansion module
* Bug fixes. [kx499]
* Threatminer initial commit. [kx499]
* Cosmetic changes. [Raphaël Vinot]
* Merge pull request 111 from kx499/master. [Raphaël Vinot]
Handful of changes to VirusTotal module
* Bug fixes, tweaks, and python3 learning curve :) [kx499]
* Initial commit of IPRep module. [kx499]
* Fixed spacing, addressed error handling for public api, added subdomains, and added context comment. [kx499]
* OpenIOC import module added. [Alexandre Dulaunoy]
* Add OpenIOC import module. [Raphaël Vinot]
* Merge pull request 109 from truckydev/master. [Alexandre Dulaunoy]
add information about offline installation
* Add information about offline installation. [truckydev]
* Merge pull request 106 from truckydev/master. [Alexandre Dulaunoy]
Lite export of an event
* Exclude internal reference. [Tristan METAYER]
* Add lite Export module. [Tristan METAYER]
* Merge pull request 100 from rmarsollier/master. [Alexandre Dulaunoy]
Some improvements of virustotal plugin
* Some improvements of virustotal plugin. [rmarsollier]
* Merge pull request 96 from johestephan/master. [Raphaël Vinot]
XForce Exchange v1 (alpha)
* Passed local run check. [Joerg Stephan]
* V1. [Joerg Stephan]
* Removed urrlib2. [Joerg Stephan]
* Python3 changes. [Joerg Stephan]
* Merged xforce exchange. [Joerg Stephan]
* XForce Exchange v1 (alpha) [Joerg Stephan]
* Merge pull request 56 from RichieB2B/ncsc-nl/mispjson. [Alexandre Dulaunoy]
Simple import module to import MISP JSON format
* Updated description to reflect merging use case. [Richard van den Berg]
* Simple import module to import MISP JSON format. [Richard van den Berg]
* Merge pull request 92 from seamustuohy/duck_typing_failure. [Alexandre Dulaunoy]
Email import no longer unzips major compressed text document formats.
* Email import no longer unzips major compressed text document formats. [seamus tuohy]
Let this commit serve as a warning about the perils of duck typing.
Word documents (docx,odt,etc) were being uncompressed when they were
attached to emails. The email importer now checks a list of well known
extensions and will not attempt to unzip them.
It is stuck using a list of extensions instead of using file magic because
many of these formats produce an application/zip mimetype when scanned.
* Merge branch 'master' of github.com:MISP/misp-modules. [Raphaël Vinot]
* Merge pull request 91 from Rafiot/master. [Raphaël Vinot]
Improve email import module
* Keep zip content as binary. [Raphaël Vinot]
* Fix tests, cleanup. [Raphaël Vinot]
* Improve support of email attachments. [Raphaël Vinot]
Related to 90
* Merge pull request 89 from Rafiot/fix_87. [Raphaël Vinot]
Improve VT support.
* Standardised key checking. [Hannah Ward]
* Fixed checking for submission_names in VT JSON. [Hannah Ward]
* Update virustotal.py. [CheYenBzh]
* Merge branch 'master' of github.com:MISP/misp-modules. [Raphaël Vinot]
* Training materials updated + Cuckoo JSON import module was missing. [Alexandre Dulaunoy]
* Improve support of email importer if headers are missing. [Raphaël Vinot]
Fix 88
* Remove python 3.3 support. [Raphaël Vinot]
* Fix python 3.6 support. [Raphaël Vinot]
* Make PEP8 happy. [Raphaël Vinot]
* Add email_import in the modules loaded by default. [Raphaël Vinot]
* Make PEP8 happy. [Raphaël Vinot]
* Fix failing test (bug in the mail parser?) [Raphaël Vinot]
* Add additional email parsing and tests. [seamus tuohy]
Added additional attribute parsing and corresponding unit-tests.
E-mail attachment and url extraction added in this commit. This includes
unpacking zipfiles and simple password cracking of encrypted zipfiles.
* Fixed basic errors. [seamus tuohy]
* Merged with current master. [seamus tuohy]
* Merge pull request 85 from rmarsollier/master. [Raphaël Vinot]
add libjpeg-dev as a dep to allow pillow to be installed succesfully
* Add libjpeg-dev as a dep to allow pillow to be installed succesfully. [robin.marsollierconix.fr]
* GeoIP module added. [Alexandre Dulaunoy]
* Merge pull request 84 from MISP/amuehlem-master. [Raphaël Vinot]
Fix PR
* Do not crash if the dat file is not available. [Raphaël Vinot]
* Fix path to config file. [Raphaël Vinot]
* Merge branch 'master' of https://github.com/amuehlem/misp-modules into amuehlem-master. [Raphaël Vinot]
* Added empty line to end of config file. [Andreas Muehlemann]
* Removed DEFAULT section from configfile. [Andreas Muehlemann]
* Fixed more typos. [Andreas Muehlemann]
* Fixed typo. [Andreas Muehlemann]
* Changed configparser from python2 to python3. [Andreas Muehlemann]
* Updated missing parenthesis. [Andreas Muehlemann]
* Merge branch 'geoip_country' [Andreas Muehlemann]
* Removed unneeded config option for misp. [Andreas Muehlemann]
* Removed debug message. [Andreas Muehlemann]
* Added config option to geoip_country.py. [Andreas Muehlemann]
* Added pygeoip to the REQUIREMENTS list. [Andreas Muehlemann]
* Updated geoip_country to __init__.py. [Andreas Muehlemann]
* Added geoip_country.py. [Andreas Muehlemann]
* Better error reporting. [Raphaël Vinot]
* Catch exception. [Raphaël Vinot]
* Add reverse lookup. [Raphaël Vinot]
* Refactoring of domaintools expansion module. [Raphaël Vinot]
* Merge branch 'master' of github.com:MISP/misp-modules. [Raphaël Vinot]
* Merge pull request 83 from stoep/master. [Alexandre Dulaunoy]
Added cuckooimport.py
* Added cuckooimport.py. [Ubuntu]
* DomainTools module added. [Alexandre Dulaunoy]
* Remove domaintools tests. [Raphaël Vinot]
* Add test for domaintools. [Raphaël Vinot]
* Merge pull request 78 from deralexxx/patch-2. [Alexandre Dulaunoy]
Update README.md
* Update README.md. [Alexander J]
mentioning import / export modules
* Merge pull request 76 from deralexxx/patch-1. [Alexandre Dulaunoy]
Update README.md
* Update README.md. [Alexander J]
* Merge pull request 75 from Rafiot/domtools. [Raphaël Vinot]
Add Domain Tools module
* Update requirements list. [Raphaël Vinot]
* Add domaintools to the import list. [Raphaël Vinot]
* Fix Typo. [Raphaël Vinot]
* Add domain profile and reputation. [Raphaël Vinot]
* Add more comments. [Raphaël Vinot]
* Fix typo. [Raphaël Vinot]
* Remove json.dumps. [Raphaël Vinot]
* Avoid passing None in comments. [Raphaël Vinot]
* Add comments to fields when possible. [Raphaël Vinot]
* Add initial Domain Tools module. [Raphaël Vinot]
* Merge pull request 74 from cudeso/master. [Raphaël Vinot]
Extra VTI detections
* Merge remote-tracking branch 'MISP/master' [Koen Van Impe]
* Update README.md. [Raphaël Vinot]
* Merge pull request 73 from FloatingGhost/master. [Raphaël Vinot]
Use SpooledTemp, not NamedTemp file
* Use git for everything we can. [Hannah Ward]
* Ok we'll use the dep from misp-stix-converter. Surely this'll work? [Hannah Ward]
* Use the CIRCL pymisp. Silly rafiot ;) [Hannah Ward]
* Travis should now use the master branch. [Hannah Ward]
* Maybe it'll take the git repo now? [Hannah Ward]
* Added pymisp to reqs. [Hannah Ward]
* Don't cache anything pls travis. [Hannah Ward]
* Removed unneeded modules. [Hannah Ward]
* Use SpooledTemp, not NamedTemp file. [Hannah Ward]
* VMRay import module added. [Alexandre Dulaunoy]
* Merge pull request 72 from FloatingGhost/master. [Raphaël Vinot]
Migrated stiximport to use misp-stix-converter
* Moved to misp_stix_converter. [Hannah Ward]
* Merge pull request 70 from cudeso/master. [Raphaël Vinot]
Submit malware samples
* Extra VTI detections. [Koen Van Impe]
* Submit malware samples. [Koen Van Impe]
_submit now includes malware samples (zipped content from misp)
_import checks when no vti_results are returned + bugfix
* Fix STIX import module. [Raphaël Vinot]
* Multiple clanges in the vmray modules. [Raphaël Vinot]
* Generic fix to load modules requiring a local library
* Fix python3 support
* PEP8 related cleanups
* Merge pull request 68 from cudeso/master. [Andras Iklody]
VMRay Import & Submit module
* VMRay Import & Submit module. [Koen Van Impe]
* First commit
* No support for archives (yet) submit
* Merge pull request 59 from rgraf/master. [Alexandre Dulaunoy]
label replaced by text, which is existing attribute
* Label replaced by text, which is existing attribute. [Roman Graf]
* Adding basic test mockup. [seamus tuohy]
* Adding more steps to module testing. [seamus tuohy]
* Added attachment and url support. [seamus tuohy]
* Added email meta-data import module. [seamus tuohy]
This email meta-data import module collects basic meta-data from an e-mail
and populates an event with it. It populates the email subject, source
addresses, destination addresses, subject, and any attachment file names.
This commit also contains unit-tests for this module as well as updates to
the readme. Readme updates are additions aimed to make it easier for
outsiders to build modules.
* Merge pull request 58 from rgraf/master. [Alexandre Dulaunoy]
Added expansion for Wikidata.
* Added expansion for Wikidata. Analyst can query Wikidata by label to get additional information for particular term. [Roman Graf]
* Merge pull request 55 from amuehlem/reversedns. [Raphaël Vinot]
added new module reversedns.py, added reversedns to __init__.py
* Added new module reversedns.py, added reversedns to __init__.py. [Andreas Muehlemann]
* Merge pull request 53 from MISP/Rafiot-patch-1. [Alexandre Dulaunoy]
Dump host info as text
* Dump host info as text. [Raphaël Vinot]
* Fix typo. [Raphaël Vinot]
* Merge pull request 52 from Rafiot/master. [Alexandre Dulaunoy]
Add simple Shodan module
* Add simple Shodan module. [Raphaël Vinot]
* Merge pull request 49 from FloatingGhost/master. [Alexandre Dulaunoy]
Removed useless pickle storage of stiximport
* Removed useless pickle storage of stiximport. [Hannah Ward]
* Create LICENSE. [Alexandre Dulaunoy]
* Update README.md. [Andras Iklody]
* Typo fixed. [Alexandre Dulaunoy]
* CEF export module added. [Alexandre Dulaunoy]
* Cef_export module added. [Alexandre Dulaunoy]
* Merge pull request 47 from FloatingGhost/CEF_Export. [Alexandre Dulaunoy]
CEF export, fixes in CountryCode, virustotal
* Removed silly subdomain module. [Hannah Ward]
* Added CEF export module. [Hannah Ward]
* Now searches within observable_compositions. [Hannah Ward]
* Removed calls to print. [Hannah Ward]
* Added body.json to gitignore. [Hannah Ward]
* Added virustotal tests. [Hannah Ward]
* CountryCode JSON now is only grabbed once per server run. [Hannah Ward]
* Merge branch 'master' of github.com:MISP/misp-modules. [Raphaël Vinot]
* Merge pull request 46 from Rafiot/master. [Raphaël Vinot]
Make misp-modules really asynchronous
* Add timeout for the modules, cleanup. [Raphaël Vinot]
* Fix python 3.3 and 3.4. [Raphaël Vinot]
* Make misp-modules really asynchronous. [Raphaël Vinot]
* Improve tornado parallel. [Raphaël Vinot]
* Coroutine decorator added to post handler. [Alexandre Dulaunoy]
* -d option added - enabling debug on queried modules. [Alexandre Dulaunoy]
* New modules added to __init__ [Alexandre Dulaunoy]
* README updated for the new modules. [Alexandre Dulaunoy]
* Merge pull request 45 from FloatingGhost/master. [Alexandre Dulaunoy]
2 new modules -- VirusTotal and CountryCode
* Modified readme with virustotal/countrycode. [Hannah Ward]
* Added virustotal module. [Hannah Ward]
* Merge branch 'master' of https://github.com/MISP/misp-modules. [Hannah Ward]
* Merge pull request 44 from Rafiot/travis. [Alexandre Dulaunoy]
Add coverage, update logging
* Add coverage, update logging. [Raphaël Vinot]
* Merge pull request 43 from FloatingGhost/master. [Alexandre Dulaunoy]
StixImport now uses TemporaryFile rather than a named file in /tmp
* Improved virustotal module. [Hannah Ward]
* Added countrycode, working on virustotal. [Hannah Ward]
* Added lookup by country code. [Hannah Ward]
* Merge branch 'master' of https://github.com/MISP/misp-modules. [Hannah Ward]
* Fix a link to the STIX import module reference. [Alexandre Dulaunoy]
* Stiximport now uses temporary files to store stix data. [Hannah Ward]
Set max size in config, in bytes
* Merge pull request 42 from MISP/pr/41. [Alexandre Dulaunoy]
Cleanup on the stix import module
* Merge remote-tracking branch 'origin/master' into pr/41. [Raphaël Vinot]
* Add info about the import modules. [Alexandre Dulaunoy]
* Make PEP8 happy \o/ [Raphaël Vinot]
* Move stiximport.py to misp_modules/modules/import_mod/ [Raphaël Vinot]
* There was a missing comma. [Hannah Ward]
* Merge branch 'master' of https://github.com/MISP/misp-modules. [Hannah Ward]
* Merge branch 'master' of github.com:MISP/misp-modules. [Alexandre Dulaunoy]
* Merge pull request 40 from Rafiot/master. [Alexandre Dulaunoy]
Remove bin script, use cleaner way. Fix last commit.
* Remove bin script, use cleaner way. Fix last commit. [Raphaël Vinot]
* Merge pull request 39 from Rafiot/master. [Alexandre Dulaunoy]
Use entry_points instead of scripts in the install.
* Use entry_points instead of scripts. [Raphaël Vinot]
* Pip --upgrade must be always called (to have modules updated) [Alexandre Dulaunoy]
* Added STIX to setup.py. [Hannah Ward]
* Added STIX to reqs. [Hannah Ward]
* Merge branch 'stix_import' [Hannah Ward]
* Added tests, also disregards related_observables. Because they're useless. [Hannah Ward]
* Fixed observables within an indicator not being added. [Hannah Ward]
* Stiximport will now consume campaigns. [Hannah Ward]
* Stiximport will now identify file hashes. [Hannah Ward]
* I can't spell. [Hannah Ward]
* Added STIXImport to readme. [Hannah Ward]
* Threat actors now get imported by stix. [Hannah Ward]
* Added docs to stiximport. [Hannah Ward]
* Added stix import -- works for IPs/Domains. [Hannah Ward]
* Update to the DNS module to support domain|ip. [iglocska]
* Small change to the skeleton export. [iglocska]
* Merge remote-tracking branch 'origin/import-test' [iglocska]
* Added test export module. [Iglocska]
* Merge branch 'master' of github.com:MISP/misp-modules. [Alexandre Dulaunoy]
* Merge pull request 37 from Rafiot/master. [Raphaël Vinot]
Update documentation.
* Update documentation. [Raphaël Vinot]
Fix https://github.com/MISP/MISP/issues/1424
* Merge branch 'import-test' of github.com:MISP/misp-modules into import-test. [Alexandre Dulaunoy]
* Merge pull request 36 from Rafiot/import-test. [Alexandre Dulaunoy]
Pass the server port as integer to the uwhois client
* Pass the server port as integer to the uwhois client. [Raphaël Vinot]
* Merge pull request 35 from Rafiot/import-test. [Alexandre Dulaunoy]
Add whois module
* Add whois module. [Raphaël Vinot]
* First version of an Optical Character Recognition (OCR) module for MISP. [Alexandre Dulaunoy]
* First version of the import skeleton. [Iglocska]
* Added simple import skeleton. [Iglocska]
* Merge pull request 33 from Rafiot/master. [Raphaël Vinot]
fix: run the server as "python3 misp-modules"
* Added category to the return format description. [Iglocska]
* Merge pull request 31 from treyka/patch-1. [Alexandre Dulaunoy]
Refine the installation procedure
* Refine the installation procedure. [Trey Darley]
Tweak this to make it more inline with the MISP installation docs, start misp-modules at startup via /etc/rc.local
* Install documentation updated. [Alexandre Dulaunoy]
* Merge pull request 28 from Rafiot/pip. [Alexandre Dulaunoy]
Make it a package
* Also run travis tests on the system-wide instance. [Raphaël Vinot]
* Fix typos in the readme. [Raphaël Vinot]
* Fix travis. [Raphaël Vinot]
* Make sure misp-modules can be launched from anywhere. [Raphaël Vinot]
* Proper testcases. [Raphaël Vinot]
* Make it a package. [Raphaël Vinot]
* Merge pull request 29 from iglocska/master. [Alexandre Dulaunoy]
Added skeleton structure for new modules
* Added skeleton structure for new modules. [Iglocska]
* Fixed a bug introduced by previous commit if started from the current directory. [Alexandre Dulaunoy]
* Merge pull request 26 from Rafiot/master. [Alexandre Dulaunoy]
Automatic chdir when the modules are started
* Automatic chdir when the modules are started. [Raphaël Vinot]
* Merge pull request 25 from eu-pi/eupi_expansion_fix. [Alexandre Dulaunoy]
[EUPI] Fix expansion for empty EUPI response
* [EUPI] Fix expansion for empty EUPI response. [Rogdham]
Offer no enrichment instead of displaying an error message
* Merge pull request 24 from eu-pi/eupi_hover. [Alexandre Dulaunoy]
[EUPI] Change module for a simple hover status
* [EUPI] Simplify hover. [Rogdham]
* Merge pull request 23 from Rafiot/master. [Raphaël Vinot]
[EUPI] Return error message if unknown
* [EUPI] Return error message is unknown. [Raphaël Vinot]
* Merge pull request 22 from Rafiot/master. [Raphaël Vinot]
[EUPI] Do not return empty results
* [EUPI] Do not return empty results. [Raphaël Vinot]
* ASN History added. [Alexandre Dulaunoy]
* Merge pull request 21 from Rafiot/master. [Raphaël Vinot]
[ASN description] Fix input type
* [ASN description] Fix input type. [Raphaël Vinot]
* Merge pull request 20 from Rafiot/master. [Raphaël Vinot]
Add ASN Description expansion module
* Add ASN Description expansion module. [Raphaël Vinot]
* Merge pull request 19 from Rafiot/master. [Raphaël Vinot]
Fix last commit
* Fix last commit. [Raphaël Vinot]
* Merge pull request 18 from Rafiot/master. [Raphaël Vinot]
Improve rendering of IP ASN
* Improve rendering of IP ASN. [Raphaël Vinot]
* Merge pull request 17 from Rafiot/master. [Raphaël Vinot]
Fix again IPASN module
* Fix again IPASN module. [Raphaël Vinot]
* Merge pull request 16 from Rafiot/master. [Raphaël Vinot]
Fix IPASN module
* Fix IPASN module. [Raphaël Vinot]
* Ipasn module added. [Alexandre Dulaunoy]
* Merge pull request 15 from Rafiot/master. [Alexandre Dulaunoy]
Add IPASN history module
* Add IPASN history module. [Raphaël Vinot]
* Merge pull request 14 from eu-pi/listen-addr. [Alexandre Dulaunoy]
Add option to specify listen address
* Add option to specify listen address. [Rogdham]
* EUPI module added. [Alexandre Dulaunoy]
* Merge pull request 13 from Rafiot/master. [Raphaël Vinot]
Fix eupi module
* Fix eupi module. [Raphaël Vinot]
* Merge pull request 12 from Rafiot/master. [Raphaël Vinot]
Add EUPI module
* Add redis server. [Raphaël Vinot]
* Add EUPI module. [Raphaël Vinot]
* Skip modules that cannot import. [Alexandre Dulaunoy]
* Skip dot files. [Alexandre Dulaunoy]
* Value is not required. [Alexandre Dulaunoy]
* Cache helper added. [Alexandre Dulaunoy]
The cache helper is a simple helper to cache data
in Redis back-end. The format in the cache is the following:
m:<module name>:sha1(key) -> value. Default expiration is 86400 seconds.
* Skeleton for misp-modules helpers added. [Alexandre Dulaunoy]
Helpers will support modules with basic functionalities
like caching or alike.
* Option -p added to specify the TCP port of the misp-modules server. [Alexandre Dulaunoy]
* Intelmq req. removed. [Alexandre Dulaunoy]
* Argparse used for the test mode. [Alexandre Dulaunoy]
* Deleted. [Alexandre Dulaunoy]
* Intelmq is an experimental module (not production ready) [Alexandre Dulaunoy]
* Merge pull request 11 from Rafiot/master. [Raphaël Vinot]
Fix test mode
* Fix test mode. [Raphaël Vinot]
* Fix install commands. [Raphaël Vinot]
* Add Travis logo. [Raphaël Vinot]
* Merge pull request 10 from Rafiot/travis. [Raphaël Vinot]
Add basic travis file
* Add basic travis file. [Raphaël Vinot]
* Merge pull request 9 from Rafiot/master. [Alexandre Dulaunoy]
Please PEP8 on all expansions
* Merge branch 'master' of https://github.com/MISP/misp-modules. [Raphaël Vinot]
* Merge pull request 8 from aaronkaplan/master. [Alexandre Dulaunoy]
initial example of intelmq connector/enrichtment. Need to change to u…
* Initial example of intelmq connector/enrichtment. Need to change to use the eventDB RESTful API, not the postgresql DB. [aaronkaplan]
* Update README.md. [Raphaël Vinot]
* Dns module test with option added. [Alexandre Dulaunoy]
* New modules added. [Alexandre Dulaunoy]
* Dns MISP module - option to specify nameserver added. [Alexandre Dulaunoy]
* Slides reference added. [Alexandre Dulaunoy]
* Add missing requirements. [Alexandre Dulaunoy]
* Merge pull request 7 from Rafiot/master. [Alexandre Dulaunoy]
Make loader more flexible
* Make PEP8 happy. [Raphaël Vinot]
* Add CIRCL pssl module. [Raphaël Vinot]
* Make loader more flexible. [Raphaël Vinot]
* First module to test the freetext import functionality. [Alexandre Dulaunoy]
* CIRCL Passive DNS output attributes updated. [Alexandre Dulaunoy]
* PyPDNS requirement added. [Alexandre Dulaunoy]
* CIRCL Passive DNS added. [Alexandre Dulaunoy]
* Tests updated to include CIRCL passive dns. [Alexandre Dulaunoy]
* Test file for passivetotal updated. [Alexandre Dulaunoy]
* Merge pull request 5 from passivetotal/master. [Alexandre Dulaunoy]
Rewrote the entire PassiveTotal extension
* Rewrote the entire PassiveTotal extension. [Brandon Dixon]
* Return a text attribute for an hover only module. [Alexandre Dulaunoy]
* How to start MISP modules. [Alexandre Dulaunoy]
* 2.4.28 includes misp modules by default. [Alexandre Dulaunoy]
* Types are now described. [Alexandre Dulaunoy]
* Debug removed. [Alexandre Dulaunoy]
* Convert the base64 to ascii. [Iglocska]
* Module-type added as default. [Alexandre Dulaunoy]
* Return base64 value of the archived data. [Alexandre Dulaunoy]
* Merge pull request 2 from iglocska/master. [Alexandre Dulaunoy]
Some changes to the sourcecache expansion
* Merge branch 'alternate_response' [Iglocska]
* Some changes to the sourcecache expansion. [Iglocska]
- return attachment or malware sample
* Cve module tests added. [Alexandre Dulaunoy]
* CVE hover expansion module. [Alexandre Dulaunoy]
An hover module is a module returning a JSON that can be used
as hover element in the MISP UI.
* Sourcecache module includes the metadata config. [Alexandre Dulaunoy]
* README updated to reflect config parameters changes. [Alexandre Dulaunoy]
* Removed unused attributes. [Alexandre Dulaunoy]
* Sample JSON files reflecting config changes. [Alexandre Dulaunoy]
* Config parameters are now exposed via the meta information. [Alexandre Dulaunoy]
config uses a specific list of values exposed via the
introspection of the module. config is now passed as an additional
dictionary to the request. MISP attributes include only MISP attributes.
* Sourcecache module added. [Alexandre Dulaunoy]
* A minimal caching module added to cache link or url from MISP. [Alexandre Dulaunoy]
* Typo fixed + meta output. [Alexandre Dulaunoy]
* Minimal functions requirements updated + PR request. [Alexandre Dulaunoy]
* Exclude dot files from modules list to be loaded. [Alexandre Dulaunoy]
* Example of module introspection including meta information. [Alexandre Dulaunoy]
* Module meta added to return version, description and author per module. [Alexandre Dulaunoy]
* Authentication notes added. [Alexandre Dulaunoy]
* Passivetotal module added. [Alexandre Dulaunoy]
* First version of a passivetotal MISP expansion module. [Alexandre Dulaunoy]
* Default DNS updated. [Alexandre Dulaunoy]
* Add a note regarding error codes. [Alexandre Dulaunoy]
* Handling of error added. [Alexandre Dulaunoy]
* Merge pull request 1 from Rafiot/master. [Alexandre Dulaunoy]
Make PEP8 happy.
* Make PEP8 happy. [Raphaël Vinot]
* Output updated (type of module added) [Alexandre Dulaunoy]
* Add a version per default. [Alexandre Dulaunoy]
* Add type per module. [Alexandre Dulaunoy]
* Format updated following Andras updates. [Alexandre Dulaunoy]
* Default var directory added. [Alexandre Dulaunoy]
* Python pip REQUIREMENTS file added. [Alexandre Dulaunoy]
* Merge branch 'master' of https://github.com/MISP/misp-modules. [Iglocska]
* Minimal logging added to the server. [Alexandre Dulaunoy]
* Debug messages removed. [Alexandre Dulaunoy]
* Minimal documentation added. [Alexandre Dulaunoy]
* Curl is now silent. [Alexandre Dulaunoy]
* Changed the output format to include all matching attribute types. [Iglocska]
- changed the output format to give us a bit more flexibility
- return an array of results
- return the valid misp attribute types for each result
* Basic test cases added. [Alexandre Dulaunoy]
* MISP dns expansion module. [Alexandre Dulaunoy]
* First version of a web services to provide ReST API to MISP expansion services. [Alexandre Dulaunoy]
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application