![]() ![]() Software or Services with MISP support or Extending MISP functionalities Mail_to_misp - Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.įor the additional software created by the MISP project, check our MISP project organization. MISP-Taxii-Server - An OpenTAXII Configuration for MISP with automatic TAXII to MISP sync. MISP-STIX-Converter - An utility repo to assist with converting between MISP and STIX formats. This is the official library for MISP and can also generate offline MISP events. PyMISP - Python library using the MISP Rest API. MISP-maltego - Set of Maltego transforms to inferface with a MISP instance. MISpego - Maltego Transform to put entities into MISP events. Misp-workbench - Tools to export data out of the MISP MySQL database and use and abuse them outside of this platform. VMRay - An import module to process VMRay export. ThreatAnalyzer - An import module to process ThreatAnalyzer archive.zip/analysis.json sandbox exports. Stiximport - An import module to process STIX xml/json. OpenIOC OpenIOC import based on PyMISP library. OCR Optical Character Recognition (OCR) module for MISP to import attributes from images, scan or faxes. ThreatStream module to export in ThreatStream format.ĬSV import Customizable CSV import module.Įmail Import Email import module for MISP to import basic metadata.ThreatConnect module to export in ThreatConnect CSV format.Simple PDF export module to export in PDF (required: asciidoctor-pdf).Lite Export module to export a lite event.GoAML export module to export in GoAML format.CEF module to export Common Event Format (CEF).YARA syntax validator - YARA syntax validator.xforce - an IBM X-Force Exchange expansion module.wikidata - a wikidata expansion module.virustotal - an expansion module to pull known resolutions and malware samples related with an IP/Domain from virusTotal (this modules require a VirusTotal private API key).threatminer - an expansion module to expand from ThreatMiner.ThreatCrowd - an expansion module for ThreatCrowd.sourcecache - a module to cache a specific link from a MISP instance. ![]() ![]() shodan - a minimal shodan expansion module.rbl - a module to get RBL (Real-Time Blackhost List) values from an attribute.passivetotal - a passivetotal module that queries a number of different PassiveTotal datasets.iprep - an expansion module to get IP reputation from.IPASN - a hover and expansion to get the BGP ASN of an IP address.GeoIP - a hover and expansion module to get GeoIP information from geolite/maxmind.Farsight DNSDB Passive DNS - a hover and expansion module to expand hostname and IP addresses with passive DNS information.EUPI - a hover and expansion module to get information about an URL from the Phishing Initiative project.DomainTools - a hover and expansion module to get information from DomainTools whois.DNS - a simple module to resolve MISP attributes like hostname and domain to expand IP addresses attributes.CVE - a hover module to give more information about a vulnerability (CVE).CrowdStrike Falcon - an expansion module to expand using CrowdStrike Falcon Intel Indicator API.countrycode - a hover module to tell you what country a URL belongs to.CIRCL Passive SSL - a hover and expansion module to expand IP addresses with the X.509 certificate seen.CIRCL Passive DNS - a hover and expansion module to expand hostname and IP addresses with passive DNS information.ASN History - a hover and expansion module to expand an AS number with the ASN description and its history.misp-modules - Modules for expansion services in MISP.Is also to explore new ideas, concepts or functionality which can be integrated in MISP core software later on. The additional software supported by the MISP project allow the community to rely on additional tools to support their day-to-day operations. A series of additional software are supported and handled by the MISP project. Many open source and proprietary tools integrate MISP support (MISP format or API) in order to extend their tools ![]()
0 Comments
Leave a Reply. |