Project description

karton-misp-pusher

Listens for new samples in the karton pipeline and uploads them to MISP.

Configs are parsed using the mwdb-iocextract project. This means, that we operate on a higher level than raw JSON configs, and makes it possible to correlate different samples and campaigns (for example, by the used crypto material).

Author: CERT.pl

Maintainers: msm

Consumes:

{
    "type": "config",
}

Result:

config in misp

Usage

First of all, make sure you have setup the core system: https://github.com/CERT-Polska/karton. More info here.

Then install karton-misp-pusher from PyPi:

$ pip install karton-misp-pusher

$ karton-misp-pusher --misp-url https://misp.url --misp-key SECRET123

You can also add optional xrefs to mwdb with --mwdb-url, or skip MISP verification with --misp-insecure. For more options see --help.

Co-financed by the Connecting Europe Facility by of the European Union

Project details

These details have not been verified by PyPI

Project links

Homepage

GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Release history Release notifications | RSS feed

This version

1.0.0

May 19, 2021

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distributions

No source distribution files available for this release.See tutorial on generating distribution archives.

Built Distribution

karton_misp_pusher-1.0.0-py3-none-any.whl (6.1 kB view hashes)

Uploaded May 19, 2021 Python 3

Hashes for karton_misp_pusher-1.0.0-py3-none-any.whl

Hashes for karton_misp_pusher-1.0.0-py3-none-any.whl
Algorithm	Hash digest
SHA256	`d043ab63e53c29b30c14671c600b035a2a30206365758e55cb07851a8a8f40a6`
MD5	`0690a3ac30d5b365cc7b9630597d14e0`
BLAKE2b-256	`14e9d0e7ee6ea3c2be316a189533f4b1fce01463c2f4a27cacd91aae5874bbb5`