MISP reporter for the Karton framework
Project description
karton-misp-pusher
Listens for new samples in the karton pipeline and uploads them to MISP.
Configs are parsed using the mwdb-iocextract project. This means, that we operate on a higher level than raw JSON configs, and makes it possible to correlate different samples and campaigns (for example, by the used crypto material).
Author: CERT.pl
Maintainers: msm
Consumes:
{
"type": "config",
}
Result:
Usage
First of all, make sure you have setup the core system: https://github.com/CERT-Polska/karton. More info here.
Then install karton-misp-pusher from PyPi:
$ pip install karton-misp-pusher
$ karton-misp-pusher --misp-url https://misp.url --misp-key SECRET123
You can also add optional xrefs to mwdb with --mwdb-url
, or skip MISP
verification with --misp-insecure
. For more options see --help
.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
Built Distribution
Hashes for karton_misp_pusher-1.0.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | d043ab63e53c29b30c14671c600b035a2a30206365758e55cb07851a8a8f40a6 |
|
MD5 | 0690a3ac30d5b365cc7b9630597d14e0 |
|
BLAKE2b-256 | 14e9d0e7ee6ea3c2be316a189533f4b1fce01463c2f4a27cacd91aae5874bbb5 |