CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,921 Commits 24 Branches 119 Tags
834f45c0f24d5ca14cd273cda32d55a72fa392a7
Commit Graph

103 Commits

Author SHA1 Message Date
Wes
98a1fb96c2 Add test coverage for empty list value 2022-12-13 16:23:16 +00:00
Wes
874bbd2580 Remove extra whitespace 2022-12-13 16:02:46 +00:00
Wes
90dedbb841 Update tests to account for change in 'file_path' value verification 2022-12-13 15:58:35 +00:00
Wes
df5dd5fe28 Use new list verification function for 'file_path' 2022-12-13 15:57:43 +00:00
Wes
d5ab455485 Add new test for list value verification function 2022-12-13 15:56:58 +00:00
Wes
20b79b7ab0 Add new function to verify list value 2022-12-13 15:56:26 +00:00
weslambert
f85fb5ecf9 Remove double quotes to fix issue with file path sourcing from 'localfile.py' 2022-12-08 16:35:24 -05:00
security-companion
7ee4eb6101 fix descriptions in files related to analyzers 2022-11-08 22:32:28 +01:00
weslambert
a170c194c8 Remove JA3er references 2022-10-26 10:18:10 -04:00
Wes
a91e3b601c Remove JA3er since it is no longer a valid service 2022-10-25 18:48:37 +00:00
Wes
4940421297 Add PyYAML .whl files back since they were 'deleted' in the previous commit 2022-10-25 18:47:51 +00:00
Wes
58b4a8fbab Change PyYAML .whl file name to comply with Joliet's 240-character limit 2022-10-25 18:47:02 +00:00
weslambert
0087768946 Revert "Change PyYAML .whl file name to comply with Joliet's 240-character limit/threshold" 2022-10-24 16:47:30 -04:00
Wes
1caac3f0b0 Add PyYAML .whl files back since they were 'deleted' in the previous commit. 2022-10-24 18:06:19 +00:00
Wes
54a5dd6cbd Change name of PyYAML .whl file to remain under Joliet's 240-character limit/threshold 2022-10-24 18:05:15 +00:00
Jason Ertel
9d43b7ec89 Rollback string manipulation in favor of fixed unit tests 2022-07-05 16:21:27 -04:00
Jason Ertel
f6266b19cc Fix unit test issues 2022-07-05 16:20:24 -04:00
Wes Lambert
e96206d065 Strip quotes and ensure file_path is typed as a list 2022-07-05 14:25:54 +00:00
weslambert
568b43d0af Ensure file_path uses jinja to derive the value(s) from the pillar 2022-06-27 10:10:13 -04:00
Wes Lambert
7f30a364ee Make sure everything is added back after renaming mhr to malwarehashregistry 2022-05-31 11:44:35 +00:00
Wes Lambert
c82aa89497 Fix Malware Hash Registry naming so it's more descriptive in SOC 2022-05-31 11:41:48 +00:00
Wes Lambert
b93512eb01 Adjust verbiage around pillar configuration 2022-05-24 12:36:32 +00:00
Wes Lambert
92dee14ee8 Add configuration requirements for various analyzers 2022-05-24 12:29:14 +00:00
weslambert
a6f1bf3aef Create Virustotal README 2022-05-23 11:39:44 -04:00
Wes Lambert
429ccb2dcc Only import yaml module when config is loaded 2022-05-18 02:07:39 +00:00
weslambert
d3206a048f Add information for MHR and WhoisLookup, and other minor updates 2022-05-17 12:49:16 -04:00
weslambert
ff855eb8f7 Merge pull request #7958 from Security-Onion-Solutions/feature/mhr_analyzer 
Add Team Cymru Malware Hash Registry Analyzer
 2022-05-17 12:42:01 -04:00
Wes Lambert
8af1f19ac3 Another no_results change 2022-05-17 16:12:43 +00:00
Wes Lambert
e4a7e3cba6 Change 'No results found.' to 'no_results' 2022-05-17 16:11:58 +00:00
Wes Lambert
766e9748c5 Add Whoislookup RDAP-based analyzer 2022-05-17 15:52:12 +00:00
weslambert
3761b491c0 Remove whitespace 2022-05-17 10:50:33 -04:00
Wes Lambert
e8fc3ccdf4 Add Team Cymru Malware Hash Registry Analyzer 2022-05-17 14:44:53 +00:00
Jason Ertel
b45b6b198b Improved unit test coverage of new analyzers; Utilize localized summaries; Require 100% code coverage on analyzers 2022-05-12 16:32:47 -04:00
Wes Lambert
3dc266cfa9 Add test for when indicator is not found 2022-05-12 19:02:41 +00:00
Wes Lambert
a233c08830 Update logic to handle indicators that are not present in database. 2022-05-12 19:02:02 +00:00
Jason Ertel
35e47c8c3e Add support for analyzers in airgapped environments 2022-05-10 16:51:00 -04:00
Jason Ertel
91a7f25d3a Corrected brand name capitalization 2022-05-10 09:39:19 -04:00
weslambert
34d57c386b Update analyzer docs with information about analyzers that require authentication 2022-05-10 09:32:18 -04:00
Wes Lambert
555ca2e277 Update analyzer build/testing script to download necessary Python packages 2022-05-09 20:06:39 +00:00
Wes Lambert
32adba6141 Update analyzer packages with those built from native (Alpine) Docker image 2022-05-09 20:04:41 +00:00
weslambert
9800f59ed7 Add Urlscan to observable support matrix 2022-05-06 13:11:43 -04:00
Wes Lambert
ccac71f649 Fix formatting/whitespace 2022-05-06 17:08:40 +00:00
Wes Lambert
1990ba0cf0 Fix formatting/whitespace 2022-05-06 17:08:33 +00:00
Wes Lambert
8ff5778569 Add Urlscan analyzer and tests 2022-05-06 17:01:06 +00:00
Jason Ertel
bee4cf4c52 Fix typo in analyzer desc 2022-05-06 09:20:03 -04:00
weslambert
a96c665d04 Change test name for EmailRep 2022-05-03 14:13:25 -04:00
weslambert
f3a91d9fcd Add EmailRep analyzer to observable support matrix 2022-05-03 10:10:57 -04:00
Wes Lambert
5a9acb3857 Add EmailRep analyzer and tests 2022-05-03 14:06:32 +00:00
Wes Lambert
8b5666b238 Ensure API key is used 2022-05-03 12:48:06 +00:00
weslambert
2fcb2b081d Update allowed complexity to 12 2022-05-02 16:14:43 -04:00