CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-25 14:07:49 +02:00
Code Issues Packages Projects Releases Wiki Activity
10,630 Commits 40 Branches 125 Tags
aa2eab573808edb28d67b501db9d99304be4608b
Commit Graph

96 Commits

Author SHA1 Message Date
security-companion 7ee4eb6101 fix descriptions in files related to analyzers 2022-11-08 22:32:28 +01:00
weslambert a170c194c8 Remove JA3er references 2022-10-26 10:18:10 -04:00
Wes a91e3b601c Remove JA3er since it is no longer a valid service 2022-10-25 18:48:37 +00:00
Wes 4940421297 Add PyYAML .whl files back since they were 'deleted' in the previous commit 2022-10-25 18:47:51 +00:00
Wes 58b4a8fbab Change PyYAML .whl file name to comply with Joliet's 240-character limit 2022-10-25 18:47:02 +00:00
weslambert 0087768946 Revert "Change PyYAML .whl file name to comply with Joliet's 240-character limit/threshold" 2022-10-24 16:47:30 -04:00
Wes 1caac3f0b0 Add PyYAML .whl files back since they were 'deleted' in the previous commit. 2022-10-24 18:06:19 +00:00
Wes 54a5dd6cbd Change name of PyYAML .whl file to remain under Joliet's 240-character limit/threshold 2022-10-24 18:05:15 +00:00
Jason Ertel 9d43b7ec89 Rollback string manipulation in favor of fixed unit tests 2022-07-05 16:21:27 -04:00
Jason Ertel f6266b19cc Fix unit test issues 2022-07-05 16:20:24 -04:00
Wes Lambert e96206d065 Strip quotes and ensure file_path is typed as a list 2022-07-05 14:25:54 +00:00
weslambert 568b43d0af Ensure file_path uses jinja to derive the value(s) from the pillar 2022-06-27 10:10:13 -04:00
Wes Lambert 7f30a364ee Make sure everything is added back after renaming mhr to malwarehashregistry 2022-05-31 11:44:35 +00:00
Wes Lambert c82aa89497 Fix Malware Hash Registry naming so it's more descriptive in SOC 2022-05-31 11:41:48 +00:00
Wes Lambert b93512eb01 Adjust verbiage around pillar configuration 2022-05-24 12:36:32 +00:00
Wes Lambert 92dee14ee8 Add configuration requirements for various analyzers 2022-05-24 12:29:14 +00:00
weslambert a6f1bf3aef Create Virustotal README 2022-05-23 11:39:44 -04:00
Wes Lambert 429ccb2dcc Only import yaml module when config is loaded 2022-05-18 02:07:39 +00:00
weslambert d3206a048f Add information for MHR and WhoisLookup, and other minor updates 2022-05-17 12:49:16 -04:00
weslambert ff855eb8f7 Merge pull request #7958 from Security-Onion-Solutions/feature/mhr_analyzer 
Add Team Cymru Malware Hash Registry Analyzer
 2022-05-17 12:42:01 -04:00
Wes Lambert 8af1f19ac3 Another no_results change 2022-05-17 16:12:43 +00:00
Wes Lambert e4a7e3cba6 Change 'No results found.' to 'no_results' 2022-05-17 16:11:58 +00:00
Wes Lambert 766e9748c5 Add Whoislookup RDAP-based analyzer 2022-05-17 15:52:12 +00:00
weslambert 3761b491c0 Remove whitespace 2022-05-17 10:50:33 -04:00
Wes Lambert e8fc3ccdf4 Add Team Cymru Malware Hash Registry Analyzer 2022-05-17 14:44:53 +00:00
Jason Ertel b45b6b198b Improved unit test coverage of new analyzers; Utilize localized summaries; Require 100% code coverage on analyzers 2022-05-12 16:32:47 -04:00
Wes Lambert 3dc266cfa9 Add test for when indicator is not found 2022-05-12 19:02:41 +00:00
Wes Lambert a233c08830 Update logic to handle indicators that are not present in database. 2022-05-12 19:02:02 +00:00
Jason Ertel 35e47c8c3e Add support for analyzers in airgapped environments 2022-05-10 16:51:00 -04:00
Jason Ertel 91a7f25d3a Corrected brand name capitalization 2022-05-10 09:39:19 -04:00
weslambert 34d57c386b Update analyzer docs with information about analyzers that require authentication 2022-05-10 09:32:18 -04:00
Wes Lambert 555ca2e277 Update analyzer build/testing script to download necessary Python packages 2022-05-09 20:06:39 +00:00
Wes Lambert 32adba6141 Update analyzer packages with those built from native (Alpine) Docker image 2022-05-09 20:04:41 +00:00
weslambert 9800f59ed7 Add Urlscan to observable support matrix 2022-05-06 13:11:43 -04:00
Wes Lambert ccac71f649 Fix formatting/whitespace 2022-05-06 17:08:40 +00:00
Wes Lambert 1990ba0cf0 Fix formatting/whitespace 2022-05-06 17:08:33 +00:00
Wes Lambert 8ff5778569 Add Urlscan analyzer and tests 2022-05-06 17:01:06 +00:00
Jason Ertel bee4cf4c52 Fix typo in analyzer desc 2022-05-06 09:20:03 -04:00
weslambert a96c665d04 Change test name for EmailRep 2022-05-03 14:13:25 -04:00
weslambert f3a91d9fcd Add EmailRep analyzer to observable support matrix 2022-05-03 10:10:57 -04:00
Wes Lambert 5a9acb3857 Add EmailRep analyzer and tests 2022-05-03 14:06:32 +00:00
Wes Lambert 8b5666b238 Ensure API key is used 2022-05-03 12:48:06 +00:00
weslambert 2fcb2b081d Update allowed complexity to 12 2022-05-02 16:14:43 -04:00
weslambert 25f17a5efd Update allowed complexity to 11 2022-04-29 09:42:57 -04:00
weslambert 66b4fe9f58 Add additional information around URI and User Agent 2022-04-28 17:14:36 -04:00
Wes Lambert c001708707 Add Pulsedive analyzer and tests 2022-04-28 20:56:03 +00:00
weslambert 4edd729596 Add initial supported observable matrix/table 2022-04-27 08:58:34 -04:00
Wes Lambert 76f183b112 Add Greynoise analyzer and tests 2022-04-26 17:25:35 +00:00
Wes Lambert bd63753d80 Update analyzer name/description 2022-04-25 19:27:10 +00:00
Wes Lambert 15fcaa7030 Add localfile analyzer and tests 2022-04-25 19:23:35 +00:00