CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-25 14:07:49 +02:00
Code Issues Packages Projects Releases Wiki Activity
11,763 Commits 40 Branches 125 Tags
e2290d8a8e0606884940c53b8405e31c3c8bc619
Commit Graph

81 Commits

Author SHA1 Message Date
Jason Ertel ec2e923530 Add proper spacing between headers and content 2023-01-24 10:28:39 -05:00
Wes 3ab8a0be60 Update tests to account for change in 'file_path' value verification 2022-12-13 16:29:18 +00:00
Wes eae05e83e6 Use new list verification function for 'file_path' 2022-12-13 16:28:50 +00:00
Wes 117d230b9d Add new test for list value verification function 2022-12-13 16:28:22 +00:00
Wes 5422c5b3e2 Add new function to verify list value 2022-12-13 16:27:58 +00:00
weslambert 9477f29432 Remove double quotes to fix issue with file path sourcing from 'localfile.py' 2022-12-08 17:06:43 -05:00
Doug Burks 632464335f fix descriptions in files related to analyzers 2022-11-12 13:14:02 -05:00
Doug Burks f77db78219 fix descriptions in files related to analyzers 2022-11-12 13:13:30 -05:00
Doug Burks 2f4ce91678 fix descriptions in files related to analyzers 2022-11-12 13:12:58 -05:00
Doug Burks 154dff98de fix descriptions in files related to analyzers 2022-11-12 13:12:23 -05:00
Doug Burks a15ca3cc49 fix descriptions in files related to analyzers 2022-11-12 13:11:38 -05:00
weslambert 0ede5a7313 Remove JA3er references 2022-10-26 10:24:25 -04:00
Wes 803d2d4d75 Add PyYAML .whl files back since they were 'deleted' in the previous commit 2022-10-25 19:15:54 +00:00
Wes 0267ece4bf Fix PyYAML .whl file name and remove JA3er analyzer 2022-10-25 19:11:52 +00:00
Jason Ertel 9d43b7ec89 Rollback string manipulation in favor of fixed unit tests 2022-07-05 16:21:27 -04:00
Jason Ertel f6266b19cc Fix unit test issues 2022-07-05 16:20:24 -04:00
Wes Lambert e96206d065 Strip quotes and ensure file_path is typed as a list 2022-07-05 14:25:54 +00:00
weslambert 568b43d0af Ensure file_path uses jinja to derive the value(s) from the pillar 2022-06-27 10:10:13 -04:00
Wes Lambert 7f30a364ee Make sure everything is added back after renaming mhr to malwarehashregistry 2022-05-31 11:44:35 +00:00
Wes Lambert c82aa89497 Fix Malware Hash Registry naming so it's more descriptive in SOC 2022-05-31 11:41:48 +00:00
Wes Lambert b93512eb01 Adjust verbiage around pillar configuration 2022-05-24 12:36:32 +00:00
Wes Lambert 92dee14ee8 Add configuration requirements for various analyzers 2022-05-24 12:29:14 +00:00
weslambert a6f1bf3aef Create Virustotal README 2022-05-23 11:39:44 -04:00
Wes Lambert 429ccb2dcc Only import yaml module when config is loaded 2022-05-18 02:07:39 +00:00
weslambert d3206a048f Add information for MHR and WhoisLookup, and other minor updates 2022-05-17 12:49:16 -04:00
weslambert ff855eb8f7 Merge pull request #7958 from Security-Onion-Solutions/feature/mhr_analyzer 
Add Team Cymru Malware Hash Registry Analyzer
 2022-05-17 12:42:01 -04:00
Wes Lambert 8af1f19ac3 Another no_results change 2022-05-17 16:12:43 +00:00
Wes Lambert e4a7e3cba6 Change 'No results found.' to 'no_results' 2022-05-17 16:11:58 +00:00
Wes Lambert 766e9748c5 Add Whoislookup RDAP-based analyzer 2022-05-17 15:52:12 +00:00
weslambert 3761b491c0 Remove whitespace 2022-05-17 10:50:33 -04:00
Wes Lambert e8fc3ccdf4 Add Team Cymru Malware Hash Registry Analyzer 2022-05-17 14:44:53 +00:00
Jason Ertel b45b6b198b Improved unit test coverage of new analyzers; Utilize localized summaries; Require 100% code coverage on analyzers 2022-05-12 16:32:47 -04:00
Wes Lambert 3dc266cfa9 Add test for when indicator is not found 2022-05-12 19:02:41 +00:00
Wes Lambert a233c08830 Update logic to handle indicators that are not present in database. 2022-05-12 19:02:02 +00:00
Jason Ertel 35e47c8c3e Add support for analyzers in airgapped environments 2022-05-10 16:51:00 -04:00
Jason Ertel 91a7f25d3a Corrected brand name capitalization 2022-05-10 09:39:19 -04:00
weslambert 34d57c386b Update analyzer docs with information about analyzers that require authentication 2022-05-10 09:32:18 -04:00
Wes Lambert 555ca2e277 Update analyzer build/testing script to download necessary Python packages 2022-05-09 20:06:39 +00:00
Wes Lambert 32adba6141 Update analyzer packages with those built from native (Alpine) Docker image 2022-05-09 20:04:41 +00:00
weslambert 9800f59ed7 Add Urlscan to observable support matrix 2022-05-06 13:11:43 -04:00
Wes Lambert ccac71f649 Fix formatting/whitespace 2022-05-06 17:08:40 +00:00
Wes Lambert 1990ba0cf0 Fix formatting/whitespace 2022-05-06 17:08:33 +00:00
Wes Lambert 8ff5778569 Add Urlscan analyzer and tests 2022-05-06 17:01:06 +00:00
Jason Ertel bee4cf4c52 Fix typo in analyzer desc 2022-05-06 09:20:03 -04:00
weslambert a96c665d04 Change test name for EmailRep 2022-05-03 14:13:25 -04:00
weslambert f3a91d9fcd Add EmailRep analyzer to observable support matrix 2022-05-03 10:10:57 -04:00
Wes Lambert 5a9acb3857 Add EmailRep analyzer and tests 2022-05-03 14:06:32 +00:00
Wes Lambert 8b5666b238 Ensure API key is used 2022-05-03 12:48:06 +00:00
weslambert 2fcb2b081d Update allowed complexity to 12 2022-05-02 16:14:43 -04:00
weslambert 25f17a5efd Update allowed complexity to 11 2022-04-29 09:42:57 -04:00