Exemplo n.º 1
0
    def write_node(self, node: Node):
        if node.is_entity:
            # NOTE: if the node is an entity, schema cannot be None
            misp_object = MISPObject(f"ftm-{node.schema.name}", standalone=False)  # type: ignore
            if not node.proxy:
                return
            for prop, value in self.exportable_fields(node.proxy):
                if not value:
                    continue
                if prop.type.name == "entity":
                    # reference
                    node_id = prop.type.node_id_safe(value)
                    if node_id:
                        self._references_to_add.append((misp_object, node_id))
                    continue
                misp_object.add_attributes(prop.name, *value)

            self._nodes_mapping[node.id] = misp_object
            self.misp_objects.append(misp_object)
Exemplo n.º 2
0
    if args.force_template_update:
        print("Updating MISP Object templates...")
        update_objects()
    pymisp = PyMISP(misp_url, misp_key, misp_verifycert)

    misp_object = MISPObject(name="github-user")
    github_user = r.json()
    rfollowers = requests.get(github_user['followers_url'])
    followers = rfollowers.json()
    rfollowing = requests.get(
        "https://api.github.com/users/{}/following".format(args.username))
    followings = rfollowing.json()
    rkeys = requests.get("https://api.github.com/users/{}/keys".format(
        args.username))
    keys = rkeys.json()
    misp_object.add_attributes("follower",
                               *[follower['login'] for follower in followers])
    misp_object.add_attributes(
        "following", *[following['login'] for following in followings])
    misp_object.add_attributes("ssh-public-key",
                               *[sshkey['key'] for sshkey in keys])
    misp_object.add_attribute('bio', github_user['bio'])
    misp_object.add_attribute('link', github_user['html_url'])
    misp_object.add_attribute('user-fullname', github_user['name'])
    misp_object.add_attribute('username', github_user['login'])
    misp_object.add_attribute('twitter_username',
                              github_user['twitter_username'])
    misp_object.add_attribute('location', github_user['location'])
    misp_object.add_attribute('company', github_user['company'])
    misp_object.add_attribute('public_gists', github_user['public_gists'])
    misp_object.add_attribute('public_repos', github_user['public_repos'])
    misp_object.add_attribute('blog', github_user['blog'])