Skip to content

SteveClement/report_to_misp

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
ioc_parser @ 1d76711
ioc_parser @ 1d76711
 
 
.gitignore
.gitignore
 
 
.gitmodules
.gitmodules
 
 
README.md
README.md
 
 
report_to_misp.py
report_to_misp.py
 
 

Repository files navigation

report_to_misp

Parse a report and import the attributes into a MISP instance.

status and why fork

The current "official" repo is unmaintained and the tool does not work out of the box. Thus this fork and the fork of ioc_parser too.

Installation

git clone https://github.com/SteveClement/report_to_misp.git
cd report_to_misp
git submodule init
git submodule update
mkvirtualenv -p python3 report_to_misp
pip install -U setuptools pip
pip install -r ioc_parser/requirements.txt
cd ioc_parser
pip install .
cd ..
./report_to_misp.py -h

Usage

$ ./report_to_misp.py -nv -r cyber-security-report-2020.pdf -rf pdf -s https://misp-test.pid.lu -a UTm73X33UmTb33BB3Dr6B83eF3o8mOQZ310is9RO
Parsing report(s) at cyber-security-report-2020.pdf...
Reading in results...
Creating MISP event...
Attributes found in report: 13
MISP API add request response: <Response [200]>

About

Parse a report and import the events into MISP

Resources

Readme
Activity

Stars

2 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%