Search MISP Malware Information Sharing Platform instances from the command line
Switch branches/tags
Nothing to show
Clone or download
Pull request Compare This branch is 1 commit behind adulau:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.

misp-search - search MISP - Malware Information Sharing Platform

misp-search is a simple set of tools to query MISP instances from the command line.



usage: [-h] [-a] -u U -k K -c C [-o O] -q Q [-d]

misp-search - search MISP from command line

optional arguments:
  -h, --help  show this help message and exit
  -a          Add an event based on file attributes (default: False)
  -u U        URL of the MISP instance
  -k K        MISP API key
  -c C        MISP SSL certificate file
  -o O        Output format: json (default) or event_id
  -q Q        One or more value(s) to query
  -d          Debug mode


Searching a list of MD5 from a MISP instance and returning events with matching MD5:

cat listofmd5 | parallel --gnu -m 'python ./bin/ -u -k <APIKEY> -c -o event_id -q {1}'