Skip to content

c3rb3ru5d3d53c/karton-misp-pusher

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits

.github/workflows

.github/workflows

 
 

docs

docs

 
 

karton/misp_pusher

karton/misp_pusher

 
 

.dockerignore

.dockerignore

 
 

.gitignore

.gitignore

 
 

Dockerfile

Dockerfile

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

pyproject.toml

pyproject.toml

 
 

pyrightconfig.json

pyrightconfig.json

 
 

requirements.txt

requirements.txt

 
 

setup.cfg

setup.cfg

 
 

setup.py

setup.py

 
 

Repository files navigation

karton-misp-pusher

Listens for new samples in the karton pipeline and uploads them to MISP.

Configs are parsed using the mwdb-iocextract project. This means, that we operate on a higher level than raw JSON configs, and makes it possible to correlate different samples and campaigns (for example, by the used crypto material).

Author: CERT.pl

Maintainers: msm

Consumes:

{
    "type": "config",
}

Result:

config in misp

Usage

First of all, make sure you have setup the core system: https://github.com/CERT-Polska/karton. More info here.

Then install karton-misp-pusher from PyPi:

$ pip install karton-misp-pusher

$ karton-misp-pusher --misp-url https://misp.url --misp-key SECRET123

You can also add optional xrefs to mwdb with --mwdb-url, or skip MISP verification with --misp-insecure. For more options see --help.

Co-financed by the Connecting Europe Facility by of the European Union

About

No description, website, or topics provided.

Resources

Readme

License

BSD-3-Clause license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 95.3%
  • Dockerfile 4.7%