v0.1.3 Captivating Capybara

Bugfix release, and also making it easier to install and use the system with Venv and Docker procedures. Special thanks to @krmaxwell who seems to have done all the work

• Updating the regex used for hostname capture on Thresher. Will be further updated on v0.2 (#131)
• Sources update:
  • Updating PalevoTracker location and removing Spyeye tracker (#123)
  • Updating MaxMind local dataset to March 2015
  • Adding Feodo Abuse.ch tracker
  • Ajusted Wiki to current Threat Intelligence feeds (#71)
• Docker file and usage guide (#117)
• Instalation documentation using Python venv (#115)
• Minor cleanup on gitignore and other files (#109)
• Correct enrichment of FQDN indicators - it extracts all the related IPv4s and enriches them further (#36)
• Added contributing document to repository (#127)

v0.1.2 Bouncing Capybara

This is a bugfix release with several stability and performance improvements

• Multiple Enrichment Speedups:
  • Rewrite of ASN enrichment code (#42, #104)
  • Speedup of GeoIP code - thanks to @jeffbryner
• Better csv-based extraction on packetmail - thanks to @btv
• Exporting extracted data to CRITs (#84, #91, #94) - thanks to @paulpc
• Better Logging Facility (#34)
• Updated grequests and Exception Handling (#78, #32)

v0.1.1 Ascending Capybara

This is a bugfix release to improve the stability of "tiq-test" enriched data generation

• Enriched IP generation should work fine in this release. (#58, #67, #76)
• Supports simple lists of IP addresses and domain names as local file importing (#48)

Revision of enriched DNS data generation is on track for v0.1.2

Capybara

First release for presentation at BSides LV 2014

v0.01

First release for testing. Only processes data from www.blocklist.de.