Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Slips v1.0.13 #561

Merged
merged 151 commits into from
Apr 16, 2024
Merged

Slips v1.0.13 #561

merged 151 commits into from
Apr 16, 2024

Conversation

AlyaGomaa
Copy link
Collaborator

  • Whitelist alerts to all organizations by default to reduce false positives.
  • Improve and compress Slips Docker images. thanks to @verovaleros
  • Improve CI and add pre-commit hooks.
  • Fix problem reporting victims in alerts.json.
  • Better docs for the threat intelligence module. thanks to @zeyadtmi
  • Improve whitelists.
  • Better detection threshold to reduce false positives.
  • Better unit tests. thanks to @Sekhar-Kumar-Dash
  • Fix problems stopping the daemon.

eldraco and others added 30 commits March 17, 2024 13:12
@eldraco
dockerfile. Add the recursive clone of p2p code
03691c8 
Signed-off-by: Sebastian Garcia <eldraco@gmail.com>
@eldraco
requirements. Just reorder
96434d1 
Signed-off-by: Sebastian Garcia <eldraco@gmail.com>
@eldraco
dockerfile. Add the recursive clone of p2p code
fb67816 
Signed-off-by: Sebastian Garcia <eldraco@gmail.com>
@eldraco
requirements. Just reorder
a57f0e2 
Signed-off-by: Sebastian Garcia <eldraco@gmail.com>
@eldraco
Improve the requirements to fix p2p m1
0c91e74 
Signed-off-by: Sebastian Garcia <eldraco@gmail.com>
@eldraco
Merge branch 'm1-p2p-improve' of github.com:stratosphereips/Stratosph…
31f6580 
…ereLinuxIPS into m1-p2p-improve

Signed-off-by: Sebastian Garcia <eldraco@gmail.com>

# Conflicts:
#	docker/macosm1-P2P-image/Dockerfile
@eldraco
Update to clone from master
21719e8 
Signed-off-by: Sebastian Garcia <eldraco@gmail.com>
@eldraco
Merge pull request #488 from stratosphereips/m1-p2p-improve
8ce9f70 
Improve the docker creation for macos M1
@AlyaGomaa
idea_format: fix problem extracting attacker and victim's type
92fed9e
@AlyaGomaa
Merge pull request #489 from stratosphereips/alya/fix_idea_format
7be8339 
Fix problem extracting attacker and victim's type
@Sekhar-Kumar-Dash
Updated usage.md
30ccbd6
@Sekhar-Kumar-Dash
Update config_parser.py added description for analysis_direction
a1fcedb
@AlyaGomaa
CI-prod: no need to have a CI action for "test_slips_inside_docker" b…
39fbeec 
…ecause github CI is a container
@AlyaGomaa
ubuntu-image use COPY instead of git clone
b760ee9
@AlyaGomaa
init slips repo in the /Stratosphereips dir in docker
d8c281d
@AlyaGomaa
init slips repo in the /StratosphereIPS dir in docker
b34f189
@Sekhar-Kumar-Dash
fixed small typo in alert_handler.py
3282ef9
@Sekhar-Kumar-Dash
Updated slips.conf
23bef46
@AlyaGomaa
Update direction description slips.conf
26eca20
@AlyaGomaa
Merge pull request #491 from Sekhar-Kumar-Dash/master
eca90c9 
added description and comments on analysis_direction parameter in docs and config file [skip ci]
@AlyaGomaa
Merge pull request #494 from Sekhar-Kumar-Dash/patch-1
9fba76e 
fixed small typo in alert_handler.py
@AlyaGomaa
use the same docker dependencies in all images and compress the docke…
20bb661 
…rfiles
@AlyaGomaa
add pre-commit to requirements.txt
558473c
@AlyaGomaa
add detect-secrets pre-commit hook
ebc3ed6
@AlyaGomaa
contributing.md: add steps to install pre-hooks
5afb53c
@AlyaGomaa
p2p: delete unused imports
87beb9d
@AlyaGomaa
Add pre-commit hooks for trailing whitespace, dockstring after code, …
39f3585 
…detecting large file
@AlyaGomaa
add pre commit hook for double-quote-string-fixer
de96cc0
@AlyaGomaa
add a pre-hook to Analyze Python requirements for known security vuln…
f1c8e6a 
…erabilities
@AlyaGomaa
run black on slips
346466b
@AlyaGomaa
process_manager.py: add a function to check which print to use, the d…
139b21f 
…aemon's or the Main() class'
@AlyaGomaa
slips: better handling of different error msgs returned by the daemon
25cbe6f
@AlyaGomaa
daemon: use Locks to determine if another instance of the daemon is r…
8d1758b 
…unning, either using -S or -D
@AlyaGomaa
daemon: don't call shotdown_gracefully on stop(), instead, signal the…
f8188ae 
… current daemon to run it
@AlyaGomaa
process_manager.py: explain what populates self.processes and why the…
cd3c987 
…y cant be used with the daemon
@AlyaGomaa
process_manager.py: add a function to check which print to use, the d…
badf10b 
…aemon's or the Main() class'
@AlyaGomaa
slips: better handling of different error msgs returned by the daemon
9ff06ce
@AlyaGomaa
Merge remote-tracking branch 'origin/alya/fix_stopping_daemon' into a…
d5b2102 
…lya/fix_stopping_daemon
@AlyaGomaa
Merge pull request #559 from stratosphereips/alya/fix_stopping_daemon
fc45754 
Fix stopping the daemon
@AlyaGomaa
whitelist: early return from is_part_of_a_whitelisted_org() if given …
02319df 
…a private ip
@AlyaGomaa
whitelist: convert all ASNs shipped with slips to uppercase
73953b8
@AlyaGomaa
whitelist: convert asns to uppercase before comparing with the asns i…
f5d1cb0 
…n the db
@AlyaGomaa
whitelist: dont whitelist domain if it has a whitelisted organization…
5836c72 
… name in it, it doesn't necessarily belong to this org
@AlyaGomaa
whitelist: put the most famous domain/sld of each org at the top of t…
d82e288 
…he org domain list for faster search
@AlyaGomaa
threat_intelligence.py: add a Victim field to "Blacklisted IP" evidence
fcc2d9d
@AlyaGomaa
threat_intelligence.py: split long lines
d37930e
@AlyaGomaa
threat_intelligence.py: add victim fields to most evidence
7a6138c
@AlyaGomaa
CC: add victim fields to CC evidence
3d69ac4
@AlyaGomaa
whitelist.conf: whitelist microsoft alerts by default
3653026
@AlyaGomaa
threat_intelligence.py: add a victim field to "blacklisted CNAME" evi…
c6630b7 
…dence to be able to check if its whitelisted
@AlyaGomaa
Ti feeds: remove smaphaus edrop.txt TI feed as its been merged to spa…
0dbb23d 
…mhaus.org/drop/drop.txt
@AlyaGomaa
update changelog
ba43ae6
@AlyaGomaa
Bump slips version to 1.0.13
476aa14
@AlyaGomaa
Integration test: add an incompatible CN flow while connecting to a s…
2cc8987 
…ite other than microsoft since its whitelisted
@AlyaGomaa
Merge pull request #560 from stratosphereips/alya/fix-whitelists
672e28c 
Fix whitelists
@AlyaGomaa
update macos requirements.txt with install/requirements.txt
d278751
@AlyaGomaa
update slips.gif
5609537
@AlyaGomaa
CI-production-testing.yml: don't install black as it has conflicts wi…
c5be72a 
…th the tensorflow version slips is using
@AlyaGomaa
CI-production-testing.yml: fix "installing Python dependencies" commands
fed7ce1
@AlyaGomaa AlyaGomaa merged commit 5dcbb7c into master Apr 16, 2024
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@AlyaGomaa @eldraco @Sekhar-Kumar-Dash @zeyadtmi