valitydev/signature-base
14
0
Fork 0
mirror of https://github.com/valitydev/signature-base.git synced 2024-11-06 18:15:20 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,277 Commits 2 Branches 1 Tag 33 MiB
95afb49099
Commit Graph

19 Commits

Author SHA1 Message Date
Koen Van Impe
f5c283f76d Update MISP threat intel 
* Support for new PyMISP
* Search in MISP for attributes instead of events
* Add option to use MISP warninglists, and remove hard coded checks for
127..0.0.1 or empty file hashes
* Add option to filter for specific tags
* Add option to provide default scoring for file names
* Add option to add CIDR for C2 IPs (without /32 fe. checks on Win10
don't work)
* Fix for multiple YARA rules in an event
 2020-11-08 12:02:35 +01:00
Florian Roth
d31dd04b58 new false positive IOC list 2018-10-27 21:57:41 +02:00
Florian Roth
44b2424435 False Positive Reduction 2018-04-06 12:45:37 +02:00
Florian Roth
3ed59d8f58 False Positive WinPcap 2018-02-24 21:41:10 +01:00
Florian Roth
41e27b5786 False Positive 2018-02-22 10:35:09 +01:00
Florian Roth
86c1b41459 Reworked hash whitelist 2018-02-13 11:53:30 +01:00
Florian Roth
b64222c853 Whitelisted problematic filename in OTX 2018-02-13 08:29:01 +01:00
Florian Roth
f51713750c False Positive Reduction 2018-02-07 14:39:28 +01:00
Florian Roth
e162741318 Fixed FP on 1 byte file containing a new line 
https://github.com/Neo23x0/Loki/issues/99 OTX https://otx.alienvault.com/pulse/57e928543f5d465dafc74a78
 2018-02-02 08:55:05 +01:00
Florian Roth
b958e733f3 False positive as report by @elvisghost 
https://github.com/Neo23x0/Loki/issues/96
 2018-01-12 08:21:17 +01:00
Florian Roth
47c9072b5a Updated hash whitelist in threat intel receiver 2018-01-03 00:19:37 +01:00
Florian Roth
9ba8762a64 Various changes, SIEM export options extended by Scott Carpenter 2017-12-16 13:20:50 +01:00
Florian Roth
7d526b9892 Minor changes, make it compatible with Python3 2017-12-16 13:18:27 +01:00
Florian Roth
864ca6c808 Put the threat intel receivers under the Apache License 2017-11-23 22:04:51 +01:00
Florian Roth
a9f685816d More white listed IOCs 2017-04-14 14:32:38 +02:00
Florian Roth
501eb60b33 OTX Update 2017-02-25 17:28:25 +01:00
Florian Roth
1b9c72cd4c Minor changes 2017-02-25 17:28:14 +01:00
Florian Roth
4b1abf072e New build of OTX receiver with new SDK 2017-02-05 13:25:01 +01:00
Florian Roth
4d17221b65 First Signature Set 2016-02-15 10:22:28 +01:00