Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[MontySecurity C2 Tracker] Add montysecurity C2-Tracker connector #3318

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

[MontySecurity C2 Tracker] Add montysecurity C2-Tracker connector #3318

wants to merge 2 commits into from

Conversation

montysecurity
Copy link

Proposed changes

  • add montysecurity c2-tracker external-import connector

Checklist

  • I consider the submitted work as finished
  • I tested the code for its functionality using different use cases
  • I added/update the relevant documentation (either on github or on notion)
  • Where necessary I refactored code to improve the overall quality

Further comments

This commit contains a purge.py script that is not automatically used under any circumstance but may be useful to the operator in order to delete all IOCs from this IOC feed.

The Dockerfile uses harcoded values for they pycti and request library versions. The current version of pycti breaks a part of this connector so it has been backdated for the docker image.

The IOCs are pulled from https://github.com/montysecurity/C2-Tracker

Connector.py automatically prunes IOCs, uses labels to prevent interfering with other IOCs.

Contains functionality to link IOCs to entities created by the MITRE Connector. This functionality does not require extra setup by the operator.

@helene-nguyen helene-nguyen added the community use to identify PR from community label Jan 20, 2025
@richard-julien richard-julien force-pushed the master branch 2 times, most recently from 9818df2 to 0f4b30d Compare February 4, 2025 14:35
@helene-nguyen helene-nguyen changed the title Add montysecurity C2-Tracker connector [MontySecurity] Add montysecurity C2-Tracker connector Feb 6, 2025
@helene-nguyen helene-nguyen changed the title [MontySecurity] Add montysecurity C2-Tracker connector [MontySecurity C2 Tracker] Add montysecurity C2-Tracker connector Feb 6, 2025
@andrew207
Copy link

montysecurity#1

fyi i have created a PR against this fork that fixes linting/formatting.

@SamuelHassine SamuelHassine force-pushed the master branch 2 times, most recently from b513b96 to 11a05bf Compare February 14, 2025 12:49
@helene-nguyen helene-nguyen self-assigned this Feb 28, 2025
helene-nguyen
helene-nguyen requested changes Feb 28, 2025
View reviewed changes
Copy link
Member

@helene-nguyen helene-nguyen left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@montysecurity Thank you for your contribution !!

Could you please ensure formatting and lint ?

You can run black . and isort --profile black . at the connector root folder

And could you please sign your commits to be verified with GPG ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@helene-nguyen helene-nguyen helene-nguyen requested changes

Requested changes must be addressed to merge this pull request.

Assignees

@helene-nguyen helene-nguyen

Labels
community use to identify PR from community
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@montysecurity @andrew207 @helene-nguyen