Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New ONYPHE Search, ASM and Vulnscan analyzers. Updated Summary Analyzer. #1242

Merged
merged 15 commits into from
Jan 19, 2024
Merged

New ONYPHE Search, ASM and Vulnscan analyzers. Updated Summary Analyzer. #1242

merged 15 commits into from
Jan 19, 2024

Conversation

jimbobnet
Copy link
Contributor

The original ONYPHE Summary analyzer queries the ONYPHE Summary API for summary information (including threats) on a domain, ip or fqdn. The new analyzers use the ONYPHE Search API, which allows for full information on a domain, ip, fqdn or hash (TLS SHA256 fingerprint).

Summary of changes are :

  • Update of original Onyphe_Summary analyzer to fix a minor bug (this analyzer remains in the Analyzers repo)
  • Creation of ONYPHE_Search analyzer, allow for queries and full ONYPHE data for any category. TheHive template is optimised for Datascan, Onionscan and Riskscan. Others may work, but not all have been tested. ONYPHE in uppercase is company policy.
  • Creation of ONYPHE_Vulnscan analyzer, based on Search but with option allowing for only fetching vulnerable assets
  • Creation of ONYPHE_ASM analyzer, based on Search using 'riskscan' category. Fetches reduced data for a small TH database.

@jimbobnet
Added new ONYPHE Search analyzer
7e3f07b
@jimbobnet
Fixed boolean default on auto_import, and ONYPHE namespace in uppercase
7e9a969
@jimbobnet
New long template for ONYPHE Search analyzer
d651a9d
@jimbobnet
Short template for ONYPHE Search analyzer
b4dbb45
@jimbobnet
New ASM Analyzer. Fixed colours on tags in Search analyzer
78b936d
@jimbobnet
Test for alternative IPs before displaying
d603eca
@jimbobnet
ONYPHE analyzers from forked master branch 'master' into HEAD
945cfc0
@jimbobnet
Created analyzer Vulnscan. Updated template for ASM
ce65d7f
@jimbobnet
Merge branch 'TheHive-Project:develop' into develop
889f6ee
@jimbobnet
Delete thehive-templates/Onyphe_ASM_1_0 directory
28ae61e
@jimbobnet
Delete thehive-templates/Onyphe_Search_1_0 directory
dc31946
@jimbobnet
Delete analyzers/Onyphe/Onyphe_ASM.json
fa7157a
@jimbobnet
Delete analyzers/Onyphe/Onyphe_Search.json
1fc2228
@jimbobnet
Delete analyzers/Onyphe/ONYPHE_Threats.json
8731dee
@jimbobnet
Restoring original 1.0 version of Summary API
08bea26
@jimbobnet
Copy link
Contributor Author

Cancelling. Have a bug to fix in name of original analyzer.

@jimbobnet jimbobnet closed this Jan 19, 2024
@jimbobnet jimbobnet reopened this Jan 19, 2024
@jimbobnet
Copy link
Contributor Author

Reopening as non-issue.

@jeromeleonard jeromeleonard self-assigned this Jan 19, 2024
@jeromeleonard jeromeleonard added this to the 3.3.5 milestone Jan 19, 2024
@jeromeleonard jeromeleonard self-requested a review January 19, 2024 16:05
@jeromeleonard jeromeleonard merged commit f3cf0eb into TheHive-Project:develop Jan 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jeromeleonard jeromeleonard Awaiting requested review from jeromeleonard

Assignees

@jeromeleonard jeromeleonard

Labels
None yet
Projects
None yet
Milestone
3.3.5
Development

Successfully merging this pull request may close these issues.
2 participants
@jimbobnet @jeromeleonard