MISP 2.4.93

MISP, Malware Information Sharing Platform and Threat Sharing, is an open source software solution for collecting, storing, distributing and sharing cyber security indicators and threat about cyber security incidents analysis and malware analysis. MISP is designed by and for incident analysts, security and ICT professionals or malware reverser to support their day-to-day operations to share structured informations efficiently.

Tags threat-sharing threat-hunting threatintel malware-analysis stix information-exchange fraud-management security cybersecurity fraud-detect
License Apache
State initial

Recent Releases

2.4.9327 Jun 2018 19:25 minor feature: New: Initial skeleton of Mitre attack matrix . Enable python3 for php-fpm for RHEL/CentOS. . Chg: attackMatrix UI improvement. . : EventView Still allows object edition event if the event hasn #039;t. . . . New: Add schema for feed-metadata. . Merge branch #039;2.4 #039; of github.com:MISP/MISP into 2.4. . Chg: Add enums in feed-metadata schema. . : version comparison for old vs new db versions. . New: attackMatrix addition of heatmap on tiles depending on occurence. . New: attackMatrix force kill chaine header order. . : Made sure that object edit buttons are only visible to those tha . . Merge branch #039;samimagic #039; into 2.4. . Chg: misp-object updated to the latest version. . New: Added event lock table. . New: Added event lock functionality. . Merge branch #039;2.4 #039; of github.com:MISP/MISP into 2.4. . New: attackMatrix legend scale of the heatmap with dynamic updates. . New: Add email field autofocus on login page. . . . : eventView Hide galaxy tags after search. . Add: Diagnostic Added maec python library requirements. . Chg: Diagnostic View Updated Diagnostic View for STIX1 related pyth . . Merge branch #039;2.4 #039; of github.com:MISP/MISP into 2.4. . Chg: attackMatrix search capabilities and table auto resize. . : Added impfuzzy validation. . Merge branch #039;2.4 #039; of github.com:MISP/MISP into 2.4. . New: UI/UX Event lock initial version. . : extended events Correctly handle event extensions via event ID . . : Diagnostic typo in python libraries testing. . Merge branch #039;2.4 #039; of github.com:MISP/MISP into 2.4. . New: attackMatrix Ability to attach Mitre att ck galaxy from the. . New: GalaxyPicking Choose the galaxy namespace first before showing. . Chg: attackMatrix Restrict view to be ajax only. . Add: stix1 export Exporting credential MISP objects. . : invalid function call for the event lock via the objects c . . New: functionality Ki
2.4.9208 Jun 2018 11:05 minor feature: Add config mapping for 'gpgconf' option in Crypt_GPG library. . : stix1 export Cleaned indentation typo. . add: stix1 export Exporting network connection MISP objects. . : stix1 export Quick on variables. . add: stix1 export Exporting network-socket MISP objects. . chg: misp-galaxy updated to the latest version. . Merge branch '2.4' of github.com:MISP/MISP into 2.4. . : stix1 import name of MISP objects parsing for import. . : stix1 import Commented atm not used attribute in object process. . add: stix1 export Exporting Process MISP objects. . add: stix1 import Little update following the process object export . . : invalid org lookup on the attribute index resulting in som . . Merge branch '2.4' of github.com:MISP/MISP into 2.4. . . add: stix1 export Added reference between process and other objects. . stix1 export Edited indicator id. . Merge branch '2.4' of github.com:MISP/MISP into 2.4. . add: stix1 export Supporting windows-service-name attribute export. . : stix1 export reference creation for process object when . . : stix1 export Atm skipping objects not mapped yet for export. . add: stix1 export Added namespaces for WindowsService object. . stix1 export typo. . : stix1 import test to define if a STIX file is from MISP. . : stix1 import uuid fetching when a STIX object has no id. . new: New flash message system. Merge branch '2.4' of github.com:MISP/MISP into 2.4. . : some with the new notifications. . Chg: misp-taxonomies updated to the latest version. . : Minor cleanup of the default layout. . Merge branch '2.4' of github.com:MISP/MISP into 2.4. . : some menu misalignment with demode off. . : layout. . : invalid pluralisation. . : user add form loses checkbox settings on failed submission when . . : Ignore camelised vs underscored controller name differences in t . . : Various to the add feed action/view. . : a DOM based XSS with cortex type attributes. . : editing servers to add a
2.4.9115 May 2018 10:05 minor feature: /var/www/MISP/app/Console/cake Admin getSetting setting . Setting is optional, if none set "all" is assumed Returns all or a specific setting's current value and metadata . Setting is optional, if none set "all" is assumed. Returns all or a specific setting's current value and metadata. /var/www/MISP/app/Console/cake Admin setSetting setting value . Set a given server setting by full setting name For example the following will enable the import services: /var/www/MISP/app/Console/cake Admin setSetting "Plugin.Import_services_enable" 1. . Set a given server setting by full setting name. For example the following will enable the import services: /var/www/MISP/app/Console/cake Admin setSetting "Plugin.Import_services_enable" 1.
2.4.9022 Apr 2018 03:15 minor feature: Screencast of the new event graph editor: https://www.misp-project.org/assets/images/misp/video/event-graph.webm. Sanitisation is now properly done from misp-modules especially to avoid XSS from potential malicious expansion modules. CVE-2018-8948. An API integrity where an authenticated user could edit and overwrite an attribute without the UUID set. CVE-2018-8949.
2.4.8924 Mar 2018 03:15 minor feature: Merge remote-tracking branch 'origin/i18n_prep' into 2.4 . initial regexp to match rule pattern. . added validation function for global syntax. . added options extraction function. . wrote dns validation func, checking modifier after dns_query keyword. . Merge branch '2.4' of github.com:SteveClement/MISP into 2.4. . Merge remote-tracking branch 'upstream/2.4' into 2.4. . Merge remote-tracking branch 'upstream/2.4' into 2.4. . new: Allow requesting of misp standard format for the export modules. . : Removed left in de/thrown exception. . : warning lists updated to the latest version. . Merge branch '2.4' of github.com:MISP/MISP into 2.4. . : annoying download list only having one side clickable. . Merge branch '2.4' of github.com:MISP/MISP into 2.4. . : disable_correlation now works correctly as expected. . Add attribute shortcut now triggers the popup instead of changing pag . . : MISP objects updated. . : Attribute distribution defaults for adding objects. . Merge branch '2.4' of github.com:MISP/MISP into 2.4. . : No distribution set on the server should default to inherit for . . : typo for the previous commit. . . . : Misleading failure message when failing to create Attributes par . . Merge branch '2.4' of github.com:MISP/MISP into 2.4. . : Don't try to refang filepaths. : Reverted PR with alternate way of starting scheduler worker. . : an where editing an object with an attachment contai . . : an invalid translation in the attributeRestorationForm cau . . : GUI: Listing Attributes creates many de.log entries. new: Include the attribute UUID in the attribute level restsearch. . : Changed stupid parameter name to better reflec what it does. . : Nicer error message when trying to add a tag to an event that do . . : Added /tags/add to restresponse. . : tags/add on a GET requ
2.4.8822 Feb 2018 03:15 minor feature: Add field filter for galaxy cluster . Apply filter to pagination :). . add filter on GalaxyCluster description too . . chg: Bump PyMISP. . chg: Bump PyMISP, again. . . . chg: Bump PyMISP recommended version. . chg: Bump PyMISP to 2.4.87. . . . : Graceful handling of gnupg not being set up on an instnace. . Merge branch '2.4' of github.com:MISP/MISP into 2.4. . : MISP objects updated. . : taxonomies updated. . : an invalid call to saving a log entry without initialising t . . Merge branch '2.4' of github.com:MISP/MISP into 2.4. . : Galaxy updated to the latest version. . Merge branch '2.4' of github.com:MISP/MISP into 2.4. . : adding tags via the API fails if not encapsulated in "Tag": . . Merge branch '2.4' of github.com:MISP/MISP into 2.4. . : MISP objects latest version imported (ip-port with dom . . Merge branch '2.4' of github.com:MISP/MISP into 2.4. . : user_id in tag table was not included in MYSQL.sql. . : set the default PGP keyserver to pgp.circl.lu (faster than. . - wipe objects. . . . new: Allow overriding the action names in the stringified restrespons . . new: New APIs to add/remove orgs and servers from sharing groups. Merge branch '2.4' of github.com:MISP/MISP into 2.4. . : Added new APIs to ACL component. . add: GENE: Go Evtx sigNature Engine attribute type added. . add: a default category for GENE attribute type. . : PyMISP updated to the latest version. . new: Added returnMetaAttributes flag to the /events/freeTextImport API. . Merge branch '2.4' of github.com:MISP/MISP into 2.4. . : Added missing db field to users. . : Run the db update before trying to add users/orgs. . added vendor and CakeResque folders to gitignore. . new: Add a "search all tags" input field on the taxonomy modal when a . . : Escaping user controlled variable. . . .
2.4.8729 Jan 2018 03:15 minor feature: Add option 'sign' in GPG section . Description of the option 'sign'. . Implement 'sign' option. . Merge branch '2.4' into GPG_sign_option. . Merge branch 'i18n_prep' of github.com:SteveClement/MISP into 2.4. . - __('')-ized labels, buttons, styles. . - Attributes folder scavenged for Translatables . . - __(' added where needed. . - Removed some echo ('foo') / echo('bar') - Coding rules want: echo foo. . - Final files in View/Attributes for now. . - Removed Sublime fail :(. . - View/Elements/dashboard - __(' - Done! #i18n_prep. . - __(' where needed. . - Typo. . - __(' - Added where needed. . Merge remote-tracking branch 'origin' into i18n_prep. . Merge remote-tracking branch 'upstream/2.4' into 2.4. . Merge remote-tracking branch 'origin' into i18n_prep. . Merge remote-tracking branch 'upstream/2.4' into i18n_prep. . - View/Elements/Feeds - __(' checked and added where needed. . - View/Servers - __(' done. . - View/Events/index.ctp - __('. . - Replaced random '.......' with ' '. . - Elements/Events/View - __('. . - Elements/healthElements - __('. . - Elements/Events/eventIndexTable.ctp - __('. . - typo and spacing. . - typo, added __(' where missing. . - Elements/Servers - __('. . - Elements/histogram.ctp - __('. . - Elements/side_menu.ctp - __('. . - Events/view.ctp - __('. . - Elements/ajaxAttributeTags.ctp Elements/ajaxTags.ctp Elements/ajaxT . . - Elements/Users/userIndexTable.ctp - __('. . - Elements/templateElements/populateTemplateAttribute.ctp - __('. . Merge remote-tracking branch 'upstream/2.4' into i18n_prep. . Merge branch 'i18n_prep' of github.com:SteveClement/MISP into i18n_prep. . - View/EventBlacklists - __(' done. . - View/Errors - __(' done. . - View/EventDelegations/ajax - __(' done. . - Vie
2.4.8616 Jan 2018 03:15 minor feature: Removed threat level and analysis from the index as they're eclipsed by the taxonomies for most use-cases. Changed the behaviour when users click on org logoes (redirect to filtered index). X509-fingerprint-sha256 - to support the updated x509 object. X509-fingerprint-md5 - to support the updated x509 object. Stix2-pattern - to a new stix2-pattern object. Whois-registrant-org - to support the updated whois object.
2.4.8506 Jan 2018 03:15 minor feature: Removed threat level and analysis from the index as they're eclipsed by the taxonomies for most use-cases. Changed the behaviour when users click on org logoes (redirect to filtered index). X509-fingerprint-sha256 - to support the updated x509 object. X509-fingerprint-md5 - to support the updated x509 object. Stix2-pattern - to a new stix2-pattern object. Whois-registrant-org - to support the updated whois object.
03 Jan 2018 00:24 minor feature: