crt0mega
/
mvt
mirror of https://github.com/mvt-project/mvt.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
611 Commits 22 Branches 67 Tags 6 MiB
Commit Graph

43 Commits

Author SHA1 Message Date
Nex 8ff8e599d8 Fixed flake8 and minor code style 2022-06-28 12:00:30 +02:00
Nex 815cdc0a88 Adding system to check for updates of indicators files and notify if any are available 2022-06-27 14:41:40 +02:00
Nex 7b92903536 Moved indicators file to dedicated repository 2022-06-25 00:41:58 +02:00
Nex 0d75dc3ba0 Optionally loading indicators description 2022-06-24 15:14:33 +02:00
Nex 2bc6fbef2f Starting to add type hints 2022-06-17 22:30:46 +02:00
Nex d82c788a18 Removed AUTHORS file in favor of explicit copyright notice 2022-05-08 14:53:50 +02:00
Nex ab63a02c9f Code clean-ups 2022-02-02 19:18:47 +01:00
Nex 153f6cce02 Returning stix2 file name with iocs as well 2022-02-02 14:57:32 +01:00
Nex 47f9a0104c Added a break for speed 2022-02-02 14:54:40 +01:00
Nex bdad23feee Refactored indicators to support multiple malware/collections per stix2 file 2022-02-02 14:53:26 +01:00
Nex eb5f07a75d Updated copyright notice 2022-01-30 20:15:01 +01:00
Nex c8185fdbd8 Small code clean-ups 2022-01-29 15:13:35 +01:00
Yallxe 43b1612dfe Set utf-8 as an encoding for open() 
Not every system uses 'utf-8' as a default encoding for opening files in Python.

Before you say that there must be a way to set default encoding in one line, no, there is not. At least, I didn't found a way to do this.
 2022-01-29 12:18:18 +01:00
Nex 25c6c03075 Added Getprop module and cleaned Files and Packages Android modules 2022-01-27 12:50:37 +01:00
Nex cce9159eda Adding indicator to matched results 2022-01-23 15:01:49 +01:00
Nex b35cd4bc73 Added support for context-aware indicators. 
This way when a detection is logged, the user can know which STIX2
file was matched by the module
 2022-01-21 16:26:58 +01:00
tek 083bc12351 Merge branch 'feature/check-file-path' 2022-01-20 15:19:37 +01:00
tek 38bb583a9e Improves management of file path indicators 2022-01-18 15:50:31 +01:00
Donncha Ó Cearbhaill 48ec2d8fa8 Merge branch 'main' into tests 2022-01-18 15:30:40 +01:00
Nex 24be9e9570 Use default list of indicators files now that some default ones are automatically loaded 2022-01-14 16:26:14 +01:00
Nex adbd95c559 Dots 2022-01-14 02:01:59 +01:00
Nex 33efeda90a Added TODO note 2022-01-12 16:10:15 +01:00
Nex 146f2ae57d Renaming check function for consistency 2022-01-12 16:02:13 +01:00
Nex 11bc916854 Sorted imports 2022-01-11 16:02:44 +01:00
Donncha Ó Cearbhaill 54963b0b59 Update test PR to work with latest code, fix flake8 2022-01-07 17:03:53 +01:00
tek 28d57e7178 Add command to download latest public indicators 
Squashed commit of the following:

commit c0d9e8d5d188c13e7e5ec0612e99bfb7e25f47d4
Author: Donncha Ó Cearbhaill <donncha.ocearbhaill@amnesty.org>
Date:   Fri Jan 7 16:05:12 2022 +0100

    Update name of indicators JSON file

commit f719e49c5f942cef64931ecf422b6a6e7b8c9f17
Author: Donncha Ó Cearbhaill <donncha.ocearbhaill@amnesty.org>
Date:   Fri Jan 7 15:38:03 2022 +0100

    Do not set indicators option on module if no indicators were loaded

commit a289eb8de936f7d74c6c787cbb8daf5c5bec015c
Author: Donncha Ó Cearbhaill <donncha.ocearbhaill@amnesty.org>
Date:   Fri Jan 7 14:43:00 2022 +0100

    Simplify code for loading IoCs

commit 0804563415ee80d76c13d3b38ffe639fa14caa14
Author: Donncha Ó Cearbhaill <donncha.ocearbhaill@amnesty.org>
Date:   Fri Jan 7 13:43:47 2022 +0100

    Add metadata to IoC entries

commit 97d0e893c1a0736c4931363ff40f09a030b90cf6
Author: tek <tek@randhome.io>
Date:   Fri Dec 17 16:43:09 2021 +0100

    Implements automated loading of indicators

commit c381e14df92ae4d7d846a1c97bcf6639cc526082
Author: tek <tek@randhome.io>
Date:   Fri Dec 17 12:41:15 2021 +0100

    Improves download-indicators

commit b938e02ddfd0b916fd883f510b467491a4a84e5f
Author: tek <tek@randhome.io>
Date:   Fri Dec 17 01:44:26 2021 +0100

    Adds download-indicators for mvt-ios and mvt-android
 2022-01-07 16:38:04 +01:00
Donncha Ó Cearbhaill 45b31bb718 Add support for indentifying known malicious file paths over ADB 2021-12-16 19:16:24 +01:00
Donncha Ó Cearbhaill 3f3261511a Add module to search for known malicious or suspicious configuration profiles 2021-12-16 17:57:26 +01:00
tek a653cb3cfc Implements loading STIX files from env variable MVT_STIX2 2021-12-10 16:11:59 +01:00
Nex 512f40dcb4 Standardized code with flake8 2021-11-19 15:27:51 +01:00
Nex 169f5fbc26 Pyment to reST 2021-10-12 18:06:58 +02:00
tek ef2bb93dc4 Adds indicator check for android package name and file hash 2021-09-21 19:43:02 +02:00
Nex 3f9809f36c Formatting docstrings 2021-09-11 02:39:33 +02:00
Nex 6da6595108 More docstrings 2021-09-10 20:09:37 +02:00
Nex e5f2aa3c3d Standardizing reST docstrings 2021-09-10 15:18:13 +02:00
Nex 27847bf16c Added counter for loaded indicators 2021-08-18 13:18:34 +02:00
Nex 6a63256b5c Added ability to import multiple STIX2 indicators files 2021-08-18 13:08:32 +02:00
Nex 96e4a9a4a4 Overhaul of mvt-ios modules 2021-08-16 10:50:35 +02:00
Nex 076930c2c9 Added newline 2021-08-14 18:06:30 +02:00
Nex 8a91e64bb9 Catching gracefully if indicators file parse fails 2021-08-12 20:17:37 +02:00
Nex f011fd19e8 More explicit copyright and licensing notes 2021-08-01 21:11:08 +02:00
Nex c966eea7e6 Sorted imports 2021-07-30 11:40:09 +02:00
Nex 065a62cee1 First commit 2021-07-16 08:05:01 +02:00