/AutoIOC-MISP

This system allows you to add IOCs (Indicators of Compromise) to your MISP server manually or automatically. It includes 15 different services.

Primary LanguagePythonMIT LicenseMIT

AutoIOC-MISP

Installation

git clone https://github.com/AzizKpln/AutoIOC-MISP.git
cd AutoIOC-MISP
chmod +x *
bash install.sh

Available Services:

  • ThreatFox
  • URLHaus
  • PhishHunt
  • OpenPhish
  • CinsScore
  • AbuseIPDB
  • Emerging Threats
  • HoneyDB
  • KillNet
  • Maliverse
  • MalwareBazaar
  • VirusShare
  • RescureME
  • SSLbl
  • VXVault

Usage

  • Run The Main File

    python3 main.py

  • Select the upload type (Manual or Auto)

  • Give your MISP server URL, MISP API KEY and MISP EVENT ID

  • If you selected Manual, Upload the IOC list you have line by line

  • If you selected Auto, Select the service you wanna use and submit

Crontab

  • After using the tool, run the crontab.sh file; 
    bash crontab.sh
  • Select the time for per minutes (1440) is suggested