Skip to content

jaegeral/PySight2MISP

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

65 Commits

model

model

 
 

test_data

test_data

 
 

.gitignore

.gitignore

 
 

CHANGELOG.md

CHANGELOG.md

 
 

CONTRIBUTING.md

CONTRIBUTING.md

 
 

INSTALL.md

INSTALL.md

 
 

LICENSE

LICENSE

 
 

PySight.py

PySight.py

 
 

PySight_settings.py

PySight_settings.py

 
 

README.md

README.md

 
 

config.example.cfg

config.example.cfg

 
 

requirements.txt

requirements.txt

 
 

test_pysight.py

test_pysight.py

 
 

Repository files navigation

What?

PySight2MISP is a project that can be run to be used as glue between iSight intel API and MISP API.

Status

This script is not maintaned - if you want to use it, there might be a need to fix a lot of stuff before, but still happy to accept PR.

Why

To get indicators, IOCs etc. from FireEye iSight into a MISP system.

How

see INSTALL.md

It is recommended to have a "Publisher" account on the MISP system. A "sync user" account is not sufficient because it doesn't have enough rights (e.g. for tagging events).

You do not need an iSight account to test the script, there is test data to test with, e.g., a MISP VM.

Roadmap

Short term

  • Fix issues.
  • Add written report details per event.

Long term

  • Migrate stuff to a MISP import module.

About

PySight2MISP is a project that can be run to be used as glue between iSight intel API and MISP API

Topics

glue misp misp-api isight isight-intel-api

Resources

Readme

License

MIT license
Activity

Stars

8 stars

Watchers

4 watching

Forks

7 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 5

Languages