欢迎大家赞助一杯啤酒🍺 我们准备了下酒菜:Formal mathematics/Isabelle/ML, Formal verification/Coq/ACL2, C++/F#/Lisp
MISP
来自开放百科 - 灰狐
(版本间的差异)
小 (→链接) |
小 (→图集) |
||
| (未显示1个用户的15个中间版本) | |||
| 第2行: | 第2行: | ||
==简介== | ==简介== | ||
| − | MISP | + | MISP 是一个[[OSINT|开源威胁情报]]平台与威胁信息共享的开放标准。 |
==功能== | ==功能== | ||
| + | |||
| + | ==标准== | ||
| + | [https://github.com/MISP/misp-rfc MISP standards and RFCs] | ||
| + | |||
| + | [https://www.misp-standard.org/ MISP Standard] 一套简单、高效、灵活的协作情报标准,以支持不同领域的信息交换和数据建模: | ||
| + | * Cybersecurity intelligence(网络安全情报) | ||
| + | * Threat intelligence(威胁情报) | ||
| + | * Financial fraud(金融欺诈) | ||
| + | * Vulnerability information(脆弱性信息) | ||
| + | * Border control information(边境管制信息) | ||
| + | * Digital Forensic and Incident Response(数字取证和事件响应) | ||
| + | * Intelligence at large(广泛的情报) | ||
| + | |||
| + | 使用 MISP Standard 的软件: | ||
| + | *[https://github.com/CIRCL/AIL-framework AIL framework] | ||
| + | *MISP | ||
| + | *[https://thehive-project.org/ TheHive] | ||
==指南== | ==指南== | ||
| 第25行: | 第42行: | ||
==对象== | ==对象== | ||
[https://www.misp-project.org/objects.html MISP objects] | [https://www.misp-project.org/objects.html MISP objects] | ||
| + | |||
| + | ==软件工具== | ||
| + | [https://www.misp-project.org/tools/ Software and Tools] | ||
| + | *[https://github.com/MISP/MISP-maltego MISP-maltego] | ||
| + | *[https://github.com/n4ll3ec/ThreatHound ThreatHound] | ||
| + | |||
| + | ==文档== | ||
| + | *[https://misp.gitbooks.io/misp-book MISP 文档] | ||
| + | *[https://github.com/MISP/MISP-presentations MISP-presentations] | ||
==图集== | ==图集== | ||
| 第34行: | 第60行: | ||
image:misp-taxonomies.png|Taxonomies | image:misp-taxonomies.png|Taxonomies | ||
image:misp-settings-plugin.png|Plugin | image:misp-settings-plugin.png|Plugin | ||
| + | image:thehive-architecture.png|TheHive架构 | ||
| + | image:thehive-workflow.png|TheHive工作流 | ||
| + | image:thehive-current-cases.png|TheHive案例 | ||
| + | image:AIL-framework-dashboard.png|AIL框架 | ||
| + | image:MISP-VirtualBox.png|VirbualBox | ||
| + | image:TOP-1000-WEBSITE-FROM-ALEXA.png|TOP 1000 WEBSITE FROM ALEXA | ||
</gallery> | </gallery> | ||
| 第39行: | 第71行: | ||
*[https://www.misp-project.org/ MISP 官网] | *[https://www.misp-project.org/ MISP 官网] | ||
*[https://github.com/MISP MISP @ GitHub] | *[https://github.com/MISP MISP @ GitHub] | ||
| − | |||
[[category:OSINT]] | [[category:OSINT]] | ||
2022年4月8日 (五) 11:46的最后版本
MISP
目录 |
[编辑] 简介
MISP 是一个开源威胁情报平台与威胁信息共享的开放标准。
[编辑] 功能
[编辑] 标准
MISP Standard 一套简单、高效、灵活的协作情报标准,以支持不同领域的信息交换和数据建模:
- Cybersecurity intelligence(网络安全情报)
- Threat intelligence(威胁情报)
- Financial fraud(金融欺诈)
- Vulnerability information(脆弱性信息)
- Border control information(边境管制信息)
- Digital Forensic and Incident Response(数字取证和事件响应)
- Intelligence at large(广泛的情报)
使用 MISP Standard 的软件:
- AIL framework
- MISP
- TheHive
[编辑] 指南
可下载虚拟机快速启动
For the MISP web interface -> [email protected]:admin For the system -> misp:Password1234 Please add the following forwards on your VM Host:
VBoxManage controlvm MISP_VM_NAME natpf1 www,tcp,,8080,,80 VBoxManage controlvm MISP_VM_NAME natpf1 ssh,tcp,,2222,,22 VBoxManage controlvm MISP_VM_NAME natpf1 dashboard,tcp,,8001,,800
[编辑] Modules
[编辑] 数据模型
MISP data models - MISP core format - MISP taxonomies
[编辑] 对象
[编辑] 软件工具
[编辑] 文档
[编辑] 图集
威胁分享
集成Elasticsearch
角色权限
Feeds
Taxonomies
Plugin
TheHive架构
TheHive工作流
TheHive案例
AIL框架
VirbualBox
TOP 1000 WEBSITE FROM ALEXA
[编辑] 链接
分享您的观点
