Comments (6)
Hey @ninoseki! I'm open for any feedback regarding the tracking schema. Was an idea in order to have a well documented rule set, but unfortunately I haven't found time to implement it into my own software projects.
from mihari.
@ssnkhan I'm thinking about making the following changes:
- Deprecate all search comands (mihari shodan, mihari censys, etc.)
- Add a "search" command which accepts the schema as an input
- The old search commands should be replaced by this command
What do you think?
from mihari.
I think being able to store all that extra metadata will be very very helpful! However, will this also affect the structure of the mihari.db
? Will the --ignore-old-artifacts
, and --ignore-threshold
be configured within the rule.yml
file, or will they be part of CLI usage as they are currently? Thanks :)
from mihari.
Because there's always stuff which is tool related and changes from rule to rule, the schema allows adding the custom
key (see the example rule.yml). Maybe that would be useful for mihari, too?
from mihari.
Thank you for comments.
Yes, I'm thinking about using custom
properties to keep the backward compatibility.
from mihari.
I implemented a DSL to write a rule which is inspired by infrastructure-tracking-schema
.
It's not totally followed the original schema. I customized it to fit with this app to not to make a breaking change.
The schemas for Mihari is defined in here.
from mihari.
Related Issues (20)
- [BUG] Mihari search fails using grape `1.6.1` HOT 1
- [Feature Request] ThreatFox HOT 3
- v4 roadmap
- [v4] Remove analyze subcommands
- [v4] Remove mem
- [v4] Remove configuration loading feature
- [v4] DB based rule management feature
- [v4] Improve DB connection handling
- [v4] Improve the feed analyzer
- [v4] Record metadata
- [BUG] Shodan Query Error HOT 2
- [Feature Request] Use ThreatFox as an emitter HOT 5
- [BUG] Mihari can't validate rule with `analyzer: zoomeye` HOT 1
- [BUG] PassiveTotal analyzer not returning IPs while searching using SHA1 of a certificate
- [BUG] mihari web launchy error HOT 1
- Question: Getting `AxiosError: Request failed with status 500` HOT 9
- [BUG] HOT 3
- [BUG] Mihari `loc` KeyError HOT 1
- [Help] Parse CSV / TXT File HOT 3
- Issue POST Mihari > MISP with API HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from mihari.