Skip to content

Releases: cedricbonhomme/pyHIDS

Release 0.9.5

08 Aug 20:11
v0.9.5
bfd489b
Compare
Choose a tag to compare

Changes

  • Improved handling of authentication failure with the MISP server. (3c38012)
  • Improved handling of authentication failure with the Pandora server. (b86314a)
  • Updated dependencies.

Fix

  • The configuration file is now loaded with read_file which returns an
    exception when the configuration file is not found. Closes #6.

Release 0.9.4

30 Oct 07:51
v0.9.4
bf3485b
Compare
Choose a tag to compare

Changes

  • [MISP lookup] The SHA1 values are now submitted in a single query;
  • [MISP lookup] A new argument lets the user specify if the final output must be returned as a list of PyMISP Objects instead of the plain json output;
  • [MISP lookup] Added possibility to specify the return format (json, stix2, csv, etc.);
  • [core] Errors are always displayed, even in non-verbose mode.

Example

$ pyhids misp --help
usage: pyhids misp [-h] [--pythonify] [--return-format {openioc,json,xml,suricata,snort,text,rpz,csv,cache,stix-xml,stix,stix2,yara,yara-json,attack,attack-sightings,context,context-markdown}]

options:
  -h, --help            show this help message and exit
  --pythonify           Returns a list of PyMISP Objects instead of the plain json output.
  --return-format {openioc,json,xml,suricata,snort,text,rpz,csv,cache,stix-xml,stix,stix2,yara,yara-json,attack,attack-sightings,context,context-markdown}
                        Set the return format of the search.

$ pyhids misp --pythonify
[<MISPAttribute(type=filename|sha1, value=df3f35df7d529b38e524275bee0672cb|da39a3ee5e6b4b0d3255bfef95601890afd80709), <MISPAttribute(type=filename|sha1, value=sT2kYW.exe|da39a3ee5e6b4b0d3255bfef95601890afd80709),]

Release 0.9.3

14 Oct 17:47
v0.9.3
e9a482c
Compare
Choose a tag to compare

Changes

  • improved files handling and exit codes;
  • improved checks on the loaded database;
  • route errors from subprocess.run() to /dev/null.

Release 0.9.2

13 Oct 19:56
v0.9.2
631ced3
Compare
Choose a tag to compare

Fix

Fixed an issue related to the function responsible of returning the version of the software.

Release 0.9.1

13 Oct 19:47
v0.9.1
cee82c2
Compare
Choose a tag to compare

Changes

  • various improvements to the command line;
  • new argument in order to specify if the output must be more verbose;
  • new argument in order to display the version of the software;
  • improved the creation of the default folders (for the YARA rules, Bloom filter and Cuckoo filter).

Release 0.9.0

10 Oct 07:48
v0.9.0
44e8c7b
Compare
Choose a tag to compare

New

It is now possible to export the database of pyHIDS in a Bloom or a Cuckoo filter.

$ pyhids export --bloom-filter
Bloom filter generated and stored: var/bloom/bloomfilter.bf
$ pyhids export --cuckoo-filter
Cuckoo filter generated and stored: var/cuckoo/cuckoofilter.cf

Changes

Various improvements and minor fixes.

Release 0.8.0

06 Oct 20:54
v0.8.0
e12f54e
Compare
Choose a tag to compare

YARA can now be used in order to look for malicious files in the database of pyHIDS.

Release 0.7.1

05 Oct 09:33
v0.7.1
d8f6107
Compare
Choose a tag to compare

Small fixes and improvements.

Release 0.7.0

04 Oct 09:48
v0.7.0
106ed69
Compare
Choose a tag to compare

New

MISP can now be used in order to look for malicious files in the database of pyHIDS.

Release 0.6.2

04 Aug 22:32
v0.6.2
12b82a9
Compare
Choose a tag to compare

This release fixes an issue when no configuration file is found.