maiocharter.blogg.se - Wireshark download kali linux

data/raw_reports/nessus.csv : this file can be exported from tenable nessus interface.

data/raw_reports/misp.csv : this file can be exported from MISP from following location, Export->CSV_Sig->Generate then Download.

Need to place exported files under following folders with exact name specified

All 3 files mentioned in step (2) can either be manually edited or vulnerabilities & indicators file can be generated using exported MISP & Tenable Nessus scan report.

indicators.csv : IOC data with attributes type, value, severity & threat type.

asset_vulnerabilities.csv : Details about CVE IDs and top CVSS score value for each asset.

Default file has few examples for intranet IPs & DNS servers

asset_tags.csv : Information about asset ip/domain/cidr and associated tags.

Folder data/formatted_reports has 3 files.

Download source Zip file or checkout the code.

Extends native Wireshark filter functionality to allow filtering based severity, source, asset type & CVE information for each source or destination IP address in network logs.

Loads exported vulnerability scan information exported from Qualys/Nessus map IP to CVEs.

filter for ‘Database Server’, ‘Employee Laptop’ etc)

Loads asset classification information based on IP-Range to Asset Type mapping which enables filtering incoming/outgoing traffic from a specific type of assets (e.g.

Loads malicious Indicators CSV exported from Threat Intelligence Platforms like MISP and associates it with each source/destination IP from network traffic.