Metadata-Version: 2.1
Name: misp-galaxy-parser
Version: 0.1.0
Summary: Set of utilities to parse and use MISP galaxy clusters
Home-page: https://github.com/vmware-labs/galaxy-parser-for-misp/
Author: Stefano Ortolani
Project-URL: Bug Tracker, https://github.com/vmware-labs/galaxy-parser-for-misp/issues
Classifier: Development Status :: 3 - Alpha
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: BSD License
Classifier: Programming Language :: Python :: 3
Classifier: Operating System :: OS Independent
Classifier: Topic :: Security
Classifier: Topic :: Software Development :: Libraries :: Python Modules
Requires-Python: >=3.9
Description-Content-Type: text/markdown
License-File: LICENSE
License-File: NOTICE
Requires-Dist: requests
Requires-Dist: tqdm
Provides-Extra: misp
Requires-Dist: pymisp ; extra == 'misp'

# Galaxy Parser for MISP

Utilities to parse galaxy clusters and resolve labels (including synonyms).

There is some string normalization (whitespace removal and compound words handling) that 
can be improved, but anything domain-specific is computed using MITRE galaxies.

```bash
./bin/query_galaxy.py -q sednit -g mitre-intrusion-set 
> Mapping 'sednit' to:  ['misp-galaxy:mitre-intrusion-set="APT28 - G0007"']
```

```bash
./bin/query_galaxy.py -q apt28 -g mitre-intrusion-set 
> Mapping 'apt28' to:  ['misp-galaxy:mitre-intrusion-set="APT28 - G0007"']
```

```bash
./bin/query_galaxy.py -q feodo -g malpedia
> Mapping 'feodo' to:  ['misp-galaxy:malpedia="Emotet"']
```

```bash
./bin/query_galaxy.py -q emotet -g malpedia
> Mapping 'emotet' to:  ['misp-galaxy:malpedia="Emotet"']
```

## Contributing

The galaxy-parser-for-misp project team welcomes contributions from the community. Before you start working with galaxy-parser-for-misp, please
read our [Developer Certificate of Origin](https://cla.vmware.com/dco). All contributions to this repository must be
signed as described on that page. Your signature certifies that you wrote the patch or have the right to pass it on
as an open-source patch. For more detailed information, refer to [CONTRIBUTING.md](CONTRIBUTING.md).

## License

[BSD 2-Clause](https://spdx.org/licenses/BSD-2-Clause.html)
