August 1, 2016
MISP Hackathon 2016
The 4th August 2016, a MISP hackathon will take place in Luxembourg (at the local hackerspace) and also remotely. It’s a great opportunity to meet the team in a friendly atmosphere and work on your favourite information sharing software in order to improve it and make an even better tool.
Practical details
The hackathon will take place the 4th August 2016 from 10:00 until 18:00. An Etherpad will be available during the event to track the tasks and work during the Hackathon.
If you physically come at the hackathon
If you are physically present please register.
For more practical details about the location.
If you are remotely participating to the hackathon
If you are remotely participating to the hackathon, you won’t need to register. You can join us on the Etherpad session available during the event to track down the tasks, works and open ideas.
Hackathon topics
MISP
- Taking a look at the open issues and pick one or more to work on.
misp-taxonomies
- Contribute a new taxonomy in the misp-taxonomies.
- Improve an existing taxonomy.
- Create a tool to edit or update easily MISP taxonomies.
- Visualize existing taxonomies and/or usage statistics (cf. MISP API to get statistics).
- Update documentation about taxonomies and good practises.
- Create a tool to export MISP json taxonomy to JSON-LD grammar format. A specific machine tag format might be needed in JSON-LD to support generic machine tags format.
misp-galaxy
- Add more threat actors in adversary-groups.json or tools used by adversaries in threat-actor-tools.json
- Review the current STIX vocabulary in use in misp-galaxy. Any missing?
misp-objects
- Add more misp-objects.
- Review current MISP objects versus the use-cases in CyBOX objects.
misp-modules
- Expand existing modules.
- LDAP modules expansion.
- Improve documentation.
- Extend misp-modules services with authentication to provide remotely accessible services to other MISPs.
- Include cti-toolkit (CERT Australia Cyber Threat Intelligence (CTI) Toolkit) as a misp-modules to ease the integration of TAXII services and STIX.
misp-book and documentation
- Fix the misp-book for version 2.4 including screen-shots.
- Including a specific section about the MISP JSON format.
- Improving the MISP project (removing the EURO coin ;-) website to also include a description of all the MISP formats, modules and tools.
PyMISP
- Automatic generation of Markdown report (then pdf) from MISP JSON files (like the OSINT feed) to human-browseable information,
misp-workbench - data-processing - ssdc
- Integration in environment
- Documentation
- Use-cases
- Provide redis export from MISP
- Deciding on how to handle the samples