{"id":20571540,"url":"https://github.com/circl/volatility-misp","last_synced_at":"2025-10-13T19:35:44.259Z","repository":{"id":139221780,"uuid":"97590406","full_name":"CIRCL/volatility-misp","owner":"CIRCL","description":"Volatility plugin to interface with MISP","archived":false,"fork":false,"pushed_at":"2017-08-10T14:04:03.000Z","size":28,"stargazers_count":11,"open_issues_count":0,"forks_count":0,"subscribers_count":8,"default_branch":"master","last_synced_at":"2025-10-13T19:35:44.069Z","etag":null,"topics":["misp","volatility","yara"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/CIRCL.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2017-07-18T11:30:16.000Z","updated_at":"2025-08-22T13:48:41.000Z","dependencies_parsed_at":"2024-01-12T04:03:11.605Z","dependency_job_id":null,"html_url":"https://github.com/CIRCL/volatility-misp","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/CIRCL/volatility-misp","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CIRCL%2Fvolatility-misp","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CIRCL%2Fvolatility-misp/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CIRCL%2Fvolatility-misp/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CIRCL%2Fvolatility-misp/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/CIRCL","download_url":"https://codeload.github.com/CIRCL/volatility-misp/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CIRCL%2Fvolatility-misp/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279016917,"owners_count":26085887,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-13T02:00:06.723Z","response_time":61,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["misp","volatility","yara"],"created_at":"2024-11-16T05:16:31.262Z","updated_at":"2025-10-13T19:35:44.233Z","avatar_url":"https://github.com/CIRCL.png","language":"Python","funding_links":[],"categories":["\u003ca id=\"4d2a33083a894d6e6ef01b360929f30a\"\u003e\u003c/a\u003eVolatility"],"sub_categories":[],"readme":"volatility-misp\n======\n\n# volatility-misp - Volatility plugin to interface with MISP\n\nvolatility-misp is a [volatility](https://github.com/volatilityfoundation/volatility) plugin that allows to pull [yara](https://github.com/virustotal/yara) rules from a MISP instance's yara attributes and use them in yarascan.\n\n__This is a work in progress__, no documentation available yet\n\n## Requirements\n\n * Python 2.7 if used as a volatility module\n * Python 2.7 or 3+ if used as a library (excluding volatility_misp.py)\n * [PyMISP](https://github.com/MISP/PyMISP)\n * [yara-python](https://github.com/VirusTotal/yara-python)\n * [volatility](https://github.com/volatilityfoundation/volatility)\n\n## Current capabilities\n\n * Pulling yara rules from a MISP server\n * Sorting valid yara rules from broken rules\n * Suggesting fixes for some of the broken rules (*currently unused*)\n * Running the valid yara rules on a memory dump (*same capabilities and options as yarascan*)","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcircl%2Fvolatility-misp","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcircl%2Fvolatility-misp","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcircl%2Fvolatility-misp/lists"}