{"id":27976516,"url":"https://github.com/misp/misp-graph","last_synced_at":"2025-05-08T01:27:35.376Z","repository":{"id":8101939,"uuid":"9516828","full_name":"MISP/misp-graph","owner":"MISP","description":"A tool to convert MISP XML files (events and attributes) into graphs","archived":false,"fork":false,"pushed_at":"2017-05-13T05:43:46.000Z","size":999,"stargazers_count":20,"open_issues_count":1,"forks_count":13,"subscribers_count":16,"default_branch":"master","last_synced_at":"2024-03-26T04:54:07.941Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/MISP.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2013-04-18T08:22:13.000Z","updated_at":"2024-03-26T04:54:07.942Z","dependencies_parsed_at":"2022-08-24T11:20:28.946Z","dependency_job_id":null,"html_url":"https://github.com/MISP/misp-graph","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MISP%2Fmisp-graph","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MISP%2Fmisp-graph/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MISP%2Fmisp-graph/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MISP%2Fmisp-graph/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/MISP","download_url":"https://codeload.github.com/MISP/misp-graph/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252980684,"owners_count":21835288,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-05-08T01:27:34.871Z","updated_at":"2025-05-08T01:27:35.361Z","avatar_url":"https://github.com/MISP.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"misp-graph\n==========\n\nmisp-graph is a tool to analyze a MISP XML export and generate graphs from\nthe events and its attributes. The export format currently supported are dot files (Graphviz)\nand gexf file Graph Exchange XML Format. Graph files can then be used with Gephi or another\ntools supporting these file formats. misp-graph can be used directed with the REST API of MISP or using\nan XML dump.\n\n![A Sample Graph visualized with Gephi](https://raw.github.com/MISP/misp-graph/master/sample/sample.png)\n\nRequirements\n------------\n\n* Python \u003e 2.6\n* networkx\n* pydotplus (supports networkx changes to module_dot https://github.com/networkx/networkx/issues/1984)\n\nUsage\n-----\n\n        Usage: misp-graph.py\n\n        Options:\n          -h, --help            show this help message and exit\n          -d, --debug           debug messages on stderr\n          -t RECORDTYPE, --type=RECORDTYPE\n                                type of the record (default record is 'domain')\n          -f FILENAME, --file=FILENAME\n                                filename of the MISP XML file to read (default MISP\n                                XML dump is 'malwg.xml')\n          -c CENTER, --center=CENTER\n                                center node (could be an event id or also a value of a\n                                record) into a subgraph. By default, all events and\n                                matching attributes are added to the graph.\n          -r RADIUS, --radius=RADIUS\n                                maximum distance between node\n          -o OUTPUTFORMAT, --outputformat=OUTPUTFORMAT\n                                format of the graph output dot (graphviz), gexf\n                                (default format is dot)\n          -n OUTFILENAME, --outfilename=OUTFILENAME\n                                output filename (default is out.\u003cformat\u003e)\n          -u URL, --url=URL     url to access MISP\n          -a AUTHKEY, --authkey=AUTHKEY\n                                authentication key to access MISP\n\n\n### Use case(s)\n\nIf you have a specific event (e.g. from OSINT or from a vendor providing a large set of IOCs) and you would like to see the direct neighbors to this event sharing\nthe same attributes. As example, you want to see the shared attributes from event 310 with the other event with a maximum distance of 2 hops:\n\n    misp-graph.py -o dot -c 310 -r 2 -n event310.dot\n\n\nIf you would like to make a quick visualization of your MISP export, there will be a file called out.dot containing the XML in dot format.\n\n    misp-graph -f yourdump.xml\n\nLicense\n-------\n\nThis software is licensed under GNU Affero General Public License version 3.\n\nCopyright (c) 2012, 2013 Alexandre Dulaunoy (a AT foo be)\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmisp%2Fmisp-graph","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmisp%2Fmisp-graph","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmisp%2Fmisp-graph/lists"}