Merge pull request #664 from VirusTotal/feat/gti-doc

[Google Threat Intelligence] Add web doc and fix logo for the module
MISP · May 14, 2024 · b5c459c · b5c459c
2 parents 8e3deb8 + a9dda34
commit b5c459c
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 2 deletions.
diff --git a/docs/logos/google_threat_intelligence.png b/docs/logos/google_threat_intelligence.png
diff --git a/documentation/website/expansion/google_threat_intelligence.json b/documentation/website/expansion/google_threat_intelligence.json
@@ -0,0 +1,14 @@
+{
+    "description": "An expansion module to have the observable's threat score assessed by Google Threat Intelligence.",
+    "logo": "google_threat_intelligence.png",
+    "requirements": [
+        "An access to the Google Threat Intelligence API (apikey), with a high request rate limit."
+    ],
+    "input": "A domain, hash (md5, sha1, sha256 or sha512), hostname or IP address attribute.",
+    "output": "Text fields containing the threat score, the severity, the verdict and the threat label of the observable inspected.",
+    "references": [
+        "https://www.virustotal.com/",
+        "https://gtidocs.virustotal.com/reference"
+    ],
+    "features": "GTI assessment for the given observable, this include information about level of severity, a clear verdict (malicious, suspicious, undetected and bening) and additional information provided by the Mandiant expertise combined with the VirusTotal database.\n\n[Output example screeshot](https://github.com/MISP/MISP/assets/4747608/e275db2f-bb1e-4413-8cc0-ec3cb05e0414)"
+}
diff --git a/misp_modules/modules/expansion/google_threat_intelligence.py b/misp_modules/modules/expansion/google_threat_intelligence.py
@@ -52,8 +52,6 @@
 DEFAULT_RESULTS_LIMIT = 10
 
 
-
-
 class GoogleThreatIntelligenceParser:
     """Main parser class to create the MISP event."""
     def __init__(self, client: vt.Client, limit: int) -> None: