GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → UNIT777 → Email2TheHive

UNIT777 / Email2TheHive

Licence: other
This package allows for creating alerts in The Hive from emails retrieved from a Microsoft Exchange mailbox.

Programming Languages

python
139335 projects - #7 most used programming language

Labels

thehivethehive4py

Projects that are alternatives of or similar to Email2TheHive

ThePhish
ThePhish: an automated phishing email analysis tool
Stars: ✭ 676 (+6045.45%)
Mutual labels:  thehive, thehive4py
TheHive2Sigma
Python script to automatically create sigma rules from The hive observables
Stars: ✭ 23 (+109.09%)
Mutual labels:  thehive
training-materials
No description or website provided.
Stars: ✭ 47 (+327.27%)
Mutual labels:  thehive
Docker-Templates
Docker configurations for TheHive, Cortex and 3rd party tools
Stars: ✭ 71 (+545.45%)
Mutual labels:  thehive
S1EM
This project is a SIEM with SIRP and Threat Intel, all in one.
Stars: ✭ 270 (+2354.55%)
Mutual labels:  thehive
TheHiveHooks
This is a python tool aiming to make using TheHive webhooks easier.
Stars: ✭ 22 (+100%)
Mutual labels:  thehive
Thehive
TheHive: a Scalable, Open Source and Free Security Incident Response Platform
Stars: ✭ 2,300 (+20809.09%)
Mutual labels:  thehive

Email2TheHive

Generate TheHive alerts from emails

Prerequisites

Mailbox with the following folders

A Mailbox with the following folders is required:

processed
to_be_processed

Exchange Service account

An Exchange Service account with Read/Write permissions to the following folders:

processed
to_be_processed

Python Packages Required

exchangelib==1.9.3
python-magic==0.4.13
thehive4py==1.2.0
requests

Hard Coded configuration items that need to be changed

Specify TheHive URL, username, password:

api = TheHiveApi('[thehiveurl]', '[thehiveuser]', '[thehivepassword]', {'http': '', 'https': ''})

Specify Exchange service account:

creds = Credentials(
    username='DOMAIN\[user]',
    password='[password]')

Specify SMTP address

primary_smtp_address='[smtpaddress]',

(IF NEEDED) Requests Python Modifications Required for SSL

Set the REQUESTS_CA_BUNDLE environment variable to the path of the certificate file (*.pem) (full certificate chain: primary, intermediate, root) when running the script Example in a Terminal/Shell:

REQUESTS_CA_BUNDLE=~/CAfile.pem ./GenerateAlert.py

Errors

ASCII encoding error in CRON job

To fix this error specify the following at the top of your crontab

PYTHONIOENCODING=utf8

Authors

  • brevillebro - Initial Work

Roadmap/TODO

  • Read required parameters from a config file
  • Error checking
  • Logging (success/error)
  • Code cleanup
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].