Paul Coccoli
Paul Coccoli
Using sqlite3, I created a table named "test-table" like this: ``` CREATE TABLE IF NOT EXISTS "test-table"(id INT PRIMARY KEY, name TEXT); INSERT INTO "test-table" VALUES(1,'pcoccoli'); COMMIT; ``` When I...
Output from https://github.com/pyupio/safety: ``` safety check --full-report +==============================================================================+ | | | /$$$$$$ /$$ | | /$$__ $$ | $$ | | /$$$$$$$ /$$$$$$ | $$ \__//$$$$$$ /$$$$$$ /$$ /$$ |...
The "Download & Decompress Dataset" example code doesn't work since the URL value needs to be quoted. The "Read JSON File" example doesn't work since the file extracted from the...
**Is your feature request related to a problem? Please describe.** Sysmon events include a ProcessGUID field that's needed to correlate events from the same process. It also would give us...
**Is your feature request related to a problem? Please describe.** qradar, elastic_ecs, and darktrace connectors all map ja3 and ja3s hashes to different extensions: **Describe the solution you'd like** ja3...
**Describe the bug** The proofpoint connector has a custom object `x-proofpoint-msgevents` with property `senderip`. I think this property is supposed to be a reference to an IP address; if so,...
**Describe the bug** The result mapping uses things like `x-ecs-user.id` which creates a custom SCO like ``` { "id": "0", "type": "x-ecs-user" } ``` In STIX 2.0, SCOs should not...
**Is your feature request related to a problem? Please describe.** For some features that are configured in kestrel.toml, it may be convenient to (temporarily) change config from inside a notebook....
**Is your feature request related to a problem? Please describe.** Regarding LOAD/SAVE in cloud environments: we might want some "data storage" interface rather than assuming local files and URLs. In...
You should be able to create `domain-name`s from `url`s. Similarly, if analytics generates new attributes (like the log4shell analytic pulling exploit URIs from `artifact:payload_bin`), you may want to convert those...