yeti
yeti copied to clipboard
yeti-platform
No Malware Family
Hi,
I try to create new malware entitie, but I can't bind my malware to a family because list is blank.
How and where can I populate this list?
More globally, is it possible to import MITRE objects? It will be really usefull.
Thanks
Yeah, unfortunately malware families need to be populated from the database directly. I haven't gotten around to add the control in the UI yet. You can do something like this from a python shell on your server:
from mongoengine import connect
from core.entities.malware import MalwareFamily
db = connect('yeti')
# Populate database with initial values
mailer = MalwareFamily("mailer").save()
banker = MalwareFamily("banker").save()
worm = MalwareFamily("worm").save()
ransomware = MalwareFamily("ransomware").save()
backdoor = MalwareFamily("backdoor").save()
stealer = MalwareFamily("stealer").save()
passwordstealer = MalwareFamily("passwordstealer").save()
rootkit = MalwareFamily("rootkit").save()
trojan = MalwareFamily("trojan").save()
dropper = MalwareFamily("dropper").save()
More globally, is it possible to import MITRE objects?
See my comment on #339
@tomchop The 'name' key is missing in the above snippet. Same bug in the testrun.py as well.
## Populate database with initial values
mailer = MalwareFamily(name="mailer").save()
banker = MalwareFamily(name="banker").save()
worm = MalwareFamily(name="worm").save()
ransomware = MalwareFamily(name="ransomware").save()
backdoor = MalwareFamily(name="backdoor").save()
stealer = MalwareFamily(name="stealer").save()
passwordstealer = MalwareFamily(name="passwordstealer").save()
rootkit = MalwareFamily(name="rootkit").save()
trojan = MalwareFamily(name="trojan").save()
dropper = MalwareFamily(name="dropper").save()
Yeah, unfortunately malware families need to be populated from the database directly. I haven't gotten around to add the control in the UI yet. You can do something like this from a python shell on your server:
from mongoengine import connect from core.entities.malware import MalwareFamily db = connect('yeti') # Populate database with initial values mailer = MalwareFamily("mailer").save() banker = MalwareFamily("banker").save() worm = MalwareFamily("worm").save() ransomware = MalwareFamily("ransomware").save() backdoor = MalwareFamily("backdoor").save() stealer = MalwareFamily("stealer").save() passwordstealer = MalwareFamily("passwordstealer").save() rootkit = MalwareFamily("rootkit").save() trojan = MalwareFamily("trojan").save() dropper = MalwareFamily("dropper").save()More globally, is it possible to import MITRE objects?
See my comment on #339
I need help. PLEASE HELP ME. YETI is working but there is no Malware fam. and i can't figure out what to do or where i have to write script and how?
Yes you have to add the family malware with a script. You can use malware Familly in Galaxy of MISP
Yeah, unfortunately malware families need to be populated from the database directly. I haven't gotten around to add the control in the UI yet. You can do something like this from a python shell on your server:
from mongoengine import connect from core.entities.malware import MalwareFamily db = connect('yeti') # Populate database with initial values mailer = MalwareFamily("mailer").save() banker = MalwareFamily("banker").save() worm = MalwareFamily("worm").save() ransomware = MalwareFamily("ransomware").save() backdoor = MalwareFamily("backdoor").save() stealer = MalwareFamily("stealer").save() passwordstealer = MalwareFamily("passwordstealer").save() rootkit = MalwareFamily("rootkit").save() trojan = MalwareFamily("trojan").save() dropper = MalwareFamily("dropper").save()More globally, is it possible to import MITRE objects?
See my comment on #339
I need help. PLEASE HELP ME. YETI is working but there is no Malware fam. and i can't figure out what to do or where i have to write script and how?
You need to run this script from a terminal in the virtual environment that you created when installing Yeti.
Yeah, unfortunately malware families need to be populated from the database directly. I haven't gotten around to add the control in the UI yet. You can do something like this from a python shell on your server:
from mongoengine import connect from core.entities.malware import MalwareFamily db = connect('yeti') # Populate database with initial values mailer = MalwareFamily("mailer").save() banker = MalwareFamily("banker").save() worm = MalwareFamily("worm").save() ransomware = MalwareFamily("ransomware").save() backdoor = MalwareFamily("backdoor").save() stealer = MalwareFamily("stealer").save() passwordstealer = MalwareFamily("passwordstealer").save() rootkit = MalwareFamily("rootkit").save() trojan = MalwareFamily("trojan").save() dropper = MalwareFamily("dropper").save()More globally, is it possible to import MITRE objects?
See my comment on #339
I need help. PLEASE HELP ME. YETI is working but there is no Malware fam. and i can't figure out what to do or where i have to write script and how?
You need to run this script from a terminal in the virtual environment that you created when installing Yeti.
What if I have already installed. Also I have some extra questions about YETI, can I somehow connect with u?
What if I have already installed. Also I have some extra questions about YETI, can I somehow connect with u?
Then you have to do it from already installed YETI dir :) It's best to try asking questions in the form of issues, then potentially more people can help and save time because new users will be able to find the answer in the database of questions (issues).
What if I have already installed. Also I have some extra questions about YETI, can I somehow connect with u?
Then you have to do it from already installed YETI dir :) It's best to try asking questions in the form of issues, then potentially more people can help and save time because new users will be able to find the answer in the database of questions (issues).
+++ yeah you right. Look may be i am stupid but i tried and nothing worked. I wrote "status yeti_web" and it says activate: failed. But YETI server is working with no malware fam yet.