Introduction
On March 22nd and 23rd, 2016, CIRCL gave two practical trainings to MISP (Malware Information Sharing Platform & Threat Sharing).
This page includes all the materials used during the training including slides and a virtual machine preconfigured with MISP 2.4.28.
Support
- 0 - Introduction to Information Sharing, MISP a historical perspective
- 1 - MISP User Training - General usage of MISP 2.4
- 2 - MISP User Training - Administration of MISP 2.4
- 3 - PyMISP - Using and expanding the Python API
- 3.1 - Extending MISP with Python modules
- 3.2 - Information Sharing and Taxonomies - Practical Classification of Threat Indicators using MISP
- 3.3 - Workflow of a security analyst Using Viper as a management console for malware analysis
- 4 - What’s next?
FIRST 2016 - MISP Workshop
MISP Virtual Machine
- VirtualBox image with MISP 2.4.41 - misp-training.ova SHA1 sum: 25378b139f38a6c9e378526560e125120f55e61a
- FIRST training VirtualBox image with MISP 2.4.48 - misp-training2.ova SHA1 sum: 9febe1f8f4b0b7d2b08dad3eb94a68429ee989d5
- Virtual image with MISP 2.4.49 - newtraining.ova SHA1 sum: 9f02793f3c79959dd62055cdbc21dbc13da7c443
Login and passwords for the VirtualBox MISP image are the following:
MISP admin: [email protected]/Password1234
MISP user: [email protected]/Password1234
SSH: misp/Password1234
MySQL: root/Password1234 - misp/Password1234
If you want to convert the image from VirtualBox to Parallels:
- Get ovftools from VMware: https://developercenter.vmware.com/web/dp/tool/ovf/3.5.2
- Convert image: /Applications/VMware\ OVF\ Tool/ovftool –lax misp-training.ova misp-training.vmx
- Open misp-training.vmx in Parallels
- It converts and starts the image and it is ready to be used on a DHCP’ed IP address
MISP Community at CIRCL
If you want to connect to the CIRCL MISP community, feel free to contact us.
Updates
- 3rd May 2016 - Virtual box image updated with MISP version 2.4.41
- 29th July 2016 - Virtual box image updated MISP version 2.4.49