search

OpenCTI-Platform / connectors

OpenCTI Connectors
https://www.opencti.io
Apache License 2.0
362 stars 392 forks source link

[vx-underground] Create the connector #515

Open PandaLyfe opened 2 years ago

PandaLyfe commented 2 years ago

Use case

To be able to run files/hashes/etc collected from VX-Underground in a sandbox (i.e. cuckoo/hybrid analysis/etc) to gather information (such as behavioral analysis, attack patterns, and so on) to create alerts/indicators and use in CTI reporting as well.

Current Workaround

None

Proposed Solution

To create a connector to vx-underground to collect APT samples and any additional data to allow analysts to run within a sandbox environment.

Additional Information

Here is a link for vx-underground: https://vx-underground.org/

If the feature request is approved, would you be willing to submit a PR?

Yes / No (Help can be provided if you need assistance submitting a PR) Not sure what a PR is. If someone can explain what it is, then I can answer this question.

silascutler commented 2 years ago

Samples for VXUG are served from https://samples.vx-underground.org/