diff --git a/.github/CHANGELOG.md b/.github/CHANGELOG.md index 344ad10e0f..3c1c781bf7 100644 --- a/.github/CHANGELOG.md +++ b/.github/CHANGELOG.md @@ -1,6 +1,6 @@ # Changelog -[**Upgrade Guide**](https://intelowl.readthedocs.io/en/latest/Installation.md#update-to-the-most-recent-version) +[**Upgrade Guide**](https://intelowlproject.github.io/docs/IntelOwl/installation/#update-to-the-most-recent-version) ## [v6.0.4](https://github.com/intelowlproject/IntelOwl/releases/tag/v6.0.4) Mostly adjusts and fixes with few new analyzers: Vulners and AILTypoSquatting Library. @@ -8,7 +8,7 @@ Mostly adjusts and fixes with few new analyzers: Vulners and AILTypoSquatting Li ## [v6.0.2](https://github.com/intelowlproject/IntelOwl/releases/tag/v6.0.2) Major fixes and adjustments. We improved the documentation to help the transition to the new major version. -We added **Pivot** buttons to enable manual Pivoting from an Observable/File analysis to another. See [Doc](https://intelowl.readthedocs.io/en/latest/Usage.html#pivots) for more info +We added **Pivot** buttons to enable manual Pivoting from an Observable/File analysis to another. See [Doc](https://intelowlproject.github.io/docs/IntelOwl/usage/#pivots) for more info As usual, we add new plugins. This release brings the following new ones: * a complete **TakedownRequest** playbook to automate TakeDown requests for malicious domains @@ -22,7 +22,7 @@ Little fixes for the major. ## [v6.0.0](https://github.com/intelowlproject/IntelOwl/releases/tag/v6.0.0) This major release is another important milestone for this project! We have been working hard to transform IntelOwl from a *Data Extraction Platform* to a complete *Investigation Platform*! -One of the most noticeable feature is the addition of the [**Investigation** framework](https://intelowl.readthedocs.io/en/latest/Usage.html#investigations-framework)! +One of the most noticeable feature is the addition of the [**Investigation** framework](https://intelowlproject.github.io/docs/IntelOwl/usage/#investigations-framework)! Thanks to the this new feature, analysts can leverage IntelOwl as the starting point of their "Investigations", register their findings, correlate the information found, and collaborate...all in a single place. @@ -34,7 +34,7 @@ You can also find us in [Fukuoka at the next FIRSTCON](https://www.first.org/con Many breaking changes have been introduced with this major release due to dependencies upgrades and architectural changes. -You can find more details in the [Upgrade Guide](https://intelowl.readthedocs.io/en/latest/Installation.html#updating-to-6-0-0-from-a-5-x-x-version). Please read it and follow it carefully before upgrading your IntelOwl instance to this Major version. +You can find more details in the [Upgrade Guide](https://intelowlproject.github.io/docs/IntelOwl/installation/#updating-to-600-from-a-5xx-version). Please read it and follow it carefully before upgrading your IntelOwl instance to this Major version. **New analyzers** @@ -62,7 +62,7 @@ The support for Docker Compose v1 has been dropped. Please upgrade to Docker Com The python `start.py` script is being replaced with a more light Bash script called `script` at the next Major version. Thanks to this change the installation requirements are a lot less than before and it should be easier to install and execute IntelOwl. Please start to use the new `start` script from now to avoid future issues. -For more information: [Installation docs](https://intelowl.readthedocs.io/en/develop/Installation.html) +For more information: [Installation docs](https://intelowlproject.github.io/docs/IntelOwl/installation/) ## [v5.2.2](https://github.com/intelowlproject/IntelOwl/releases/tag/v5.2.2) @@ -70,8 +70,8 @@ This release has been done mainly to adjusts a broken database migration introdu **Main Improvements** * Added new analyzers for [DNS0](https://docs.dns0.eu/) PassiveDNS data -* Added the chance to collect metrics ([Business Intelligence](https://intelowl.readthedocs.io/en/develop/Advanced-Configuration.html#business-intelligence) regarding Plugins Usage and send it to an ElasticSearch instance. -* Added new buttons to test ["Healthcheck" and "Pull" operations](https://intelowl.readthedocs.io/en/latest/Usage.html#special-plugins-operations) for each Plugin (A feature introduced in the previous version) +* Added the chance to collect metrics ([Business Intelligence](https://intelowlproject.github.io/docs/IntelOwl/advanced_configuration/#business-intelligence) regarding Plugins Usage and send it to an ElasticSearch instance. +* Added new buttons to test ["Healthcheck" and "Pull" operations](https://intelowlproject.github.io/docs/IntelOwl/usage/#special-plugins-operations) for each Plugin (A feature introduced in the previous version) **Other improvements** * Various generic fixes and adjustments in the GUI @@ -116,8 +116,8 @@ If you are interested in helping us setting up a public instance of IntelOwl, ** **General improvements** * Added First Visit Guide * Improved the documentation with the goal to help the users to understand better how all the available Plugins work. -* For OpenCTI users having problems in integrating IntelOwl, now you can use a workaround: [doc](https://intelowl.readthedocs.io/en/latest/Advanced-Configuration.html#opencti) -* A new organization role is available to better manage the org: `admin`. [Doc](https://intelowl.readthedocs.io/en/latest/Usage.html#organizations-and-user-management) +* For OpenCTI users having problems in integrating IntelOwl, now you can use a workaround: [doc](https://intelowlproject.github.io/docs/advanced_configuration/#opencti) +* A new organization role is available to better manage the org: `admin`. [Doc](https://intelowlproject.github.io/docs/usage/#organizations-and-user-management) * Improvements in the "Jobs History" table: now it shows executed Playbooks and file/observables types correctly. * We added a new "Pivot" section in the "Plugin" GUI for the new Plugin type introduced in the [v5.1.0](https://github.com/intelowlproject/IntelOwl/releases/tag/v5.1.0) release. We added a new dedicated visualizer which allows the user to see when a Pivot has been executed in the "Job Result" page. We are still working on it and planning to add more documentation and GUI usability soon. * Improvements in the "Jobs Result" page: now playbooks are more relevant, warnings are shown next to errors, Raw JSON data has been moved next to the other raw data. @@ -148,7 +148,7 @@ With this release we announce our new official site created by [Abheek Tripathy] Feel free to check it out! Official [blog post here](https://intelowlproject.github.io/blogs/official_site_revamped)! **Important changes** -* We added a new type of Plugin called [Ingestor](https://intelowl.readthedocs.io/en/latest/Usage.html#ingestors). **Ingestors** allow to automatically insert IOC streams from outside sources to IntelOwl itself. +* We added a new type of Plugin called [Ingestor](https://intelowlproject.github.io/docs/usage/#ingestors). **Ingestors** allow to automatically insert IOC streams from outside sources to IntelOwl itself. * Visualizers are not connected anymore to Analyzers/Connectors. They are connected to a single Playbook instead. This allows the users to create and manage the Visualizers in an easier way. * We added the new **Pivot** framework in the backend which allows to connect jobs to each other and to _pivot_ from one indicator to another. This is the first step to give the chance to the users to create more broader and complex investigation in IntelOwl. The next step will be to add the Frontend changes that allows the user to fully leverage the framework @@ -190,7 +190,7 @@ This framework is extremely powerful and allows every user to customize the GUI That would speed the analysis of the results a lot if done correctly! -To aid in this process we added a lot of [documentation and some very simple pre-built analyzers that you can use as example](https://intelowl.readthedocs.io/en/latest/Usage.html#visualizers): +To aid in this process we added a lot of [documentation and some very simple pre-built analyzers that you can use as example](https://intelowlproject.github.io/docs/usage/#visualizers): Moreover this release anticipates other important crucial steps for IntelOwl: * On June 10th [Matteo Lodi](https://twitter.com/matte_lodi) and [Simone Berni](https://twitter.com/0ssig3no) are presenting IntelOwl at one of the most important Cyber Security events in Italy: [HackinBo](https://www.hackinbo.it/programma.php) @@ -200,12 +200,12 @@ This release was possible thanks to the effort put in place by [Certego](https:/ **Other important changes:** -We have done some big refactor changes that could make your application do not work as expected after this major upgrade. Please follow the the [migration guide](https://intelowl.readthedocs.io/en/latest/Installation.html#updating-to-5-0-0-from-a-4-x-x-version) before upgrading IntelOwl to the new major release. +We have done some big refactor changes that could make your application do not work as expected after this major upgrade. Please follow the the [migration guide](https://intelowlproject.github.io/docs/installation/#updating-to-5-0-0-from-a-4-x-x-version) before upgrading IntelOwl to the new major release. * We moved away from the old big `analyzer_config.json` which was storing all the base configuration of the Analyzers to a database model (we did the same for all the other plugins types too). This allows us to manage plugins creation/modification/deletion in a more reliable manner and via the Django Admin Interface. If you have created custom plugins and changed those `_config.json` file manually, you would need to re-create those custom plugins again from the Django Admin Interface. * We have REMOVED all the environment configuration that we deprecated with the v4.0.0 release and the script to migrate them. -* We have REMOVED/RENAMED all the analyzers that we deprecated during the v4 releases cycle plus some more (see [migration guide](https://intelowl.readthedocs.io/en/latest/Installation.html#updating-to-5-0-0-from-a-4-x-x-version)). You might need to change the analyzer names in your integrations. +* We have REMOVED/RENAMED all the analyzers that we deprecated during the v4 releases cycle plus some more (see [migration guide](https://intelowlproject.github.io/docs/installation/#updating-to-5-0-0-from-a-4-x-x-version)). You might need to change the analyzer names in your integrations. * We did a lot of code refactors here and there to remove some spaghetti code that was generated by the high amount of different contributors that we had during the recent years. This should be transparent for the user **Other added minor features** @@ -285,7 +285,7 @@ and restart IntelOwl. It should solve the permissions problem. * Fixed Cape Sandbox analyzer not working * Deprecated `ThreatMiner`, `SecurityTrails` and `Robtex` various analyzers and substituted with new versions. * Refactoring and features in preparation to add support for cluster deployments. -* Added a new advanced Documentation section [Advanced Configuration](https://intelowl.readthedocs.io/en/latest/Advanced-Configuration.html) +* Added a new advanced Documentation section [Advanced Configuration](https://intelowlproject.github.io/docs/advanced_configuration) * Added more support for Cloud Deployments (in particular AWS) * Other minor adjustments and fixes @@ -307,7 +307,7 @@ We added some improvements to handle recent Microsoft Office downloaders: **Deployments:** -We are preparing to add more support for production deployments. We added some [documentation](https://intelowl.readthedocs.io/en/latest/Installation.md) regarding: +We are preparing to add more support for production deployments. We added some [documentation](https://intelowlproject.github.io/docs/installation/) regarding: * Logrotate Configuration * Crontab Configuration @@ -366,7 +366,7 @@ If you love this project and you would like to help us, we would love to get you ## [v4.1.2](https://github.com/intelowlproject/IntelOwl/releases/tag/v4.1.2) -This version mainly adds quality improvements to the recently released ["Playbook" feature](https://intelowl.readthedocs.io/en/latest/Usage.html#playbooks): +This version mainly adds quality improvements to the recently released ["Playbook" feature](https://intelowlproject.github.io/docs/usage/#playbooks): * Now it is possible to create a new Playbook easily thanks to a proper button in the GUI. In this way you can save your own Playbooks and repeat them. * Now Playbooks support the check of already existing similar analysis like normal analysis already do. This saves computational and analysts' time. @@ -405,12 +405,12 @@ I would like to thank them and all the mentors (@sp35, @eshaan7, @0ssigeno, @dro Looking forward for the Google Summer of Code 2023! **Time savers features** -- New Plugin Type to allow to easily replicate the same type of analysis without having to select and/or configure groups of analyzers/connectors every time: **Playbooks** ([docs reference](https://intelowl.readthedocs.io/en/latest/Usage.html#playbooks)) -- Default Plugins Parameters can be customized from the GUI and are defined at user/org level instead of globally ([docs reference](https://intelowl.readthedocs.io/en/latest/Advanced-Usage.html#customize-analyzer-execution)) -- Plugins Secrets can now be managed from the GUI and are defined at user/org level instead of globally ([docs reference](https://intelowl.readthedocs.io/en/latest/Installation.html#deprecated-environment-configuration)) -- Organization admins can enable/disable analyzers for all the org ([docs reference](https://intelowl.readthedocs.io/en/latest/Usage.html#multi-tenancy)) -- Google Oauth authentication support ([docs reference](https://intelowl.readthedocs.io/en/latest/Advanced-Configuration.html#google-oauth2)) -- Added support for `extends` key to simplify Analyzer configuration and customization ([docs reference](https://intelowl.readthedocs.io/en/latest/Usage.html#analyzers-customization)) +- New Plugin Type to allow to easily replicate the same type of analysis without having to select and/or configure groups of analyzers/connectors every time: **Playbooks** ([docs reference](https://intelowlproject.github.io/docs/usage/#playbooks)) +- Default Plugins Parameters can be customized from the GUI and are defined at user/org level instead of globally ([docs reference](https://intelowlproject.github.io/docs/advanced_usage/#customize-analyzer-execution)) +- Plugins Secrets can now be managed from the GUI and are defined at user/org level instead of globally ([docs reference](https://intelowlproject.github.io/docs/installation/#deprecated-environment-configuration)) +- Organization admins can enable/disable analyzers for all the org ([docs reference](https://intelowlproject.github.io/docs/usage/#multi-tenancy)) +- Google Oauth authentication support ([docs reference](https://intelowlproject.github.io/docs/Advanced-Configuration.html#google-oauth2)) +- Added support for `extends` key to simplify Analyzer configuration and customization ([docs reference](https://intelowlproject.github.io/docs/usage/#analyzers-customization)) **Others** - Adjusted default time limits and configuration of some analyzers @@ -445,15 +445,15 @@ The overall user feeling should be drastically improved. We hope you'll enjoy th While developing the new GUI, our main goal was to at least provide the same features that were available before. Anyway, we had the chance to add some important features: -- A new way to manage users and their permissions: the "Organization" feature. Please refer to the [docs here](https://intelowl.readthedocs.io/en/latest/Usage.md#organizations-and-user-management). -- A notification mechanism was added. Please refer to the [docs here](https://intelowl.readthedocs.io/en/latest/Usage.md#notifications). +- A new way to manage users and their permissions: the "Organization" feature. Please refer to the [docs here](https://intelowlproject.github.io/docs/usage/#organizations-and-user-management). +- A notification mechanism was added. Please refer to the [docs here](https://intelowlproject.github.io/docs/usage/#notifications). - Now it is possible to do more advanced lookups through the Jobs History and have an overall better way to filter them. - A new "API Access/Sessions" section was added to facilitate the management of API tokens and User sessions. - Now it is possible to submit multiple observables / files at the same time. **RETROCOMPATIBILITY INFO AND HOW TO UPDATE** -Please refer to the [**Upgrade Guide**](https://intelowl.readthedocs.io/en/latest/Installation.html#update-and-re-build) +Please refer to the [**Upgrade Guide**](https://intelowlproject.github.io/docs/installation/#update-and-re-build) **New/Improved Analyzers:** - Added an analyzer which supports the new service provided for free by [The Honeynet Project](https://www.honeynet.org/2021/12/27/new-project-available-greedybear/): [GreedyBear](https://github.com/honeynet/GreedyBear) @@ -462,7 +462,7 @@ Please refer to the [**Upgrade Guide**](https://intelowl.readthedocs.io/en/lates **Other:** -- improved and updated the overall documentation (in particular the [Contribute](https://intelowl.readthedocs.io/en/latest/Contribute.md) section) to help the developers to start to work on the project +- improved and updated the overall documentation (in particular the [Contribute](https://intelowlproject.github.io/docs/contribute) section) to help the developers to start to work on the project - added DOCKER BUILDKIT, `--debug-build` and Watchman dependency to speed up development - now the Backend and the Frontend are respectively highly dependant from 2 new open source projects created by [Certego](https://www.certego.net/), [certego-saas](https://github.com/certego/certego-saas) and [certego-ui](https://github.com/certego/certego-ui). - a lot of dependencies upgrade, in particular in the new ReactJS Frontend. @@ -515,7 +515,7 @@ We are proud to announce two new sponsorships today! If you are interested in helping the project through a donation, read [here](https://github.com/intelowlproject/IntelOwl/blob/master/.github/partnership_and_sponsors.md) how you can do it! **New/Improved Analyzers:** -- New [CyberChef](https://gchq.githuba.io/CyberChef/) Analyzer! Run your own recipes in IntelOwl! Check the [docs](https://intelowl.readthedocs.io/en/develop/Advanced-Usage.html#cyberchef)! +- New [CyberChef](https://gchq.githuba.io/CyberChef/) Analyzer! Run your own recipes in IntelOwl! Check the [docs](https://intelowlproject.github.io/docs/advanced_usage/#cyberchef)! **Other:** - fixes: [#931](https://github.com/intelowlproject/IntelOwl/issues/931) @@ -542,17 +542,17 @@ If you are interested in helping the project through a donation, read [here](htt ## [v3.3.0](https://github.com/intelowlproject/IntelOwl/releases/tag/v3.3.0) **Notes:** -- Added helper script that checks and installs [initial requirements](https://intelowl.readthedocs.io/en/develop/Installation.html#requirements). (`initialize.sh`) -- Added [RADIUS authentication support](https://intelowl.readthedocs.io/en/latest/Advanced-Configuration.html#radius-authentication) +- Added helper script that checks and installs [initial requirements](https://intelowlproject.github.io/docs/installation/#requirements). (`initialize.sh`) +- Added [RADIUS authentication support](https://intelowlproject.github.io/docs/advanced_configuration/#radius-authentication) **New/Improved Analyzers:** -- Added a new optional [Docker Analyzer](https://intelowl.readthedocs.io/en/develop/Advanced-Usage.html#optional-analyzers) running [Onionscan](https://github.com/s-rah/onionscan) +- Added a new optional [Docker Analyzer](https://intelowlproject.github.io/docs/advanced_usage/#optional-analyzers) running [Onionscan](https://github.com/s-rah/onionscan) - Added [CAPE Sandbox](https://capesandbox.com/) file analyzer - `Doc_Info` analyzer now runs [msodde](https://github.com/decalage2/oletools/wiki/msodde) together with `olevba` and `XMLMacroDeobfuscator` - `PE_Info` analyzer now calculates [impfuzzy](https://github.com/JPCERTCC/impfuzzy) and [dashicon](https://github.com/fr0gger/SuperPeHasher) hashes too. **Other:** -- Added option to run ElasticSearch/Kibana together with IntelOwl with option `--elastic`. Check the [doc here](https://intelowl.readthedocs.io/en/latest/Advanced-Configuration.html#example-configuration) +- Added option to run ElasticSearch/Kibana together with IntelOwl with option `--elastic`. Check the [doc here](https://intelowlproject.github.io/docs/advanced_configuration/#example-configuration) - Security: Patched Django Critical Bug + Added Brute Force protection to the Admin page - Generic bug fixing and other maintenance work - Bump some python dependencies @@ -597,7 +597,7 @@ If you are interested in helping the project through a donation, read [here](htt **For IntelOwl Contributors** -We updated the documentation on how to [Contribute](https://intelowl.readthedocs.io/en/latest/Contribute.html#rules). Please read through them if interested in contributing in the project. +We updated the documentation on how to [Contribute](https://intelowlproject.github.io/docs/contribute/#rules). Please read through them if interested in contributing in the project. ## [v3.2.2](https://github.com/intelowlproject/IntelOwl/releases/tag/v3.2.2) @@ -708,12 +708,12 @@ This is a minor patch release. **Features:** - Plugins (analyzers/connectors) that are not properly configured will not run even if requested. They will be marked as disabled from the dropdown on the analysis form and as a bonus you can also see if and why a plugin is not configured on the GUI tables. -- Added `kill`, `retry` and `healthcheck` features to analyzers and connectors. See [Managing Analyzers and Connectors](https://intelowl.readthedocs.io/en/master/Usage.html#special-plugins-operations). -- Standardized threat-sharing using Traffic Light Protocol or `TLP`, thereby deprecating the use of booleans `force_privacy`, `disable_external_analyzers` and `private`. See [TLP Support](https://intelowl.readthedocs.io/en/master/Usage.html#tlp-support). This makes the analysis form much more easier to use than before. +- Added `kill`, `retry` and `healthcheck` features to analyzers and connectors. See [Managing Analyzers and Connectors](https://intelowlproject.github.io/docs/usage/#special-plugins-operations). +- Standardized threat-sharing using Traffic Light Protocol or `TLP`, thereby deprecating the use of booleans `force_privacy`, `disable_external_analyzers` and `private`. See [TLP Support](https://intelowlproject.github.io/docs/usage/#tlp-support). This makes the analysis form much more easier to use than before. **New class of plugins called _Connectors_:** -- Connectors are designed to run after every successful analysis which makes them suitable for automated threat-sharing. Built to support integration with other SIEM/SOAR projects specifically aimed at Threat Sharing Platforms. See [Available Connectors](https://intelowl.readthedocs.io/en/master/Usage.html#available-connectors). +- Connectors are designed to run after every successful analysis which makes them suitable for automated threat-sharing. Built to support integration with other SIEM/SOAR projects specifically aimed at Threat Sharing Platforms. See [Available Connectors](https://intelowlproject.github.io/docs/usage/#available-connectors). - Newly added connectors for threat-sharing: - `MISP`: automatically creates an event on your MISP instance. - `OpenCTI`: automatically creates an observable and a linked report on your OpenCTI instance. @@ -724,7 +724,7 @@ This is a minor patch release. - The `additional_config_params` attribute was split into the following 3 individual attributes. - `config`: Includes common parameters - `queue` and `soft_time_limit`. - - `params`: Includes default value, datatype and description for each [Analyzer](https://intelowl.readthedocs.io/en/master/Usage.html#analyzers-customization) or [Connector](https://intelowl.readthedocs.io/en/master/Usage.html#connectors-customization) specific parameters that modify runtime behaviour. + - `params`: Includes default value, datatype and description for each [Analyzer](https://intelowlproject.github.io/docs/usage/#analyzers-customization) or [Connector](https://intelowlproject.github.io/docs/usage/#connectors-customization) specific parameters that modify runtime behaviour. - `secrets`: Includes analyzer or connector specific secrets (e.g. API Key) name along with the secret's description. All secrets are required. **New inbuilt analyzers/fixes to existing:** @@ -738,7 +738,7 @@ This is a minor patch release. - New `ClamAV` analyzer: scan files for viruses/malwares/trojans using [ClamAV antivirus engine](https://docs.clamav.net/). - Fixed `Tranco` Analyzer pointing to the wrong `python_module` - Removed `CirclePDNS` default value in `env_file_app_template` -- VirusTotal v3: New configuration options: `include_behaviour_summary` for behavioral analysis and `include_sigma_analyses` for sigma analysis report of the file. See [Customize Analyzers](https://intelowl.readthedocs.io/en/master/Advanced-Usage.html#customize-analyzer-execution). +- VirusTotal v3: New configuration options: `include_behaviour_summary` for behavioral analysis and `include_sigma_analyses` for sigma analysis report of the file. See [Customize Analyzers](https://intelowlproject.github.io/docs/advanced_usage/#customize-analyzer-execution). **REST API changes:** @@ -800,7 +800,7 @@ Then a lot of maintenance and overall project stability issues solved: - bumped new versions of a lot of dependencies - Improved "Installation" and "Contribute" documentation - added new badges to the README -- added `--django-server` [option](https://intelowl.readthedocs.io/en/latest/Contribute.html#how-to-start) to speed up development +- added `--django-server` [option](https://intelowlproject.github.io/docs/contribute/#how-to-start) to speed up development - analyzed files are now correctly deleted with the periodic cronjob - other little refactors and fixes @@ -879,25 +879,25 @@ We changed `docker-compose` file names for optional analyzers. In the `v.2.0.0` - moved docker and docker-compose files under `docker/` folder. - users upgrading from previous versions need to manually move `env_file_app`, `env_file_postgres` and `env_file_integrations` files under `docker/`. -- users are to use the new [start.py](https://intelowl.readthedocs.io/en/stable/Installation.html#run) method to build or start IntelOwl containers +- users are to use the new [start.py](https://intelowlproject.github.io/docs/installation/#run) method to build or start IntelOwl containers - moved the following analyzers together in a specific optional docker container named `static_analyzers`. - [`Capa`](https://github.com/fireeye/capa) - [`PeFrame`](https://github.com/guelfoweb/peframe) - `Strings_Info_Classic` (based on [flarestrings](https://github.com/fireeye/stringsifter)) - `Strings_Info_ML` (based on [stringsifter](https://github.com/fireeye/stringsifter)) -Please see [docs](https://intelowl.readthedocs.io/en/stable/Advanced-Usage.html#optional-analyzers) to understand how to enable these optional analyzers +Please see [docs](https://intelowlproject.github.io/docs/advanced_usage/#optional-analyzers) to understand how to enable these optional analyzers **NEW INBUILT ANALYZERS:** -- added [Qiling](https://github.com/qilingframework/qiling) file analyzer. This is an optional analyzer (see [docs](https://intelowl.readthedocs.io/en/stable/Advanced-Usage.html#optional-analyzers) to understand how to activate it). +- added [Qiling](https://github.com/qilingframework/qiling) file analyzer. This is an optional analyzer (see [docs](https://intelowlproject.github.io/docs/advanced_usage.html#optional-analyzers) to understand how to activate it). - added [Stratosphere blacklists](https://www.stratosphereips.org/attacker-ip-prioritization-blacklist) analyzer - added [FireEye Red Team Tool Countermeasures](https://github.com/fireeye/red_team_tool_countermeasures) Yara rules analyzer - added [emailrep.io](https://emailrep.io/) analyzer - added [Triage](https://tria.ge) analyzer for observables (`search` API) - added [InQuest](https://labs.inquest.net) analyzer - added [WiGLE](api.wigle.net) analyzer -- new analyzers were added to the `static_analyzers` optional docker container (see [docs](https://intelowl.readthedocs.io/en/stable/Advanced-Usage.html#optional-analyzers) to understand how to activate it). +- new analyzers were added to the `static_analyzers` optional docker container (see [docs](https://intelowlproject.github.io/docs/advanced_usage/#optional-analyzers) to understand how to activate it). - [`FireEye Floss`](https://github.com/fireeye/flare-floss) strings analysis. - [`Manalyze`](https://github.com/JusticeRage/Manalyze) file analyzer @@ -905,7 +905,7 @@ Please see [docs](https://intelowl.readthedocs.io/en/stable/Advanced-Usage.html# - upgraded main Dockerfile to python 3.8 - added support for the `generic` observable type. In this way it is possible to build analyzers that can analyze everything and not only IPs, domains, URLs or hashes -- added [Multi-queue](https://intelowl.readthedocs.io/en/stable/Advanced-Configuration.html#multi-queue) option to optimize usage of Celery queues. This is intended for advanced users. +- added [Multi-queue](https://intelowlproject.github.io/docs/advanced_configuration/#multi-queue) option to optimize usage of Celery queues. This is intended for advanced users. - updated GUI to new [IntelOwl-ng](https://github.com/intelowlproject/IntelOwl-ng/releases/tag/v1.7.0) version - upgraded [Speakeasy](https://github.com/fireeye/speakeasy), [Quark-Engine](https://github.com/quark-engine/quark-engine) and [Dnstwist](https://github.com/elceef/dnstwist) analyzers to last versions - moved from Travis CI to Github CI @@ -1036,7 +1036,7 @@ Patch after **v1.5.0**. **Breaking Changes:** -- Moved `ldap_config.py` under `configuration/` directory. If you were using LDAP before this release, please refer the [updated docs](https://intelowl.readthedocs.io/en/develop/Advanced-Configuration.html#ldap). +- Moved `ldap_config.py` under `configuration/` directory. If you were using LDAP before this release, please refer the [updated docs](https://intelowlproject.github.io/docs/advanced_configuration/#ldap). **Fixes:** diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md index 463c46f558..74c15019a7 100644 --- a/.github/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -1 +1 @@ -Please refer to https://intelowl.readthedocs.io/en/latest/Contribute.html +Please refer to https://intelowlproject.github.io/docs/IntelOwl/contribute/ diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index f36f30914a..72febefa05 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -14,22 +14,22 @@ Please delete options that are not relevant. # Checklist -- [ ] I have read and understood the rules about [how to Contribute](https://intelowl.readthedocs.io/en/latest/Contribute.html) to this project +- [ ] I have read and understood the rules about [how to Contribute](https://intelowlproject.github.io/docs/IntelOwl/contribute/) to this project - [ ] The pull request is for the branch `develop` - [ ] A new plugin (analyzer, connector, visualizer, playbook, pivot or ingestor) was added or changed, in which case: - - [ ] I strictly followed the documentation ["How to create a Plugin"](https://intelowl.readthedocs.io/en/latest/Contribute.html#how-to-add-a-new-plugin) + - [ ] I strictly followed the documentation ["How to create a Plugin"](https://intelowlproject.github.io/docs/IntelOwl/contribute/#how-to-add-a-new-plugin) - [ ] [Usage](https://github.com/intelowlproject/docs/blob/main/docs/IntelOwl/usage.md) file was updated. - [ ] [Advanced-Usage](https://github.com/intelowlproject/docs/blob/main/docs/IntelOwl/advanced_usage.md) was updated (in case the plugin provides additional optional configuration). - - [ ] I have dumped the configuration from Django Admin using the `dumpplugin` command and added it in the project as a data migration. (["How to share a plugin with the community"](https://intelowl.readthedocs.io/en/latest/Contribute.html#how-to-share-your-plugin-with-the-community)) + - [ ] I have dumped the configuration from Django Admin using the `dumpplugin` command and added it in the project as a data migration. (["How to share a plugin with the community"](https://intelowlproject.github.io/docs/IntelOwl/contribute/#how-to-share-your-plugin-with-the-community)) - [ ] If a File analyzer was added and it supports a mimetype which is not already supported, you added a sample of that type inside the archive `test_files.zip` and you added the default tests for that mimetype in [test_classes.py](https://github.com/intelowlproject/IntelOwl/blob/master/tests/api_app/analyzers_manager/test_classes.py). - - [ ] If you created a new analyzer and it is free (does not require any API key), please add it in the `FREE_TO_USE_ANALYZERS` playbook by following [this guide](https://intelowl.readthedocs.io/en/latest/Contribute.html#how-to-modify-a-plugin). - - [ ] Check if it could make sense to add that analyzer/connector to other [freely available playbooks](https://intelowl.readthedocs.io/en/develop/Usage.html#list-of-pre-built-playbooks). + - [ ] If you created a new analyzer and it is free (does not require any API key), please add it in the `FREE_TO_USE_ANALYZERS` playbook by following [this guide](https://intelowlproject.github.io/docs/IntelOwl/contribute/#how-to-modify-a-plugin). + - [ ] Check if it could make sense to add that analyzer/connector to other [freely available playbooks](https://intelowlproject.github.io/docs/IntelOwl/usage/#list-of-pre-built-playbooks). - [ ] I have provided the resulting raw JSON of a finished analysis and a screenshot of the results. - [ ] If the plugin interacts with an external service, I have created an attribute called precisely `url` that contains this information. This is required for Health Checks. - [ ] If the plugin requires mocked testing, `_monkeypatch()` was used in its class to apply the necessary decorators. - [ ] I have added that raw JSON sample to the `MockUpResponse` of the `_monkeypatch()` method. This serves us to provide a valid sample for testing. - [ ] If external libraries/packages with restrictive licenses were used, they were added in the [Legal Notice](https://github.com/certego/IntelOwl/blob/master/.github/legal_notice.md) section. -- [ ] Linters (`Black`, `Flake`, `Isort`) gave 0 errors. If you have correctly installed [pre-commit](https://intelowl.readthedocs.io/en/latest/Contribute.html#how-to-start-setup-project-and-development-instance), it does these checks and adjustments on your behalf. +- [ ] Linters (`Black`, `Flake`, `Isort`) gave 0 errors. If you have correctly installed [pre-commit](https://intelowlproject.github.io/docs/IntelOwl/contribute/#how-to-start-setup-project-and-development-instance), it does these checks and adjustments on your behalf. - [ ] I have added tests for the feature/bug I solved (see `tests` folder). All the tests (new and old ones) gave 0 errors. - [ ] If changes were made to an existing model/serializer/view, the docs were updated and regenerated (check [CONTRIBUTE.md](https://github.com/intelowlproject/IntelOwl/blob/master/docs/source/Contribute.md)). - [ ] If the GUI has been modified: diff --git a/README.md b/README.md index 3ada08a841..702ceccc9d 100644 --- a/README.md +++ b/README.md @@ -48,11 +48,11 @@ All info about installation, usage, configuration and contribution can be found ### Publications and Media -To know more about the project and its growth over time, you may be interested in reading [the official blog posts and/or videos about the project by clicking on this link](https://intelowl.readthedocs.io/en/latest/Introduction.html#publications-and-media) +To know more about the project and its growth over time, you may be interested in reading [the official blog posts and/or videos about the project by clicking on this link](https://intelowlproject.github.io/docs/IntelOwl/introduction/#publications-and-media) ### Available services or analyzers -You can see the full list of all available analyzers in the [documentation](https://intelowl.readthedocs.io/en/latest/Usage.html#available-analyzers). +You can see the full list of all available analyzers in the [documentation](https://intelowlproject.github.io/docs/IntelOwl/usage/#analyzers). | Type | Analyzers Available | | -------------------------------------------------- |-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| diff --git a/api_app/analyzers_manager/file_analyzers/virushee.py b/api_app/analyzers_manager/file_analyzers/virushee.py index a0d16858ee..13a3c5d64b 100644 --- a/api_app/analyzers_manager/file_analyzers/virushee.py +++ b/api_app/analyzers_manager/file_analyzers/virushee.py @@ -65,7 +65,7 @@ def __poll_status_and_result(self, task_id: str) -> dict: response_json = None url = f"{self.url}/file/task/{task_id}" for chance in range(self.max_tries): - logger.info(f"Polling try#{chance+1}") + logger.info(f"Polling try#{chance + 1}") response = self.__session.get(url) response.raise_for_status() response_json = response.json() diff --git a/api_app/analyzers_manager/migrations/0075_adjust_greynoise.py b/api_app/analyzers_manager/migrations/0075_adjust_greynoise.py index e917ec7f83..19a40ed9b6 100644 --- a/api_app/analyzers_manager/migrations/0075_adjust_greynoise.py +++ b/api_app/analyzers_manager/migrations/0075_adjust_greynoise.py @@ -14,8 +14,7 @@ def migrate(apps, schema_editor): param.save() -def reverse_migrate(apps, schema_editor): - ... +def reverse_migrate(apps, schema_editor): ... class Migration(migrations.Migration): diff --git a/api_app/analyzers_manager/observable_analyzers/pulsedive.py b/api_app/analyzers_manager/observable_analyzers/pulsedive.py index ae6c6baf23..e33031c0d5 100644 --- a/api_app/analyzers_manager/observable_analyzers/pulsedive.py +++ b/api_app/analyzers_manager/observable_analyzers/pulsedive.py @@ -93,7 +93,7 @@ def __poll_for_result(self, params): obj_repr = self.__repr__() for chance in range(self.max_tries): logger.info( - f"polling request #{chance+1} for observable: {self.observable_name}" + f"polling request #{chance + 1} for observable: {self.observable_name}" f" <- {obj_repr}" ) time.sleep(self.poll_distance) diff --git a/api_app/ingestors_manager/ingestors/malware_bazaar.py b/api_app/ingestors_manager/ingestors/malware_bazaar.py index 9998393add..031df45ad4 100644 --- a/api_app/ingestors_manager/ingestors/malware_bazaar.py +++ b/api_app/ingestors_manager/ingestors/malware_bazaar.py @@ -93,7 +93,7 @@ def run(self) -> Iterable[Any]: hashes_len = len(hashes) # download sample and create new analysis for idx, h in enumerate(hashes): - logger.info(f"Downloading sample {idx+1}/{hashes_len}") + logger.info(f"Downloading sample {idx + 1}/{hashes_len}") sample = self.download_sample(h) yield sample diff --git a/api_app/investigations_manager/admin.py b/api_app/investigations_manager/admin.py index 6f0a385b83..5635def817 100644 --- a/api_app/investigations_manager/admin.py +++ b/api_app/investigations_manager/admin.py @@ -19,7 +19,7 @@ def total_jobs(self, instance: Investigation): job: Job tree = job.get_tree(job) jobs_repr = " ".join(map(str, tree.values_list("pk", flat=True))) - string += f"Branch {i+1}: jobs -> {jobs_repr}; " + string += f"Branch {i + 1}: jobs -> {jobs_repr}; " return string @admin.display(description="Jobs at first level") diff --git a/api_app/playbooks_manager/signals.py b/api_app/playbooks_manager/signals.py index 8cf87a04c4..ef63d51282 100644 --- a/api_app/playbooks_manager/signals.py +++ b/api_app/playbooks_manager/signals.py @@ -75,7 +75,7 @@ def m2m_changed_pivots_playbook_config( wrong_pivots = objects.exclude(pk__in=valid_pks) if wrong_pivots.exists(): raise ValidationError( - f"You can't set pivot{'s' if wrong_pivots.size()> 0 else ''}" + f"You can't set pivot{'s' if wrong_pivots.size() > 0 else ''}" f" {','.join(wrong_pivots.values_list('name', flat=True))} because" " the playbook does not have all the required plugins" ) diff --git a/configuration/ldap_config.py b/configuration/ldap_config.py index 09a260bc74..84d264e934 100644 --- a/configuration/ldap_config.py +++ b/configuration/ldap_config.py @@ -2,7 +2,7 @@ # See the file 'LICENSE' for copying permission. # Check the documentation for the details on how to configure LDAP -# https://intelowl.readthedocs.io/en/latest/Advanced-Configuration.html#ldap +# https://intelowlproject.github.io/docs/IntelOwl/advanced_configuration/#ldap import ldap from django_auth_ldap.config import GroupOfNamesType, LDAPSearch diff --git a/frontend/README.md b/frontend/README.md index b58cd2349a..52b5d027ab 100644 --- a/frontend/README.md +++ b/frontend/README.md @@ -52,7 +52,7 @@ src/ source code The frontend inside the docker containers does not hot-reload, so you need to use `CRA dev server` on your host machine to serve pages when doing development on the frontend, using docker nginx only as API source. -- Start IntelOwl containers (see [docs](https://intelowl.readthedocs.io/en/latest/Installation.html)). Original dockerized app is accessible on `http://localhost:80` +- Start IntelOwl containers (see [docs](https://intelowlproject.github.io/docs/IntelOwl/installation/)). Original dockerized app is accessible on `http://localhost:80` - If you have not `node-js` installed, you have to do that. Follow the guide [here](https://www.digitalocean.com/community/tutorials/how-to-install-node-js-on-ubuntu-20-04). We tested this with NodeJS >=16.6 diff --git a/frontend/src/components/GuideWrapper.jsx b/frontend/src/components/GuideWrapper.jsx index db9a540814..1006237a78 100644 --- a/frontend/src/components/GuideWrapper.jsx +++ b/frontend/src/components/GuideWrapper.jsx @@ -17,8 +17,8 @@ export default function GuideWrapper() {

Welcome to IntelOwls Guide for First Time Visitors! For further questions you could either check out our{" "} - docs or - reach us out on{" "} + docs or reach + us out on{" "} the official IntelOwl slack channel diff --git a/frontend/src/components/plugins/types/PluginWrapper.jsx b/frontend/src/components/plugins/types/PluginWrapper.jsx index e335989914..4018fee315 100644 --- a/frontend/src/components/plugins/types/PluginWrapper.jsx +++ b/frontend/src/components/plugins/types/PluginWrapper.jsx @@ -84,7 +84,7 @@ export default function PluginWrapper({ {description} Fore more info check the{" "} official doc diff --git a/frontend/src/components/scan/ScanForm.jsx b/frontend/src/components/scan/ScanForm.jsx index 375cd373dd..1ba4abfbae 100644 --- a/frontend/src/components/scan/ScanForm.jsx +++ b/frontend/src/components/scan/ScanForm.jsx @@ -923,7 +923,7 @@ export default function ScanForm() {
For more info check the{" "} official doc. diff --git a/frontend/src/constants/environment.js b/frontend/src/constants/environment.js index 27e0aa382c..ba62a4da87 100644 --- a/frontend/src/constants/environment.js +++ b/frontend/src/constants/environment.js @@ -1,5 +1,5 @@ /* eslint-disable prefer-destructuring */ -export const INTELOWL_DOCS_URL = "https://intelowl.readthedocs.io/en/latest/"; +export const INTELOWL_DOCS_URL = "https://intelowlproject.github.io/docs/"; export const PYINTELOWL_GH_URL = "https://github.com/intelowlproject/pyintelowl"; export const INTELOWL_TWITTER_ACCOUNT = "intel_owl";