{"id":8963,"date":"2020-02-11T17:00:00","date_gmt":"2020-02-11T11:30:00","guid":{"rendered":"http:\/\/kalilinuxtutorials.com\/?p=8963"},"modified":"2020-02-11T17:00:00","modified_gmt":"2020-02-11T11:30:00","slug":"misp","status":"publish","type":"post","link":"https:\/\/kalilinuxtutorials.com\/misp\/","title":{"rendered":"MISP &#8211; Dashboard For A Real Time Overview Of Threat Intelligence From MISP Instances"},"content":{"rendered":"\n<p><strong>MISP <\/strong>is a dashboard showing live data and statistics from the ZMQ feeds of one or more <a href=\"https:\/\/www.misp-project.org\/\">MISP<\/a> instances. The dashboard can be used as a real-time situational awareness tool to gather threat intelligence information. <\/p>\n\n\n\n<p>The misp-dashboard includes a <a href=\"https:\/\/en.wikipedia.org\/wiki\/Gamification#Criticism\">gamification<\/a>  tool to show the contributions of each organization and how they are  ranked over time. <\/p>\n\n\n\n<p>The dashboard can be used for SOCs (Security Operation Centers),  security teams or during cyber exercises to keep track of what is being  processed on your various MISP instances. <\/p>\n\n\n\n<p class=\"has-text-align-center\"><strong>Also Read &#8211; <a href=\"https:\/\/kalilinuxtutorials.com\/opensk\/\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\"OpenSK : Open-Source Implementation For Security Keys (opens in a new tab)\">OpenSK : Open-Source Implementation For Security Keys<\/a><\/strong><\/p>\n\n\n\n<p class=\"has-background has-text-align-center has-light-green-cyan-background-color\"><strong>Features<\/strong><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/MISP\/misp-dashboard#live-dashboard\"><\/a><\/h2>\n\n\n\n<p><strong>Live Dashboard<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Possibility to subscribe to multiple ZMQ feeds from different MISP instances<\/li><li>Shows immediate contributions made by organisations<\/li><li>Displays live resolvable posted geo-locations<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/1.bp.blogspot.com\/-hV_SiDUGCe0\/Xj_iNLXKkAI\/AAAAAAAAE1Q\/gmwsaI7y3TYnTmo1NFw9GReWeBjSxR1LQCLcBGAsYHQ\/s1600\/MISP-1.png\" alt=\"\"\/><\/figure>\n\n\n\n<p><strong>Geolocalisation Dashboard<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Provides historical geolocalised information to support security \nteams, CSIRTs or SOCs in finding threats within their constituency<\/li><li>Possibility to get geospatial information from specific regions<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/1.bp.blogspot.com\/-f0Yd67NWuQ4\/Xj_iVhZ_T5I\/AAAAAAAAE1U\/lG7mqBg67_ITu2sSjqJvs4bxLiwDpr4ywCLcBGAsYHQ\/s1600\/MISP-2.png\" alt=\"\"\/><\/figure>\n\n\n\n<p><strong>Contributors Dashboard<\/strong><\/p>\n\n\n\n<p><strong>Shows<\/strong>:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>The monthly rank of all organisations<\/li><li>The last organisation that contributed (dynamic updates)<\/li><li>The contribution level of all organisations<\/li><li>Each category of contributions per organisation<\/li><li>The current ranking of the selected organisation (dynamic updates)<\/li><\/ul>\n\n\n\n<p><strong>Includes<\/strong>:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><a href=\"https:\/\/en.wikipedia.org\/wiki\/Gamification#Criticism\">Gamification<\/a> of the platform:\n<ul><li>Two different levels of ranking with unique icons<\/li><li>Exclusive obtainable badges for source code contributors and donator<\/li><\/ul>\n<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/1.bp.blogspot.com\/-6nRoRWLAmEw\/Xj_ic_KJxkI\/AAAAAAAAE1Y\/rVxaVp66ZbQtrgaZvIG5FYGCmCHIqc27ACLcBGAsYHQ\/s1600\/MISP-3.png\" alt=\"\"\/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/1.bp.blogspot.com\/-7p_RfR6ZTmw\/Xj_ioLKnjjI\/AAAAAAAAE1k\/jNd8GvT4Bd00PaZVQsyra4MfvSZu2XtWQCLcBGAsYHQ\/s1600\/MISP-4.png\" alt=\"\"\/><\/figure>\n\n\n\n<p><strong>Users Dashboard<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Shows when and how the platform is used: <ul><li>Login punchcard and contributions over time<\/li><li>Contribution vs login <\/li><\/ul><\/li><\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/1.bp.blogspot.com\/-k0EFmvie9rM\/Xj_i2_82D_I\/AAAAAAAAE1s\/s0tbpsQ7xAgIA8dgx4BbQAX7e9DKhiiAACLcBGAsYHQ\/s1600\/MISP-5.png\" alt=\"\"\/><\/figure>\n\n\n\n<p><strong>Trendings Dashboard<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Provides real time information to support security teams, CSIRTs or SOC showing current threats and activity\n<ul><li>Shows most active events, categories and tags<\/li><li>Shows sightings and discussion overtime<\/li><\/ul>\n<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/1.bp.blogspot.com\/-i1ZygfJJOO4\/Xj_i-DkpALI\/AAAAAAAAE10\/GLCmvqRjZGMMDEJx0oql0wU2Fj7Xt-8lgCLcBGAsYHQ\/s1600\/MISP-6.png\" alt=\"\"\/><\/figure>\n\n\n\n<p class=\"has-background has-text-align-center has-light-green-cyan-background-color\"><strong>Installation<\/strong><\/p>\n\n\n\n<p>Before installing, consider that the only supported system are open source Unix-like operating system such as Linux and others.<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Launch <code><strong>.\/install_dependencies.sh<\/strong><\/code> from the MISP-Dashboard directory (<a href=\"https:\/\/en.wikipedia.org\/wiki\/Idempotence\">idempotent-ish<\/a>)<\/li><li>Update the configuration file <code><strong>config.cfg<\/strong><\/code> so that it matches your system <ul><li>Fields that you may change: <ul><li>RedisGlobal -&gt; host<\/li><li>RedisGlobal -&gt; port<\/li><li>RedisGlobal -&gt; zmq_url<\/li><li>RedisGlobal -&gt; misp_web_url<\/li><li>RedisMap    -&gt; pathMaxMindDB  <\/li><\/ul><\/li><\/ul><\/li><\/ul>\n\n\n\n<h1 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/MISP\/misp-dashboard#updating-by-pulling\"><\/a><\/h1>\n\n\n\n<p class=\"has-background has-text-align-center has-light-green-cyan-background-color\"><strong>Updating By Pulling<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Re-launch <code><strong>.\/install_dependencies.sh<\/strong><\/code> to fetch new required dependencies<\/li><li>Re-update your configuration file <code><strong>config.cfg<\/strong><\/code> by comparing eventual changes in <code><strong>config.cfg.default<\/strong><\/code><\/li><\/ul>\n\n\n\n<p class=\"has-text-color has-background has-vivid-green-cyan-color has-very-dark-gray-background-color\">virtualenv -p python3 DASHENV<br>Already using interpreter \/usr\/bin\/python3<br>Using base prefix &#8216;\/usr&#8217;<br>New python executable in \/home\/steve\/code\/misp-dashboard\/DASHENV\/bin\/python3<br>Traceback (most recent call last):<br>   File &#8220;\/usr\/bin\/virtualenv&#8221;, line 9, in <br>     load_entry_point(&#8216;virtualenv==15.0.1&#8217;, &#8216;console_scripts&#8217;, &#8216;virtualenv&#8217;)()<br>   File &#8220;\/usr\/lib\/python3\/dist-packages\/virtualenv.py&#8221;, line 719, in main<br>     symlink=options.symlink)<br>   File &#8220;\/usr\/lib\/python3\/dist-packages\/virtualenv.py&#8221;, line 942, in create_environment site_packages=site_packages, clear=clear, symlink=symlink))<br>   File &#8220;\/usr\/lib\/python3\/dist-packages\/virtualenv.py&#8221;, line 1261, in install_python shutil.copyfile(executable, py_executable)<br>   File &#8220;\/usr\/lib\/python3.5\/shutil.py&#8221;, line 115, in copyfile<br>     with open(dst, &#8216;wb&#8217;) as fdst: <br>OSError: [Errno 26] Text file busy: &#8216;\/home\/steve\/code\/misp-dashboard\/DASHENV\/bin\/python3&#8217;<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li> Restart the System: <code><strong>.\/start_all.sh<\/strong><\/code> <strong>OR<\/strong> <code><strong>.\/start_zmq.sh<\/strong><\/code> and <code><strong>.\/server.py &amp;<\/strong><\/code> <\/li><\/ul>\n\n\n\n<p class=\"has-background has-text-align-center has-light-green-cyan-background-color\"><strong>Starting the System<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Be sure to have a running redis server <ul><li>e.g. <code><strong>redis-server --port 6250<\/strong><\/code> <\/li><\/ul><\/li><li>Activate your virtualenv <code><strong>. .\/DASHENV\/bin\/activate<\/strong><\/code><\/li><li>Listen to the MISP feed by starting the zmq_subscriber <code><strong>.\/zmq_subscriber.py &amp;<\/strong><\/code><\/li><li>Start the dispatcher to process received messages <code><strong>.\/zmq_dispatcher.py &amp;<\/strong><\/code><\/li><li>Start the Flask server <code><strong>.\/server.py &amp;<\/strong><\/code><\/li><li>Access the interface at <code>http:\/\/localhost:8001\/<\/code><\/li><\/ul>\n\n\n\n<p><strong>Alternatively<\/strong>, you can run the <code>start_all.sh<\/code> script to run the commands described above.<\/p>\n\n\n\n<p class=\"has-background has-text-align-center has-light-green-cyan-background-color\"><strong>Debug<\/strong><\/p>\n\n\n\n<p>Debug is fun and gives you more details on what is going on when \nthings fail.\nBare in mind running Flask in debug is NOT suitable for production, it \nwill drop you to a Python shell if enabled, to do further digging.<\/p>\n\n\n\n<p>Just before running .\/server.py do:<\/p>\n\n\n\n<p class=\"has-text-color has-background has-vivid-green-cyan-color has-very-dark-gray-background-color\"><strong>export FLASK_DEBUG=1 <br>export FLASK_APP=server.py <br>flask run &#8211;host=0.0.0.0 &#8211;port=8001 # &lt;- Be careful here, this exposes it on ALL ip addresses. Ideally if run locally &#8211;host=127.0.0.1 <\/strong><\/p>\n\n\n\n<p>OR, just toggle the debug flag in start_all.sh or config.cfg.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/MISP\/misp-dashboard#restart-from-scratch\"><\/a><\/h2>\n\n\n\n<p><strong>Restart from scratch<\/strong><\/p>\n\n\n\n<p>To restart from scratch and empty all data from your dashboard you can use the dedicated cleaning script <code>clean.py<\/code><\/p>\n\n\n\n<p class=\"has-text-color has-background has-vivid-green-cyan-color has-very-dark-gray-background-color\"><strong>Clean data stored in the redis server specified in the configuration file <\/strong><br><br><strong>Optional Arguments:   <\/strong><br><strong>-h, &#8211;help<\/strong>    show this help message and exit   <br><strong>-b, &#8211;brutal<\/strong>  Perfom a FLUSHALL on the redis database. If not set, will use a soft method to delete only keys used by MISP-Dashboard. <\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/MISP\/misp-dashboard#notes-about-zmq\"><\/a><\/h2>\n\n\n\n<p><strong>Notes about ZMQ<\/strong><\/p>\n\n\n\n<p>The misp-dashboard being stateless in regards to MISP, it can only \nprocess data that it received. Meaning that if your MISP is not \npublishing all notifications to its ZMQ, the misp-dashboard will not \nhave them.<\/p>\n\n\n\n<p>The most revelant example could be the user login punchcard. If your MISP doesn&#8217;t have the option <code><strong>Plugin.ZeroMQ_audit_notifications_enable<\/strong><\/code> set to <code>true<\/code>, the punchcard will be empty.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/MISP\/misp-dashboard#dashboard-not-showing-results---no-module-named-zmq\"><\/a><\/h2>\n\n\n\n<p><strong>Dashboard not showing results &#8211; No module named zmq<\/strong><\/p>\n\n\n\n<p>When the misp-dashboard does not show results then first check if the zmq module within MISP is properly installed.<\/p>\n\n\n\n<p>In <strong>Administration<\/strong>, <strong>Plugin Settings<\/strong>, <strong>ZeroMQ<\/strong> check that <strong>Plugin.ZeroMQ_enable<\/strong> is set to <strong>True<\/strong>.<\/p>\n\n\n\n<p>Publish a test event from MISP to ZMQ via <strong>Event Actions<\/strong>, <strong>Publish event to ZMQ<\/strong>.<\/p>\n\n\n\n<p>Verify the logfiles<\/p>\n\n\n\n<p class=\"has-text-color has-background has-vivid-green-cyan-color has-very-dark-gray-background-color\"><strong>${PATH_TO_MISP}\/app\/tmp\/log\/mispzmq.error.log <br>${PATH_TO_MISP}\/app\/tmp\/log\/mispzmq.log <\/strong><\/p>\n\n\n\n<p>If there&#8217;s an error <strong>ModuleNotFoundError: No module named &#8216;zmq&#8217;<\/strong> then install pyzmq.<\/p>\n\n\n\n<p class=\"has-text-color has-background has-vivid-green-cyan-color has-very-dark-gray-background-color\"><strong>$SUDO_WWW ${PATH_TO_MISP}\/venv\/bin\/pip install pyzmq <\/strong><\/p>\n\n\n\n<h1 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/MISP\/misp-dashboard#zmq_subscriber-options\"><\/a><\/h1>\n\n\n\n<p><strong>zmq_subscriber options<\/strong><\/p>\n\n\n\n<p class=\"has-text-color has-background has-vivid-green-cyan-color has-very-dark-gray-background-color\"><strong>A zmq subscriber. It subscribe to a ZMQ then redispatch it to the MISP-dashboard <\/strong><br><br><strong>optional arguments: <\/strong>  <br><strong>-h, &#8211;help<\/strong>            show this help message and exit   <br>&#8211;<strong>n ZMQNAME, &#8211;name<\/strong> ZMQNAME    The ZMQ feed name   <br><strong>-u ZMQURL, &#8211;url<\/strong> ZMQURL  The URL to connect to <\/p>\n\n\n\n<div class=\"wp-block-button aligncenter is-style-outline is-style-outline--1\"><a class=\"wp-block-button__link has-background has-vivid-cyan-blue-background-color\" href=\"https:\/\/github.com\/MISP\/misp-dashboard\"><strong>Download<\/strong><\/a><\/div>\n","protected":false},"excerpt":{"rendered":"<p>MISP is a dashboard showing live data and statistics from the ZMQ feeds of one or more MISP instances. The dashboard can be used as a real-time situational awareness tool to gather threat intelligence information. The misp-dashboard includes a gamification tool to show the contributions of each organization and how they are ranked over time. [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":16095,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/1.bp.blogspot.com\/-Adr2M_Aihj8\/Xj_jbc6dNTI\/AAAAAAAAE2A\/tzutLBQfYgYfmqjJpiM-srohgYHK6gcoQCLcBGAsYHQ\/s1600\/MISP-1%25281%2529.png","fifu_image_alt":"MISP \u2013 Dashboard For A Real Time Overview Of Threat Intelligence From MISP Instances","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[28],"tags":[],"class_list":["post-8963","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-kali"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>MISP - Dashboard For A Real Time Overview Of Threat Intelligence<\/title>\n<meta name=\"description\" content=\"MISP is a dashboard showing live data and statistics from the ZMQ feeds of one or more MISP instances. The dashboard can be used as a real-time\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/kalilinuxtutorials.com\/misp\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"MISP - Dashboard For A Real Time Overview Of Threat Intelligence\" \/>\n<meta property=\"og:description\" content=\"MISP is a dashboard showing live data and statistics from the ZMQ feeds of one or more MISP instances. The dashboard can be used as a real-time\" \/>\n<meta property=\"og:url\" content=\"https:\/\/kalilinuxtutorials.com\/misp\/\" \/>\n<meta property=\"og:site_name\" content=\"Kali Linux Tutorials\" \/>\n<meta property=\"article:published_time\" content=\"2020-02-11T11:30:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/1.bp.blogspot.com\/-Adr2M_Aihj8\/Xj_jbc6dNTI\/AAAAAAAAE2A\/tzutLBQfYgYfmqjJpiM-srohgYHK6gcoQCLcBGAsYHQ\/s1600\/MISP-1%25281%2529.png\" \/>\n<meta name=\"author\" content=\"R K\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/1.bp.blogspot.com\/-Adr2M_Aihj8\/Xj_jbc6dNTI\/AAAAAAAAE2A\/tzutLBQfYgYfmqjJpiM-srohgYHK6gcoQCLcBGAsYHQ\/s1600\/MISP-1%25281%2529.png\" \/>\n<meta name=\"twitter:creator\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:site\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"R K\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/misp\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/misp\/\"},\"author\":{\"name\":\"R K\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\"},\"headline\":\"MISP &#8211; Dashboard For A Real Time Overview Of Threat Intelligence From MISP Instances\",\"datePublished\":\"2020-02-11T11:30:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/misp\/\"},\"wordCount\":890,\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/misp\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/1.bp.blogspot.com\/-Adr2M_Aihj8\/Xj_jbc6dNTI\/AAAAAAAAE2A\/tzutLBQfYgYfmqjJpiM-srohgYHK6gcoQCLcBGAsYHQ\/s1600\/MISP-1%25281%2529.png\",\"articleSection\":[\"Kali Linux\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/misp\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/misp\/\",\"name\":\"MISP - Dashboard For A Real Time Overview Of Threat Intelligence\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/misp\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/misp\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/1.bp.blogspot.com\/-Adr2M_Aihj8\/Xj_jbc6dNTI\/AAAAAAAAE2A\/tzutLBQfYgYfmqjJpiM-srohgYHK6gcoQCLcBGAsYHQ\/s1600\/MISP-1%25281%2529.png\",\"datePublished\":\"2020-02-11T11:30:00+00:00\",\"description\":\"MISP is a dashboard showing live data and statistics from the ZMQ feeds of one or more MISP instances. The dashboard can be used as a real-time\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/misp\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/misp\/#primaryimage\",\"url\":\"https:\/\/1.bp.blogspot.com\/-Adr2M_Aihj8\/Xj_jbc6dNTI\/AAAAAAAAE2A\/tzutLBQfYgYfmqjJpiM-srohgYHK6gcoQCLcBGAsYHQ\/s1600\/MISP-1%25281%2529.png\",\"contentUrl\":\"https:\/\/1.bp.blogspot.com\/-Adr2M_Aihj8\/Xj_jbc6dNTI\/AAAAAAAAE2A\/tzutLBQfYgYfmqjJpiM-srohgYHK6gcoQCLcBGAsYHQ\/s1600\/MISP-1%25281%2529.png\"},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"name\":\"Kali Linux Tutorials\",\"description\":\"Kali Linux Tutorials\",\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\",\"name\":\"Kali Linux Tutorials\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"contentUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"width\":272,\"height\":90,\"caption\":\"Kali Linux Tutorials\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/CyberEdition\",\"https:\/\/www.threads.com\/@cybersecurityedition\",\"https:\/\/www.linkedin.com\/company\/cyberedition\",\"https:\/\/www.instagram.com\/cybersecurityedition\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\",\"name\":\"R K\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"caption\":\"R K\"},\"url\":\"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"MISP - Dashboard For A Real Time Overview Of Threat Intelligence","description":"MISP is a dashboard showing live data and statistics from the ZMQ feeds of one or more MISP instances. The dashboard can be used as a real-time","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/kalilinuxtutorials.com\/misp\/","og_locale":"en_US","og_type":"article","og_title":"MISP - Dashboard For A Real Time Overview Of Threat Intelligence","og_description":"MISP is a dashboard showing live data and statistics from the ZMQ feeds of one or more MISP instances. The dashboard can be used as a real-time","og_url":"https:\/\/kalilinuxtutorials.com\/misp\/","og_site_name":"Kali Linux Tutorials","article_published_time":"2020-02-11T11:30:00+00:00","og_image":[{"url":"https:\/\/1.bp.blogspot.com\/-Adr2M_Aihj8\/Xj_jbc6dNTI\/AAAAAAAAE2A\/tzutLBQfYgYfmqjJpiM-srohgYHK6gcoQCLcBGAsYHQ\/s1600\/MISP-1%25281%2529.png","type":"","width":"","height":""}],"author":"R K","twitter_card":"summary_large_image","twitter_image":"https:\/\/1.bp.blogspot.com\/-Adr2M_Aihj8\/Xj_jbc6dNTI\/AAAAAAAAE2A\/tzutLBQfYgYfmqjJpiM-srohgYHK6gcoQCLcBGAsYHQ\/s1600\/MISP-1%25281%2529.png","twitter_creator":"@CyberEdition","twitter_site":"@CyberEdition","twitter_misc":{"Written by":"R K","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/kalilinuxtutorials.com\/misp\/#article","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/misp\/"},"author":{"name":"R K","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad"},"headline":"MISP &#8211; Dashboard For A Real Time Overview Of Threat Intelligence From MISP Instances","datePublished":"2020-02-11T11:30:00+00:00","mainEntityOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/misp\/"},"wordCount":890,"publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/misp\/#primaryimage"},"thumbnailUrl":"https:\/\/1.bp.blogspot.com\/-Adr2M_Aihj8\/Xj_jbc6dNTI\/AAAAAAAAE2A\/tzutLBQfYgYfmqjJpiM-srohgYHK6gcoQCLcBGAsYHQ\/s1600\/MISP-1%25281%2529.png","articleSection":["Kali Linux"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/kalilinuxtutorials.com\/misp\/","url":"https:\/\/kalilinuxtutorials.com\/misp\/","name":"MISP - Dashboard For A Real Time Overview Of Threat Intelligence","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/misp\/#primaryimage"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/misp\/#primaryimage"},"thumbnailUrl":"https:\/\/1.bp.blogspot.com\/-Adr2M_Aihj8\/Xj_jbc6dNTI\/AAAAAAAAE2A\/tzutLBQfYgYfmqjJpiM-srohgYHK6gcoQCLcBGAsYHQ\/s1600\/MISP-1%25281%2529.png","datePublished":"2020-02-11T11:30:00+00:00","description":"MISP is a dashboard showing live data and statistics from the ZMQ feeds of one or more MISP instances. The dashboard can be used as a real-time","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/kalilinuxtutorials.com\/misp\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/misp\/#primaryimage","url":"https:\/\/1.bp.blogspot.com\/-Adr2M_Aihj8\/Xj_jbc6dNTI\/AAAAAAAAE2A\/tzutLBQfYgYfmqjJpiM-srohgYHK6gcoQCLcBGAsYHQ\/s1600\/MISP-1%25281%2529.png","contentUrl":"https:\/\/1.bp.blogspot.com\/-Adr2M_Aihj8\/Xj_jbc6dNTI\/AAAAAAAAE2A\/tzutLBQfYgYfmqjJpiM-srohgYHK6gcoQCLcBGAsYHQ\/s1600\/MISP-1%25281%2529.png"},{"@type":"WebSite","@id":"https:\/\/kalilinuxtutorials.com\/#website","url":"https:\/\/kalilinuxtutorials.com\/","name":"Kali Linux Tutorials","description":"Kali Linux Tutorials","publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/kalilinuxtutorials.com\/#organization","name":"Kali Linux Tutorials","url":"https:\/\/kalilinuxtutorials.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/","url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","contentUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","width":272,"height":90,"caption":"Kali Linux Tutorials"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/CyberEdition","https:\/\/www.threads.com\/@cybersecurityedition","https:\/\/www.linkedin.com\/company\/cyberedition","https:\/\/www.instagram.com\/cybersecurityedition\/"]},{"@type":"Person","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad","name":"R K","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","caption":"R K"},"url":"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/"}]}},"jetpack_featured_media_url":"https:\/\/1.bp.blogspot.com\/-Adr2M_Aihj8\/Xj_jbc6dNTI\/AAAAAAAAE2A\/tzutLBQfYgYfmqjJpiM-srohgYHK6gcoQCLcBGAsYHQ\/s1600\/MISP-1%25281%2529.png","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":14947,"url":"https:\/\/kalilinuxtutorials.com\/artif\/","url_meta":{"origin":8963,"position":0},"title":"ARTIF : An Advanced Real Time Threat Intelligence Framework To Identify Threats And Malicious Web Traffic On The Basis Of IP Reputation And Historical Data.","author":"R K","date":"July 23, 2021","format":false,"excerpt":"ARTIF is a new advanced real time threat intelligence framework built that adds another abstraction layer on the top of MISP to identify threats and malicious web traffic on the basis of IP reputation and historical data. It also performs automatic enrichment and threat scoring by collecting, processing and correlating\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":28563,"url":"https:\/\/kalilinuxtutorials.com\/misp-extractor\/","url_meta":{"origin":8963,"position":1},"title":"Misp-Extractor : Tool That Connects To A MISP Instance And Retrieves Attributes Of Specific Types (Such As IP Addresses, URLs, And Hashes)","author":"R K","date":"March 10, 2023","format":false,"excerpt":"Misp-Extractor is a simple Python script that connects to a MISP instance and retrieves attributes of specific types (such as IP addresses, URLs, and hashes). The retrieved attributes are then written to separate files. MISP Extractor This code connects to a given MISP (Malware Information Sharing Platform) server and parses\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg44ZMm5vlQ28NOfZNJNUzz3O76Ey7DsH29PwLFztYVv33JLbIyJSW6xaBB5gHqjTbas1eNsCou7jBrAD4znSIXp3GPajQZ1n7UWGUIUBXcq2PRAVAKEeasPGQ4jDThq4Fd3EAQ-1noMIaWbYpG09ZW4CxN0W_9DTRst9ttuJSUMnvm91w89mSB-v5k\/s16000\/207150962-.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg44ZMm5vlQ28NOfZNJNUzz3O76Ey7DsH29PwLFztYVv33JLbIyJSW6xaBB5gHqjTbas1eNsCou7jBrAD4znSIXp3GPajQZ1n7UWGUIUBXcq2PRAVAKEeasPGQ4jDThq4Fd3EAQ-1noMIaWbYpG09ZW4CxN0W_9DTRst9ttuJSUMnvm91w89mSB-v5k\/s16000\/207150962-.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg44ZMm5vlQ28NOfZNJNUzz3O76Ey7DsH29PwLFztYVv33JLbIyJSW6xaBB5gHqjTbas1eNsCou7jBrAD4znSIXp3GPajQZ1n7UWGUIUBXcq2PRAVAKEeasPGQ4jDThq4Fd3EAQ-1noMIaWbYpG09ZW4CxN0W_9DTRst9ttuJSUMnvm91w89mSB-v5k\/s16000\/207150962-.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg44ZMm5vlQ28NOfZNJNUzz3O76Ey7DsH29PwLFztYVv33JLbIyJSW6xaBB5gHqjTbas1eNsCou7jBrAD4znSIXp3GPajQZ1n7UWGUIUBXcq2PRAVAKEeasPGQ4jDThq4Fd3EAQ-1noMIaWbYpG09ZW4CxN0W_9DTRst9ttuJSUMnvm91w89mSB-v5k\/s16000\/207150962-.png?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":6329,"url":"https:\/\/kalilinuxtutorials.com\/ail-framework-analysis-information-leak-framework\/","url_meta":{"origin":8963,"position":2},"title":"AIL Framework : Analysis Information Leak Framework","author":"R K","date":"August 28, 2019","format":false,"excerpt":"AIL framework is for Analysis of Information Leaks. AIL is a modular framework to analyse potential information leaks from unstructured data sources like pastes from Pastebin or similar services or unstructured data streams. AIL framework is flexible and can be extended to support other functionalities to mine or process sensitive\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":11995,"url":"https:\/\/kalilinuxtutorials.com\/watcher\/","url_meta":{"origin":8963,"position":3},"title":"Watcher : Open Source Cybersecurity Threat Hunting Platform","author":"R K","date":"December 28, 2020","format":false,"excerpt":"Watcher is a Django & React JS automated platform for discovering new potentially cybersecurity threats targeting your organization. It should be used on webservers and available on Docker. Watcher Capabilities Detect emerging vulnerability, malware using social network & other RSS sources (www.cert.ssi.gouv.fr, www.cert.europa.eu, www.us-cert.gov, www.cyber.gov.au...).Detect Keywords in pastebin & in\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":7122,"url":"https:\/\/kalilinuxtutorials.com\/threatingestor-threat-intelligence\/","url_meta":{"origin":8963,"position":4},"title":"ThreatIngestor  : Extract &#038; Aggregate Threat Intelligence","author":"R K","date":"October 31, 2019","format":false,"excerpt":"ThreatIngestor is an extendable tool to extract and aggregate IOCs from threat feeds. Integrates out-of-the-box with ThreatKB and MISP, and can fit seamlessly into any existing worflow with SQS, Beanstalk, and custom plugins. Overview It can be configured to watch Twitter, RSS feeds, or other sources, extract meaningful information such\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":30329,"url":"https:\/\/kalilinuxtutorials.com\/cakefuzzer\/","url_meta":{"origin":8963,"position":5},"title":"CakeFuzzer &#8211; Vulnerability Detection for CakePHP","author":"Varshini","date":"September 18, 2023","format":false,"excerpt":"Cake Fuzzer is a project that is meant to help automatically and continuously discover vulnerabilities in web applications created based on specific frameworks with very limited false positives. Currently it is implemented to support the Cake PHP framework. If you would like to learn more about the research process check\u2026","rel":"","context":"In &quot;Hacking Tools&quot;","block_context":{"text":"Hacking Tools","link":"https:\/\/kalilinuxtutorials.com\/category\/hacking-tools\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEihw9AHkFPIufHyJDzdnt9Gu0hdDQ054CaREMukpp0Cgj7XwwaeXEgPq2DlLyXhKF4kRrHeNHO3MmC6YLhkG5m35LxgtxV8F11OuC7y_SEqc2l4KvPTINiVhJGxX6jKPzhBJnmGXVlK3RaTWPJF6gqVa20GgL-q9K_yLHVxBcZV6nlDnYqgLkju8QQT6A\/s16000\/CakeFuzzer%20Vulnerability%20Detection%20for%20CakePHP.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEihw9AHkFPIufHyJDzdnt9Gu0hdDQ054CaREMukpp0Cgj7XwwaeXEgPq2DlLyXhKF4kRrHeNHO3MmC6YLhkG5m35LxgtxV8F11OuC7y_SEqc2l4KvPTINiVhJGxX6jKPzhBJnmGXVlK3RaTWPJF6gqVa20GgL-q9K_yLHVxBcZV6nlDnYqgLkju8QQT6A\/s16000\/CakeFuzzer%20Vulnerability%20Detection%20for%20CakePHP.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEihw9AHkFPIufHyJDzdnt9Gu0hdDQ054CaREMukpp0Cgj7XwwaeXEgPq2DlLyXhKF4kRrHeNHO3MmC6YLhkG5m35LxgtxV8F11OuC7y_SEqc2l4KvPTINiVhJGxX6jKPzhBJnmGXVlK3RaTWPJF6gqVa20GgL-q9K_yLHVxBcZV6nlDnYqgLkju8QQT6A\/s16000\/CakeFuzzer%20Vulnerability%20Detection%20for%20CakePHP.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEihw9AHkFPIufHyJDzdnt9Gu0hdDQ054CaREMukpp0Cgj7XwwaeXEgPq2DlLyXhKF4kRrHeNHO3MmC6YLhkG5m35LxgtxV8F11OuC7y_SEqc2l4KvPTINiVhJGxX6jKPzhBJnmGXVlK3RaTWPJF6gqVa20GgL-q9K_yLHVxBcZV6nlDnYqgLkju8QQT6A\/s16000\/CakeFuzzer%20Vulnerability%20Detection%20for%20CakePHP.webp?resize=700%2C400&ssl=1 2x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/8963","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/comments?post=8963"}],"version-history":[{"count":0,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/8963\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media\/16095"}],"wp:attachment":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media?parent=8963"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/categories?post=8963"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/tags?post=8963"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}