tag:github.com,2008:https://github.com/mlsecproject/combine/releasesRelease notes from combine2015-04-27T02:30:43Ztag:github.com,2008:Repository/17064089/v0.1.32015-04-27T02:34:11Zv0.1.3 Captivating Capybara<p>Bugfix release, and also making it easier to install and use the system with Venv and Docker procedures. Special thanks to <a href="https://github.com/krmaxwell">@krmaxwell</a> who seems to have done all the work</p>
<ul>
<li>Updating the regex used for hostname capture on Thresher. Will be further updated on v0.2 (<a href="https://github.com/mlsecproject/combine/issues/131" data-hovercard-type="issue" data-hovercard-url="/mlsecproject/combine/issues/131/hovercard">#131</a>)</li>
<li>Sources update:
<ul>
<li>Updating PalevoTracker location and removing Spyeye tracker (<a href="https://github.com/mlsecproject/combine/issues/123" data-hovercard-type="pull_request" data-hovercard-url="/mlsecproject/combine/pull/123/hovercard">#123</a>)</li>
<li>Updating MaxMind local dataset to March 2015</li>
<li>Adding Feodo Abuse.ch tracker</li>
<li>Ajusted Wiki to current Threat Intelligence feeds (<a href="https://github.com/mlsecproject/combine/issues/71" data-hovercard-type="issue" data-hovercard-url="/mlsecproject/combine/issues/71/hovercard">#71</a>)</li>
</ul>
</li>
<li>Docker file and usage guide (<a href="https://github.com/mlsecproject/combine/issues/117" data-hovercard-type="pull_request" data-hovercard-url="/mlsecproject/combine/pull/117/hovercard">#117</a>)</li>
<li>Instalation documentation using Python venv (<a href="https://github.com/mlsecproject/combine/issues/115" data-hovercard-type="pull_request" data-hovercard-url="/mlsecproject/combine/pull/115/hovercard">#115</a>)</li>
<li>Minor cleanup on gitignore and other files (<a href="https://github.com/mlsecproject/combine/issues/109" data-hovercard-type="pull_request" data-hovercard-url="/mlsecproject/combine/pull/109/hovercard">#109</a>)</li>
<li>Correct enrichment of FQDN indicators - it extracts all the related IPv4s and enriches them further (<a href="https://github.com/mlsecproject/combine/issues/36" data-hovercard-type="issue" data-hovercard-url="/mlsecproject/combine/issues/36/hovercard">#36</a>)</li>
<li>Added contributing document to repository (<a href="https://github.com/mlsecproject/combine/issues/127" data-hovercard-type="pull_request" data-hovercard-url="/mlsecproject/combine/pull/127/hovercard">#127</a>)</li>
</ul>alexcpsectag:github.com,2008:Repository/17064089/v0.1.22015-01-08T08:14:58Zv0.1.2 Bouncing Capybara<p>This is a bugfix release with several stability and performance improvements</p>
<ul>
<li>Multiple Enrichment Speedups:
<ul>
<li>Rewrite of ASN enrichment code (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="39385688" data-permission-text="Title is private" data-url="https://github.com/mlsecproject/combine/issues/42" data-hovercard-type="issue" data-hovercard-url="/mlsecproject/combine/issues/42/hovercard" href="https://github.com/mlsecproject/combine/issues/42">#42</a>, <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="52935915" data-permission-text="Title is private" data-url="https://github.com/mlsecproject/combine/issues/104" data-hovercard-type="issue" data-hovercard-url="/mlsecproject/combine/issues/104/hovercard" href="https://github.com/mlsecproject/combine/issues/104">#104</a>)</li>
<li>Speedup of GeoIP code - thanks to <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/jeffbryner/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/jeffbryner">@jeffbryner</a></li>
</ul>
</li>
<li>Better csv-based extraction on packetmail - thanks to <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/btv/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/btv">@btv</a></li>
<li>Exporting extracted data to CRITs (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="46040680" data-permission-text="Title is private" data-url="https://github.com/mlsecproject/combine/issues/84" data-hovercard-type="issue" data-hovercard-url="/mlsecproject/combine/issues/84/hovercard" href="https://github.com/mlsecproject/combine/issues/84">#84</a>, <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="49178033" data-permission-text="Title is private" data-url="https://github.com/mlsecproject/combine/issues/91" data-hovercard-type="issue" data-hovercard-url="/mlsecproject/combine/issues/91/hovercard" href="https://github.com/mlsecproject/combine/issues/91">#91</a>, <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="52202588" data-permission-text="Title is private" data-url="https://github.com/mlsecproject/combine/issues/94" data-hovercard-type="pull_request" data-hovercard-url="/mlsecproject/combine/pull/94/hovercard" href="https://github.com/mlsecproject/combine/pull/94">#94</a>) - thanks to <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/paulpc/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/paulpc">@paulpc</a></li>
<li>Better Logging Facility (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="39361918" data-permission-text="Title is private" data-url="https://github.com/mlsecproject/combine/issues/34" data-hovercard-type="issue" data-hovercard-url="/mlsecproject/combine/issues/34/hovercard" href="https://github.com/mlsecproject/combine/issues/34">#34</a>)</li>
<li>Updated grequests and Exception Handling (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="42945397" data-permission-text="Title is private" data-url="https://github.com/mlsecproject/combine/issues/78" data-hovercard-type="issue" data-hovercard-url="/mlsecproject/combine/issues/78/hovercard" href="https://github.com/mlsecproject/combine/issues/78">#78</a>, <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="39361788" data-permission-text="Title is private" data-url="https://github.com/mlsecproject/combine/issues/32" data-hovercard-type="issue" data-hovercard-url="/mlsecproject/combine/issues/32/hovercard" href="https://github.com/mlsecproject/combine/issues/32">#32</a>)</li>
</ul>alexcpsectag:github.com,2008:Repository/17064089/v0.1.12014-09-18T05:58:40Zv0.1.1 Ascending Capybara<p>This is a bugfix release to improve the stability of "tiq-test" enriched data generation</p>
<ul>
<li>Enriched IP generation should work fine in this release. (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="41990975" data-permission-text="Title is private" data-url="https://github.com/mlsecproject/combine/issues/58" data-hovercard-type="issue" data-hovercard-url="/mlsecproject/combine/issues/58/hovercard" href="https://github.com/mlsecproject/combine/issues/58">#58</a>, <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="42741345" data-permission-text="Title is private" data-url="https://github.com/mlsecproject/combine/issues/67" data-hovercard-type="issue" data-hovercard-url="/mlsecproject/combine/issues/67/hovercard" href="https://github.com/mlsecproject/combine/issues/67">#67</a>, <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="42842815" data-permission-text="Title is private" data-url="https://github.com/mlsecproject/combine/issues/76" data-hovercard-type="issue" data-hovercard-url="/mlsecproject/combine/issues/76/hovercard" href="https://github.com/mlsecproject/combine/issues/76">#76</a>)</li>
<li>Supports simple lists of IP addresses and domain names as local file importing (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="39921114" data-permission-text="Title is private" data-url="https://github.com/mlsecproject/combine/issues/48" data-hovercard-type="issue" data-hovercard-url="/mlsecproject/combine/issues/48/hovercard" href="https://github.com/mlsecproject/combine/issues/48">#48</a>)</li>
</ul>
<p>Revision of enriched DNS data generation is on track for v0.1.2</p>alexcpsectag:github.com,2008:Repository/17064089/v0.12014-08-05T16:50:00ZCapybara<p>First release for presentation at BSides LV 2014</p>krmaxwelltag:github.com,2008:Repository/17064089/v0.012014-07-16T04:39:35Zv0.01<p>First release for testing. Only processes data from <a href="http://www.blocklist.de" rel="nofollow">www.blocklist.de</a>.</p>krmaxwell