OSINT Systems and Integration

This page keeps all original information and links. Japanese page
Training →Wireshark Open Seminar Education Partners →Books →Conference Speaking →Certifications
VirtualizationQt DevelopmentOpen Seminar ArchiveWireshark Track RecordCyber ​​security track record Information Processing Engineer Exam

List of seminars Past Seminars
OSINT5

Course code: OSINT-5 MISP OpenCTI Chrome original extension development seminar
OSINTOSINT
Seminar name/code
Date/time
Overview

MISP/OpenCTI
Chrome-specific
Function extension development
(Code:OSINT-5)

3 days
(10:00-18:00)

 

Develop your own functional extensions to utilize MISP/OpenCTI.

Design and develop the following extensions in Google Chrome.
Extract IOCs (IP addresses, hashes, domains, CVEs, malware names) on web pages
→ Contact OpenCTI or MISP → Display results

 
Textbook and equipment used
Lecturer
Purpose

★Equipment used
ESXi Virtualization environment
VPN environment
Customized virtual machine

★Distributed materials
・Resume material
・CD-ROM
・USB memory
・Ikeriri bag
・Ikeriri magnet


MegumiTakeshita
Megumi Takeshita
Ikeriri★Network Service Co., Ltd.

learning-photo1

Develop your own extensions for Google Chrome to take advantage of the daily operations of MISP/OpenCTI.

Develop an extension that does the following for pages opened in the Chrome browser:
1. Extract indicators
(IP, hash, domain, CVE, malware name) from the displayed page.
2. Automatically query OpenCTI or MISP.
3. If there is matching data, display a link and summary in a popup.
4.Open OpenCTI or MISP in a separate tab when clicking a link.

 
Seminar details

Development environment:
•PC (Windows/Mac/Linux can be used)
•Visual Studio Code
•Google Chrome (for debugging)
•Environment where OpenCTI or MISP API can be used (for testing)

Language used:
•JavaScript (TypeScript is also recommended)
•HTML / CSS
•Chrome Extension (Manifest V3)
https://developer.chrome.com/docs/extensions/mv3/
(The Manifest file (manifest.json) itself is in JSON (JavaScript Object
Notation) format. JSON is just a data structure for describing settings. Although it is not a programming language itself, it is recommended to have a prerequisite for JavaScript
or TypeScript)

Technology used
manifest.json: JSON format (configuration file)
Extension logic: JavaScript or TypeScript
Screen display (UI): HTML + CSS

• 1 Automatically determines the IP address, HASH value, domain,
CVE number, and malware name on the page displayed in the browser.
• 2 Contact OpenCTI or MISP that built the identified indicator.
• 3 If applicable data exists, display a link (and a summary of the relevant indicator if possible) on a separate screen or pop-up window.
• 4 Clicking on the link in 3 will display the corresponding OpenCTI or MISP data page on a separate screen.

Day 1: Design and development of Chrome extensions
Day 2: Understanding and utilizing MISP's REST API specifications
Understanding and utilizing OpenCTI's REST API specifications
Implementing Chrome extensions
Day 3: Introduction and maintenance
List of seminars Past Seminars

Copyright Ikeriri Network Service Limited,All Rights Reserved.

English articles of incorporation Privacy policy site map search inquiry