mwdb-core
latest

Contents:

  • What’s changed?
    • v2.3.0
      • [New feature] Built-in Karton integration
      • [New feature] registered group
      • [API] Plugin information is no longer available for non-admin users
      • [API] Removed managing_attributes capability
    • v2.2.0
      • [New feature] Remote API feature
      • [API] New file download endpoint
      • [Backend] Typed-Config is no longer embedded in mwdb package
      • [Web] React Context is used instead of Redux
      • [Web] Extra routes must be passed as instantiated components
      • [Web] props.object may be undefined for ShowObject extensions. Use ObjectContext instead
  • Setup and configuration
    • Prerequisites
    • Installation & Configuration
    • Alternative setup using Docker Compose
    • Upgrade mwdb-core to latest version
    • Storing files in S3 Compatible storage (MinIO, AWS S3)
    • Advanced configuration
  • User guide
    • 1. Introduction to MWDB
      • A brief history (Why do I need MWDB?)
      • Main views
      • Recent objects view
      • Sample view
    • 2. Storing malware samples
      • File attributes
      • Uploading a file
      • Uploading child file
    • 3. Storing malware configurations
      • What is malware configuration (or what we think it is)?
      • Configuration attributes
      • How to upload configuration?
      • How configurations are deduplicated?
      • Searching configuration parts
      • Relationships with files
        • File → Config relationship
        • Config → File relationship
    • 4. Storing human-readable data (blobs)
      • What is blob in MWDB?
      • Blob attributes
      • How to upload blobs?
      • Embedded blobs
        • Embedding new blob
        • Embedding already uploaded blob
      • Searching blob files
      • Blob diffing
      • Relationships with configurations
        • Config → Blob relations
        • Blob → Config relations
    • 5. Tagging objects
      • How to use tags?
      • Built-in tag conventions
    • 6. Object attributes
      • How attributes can be used?
      • Declaring new attribute
      • Adding attributes to objects
      • Removing attributes from objects
      • Hidden (protected) attributes
    • 7. Advanced search based on Lucene queries
      • Query syntax: fields
      • Query syntax: operators
      • Query syntax: ranges
      • Query syntax: timestamps
      • Basic search fields
        • Untyped fields
        • Typed fields (file)
        • Typed fields (config)
        • Typed fields (blob)
        • Special fields
      • JSON fields (config.cfg:)
      • Favorites field (favorites:)
      • Comment author field (comment_author:)
      • Group access queries (shared: and uploader:)
      • Parent/child subqueries
      • Quick queries
    • 8. Automating things using REST API and mwdblib
      • Introduction to mwdblib
      • Using mwdblib for automation
        • Feeding MWDB service
        • Using MWDB service as a feed
        • Retrieving Karton analysis status
      • Optimizing API usage
        • How lazy loading works?
      • Command-line interface (CLI)
        • User authentication
        • Looking for recent data
        • Gathering information about objects
        • Uploading files
      • How to use API keys?
      • Using REST API directly (Non-Python integration)
    • 9. Sharing objects with other collaborators
      • Object access rules
      • Who is who? User visibility rules
      • Group with everything
      • How to add new user/group?
        • Create a new user
        • Create a new group
      • Group capabilities (superpowers)
  • Integration guide
    • Getting started with local plugins
    • Adding webhook
  • Extra features
  • Developer guide
    • Setting up development environment
    • Testing mail-related features
    • Auto generating Alembic migrations
  • Remote instances guide
    • Remote instance features
    • Setting up remote instance
    • Known issues and limitations
  • Karton integration guide
    • How does it work?
    • How to setup MWDB with Karton?
    • Resubmitting analysis
    • Migration from unofficial plugin setup
mwdb-core
  • »
  • Search

© Copyright 2021, CERT Polska. Revision 5cb527e6.

Built with Sphinx using a theme provided by Read the Docs.
Read the Docs v: latest
Versions
latest
Downloads
pdf
html
epub
On Read the Docs
Project Home
Builds