A script that converts Kaspersky APT IoC hash data feeds into MISP-compatible format and pushes them to a MISP instance for threat intelligence sharing.
(Unofficial) Script to convert and push Kaspersky APT IoC Hash Data Feeds to MISP (Malware Information Sharing Platform)
This tool is designed for security analysts and threat intelligence teams who want to automate the ingestion of Kaspersky APT hash IoCs into their MISP platform. It facilitates timely and structured sharing of threat indicators, enhancing threat hunting and incident response capabilities.
Users should have access to a MISP instance and valid API credentials configured before running the script. It is recommended to verify the integrity and format of the Kaspersky IoC feed to ensure compatibility. Since this is an unofficial tool, users should validate outputs before integrating into production environments.
Clone the repository: git clone https://github.com/acnrayd/Kaspersky_APT_Hash_IoC_to_MISP.git
Navigate to the cloned directory
Ensure Python is installed on your system
Install required dependencies if specified (e.g., via pip install -r requirements.txt)
Configure MISP connection settings as per the script requirementspython kaspersky_apt_hash_to_misp.py --help
Displays help information and usage options for the script.
python kaspersky_apt_hash_to_misp.py --push
Converts the Kaspersky APT IoC hash feed and pushes the data to the configured MISP instance.