new: [objects] custom icons for objects - fixes #25

2020-03-15 07:23:37 +01:00 · 2020-03-15 07:23:37 +01:00 · eb49465639
parent 9751947b18
commit eb49465639
2 changed files with 36 additions and 38 deletions
--- a/src/MISP_maltego/resources/maltego/entities.mtz
+++ b/src/MISP_maltego/resources/maltego/entities.mtz
--- a/src/MISP_maltego/transforms/common/mappings.py
+++ b/src/MISP_maltego/transforms/common/mappings.py
@ -41,9 +41,8 @@ mapping_misp_to_maltego = {
    'twitter-id': [Twitter],
    # object mappings
    'nameserver': [NSRecord],
-    # TODO add more object mappings
    # custom types created internally for technical reasons
-    # 'rekey_value': [Unknown]
+    # 'regkey_value': [Unknown]
 }

 mapping_galaxy_icon = {
@ -107,33 +106,33 @@ mapping_object_icon = {
    'ais-info': '',
    'android-permission': '',
    'annotation': '',
-    'anonymisation': '',
+    'anonymisation': 'AffiliationAnonymous',
    'asn': '',
    'attack-pattern': '',
    'authenticode-signerinfo': '',
    'av-signature': '',
    'bank-account': '',
    'bgp-hijack': '',
-    'blog': '',
-    'btc-transaction': '',
-    'btc-wallet': '',
+    'blog': 'URL',
+    'btc-transaction': 'BankCard',
+    'btc-wallet': 'BankAccount',
    'cap-alert': '',
    'cap-info': '',
    'cap-resource': '',
-    'coin-address': '',
+    'coin-address': 'BankAccount',
    'command': '',
    'command-line': '',
-    'cookie': '',
+    'cookie': 'Cookies',
    'cortex': '',
    'cortex-taxonomy': '',
-    'course-of-action': '',
+    'course-of-action': 'course_of_action',
    'covid19-csse-daily-report': '',
    'covid19-dxy-live-city': '',
    'covid19-dxy-live-province': '',
    'cowrie': '',
    'credential': '',
-    'credit-card': '',
-    'crypto-material': '',
+    'credit-card': 'BankCard',
+    'crypto-material': 'Encrypt',
    'cytomic_orion': '',
    'cytomic_orion_machine': '',
    'dark-pattern': '',
@ -154,57 +153,57 @@ mapping_object_icon = {
    'forensic-case': '',
    'forensic-evidence': '',
    'forged-document': '',
-    'geolocation': '',
+    'geolocation': 'GPS',
    'gtp-attack': '',
    'http-request': 'URL',
    'ilr-impact': '',
    'ilr-notification-incident': '',
-    'impersonation': '',
-    'imsi-catcher': '',
-    'instant-message': '',
+    'impersonation': 'GangBoss',
+    'imsi-catcher': 'MobileNet',
+    'instant-message': 'Form',
    'instant-message-group': '',
    'intelmq_event': '',
    'intelmq_report': '',
    'internal-reference': '',
    'interpol-notice': '',
-    'iot-device': '',
+    'iot-device': 'InternetISP',
    'iot-firmware': '',
    'ip-api-address': '',
    'ip-port': 'NetworkCard',
    'irc': '',
    'ja3': '',
    'leaked-document': 'InternetDocument',
-    'legal-entity': '',
+    'legal-entity': 'Company',
    'lnk': 'File',
    'macho': '',
    'macho-section': '',
    'mactime-timeline-analysis': '',
-    'malware-config': '',
+    'malware-config': 'Virus',
    'meme-image': '',
    'microblog': '',
    'mutex': '',
    'netflow': '',
-    'network-connection': '',
+    'network-connection': 'NetworkSymmetric',
    'network-socket': '',
    'news-agency': '',
    'news-media': '',
-    'organization': '',
-    'original-imported-file': '',
+    'organization': 'Company',
+    'original-imported-file': 'File',
    'passive-dns': 'ServerDNS',
-    'paste': '',
+    'paste': 'InternetDocument',
    'pcap-metadata': '',
-    'pe': '',
+    'pe': 'File',
    'person': 'Person',
    'pe-section': '',
    'pgp-meta': '',
-    'phishing': '',
+    'phishing': 'InternetDocument',
    'phishing-kit': '',
-    'phone': '',
+    'phone': 'PhoneNumber',
    'process': '',
    'python-etvx-event-log': '',
    'r2graphity': '',
    'regexp': '',
-    'registry-key': '',
+    'registry-key': 'RegistryErase',
    'regripper-NTUser': '',
    'regripper-sam-hive-single-user': '',
    'regripper-sam-hive-user-group': '',
@ -220,11 +219,11 @@ mapping_object_icon = {
    'regripper-system-hive-general-configuration': '',
    'regripper-system-hive-network-information': '',
    'regripper-system-hive-service-drivers': '',
-    'report': '',
+    'report': 'Resume',
    'research-scanner': '',
    'rogue-dns': '',
    'rtir': '',
-    'sandbox-report': '',
+    'sandbox-report': 'Resume',
    'sb-signature': '',
    'scrippsco2-c13-daily': '',
    'scrippsco2-c13-monthly': '',
@ -235,14 +234,14 @@ mapping_object_icon = {
    'script': '',
    'shell-commands': '',
    'shodan-report': '',
-    'shortened-link': '',
+    'shortened-link': 'URL',
    'short-message-service': '',
    'splunk': '',
    'ss7-attack': '',
    'ssh-authorized-keys': '',
    'stix2-pattern': '',
    'suricata': '',
-    'target-system': '',   # TODO intel icons
+    'target-system': 'sighting',
    'threatgrid-report': '',
    'timecode': '',
    'timesketch_message': '',
@ -261,15 +260,15 @@ mapping_object_icon = {
    'TSK-Web-History': '',
    'TSK-Web-Search-Query': '',
    'url': 'URL',
-    'user-account': '',
-    'vehicle': '',
-    'victim': '',
+    'user-account': 'User',
+    'vehicle': 'Car',
+    'victim': 'Victim',
    'virustotal-graph': '',
    'virustotal-report': '',
-    'vulnerability': '',    # TODO intel icons
-    'weakness': '',         # TODO intel icons
-    'whois': 'UserID',
-    'x509': '',
+    'vulnerability': 'vulnerability',
+    'weakness': 'vulnerability',
+    'whois': 'VINNumber',
+    'x509': 'MedicalRecord',
    'yabin': '',
    'yara': '',
 }
@ -763,4 +762,3 @@ mapping_object_icon = {
 # WiFi
 # WindFarm
 # WirelessRouter
-#