Merge branch 'master' of github.com:MISP/PyMISP

pull/328/head
Raphaël Vinot 2019-02-01 11:07:51 +01:00
commit ac4f28681d
1 changed files with 45 additions and 17 deletions

View File

@ -121,6 +121,10 @@
"default_category": "Network activity",
"to_ids": 1
},
"zeek": {
"default_category": "Network activity",
"to_ids": 1
},
"pattern-in-file": {
"default_category": "Payload installation",
"to_ids": 1
@ -624,6 +628,10 @@
"boolean": {
"default_category": "Other",
"to_ids": 0
},
"anonymised": {
"default_category": "Other",
"to_ids": 0
}
},
"types": [
@ -657,6 +665,7 @@
"AS",
"snort",
"bro",
"zeek",
"pattern-in-file",
"pattern-in-traffic",
"pattern-in-memory",
@ -782,7 +791,8 @@
"passenger-name-record-locator-number",
"mobile-application-id",
"cortex",
"boolean"
"boolean",
"anonymised"
],
"categories": [
"Internal reference",
@ -808,7 +818,8 @@
"link",
"comment",
"other",
"hex"
"hex",
"anonymised"
],
"Targeting data": [
"target-user",
@ -817,7 +828,8 @@
"target-org",
"target-location",
"target-external",
"comment"
"comment",
"anonymised"
],
"Antivirus detection": [
"link",
@ -825,7 +837,8 @@
"text",
"hex",
"attachment",
"other"
"other",
"anonymised"
],
"Payload delivery": [
"md5",
@ -905,7 +918,8 @@
"email-thread-index",
"email-message-id",
"mobile-application-id",
"whois-registrant-email"
"whois-registrant-email",
"anonymised"
],
"Artifacts dropped": [
"md5",
@ -960,7 +974,8 @@
"other",
"cookie",
"gene",
"mime-type"
"mime-type",
"anonymised"
],
"Payload installation": [
"md5",
@ -1011,7 +1026,8 @@
"x509-fingerprint-sha256",
"mobile-application-id",
"other",
"mime-type"
"mime-type",
"anonymised"
],
"Persistence mechanism": [
"filename",
@ -1020,7 +1036,8 @@
"comment",
"text",
"other",
"hex"
"hex",
"anonymised"
],
"Network activity": [
"ip-src",
@ -1056,12 +1073,15 @@
"hex",
"cookie",
"hostname|port",
"bro"
"bro",
"zeek",
"anonymised"
],
"Payload type": [
"comment",
"text",
"other"
"other",
"anonymised"
],
"Attribution": [
"threat-actor",
@ -1079,7 +1099,8 @@
"x509-fingerprint-md5",
"x509-fingerprint-sha256",
"other",
"dns-soa-email"
"dns-soa-email",
"anonymised"
],
"External analysis": [
"md5",
@ -1105,6 +1126,7 @@
"AS",
"snort",
"bro",
"zeek",
"pattern-in-file",
"pattern-in-traffic",
"pattern-in-memory",
@ -1122,7 +1144,8 @@
"hasshserver-md5",
"github-repository",
"other",
"cortex"
"cortex",
"anonymised"
],
"Financial fraud": [
"btc",
@ -1138,7 +1161,8 @@
"comment",
"text",
"other",
"hex"
"hex",
"anonymised"
],
"Support Tool": [
"link",
@ -1146,7 +1170,8 @@
"attachment",
"comment",
"other",
"hex"
"hex",
"anonymised"
],
"Social network": [
"github-username",
@ -1159,7 +1184,8 @@
"comment",
"text",
"other",
"whois-registrant-email"
"whois-registrant-email",
"anonymised"
],
"Person": [
"first-name",
@ -1189,7 +1215,8 @@
"text",
"other",
"phone-number",
"identity-card-number"
"identity-card-number",
"anonymised"
],
"Other": [
"comment",
@ -1203,7 +1230,8 @@
"float",
"hex",
"phone-number",
"boolean"
"boolean",
"anonymised"
]
}
}