MISP
/
PyMISP
mirror of https://github.com/MISP/PyMISP
2
0
Fork 0
Code Issues Releases Wiki Activity

Merge branch 'master' of github.com:MISP/PyMISP

pull/328/head
Raphaël Vinot 2019-02-01 11:07:51 +01:00
parent 0a01a16c6b dc5d40a327
commit ac4f28681d
1 changed files with 45 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

62
pymisp/data/describeTypes.json
View File

@ -121,6 +121,10 @@
"default_category": "Network activity", "default_category": "Network activity",
"to_ids": 1 "to_ids": 1
}, },
"zeek": {
"default_category": "Network activity",
"to_ids": 1
},
"pattern-in-file": { "pattern-in-file": {
"default_category": "Payload installation", "default_category": "Payload installation",
"to_ids": 1 "to_ids": 1
@ -624,6 +628,10 @@
"boolean": { "boolean": {
"default_category": "Other", "default_category": "Other",
"to_ids": 0 "to_ids": 0
},
"anonymised": {
"default_category": "Other",
"to_ids": 0
} }
}, },
"types": [ "types": [
@ -657,6 +665,7 @@
"AS", "AS",
"snort", "snort",
"bro", "bro",
"zeek",
"pattern-in-file", "pattern-in-file",
"pattern-in-traffic", "pattern-in-traffic",
"pattern-in-memory", "pattern-in-memory",
@ -782,7 +791,8 @@
"passenger-name-record-locator-number", "passenger-name-record-locator-number",
"mobile-application-id", "mobile-application-id",
"cortex", "cortex",
"boolean" "boolean",
"anonymised"
], ],
"categories": [ "categories": [
"Internal reference", "Internal reference",
@ -808,7 +818,8 @@
"link", "link",
"comment", "comment",
"other", "other",
"hex" "hex",
"anonymised"
], ],
"Targeting data": [ "Targeting data": [
"target-user", "target-user",
@ -817,7 +828,8 @@
"target-org", "target-org",
"target-location", "target-location",
"target-external", "target-external",
"comment" "comment",
"anonymised"
], ],
"Antivirus detection": [ "Antivirus detection": [
"link", "link",
@ -825,7 +837,8 @@
"text", "text",
"hex", "hex",
"attachment", "attachment",
"other" "other",
"anonymised"
], ],
"Payload delivery": [ "Payload delivery": [
"md5", "md5",
@ -905,7 +918,8 @@
"email-thread-index", "email-thread-index",
"email-message-id", "email-message-id",
"mobile-application-id", "mobile-application-id",
"whois-registrant-email" "whois-registrant-email",
"anonymised"
], ],
"Artifacts dropped": [ "Artifacts dropped": [
"md5", "md5",
@ -960,7 +974,8 @@
"other", "other",
"cookie", "cookie",
"gene", "gene",
"mime-type" "mime-type",
"anonymised"
], ],
"Payload installation": [ "Payload installation": [
"md5", "md5",
@ -1011,7 +1026,8 @@
"x509-fingerprint-sha256", "x509-fingerprint-sha256",
"mobile-application-id", "mobile-application-id",
"other", "other",
"mime-type" "mime-type",
"anonymised"
], ],
"Persistence mechanism": [ "Persistence mechanism": [
"filename", "filename",
@ -1020,7 +1036,8 @@
"comment", "comment",
"text", "text",
"other", "other",
"hex" "hex",
"anonymised"
], ],
"Network activity": [ "Network activity": [
"ip-src", "ip-src",
@ -1056,12 +1073,15 @@
"hex", "hex",
"cookie", "cookie",
"hostname|port", "hostname|port",
"bro" "bro",
"zeek",
"anonymised"
], ],
"Payload type": [ "Payload type": [
"comment", "comment",
"text", "text",
"other" "other",
"anonymised"
], ],
"Attribution": [ "Attribution": [
"threat-actor", "threat-actor",
@ -1079,7 +1099,8 @@
"x509-fingerprint-md5", "x509-fingerprint-md5",
"x509-fingerprint-sha256", "x509-fingerprint-sha256",
"other", "other",
"dns-soa-email" "dns-soa-email",
"anonymised"
], ],
"External analysis": [ "External analysis": [
"md5", "md5",
@ -1105,6 +1126,7 @@
"AS", "AS",
"snort", "snort",
"bro", "bro",
"zeek",
"pattern-in-file", "pattern-in-file",
"pattern-in-traffic", "pattern-in-traffic",
"pattern-in-memory", "pattern-in-memory",
@ -1122,7 +1144,8 @@
"hasshserver-md5", "hasshserver-md5",
"github-repository", "github-repository",
"other", "other",
"cortex" "cortex",
"anonymised"
], ],
"Financial fraud": [ "Financial fraud": [
"btc", "btc",
@ -1138,7 +1161,8 @@
"comment", "comment",
"text", "text",
"other", "other",
"hex" "hex",
"anonymised"
], ],
"Support Tool": [ "Support Tool": [
"link", "link",
@ -1146,7 +1170,8 @@
"attachment", "attachment",
"comment", "comment",
"other", "other",
"hex" "hex",
"anonymised"
], ],
"Social network": [ "Social network": [
"github-username", "github-username",
@ -1159,7 +1184,8 @@
"comment", "comment",
"text", "text",
"other", "other",
"whois-registrant-email" "whois-registrant-email",
"anonymised"
], ],
"Person": [ "Person": [
"first-name", "first-name",
@ -1189,7 +1215,8 @@
"text", "text",
"other", "other",
"phone-number", "phone-number",
"identity-card-number" "identity-card-number",
"anonymised"
], ],
"Other": [ "Other": [
"comment", "comment",
@ -1203,7 +1230,8 @@
"float", "float",
"hex", "hex",
"phone-number", "phone-number",
"boolean" "boolean",
"anonymised"
] ]
} }
} }