MISP
/
misp-book
mirror of https://github.com/MISP/misp-book
2
0
Fork 0
Code Issues Releases Wiki Activity

Merge remote-tracking branch 'upstream/master'

pull/205/head
Steve Clement 2020-09-04 16:52:55 +09:00
parent bd49911043 bf30e61321
commit a02e4a0f89
No known key found for this signature in database
GPG Key ID: 69A20F509BE4AEE9
1 changed files with 44 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
categories-and-types/README.md
View File

@ -56,17 +56,23 @@
|filename|sha1| | X | | X | | | |filename|sha1| | X | | X | | |
|filename|sha224| | X | | | | | |filename|sha224| | X | | | | |
|filename|sha256| | X | | X | | | |filename|sha256| | X | | X | | |
|filename|sha3-224| | X | | X | | |
|filename|sha3-256| | X | | X | | |
|filename|sha3-384| | X | | X | | |
|filename|sha3-512| | X | | X | | |
|filename|sha384| | X | | | | | |filename|sha384| | X | | | | |
|filename|sha512| | X | | | | | |filename|sha512| | X | | | | |
|filename|sha512/224| | X | | | | | |filename|sha512/224| | X | | | | |
|filename|sha512/256| | X | | | | | |filename|sha512/256| | X | | | | |
|filename|ssdeep| | X | | | | | |filename|ssdeep| | X | | | | |
|filename|tlsh| | X | | | | | |filename|tlsh| | X | | | | |
|filename|vhash| | X | | | | |
|first-name| | | | | | | |first-name| | | | | | |
|float| | | | | | | |float| | | | | | |
|frequent-flyer-number| | | | | | | |frequent-flyer-number| | | | | | |
|gender| | | | | | | |gender| | | | | | |
|gene| | X | | | | | |gene| | X | | | | |
|git-commit-id| | | | | | X |
|github-organisation| | | | | | | |github-organisation| | | | | | |
|github-repository| | | | X | | | |github-repository| | | | X | | |
|github-username| | | | | | | |github-username| | | | | | |
@ -126,6 +132,10 @@
|sha1| | X | | X | | | |sha1| | X | | X | | |
|sha224| | X | | | | | |sha224| | X | | | | |
|sha256| | X | | X | | | |sha256| | X | | X | | |
|sha3-224| | X | | X | | |
|sha3-256| | X | | X | | |
|sha3-384| | X | | X | | |
|sha3-512| | X | | X | | |
|sha384| | X | | | | | |sha384| | X | | | | |
|sha512| | X | | | | | |sha512| | X | | | | |
|sha512/224| | X | | | | | |sha512/224| | X | | | | |
@ -150,6 +160,7 @@
|uri| | | | | | | |uri| | | | | | |
|url| | | | X | | | |url| | | | X | | |
|user-agent| | | | X | | | |user-agent| | | | X | | |
|vhash| | X | | | | |
|visa-number| | | | | | | |visa-number| | | | | | |
|vulnerability| | | | X | | | |vulnerability| | | | X | | |
|weakness| | | | X | | | |weakness| | | | X | | |
@ -223,17 +234,23 @@
|filename|sha1| | | X | X | | | |filename|sha1| | | X | X | | |
|filename|sha224| | | X | X | | | |filename|sha224| | | X | X | | |
|filename|sha256| | | X | X | | | |filename|sha256| | | X | X | | |
|filename|sha3-224| | | X | X | | |
|filename|sha3-256| | | X | X | | |
|filename|sha3-384| | | X | X | | |
|filename|sha3-512| | | X | X | | |
|filename|sha384| | | X | X | | | |filename|sha384| | | X | X | | |
|filename|sha512| | | X | X | | | |filename|sha512| | | X | X | | |
|filename|sha512/224| | | X | X | | | |filename|sha512/224| | | X | X | | |
|filename|sha512/256| | | X | X | | | |filename|sha512/256| | | X | X | | |
|filename|ssdeep| | | X | X | | | |filename|ssdeep| | | X | X | | |
|filename|tlsh| | | X | X | | | |filename|tlsh| | | X | X | | |
|filename|vhash| | | X | X | | |
|first-name| | | | | | | |first-name| | | | | | |
|float| | X | | | | | |float| | X | | | | |
|frequent-flyer-number| | | | | | | |frequent-flyer-number| | | | | | |
|gender| | | | | | | |gender| | | | | | |
|gene| | | | | | | |gene| | | | | | |
|git-commit-id| | | | | | |
|github-organisation| | | | | | | |github-organisation| | | | | | |
|github-repository| | | | | | | |github-repository| | | | | | |
|github-username| | | | | | | |github-username| | | | | | |
@ -293,6 +310,10 @@
|sha1| | | X | X | | | |sha1| | | X | X | | |
|sha224| | | X | X | | | |sha224| | | X | X | | |
|sha256| | | X | X | | | |sha256| | | X | X | | |
|sha3-224| | | X | X | | |
|sha3-256| | | X | X | | |
|sha3-384| | | X | X | | |
|sha3-512| | | X | X | | |
|sha384| | | X | X | | | |sha384| | | X | X | | |
|sha512| | | X | X | | | |sha512| | | X | X | | |
|sha512/224| | | X | X | | | |sha512/224| | | X | X | | |
@ -317,6 +338,7 @@
|uri| X | | | | | | |uri| X | | | | | |
|url| X | | X | | | | |url| X | | X | | | |
|user-agent| X | | X | | | | |user-agent| X | | X | | | |
|vhash| | | X | X | | |
|visa-number| | | | | | | |visa-number| | | | | | |
|vulnerability| | | X | X | | | |vulnerability| | | X | X | | |
|weakness| | | X | X | | | |weakness| | | X | X | | |
@ -390,17 +412,23 @@
|filename|sha1| | | | | |filename|sha1| | | | |
|filename|sha224| | | | | |filename|sha224| | | | |
|filename|sha256| | | | | |filename|sha256| | | | |
|filename|sha3-224| | | | |
|filename|sha3-256| | | | |
|filename|sha3-384| | | | |
|filename|sha3-512| | | | |
|filename|sha384| | | | | |filename|sha384| | | | |
|filename|sha512| | | | | |filename|sha512| | | | |
|filename|sha512/224| | | | | |filename|sha512/224| | | | |
|filename|sha512/256| | | | | |filename|sha512/256| | | | |
|filename|ssdeep| | | | | |filename|ssdeep| | | | |
|filename|tlsh| | | | | |filename|tlsh| | | | |
|filename|vhash| | | | |
|first-name| X | | | | |first-name| X | | | |
|float| | | | | |float| | | | |
|frequent-flyer-number| X | | | | |frequent-flyer-number| X | | | |
|gender| X | | | | |gender| X | | | |
|gene| | | | | |gene| | | | |
|git-commit-id| | | | |
|github-organisation| | X | | | |github-organisation| | X | | |
|github-repository| | X | | | |github-repository| | X | | |
|github-username| | X | | | |github-username| | X | | |
@ -460,6 +488,10 @@
|sha1| | | | | |sha1| | | | |
|sha224| | | | | |sha224| | | | |
|sha256| | | | | |sha256| | | | |
|sha3-224| | | | |
|sha3-256| | | | |
|sha3-384| | | | |
|sha3-512| | | | |
|sha384| | | | | |sha384| | | | |
|sha512| | | | | |sha512| | | | |
|sha512/224| | | | | |sha512/224| | | | |
@ -484,6 +516,7 @@
|uri| | | | | |uri| | | | |
|url| | | | | |url| | | | |
|user-agent| | | | | |user-agent| | | | |
|vhash| | | | |
|visa-number| X | | | | |visa-number| X | | | |
|vulnerability| | | | | |vulnerability| | | | |
|weakness| | | | | |weakness| | | | |
@ -577,17 +610,23 @@
* **filename|sha1**: A filename and an sha1 hash separated by a | * **filename|sha1**: A filename and an sha1 hash separated by a |
* **filename|sha224**: A filename and a sha-224 hash separated by a | * **filename|sha224**: A filename and a sha-224 hash separated by a |
* **filename|sha256**: A filename and an sha256 hash separated by a | * **filename|sha256**: A filename and an sha256 hash separated by a |
* **filename|sha3-224**: A filename and an sha3-224 hash separated by a |
* **filename|sha3-256**: A filename and an sha3-256 hash separated by a |
* **filename|sha3-384**: A filename and an sha3-384 hash separated by a |
* **filename|sha3-512**: A filename and an sha3-512 hash separated by a |
* **filename|sha384**: A filename and a sha-384 hash separated by a | * **filename|sha384**: A filename and a sha-384 hash separated by a |
* **filename|sha512**: A filename and a sha-512 hash separated by a | * **filename|sha512**: A filename and a sha-512 hash separated by a |
* **filename|sha512/224**: A filename and a sha-512/224 hash separated by a | * **filename|sha512/224**: A filename and a sha-512/224 hash separated by a |
* **filename|sha512/256**: A filename and a sha-512/256 hash separated by a | * **filename|sha512/256**: A filename and a sha-512/256 hash separated by a |
* **filename|ssdeep**: A checksum in ssdeep format * **filename|ssdeep**: A checksum in ssdeep format
* **filename|tlsh**: A filename and a Trend Micro Locality Sensitive Hash separated by a | * **filename|tlsh**: A filename and a Trend Micro Locality Sensitive Hash separated by a |
* **filename|vhash**: A filename and a VirusTotal hash separated by a |
* **first-name**: First name of a natural person * **first-name**: First name of a natural person
* **float**: A floating point value. * **float**: A floating point value.
* **frequent-flyer-number**: The frequent flyer number of a passenger * **frequent-flyer-number**: The frequent flyer number of a passenger
* **gender**: The gender of a natural person (Male, Female, Other, Prefer not to say) * **gender**: The gender of a natural person (Male, Female, Other, Prefer not to say)
* **gene**: GENE - Go Evtx sigNature Engine * **gene**: GENE - Go Evtx sigNature Engine
* **git-commit-id**: A git commit ID.
* **github-organisation**: A github organisation * **github-organisation**: A github organisation
* **github-repository**: A github repository * **github-repository**: A github repository
* **github-username**: A github user name * **github-username**: A github user name
@ -647,6 +686,10 @@
* **sha1**: A checksum in sha1 format * **sha1**: A checksum in sha1 format
* **sha224**: A checksum in sha-224 format * **sha224**: A checksum in sha-224 format
* **sha256**: A checksum in sha256 format * **sha256**: A checksum in sha256 format
* **sha3-224**: A checksum in sha3-224 format
* **sha3-256**: A checksum in sha3-256 format
* **sha3-384**: A checksum in sha3-384 format
* **sha3-512**: A checksum in sha3-512 format
* **sha384**: A checksum in sha-384 format * **sha384**: A checksum in sha-384 format
* **sha512**: A checksum in sha-512 format * **sha512**: A checksum in sha-512 format
* **sha512/224**: A checksum in the sha-512/224 format * **sha512/224**: A checksum in the sha-512/224 format
@ -671,6 +714,7 @@
* **uri**: Uniform Resource Identifier * **uri**: Uniform Resource Identifier
* **url**: url * **url**: url
* **user-agent**: The user-agent used by the malware in the HTTP request. * **user-agent**: The user-agent used by the malware in the HTTP request.
* **vhash**: A VirusTotal checksum
* **visa-number**: Visa number * **visa-number**: Visa number
* **vulnerability**: A reference to the vulnerability used in the exploit * **vulnerability**: A reference to the vulnerability used in the exploit
* **weakness**: A reference to the weakness used in the exploit * **weakness**: A reference to the weakness used in the exploit