MISP
/
misp-book
mirror of https://github.com/MISP/misp-book
2
0
Fork 0
Code Issues Releases Wiki Activity

misp galaxy new clusters added

pull/39/head
Alexandre Dulaunoy 2017-01-07 15:39:57 +01:00
parent 2c8098db10
commit b3770656bd
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
1 changed files with 10 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
galaxy/README.md
View File

@ -52,11 +52,15 @@ Clicking on the addition symbole on the left of Beijing Group extends the module
#### Clusters
[Microsoft Activity Group](https://github.com/MISP/misp-galaxy/blob/master/clusters/microsoft-activity-group.json) - Activity groups as described by Microsoft
[Exploit-kit](https://github.com/MISP/misp-galaxy/blob/master/clusters/exploit-kit.json) - Exploit-Kit is an enumeration of some exploitation kits used by adversaries. The list includes document, browser and router exploit kits. It's not meant to be totally exhaustive but aim at covering the most seen in the past 5 years.
[Microsoft Activity Group](https://github.com/MISP/misp-galaxy/blob/master/clusters/microsoft-activity-group.json) - Activity groups as described by Microsoft.
[TDS - Traffic Direction System](clusters/tds.json) - TDS is a list of Traffic Direction System used by adversaries.
[Threats Actors](https://github.com/MISP/misp-galaxy/blob/master/clusters/threat-actor.json) - Known or estimated adversary groups targeting organizations and employees. Adversary groups are regularly confused with their initial operation or campaign. Threat actors are characteristics of malicious actors (or adversaries) representing a cyber attack threat including presumed intent and historically observed behaviour.
[Tools](https://github.com/MISP/misp-galaxy/blob/master/clusters/tool.json) - Enumeration of tools used by adversaries. The list includes malware but also common software regularly used by the adversaries.
[Tools](https://github.com/MISP/misp-galaxy/blob/master/clusters/tool.json) - Enumeration of software tools used by adversaries. The list includes malware but also common software regularly used by the adversaries.
#### Vocabularies
@ -77,5 +81,3 @@ Certainty level of an associated element or cluster
(https://github.com/MISP/misp-galaxy/blob/master/vocabularies/threat-actor/sophistication.json) - default STIX vocabulary for expressing the subjective level of sophistication of a threat actor.
[type]
(https://github.com/MISP/misp-galaxy/blob/master/vocabularies/threat-actor/type.json) - default STIX vocabulary for expressing the subjective type of a threat actor.