From 446bda1b097566836709b85c339d0ac13a4fff57 Mon Sep 17 00:00:00 2001
From: Alexandre Dulaunoy <a@foo.be>
Date: Thu, 28 Sep 2017 11:29:01 +0200
Subject: [PATCH] icons for the grand Master who is redesigning the overall
 graphical view

---
 galaxies/exploit-kit.json              | 3 ++-
 galaxies/microsoft-activity-group.json | 3 ++-
 galaxies/mitre_attack-pattern.json     | 3 ++-
 galaxies/mitre_course-of-action.json   | 3 ++-
 galaxies/mitre_intrusion-set.json      | 3 ++-
 galaxies/mitre_malware.json            | 3 ++-
 galaxies/mitre_tool.json               | 3 ++-
 galaxies/preventive-measure.json       | 3 ++-
 galaxies/ransomware.json               | 3 ++-
 galaxies/rat.json                      | 3 ++-
 galaxies/tds.json                      | 3 ++-
 galaxies/threat-actor.json             | 3 ++-
 galaxies/tool.json                     | 3 ++-
 13 files changed, 26 insertions(+), 13 deletions(-)

diff --git a/galaxies/exploit-kit.json b/galaxies/exploit-kit.json
index 4707448..78ce6b8 100644
--- a/galaxies/exploit-kit.json
+++ b/galaxies/exploit-kit.json
@@ -2,6 +2,7 @@
   "type": "exploit-kit",
   "name": "Exploit-Kit",
   "description": "Exploit-Kit is an enumeration of some exploitation kits used by adversaries. The list includes document, browser and router exploit kits.It's not meant to be totally exhaustive but aim at covering the most seen in the past 5 years",
-  "version": 2,
+  "version": 3,
+  "icon": "internet-explorer",
   "uuid": "6ab240ec-bd79-11e6-a4a6-cec0c932ce01"
 }
diff --git a/galaxies/microsoft-activity-group.json b/galaxies/microsoft-activity-group.json
index 9bfa2a3..c35d586 100644
--- a/galaxies/microsoft-activity-group.json
+++ b/galaxies/microsoft-activity-group.json
@@ -2,6 +2,7 @@
   "name": "Microsoft Activity Group actor",
   "type": "microsoft-activity-group",
   "description": "Activity groups as described by Microsoft",
-  "version": 1,
+  "version": 2,
+  "icon": "user-secret",
   "uuid": "74c869e8-0b8e-4e5f-96e6-cd992e07a505"
 }
diff --git a/galaxies/mitre_attack-pattern.json b/galaxies/mitre_attack-pattern.json
index 9f0009b..cc6c7b5 100644
--- a/galaxies/mitre_attack-pattern.json
+++ b/galaxies/mitre_attack-pattern.json
@@ -1,7 +1,8 @@
 {
-  "version": 2,
+  "version": 3,
   "uuid": "c4e851fa-775f-11e7-8163-b774922098cd",
   "type": "mitre-attack-pattern",
   "name": "Attack Pattern",
+  "icon": "map",
   "description": "ATT&CK Tactic"
 }
diff --git a/galaxies/mitre_course-of-action.json b/galaxies/mitre_course-of-action.json
index 8adb9b6..fb4edbf 100644
--- a/galaxies/mitre_course-of-action.json
+++ b/galaxies/mitre_course-of-action.json
@@ -3,5 +3,6 @@
   "name": "Course of Action",
   "description": "ATT&CK Mitigation",
   "type": "mitre-course-of-action",
-  "version": 3
+  "icon": "chain",
+  "version": 4
 }
diff --git a/galaxies/mitre_intrusion-set.json b/galaxies/mitre_intrusion-set.json
index d3a542c..fb59dfa 100644
--- a/galaxies/mitre_intrusion-set.json
+++ b/galaxies/mitre_intrusion-set.json
@@ -2,6 +2,7 @@
   "type": "mitre-intrusion-set",
   "uuid": "1023f364-7831-11e7-8318-43b5531983ab",
   "description": "Name of ATT&CK Group",
-  "version": 3,
+  "version": 5,
+  "icon": "user-secret",
   "name": "Intrusion Set"
 }
diff --git a/galaxies/mitre_malware.json b/galaxies/mitre_malware.json
index 96a626e..005d63c 100644
--- a/galaxies/mitre_malware.json
+++ b/galaxies/mitre_malware.json
@@ -1,7 +1,8 @@
 {
-  "version": 2,
+  "version": 3,
   "uuid": "d752161c-78f6-11e7-a0ea-bfa79b407ce4",
   "description": "Name of ATT&CK software",
   "name": "Malware",
+  "icon": "optin-monster",
   "type": "mitre-malware"
 }
diff --git a/galaxies/mitre_tool.json b/galaxies/mitre_tool.json
index bf0b7b3..7408646 100644
--- a/galaxies/mitre_tool.json
+++ b/galaxies/mitre_tool.json
@@ -3,5 +3,6 @@
   "type": "mitre-tool",
   "description": "Name of ATT&CK software",
   "uuid": "d5cbd1a2-78f6-11e7-a833-7b9bccca9649",
-  "version": 2
+  "icon": "gavel",
+  "version": 3
 }
diff --git a/galaxies/preventive-measure.json b/galaxies/preventive-measure.json
index 40b5d91..d15d5bc 100644
--- a/galaxies/preventive-measure.json
+++ b/galaxies/preventive-measure.json
@@ -2,6 +2,7 @@
   "name": "Preventive Measure",
   "type": "preventive-measure",
   "description": "Preventive measures based on the ransomware document overview as published in https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml# . The preventive measures are quite generic and can fit any standard Windows infrastructure and their security measures.",
-  "version": 1,
+  "version": 2,
+  "icon": "shield",
   "uuid": "8168995b-adcd-4684-9e37-206c5771505a"
 }
diff --git a/galaxies/ransomware.json b/galaxies/ransomware.json
index f8e04a3..7dd7476 100644
--- a/galaxies/ransomware.json
+++ b/galaxies/ransomware.json
@@ -1,7 +1,8 @@
 {
   "description": "Ransomware galaxy based on https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml",
   "type": "ransomware",
-  "version": 1,
+  "version": 2,
   "name": "Ransomware",
+  "icon": "usd",
   "uuid": "3f44af2e-1480-4b6b-9aa8-f9bb21341078"
 }
diff --git a/galaxies/rat.json b/galaxies/rat.json
index 3190228..a51c8ec 100644
--- a/galaxies/rat.json
+++ b/galaxies/rat.json
@@ -2,6 +2,7 @@
   "type": "rat",
   "name": "RAT",
   "description": "remote administration tool or remote access tool (RAT), also called sometimes remote access trojan, is a piece of software or programming that allows a remote \"operator\" to control a system as if they have physical access to that system.",
-  "version": 1,
+  "version": 2,
+  "icon": "eye",
   "uuid": "06825db6-4797-11e7-ac4d-af25fdcdd299"
 }
diff --git a/galaxies/tds.json b/galaxies/tds.json
index e773d3a..b012022 100644
--- a/galaxies/tds.json
+++ b/galaxies/tds.json
@@ -2,6 +2,7 @@
   "type": "tds",
   "name": "TDS",
   "description": "TDS is a list of Traffic Direction System used by adversaries",
-  "version": 2,
+  "version": 3,
+  "icon": "cart-arrow-down",
   "uuid": "1b9a7d8e-bd7a-11e6-a4a6-cec0c932ce01"
 }
diff --git a/galaxies/threat-actor.json b/galaxies/threat-actor.json
index d5f64ec..041baf1 100644
--- a/galaxies/threat-actor.json
+++ b/galaxies/threat-actor.json
@@ -2,6 +2,7 @@
   "name": "Threat Actor",
   "type": "threat-actor",
   "description": "Threat actors are characteristics of malicious actors (or adversaries) representing a cyber attack threat including presumed intent and historically observed behaviour.",
-  "version": 1,
+  "version": 2,
+  "icon": "user-secret",
   "uuid": "698774c7-8022-42c4-917f-8d6e4f06ada3"
 }
diff --git a/galaxies/tool.json b/galaxies/tool.json
index b4adbfd..d015566 100644
--- a/galaxies/tool.json
+++ b/galaxies/tool.json
@@ -2,6 +2,7 @@
   "type": "tool",
   "name": "Tool",
   "description": "Threat actors tools is an enumeration of tools used by adversaries. The list includes malware but also common software regularly used by the adversaries.",
-  "version": 1,
+  "version": 2,
+  "icon": "optin-monster",
   "uuid": "9b8037f7-bc8f-4de1-a797-37266619bc0b"
 }